Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/RHFnY95t4uvGsj-qTMJoEYxjsYw.roa
File: RHFnY95t4uvGsj-qTMJoEYxjsYw.roa (raw, json)
Hash identifier: jFBNKpkQQdEQfY7XMexHXeh3GYabj7Jbs9i015IuQWc=
Subject key identifier: 44:71:67:63:DE:6D:E2:EB:C6:B2:3F:AA:4C:C2:68:11:8C:63:B1:8C
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 018CC424A245FA788E8BA25F8973F537D7EF
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/RHFnY95t4uvGsj-qTMJoEYxjsYw.roa
Signing time: Mon 01 Jan 2024 08:29:44 +0000
ROA not before: Mon 01 Jan 2024 08:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213202
IP address blocks: 77.37.96.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:a2:45:fa:78:8e:8b:a2:5f:89:73:f5:37:d7:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Jan 1 08:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44716763de6de2ebc6b23faa4cc268118c63b18c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1c:97:fd:61:3b:42:24:98:75:22:4d:fc:ad:
c8:86:e3:33:f8:b7:ec:6f:98:65:b9:1c:2a:21:cd:
b6:a9:ad:c4:ad:f2:29:c7:a2:2c:32:e6:10:14:77:
c5:4c:fb:d5:89:83:88:1a:1d:a5:59:b9:9a:a6:8d:
b2:c5:44:dd:b9:9f:e7:b8:aa:28:7f:0b:b0:44:ea:
a5:d0:d5:d7:72:1d:bd:b8:d5:32:7a:6d:0f:89:9c:
68:2c:e4:fc:13:6c:d5:89:57:6f:4f:32:12:30:0c:
97:46:9c:54:29:26:b0:99:1b:a8:6e:65:b6:d3:a2:
ea:64:68:e1:7c:42:f8:6a:a5:6f:e7:be:b0:a3:0b:
6e:69:16:f3:7a:57:5e:02:02:1f:70:40:06:21:e8:
63:05:53:44:7f:38:70:23:23:8c:6e:83:bf:e4:3b:
7a:47:21:ac:31:9e:1c:c8:87:5c:61:97:b4:19:0c:
9f:2a:1d:ab:40:15:b1:4c:86:ff:99:ff:0a:fb:08:
53:c1:19:da:d7:de:dd:4d:95:e0:ad:33:b3:94:12:
a7:32:06:68:7a:e2:39:e2:cc:07:e8:d3:4c:d4:12:
34:da:73:5f:0c:84:91:9e:c6:1f:db:4f:99:e7:9f:
57:2b:51:78:e0:91:94:27:2f:aa:1b:e7:1c:43:f7:
47:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:71:67:63:DE:6D:E2:EB:C6:B2:3F:AA:4C:C2:68:11:8C:63:B1:8C
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/RHFnY95t4uvGsj-qTMJoEYxjsYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.96.0/23
Signature Algorithm: sha256WithRSAEncryption
05:ed:2c:b6:c7:cc:fc:69:d5:9c:e0:11:8b:85:07:f7:0f:ef:
cf:cc:c9:ce:46:41:6d:de:fb:9f:45:3b:73:25:90:9d:e6:e2:
f6:32:26:3d:f7:fe:37:b1:79:13:02:6a:76:4b:5a:ef:f2:f1:
d4:d9:5a:36:29:dc:d0:1d:7e:2c:ca:17:80:be:e8:03:34:ab:
bc:b3:40:12:cc:60:48:0a:c2:36:80:e6:bd:30:68:ea:d5:11:
a2:6f:84:96:c1:06:8f:db:50:3e:d5:9f:a2:ae:44:d5:21:8a:
68:79:d1:8d:27:f7:5d:aa:7b:a5:94:59:f3:55:6b:b5:36:e3:
fc:fe:79:b2:f7:40:1a:17:b6:1c:bf:b7:0d:8a:b3:8b:0a:55:
63:8a:f9:13:ec:4d:1a:b6:86:59:48:cc:cf:16:ce:0b:db:50:
36:ac:9a:55:41:8a:92:3b:02:e1:30:74:cb:30:1f:eb:09:ed:
84:26:00:c6:1c:a5:ca:4a:fd:d4:02:67:05:dc:2b:f2:66:43:
79:14:a6:5c:96:6e:07:18:cc:a7:8c:e6:11:7f:a5:af:e5:70:
bb:2b:23:af:de:af:b6:03:7a:13:7e:e5:44:6c:a8:75:96:e3:
a1:53:69:2b:de:d3:f5:b1:db:f4:a1:86:95:d9:c0:f9:04:2e:
fa:ec:07:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJKJF+niOi6JfiXP1N9fvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQwMTAxMDgyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcxNjc2M2RlNmRlMmViYzZiMjNmYWE0Y2MyNjgxMThjNjNiMThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hyX/WE7QiSYdSJN/K3IhuMz+Lfs
b5hluRwqIc22qa3ErfIpx6IsMuYQFHfFTPvViYOIGh2lWbmapo2yxUTduZ/nuKoo
fwuwROql0NXXch29uNUyem0PiZxoLOT8E2zViVdvTzISMAyXRpxUKSawmRuobmW2
06LqZGjhfEL4aqVv576wowtuaRbzeldeAgIfcEAGIehjBVNEfzhwIyOMboO/5Dt6
RyGsMZ4cyIdcYZe0GQyfKh2rQBWxTIb/mf8K+whTwRna197dTZXgrTOzlBKnMgZo
euI54swH6NNM1BI02nNfDISRnsYf20+Z559XK1F44JGUJy+qG+ccQ/dHZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFERxZ2PebeLrxrI/qkzCaBGMY7GMMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvUkhGblk5NXQ0dXZHc2otcVRNSm9FWXhqc1l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBTSVgMA0G
CSqGSIb3DQEBCwUAA4IBAQAF7Sy2x8z8adWc4BGLhQf3D+/PzMnORkFt3vufRTtz
JZCd5uL2MiY99/43sXkTAmp2S1rv8vHU2Vo2KdzQHX4syheAvugDNKu8s0ASzGBI
CsI2gOa9MGjq1RGib4SWwQaP21A+1Z+irkTVIYpoedGNJ/ddqnullFnzVWu1NuP8
/nmy90AaF7Ycv7cNirOLClVjivkT7E0atoZZSMzPFs4L21A2rJpVQYqSOwLhMHTL
MB/rCe2EJgDGHKXKSv3UAmcF3CvyZkN5FKZclm4HGMynjOYRf6Wv5XC7KyOv3q+2
A3oTfuVEbKh1luOhU2kr3tP1sdv0oYaV2cD5BC767AcM
-----END CERTIFICATE-----
Generated at Mon May 6 10:50:38 2024 by rpki-client on console-fra.rpki-client.org