Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-vkwx3yW3crLL4ge4aEgcyVVCMY.roa
File: 1-vkwx3yW3crLL4ge4aEgcyVVCMY.roa (raw, json)
Hash identifier: rk7eLrflqzTa87r0jAOeT/CVA+SwAHRvhbN2KpmFicg=
Subject key identifier: FA:F9:30:C7:7C:96:DD:CA:CB:2F:88:1E:E1:A1:20:73:25:55:08:C6
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018CC424A1CE0B829AC337A63EEE1E3D0105
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-vkwx3yW3crLL4ge4aEgcyVVCMY.roa
Signing time: Mon 01 Jan 2024 08:29:44 +0000
ROA not before: Mon 01 Jan 2024 08:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 77.37.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:a1:ce:0b:82:9a:c3:37:a6:3e:ee:1e:3d:01:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Jan 1 08:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faf930c77c96ddcacb2f881ee1a12073255508c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ee:f7:59:49:77:bd:db:5e:52:de:90:94:b9:
84:f6:ca:25:eb:5d:1e:4c:dd:60:d7:1e:6c:c8:d4:
f5:88:39:08:5f:ee:2f:bc:7b:13:85:33:bb:2e:df:
66:01:cd:93:14:f2:66:0c:79:b6:cc:b7:98:60:2a:
33:0b:c2:b5:d9:7b:7b:86:c1:2a:56:18:e3:f8:b5:
d5:01:6e:27:3a:ec:42:f8:a0:29:7a:22:27:15:c2:
0b:1d:9c:fd:3d:90:0e:6e:92:a1:03:a1:d4:41:2a:
1d:76:a0:ab:25:d0:2e:b3:1a:cc:04:41:0f:e9:8a:
b5:dd:17:b5:c4:ea:eb:0e:2d:f7:46:27:12:78:c8:
0b:a8:53:19:10:56:0a:91:61:9f:c3:77:5b:4c:14:
5e:8c:95:54:06:52:32:29:35:6e:d5:84:50:78:37:
01:ca:39:1f:c3:44:c4:0e:b1:87:ad:4b:1c:53:74:
7f:2b:43:7b:8b:6c:ca:5a:05:fd:24:94:3f:61:84:
4b:34:ef:bb:10:8f:fb:81:d8:25:35:ad:38:2b:3e:
82:4e:0b:62:d2:1f:36:89:38:6d:57:bc:4d:68:d8:
10:d0:d2:99:58:ac:00:93:9e:88:fa:5d:a0:97:1a:
49:f3:1e:e0:84:96:a3:96:19:f8:5c:6b:bc:b8:9f:
e3:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:F9:30:C7:7C:96:DD:CA:CB:2F:88:1E:E1:A1:20:73:25:55:08:C6
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/1-vkwx3yW3crLL4ge4aEgcyVVCMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.33.0/24
Signature Algorithm: sha256WithRSAEncryption
73:10:7a:9e:42:09:2d:85:25:5e:32:08:70:3e:a2:60:cf:1a:
08:67:f9:c4:e7:e5:57:56:79:4d:05:3c:d8:f4:0b:4a:bb:02:
42:82:26:ef:0e:f6:d4:ad:59:d9:4c:bf:7e:05:c4:bf:bc:bc:
83:fb:5e:5d:77:0d:73:73:ca:04:51:88:0f:25:cc:56:d7:a5:
32:5a:5c:d3:5c:7d:b8:dd:ba:54:7b:03:b8:ec:0a:94:a6:cf:
1f:3e:48:c4:95:cd:85:f3:f7:22:84:72:b1:02:29:e1:a9:f3:
81:86:c2:12:04:a3:4f:eb:89:d1:a6:ce:bb:f1:36:7a:12:1f:
b4:04:8d:bf:63:90:66:34:73:e5:c3:5a:2a:b7:9d:4a:3a:e9:
6c:e2:26:eb:b9:34:bf:1d:81:09:15:15:5c:23:ce:9c:92:2c:
f3:80:ec:db:8c:41:36:87:4a:81:57:e6:45:d2:21:47:37:64:
2f:01:88:1a:cd:11:f2:02:37:f0:ce:10:cb:7c:a4:72:dc:26:
4b:1c:ad:07:5f:55:6c:65:92:96:cb:24:1d:59:c1:a9:74:eb:
fb:75:09:35:5f:59:cd:5b:7a:b1:df:a1:3d:f9:bf:a1:37:50:
58:79:46:cf:70:3a:f9:a0:3e:87:59:fe:5b:69:d5:d6:c4:31:
53:2d:49:83
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEJKHOC4KawzemPu4ePQEFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMTAxMDgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWY5MzBjNzdjOTZkZGNhY2IyZjg4MWVlMWExMjA3MzI1NTUwOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+73WUl3vdteUt6QlLmE9sol610e
TN1g1x5syNT1iDkIX+4vvHsThTO7Lt9mAc2TFPJmDHm2zLeYYCozC8K12Xt7hsEq
Vhjj+LXVAW4nOuxC+KApeiInFcILHZz9PZAObpKhA6HUQSoddqCrJdAusxrMBEEP
6Yq13Re1xOrrDi33RicSeMgLqFMZEFYKkWGfw3dbTBRejJVUBlIyKTVu1YRQeDcB
yjkfw0TEDrGHrUscU3R/K0N7i2zKWgX9JJQ/YYRLNO+7EI/7gdglNa04Kz6CTgti
0h82iThtV7xNaNgQ0NKZWKwAk56I+l2glxpJ8x7ghJajlhn4XGu8uJ/jcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPr5MMd8lt3Kyy+IHuGhIHMlVQjGMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvMS12a3d4M3lXM2NyTEw0Z2U0YUVnY3lWVkNNWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvYmU2NmU0LWYxNGItNGIzMS1iZGFmLTQ0MTQ1NThmZGNi
Yi8xL3czaThPOU5RN3R4UE4zd2lSVmF5VU5wdDNtOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE0lITAN
BgkqhkiG9w0BAQsFAAOCAQEAcxB6nkIJLYUlXjIIcD6iYM8aCGf5xOflV1Z5TQU8
2PQLSrsCQoIm7w721K1Z2Uy/fgXEv7y8g/teXXcNc3PKBFGIDyXMVtelMlpc01x9
uN26VHsDuOwKlKbPHz5IxJXNhfP3IoRysQIp4anzgYbCEgSjT+uJ0abOu/E2ehIf
tASNv2OQZjRz5cNaKredSjrpbOIm67k0vx2BCRUVXCPOnJIs84Ds24xBNodKgVfm
RdIhRzdkLwGIGs0R8gI38M4Qy3ykctwmSxytB19VbGWSlsskHVnBqXTr+3UJNV9Z
zVt6sd+hPfm/oTdQWHlGz3A6+aA+h1n+W2nV1sQxUy1Jgw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:53:29 2024 by rpki-client on console-fra.rpki-client.org