Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x7wxtp3OkzewhtrSCu4-2oaqze8.roa
File: x7wxtp3OkzewhtrSCu4-2oaqze8.roa (raw, json)
Hash identifier: IeCF4R5fRjQ4UxSFV88Da+nCCz34MxlQ5jxjwrQEACU=
Subject key identifier: C7:BC:31:B6:9D:CE:93:37:B0:86:DA:D2:0A:EE:3E:DA:86:AA:CD:EF
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 0192E6F5CEDCA4484E9D7755CCA7E1587CBB
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x7wxtp3OkzewhtrSCu4-2oaqze8.roa
Signing time: Fri 01 Nov 2024 09:02:01 +0000
ROA not before: Fri 01 Nov 2024 09:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62336
IP address blocks: 77.37.4.0/23 maxlen: 23
77.37.98.0/23 maxlen: 23
77.37.100.0/22 maxlen: 22
77.37.106.0/23 maxlen: 23
77.37.108.0/22 maxlen: 22
93.127.224.0/19 maxlen: 19
93.127.248.0/21 maxlen: 21
185.171.76.0/23 maxlen: 23
185.171.78.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:e6:f5:ce:dc:a4:48:4e:9d:77:55:cc:a7:e1:58:7c:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Nov 1 09:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7bc31b69dce9337b086dad20aee3eda86aacdef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2f:b9:84:7c:ff:0d:71:fb:12:3c:84:28:bb:
f2:54:33:b3:e0:1c:81:c9:ed:d4:78:90:50:cd:c9:
66:30:71:95:01:68:1d:d9:b2:68:8d:5c:78:61:b9:
54:5b:d4:e6:d0:4d:5b:e7:75:f6:e6:c1:0f:6f:b1:
33:e0:df:2a:17:b2:d2:47:e4:bc:66:f2:8b:20:8a:
30:f2:42:f1:a2:55:fe:e9:8e:43:18:47:24:46:b9:
3d:a1:86:70:a3:fa:80:78:12:02:92:95:d1:57:fc:
22:99:ee:b7:5d:28:ab:b4:34:c8:63:7e:e5:d7:a0:
85:69:ac:4a:22:3c:31:15:3a:0a:90:1b:e9:f8:4a:
90:0c:4f:3d:66:e6:95:25:d2:ad:1c:33:26:a9:e3:
ac:d3:1c:cc:c3:b9:53:6d:8b:b6:b6:c7:b2:6a:0e:
61:94:2b:c7:67:45:5b:7e:2d:7e:54:c7:c8:df:3f:
d0:f4:7c:00:bf:59:f1:67:75:e3:32:99:0f:a4:87:
d4:d7:91:57:09:41:53:46:87:c2:05:67:37:3c:ef:
52:7d:27:7c:4c:b6:7e:44:81:d4:ef:2c:8b:88:11:
a7:f9:46:47:31:dd:31:03:af:70:b8:03:ba:f5:55:
66:60:fa:7e:d5:8b:5d:d1:c8:c5:7b:ab:a3:a0:d2:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:BC:31:B6:9D:CE:93:37:B0:86:DA:D2:0A:EE:3E:DA:86:AA:CD:EF
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/x7wxtp3OkzewhtrSCu4-2oaqze8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.4.0/23
77.37.98.0-77.37.103.255
77.37.106.0-77.37.111.255
93.127.224.0/19
185.171.76.0/22
Signature Algorithm: sha256WithRSAEncryption
33:c3:e5:bc:cd:cc:5e:e5:76:48:7d:51:8a:12:75:42:d3:7b:
70:f1:4f:22:aa:32:a2:f3:ed:d7:73:71:81:74:6c:8d:c1:66:
40:a1:75:26:d6:29:dd:ba:40:b8:fd:85:5a:92:20:a5:14:d7:
3f:bd:0a:d4:c2:61:03:b9:2c:80:13:c8:2a:cd:ca:35:c5:98:
f4:6c:3e:40:2f:cd:45:3d:74:50:0c:e4:b7:ba:3a:d5:75:d8:
2e:02:5f:c4:93:1d:5a:37:b1:43:a5:86:a6:b9:07:04:af:aa:
bf:3a:e3:ba:b6:25:64:89:44:38:df:31:f5:2a:89:02:21:b1:
ac:53:c9:76:4e:17:21:a3:94:56:32:a3:5f:0b:13:4f:a9:9e:
7a:94:4f:cf:f9:87:51:ee:8d:f2:cd:32:7f:67:a3:f4:d4:16:
42:93:fd:64:a4:b5:c1:5d:ba:22:1d:18:0a:1c:92:c5:07:3c:
a3:b1:25:e8:a5:cc:8e:b6:78:49:d1:33:c4:24:cd:f1:19:c6:
97:1b:23:f1:1b:e7:1d:ae:c6:97:9c:84:65:f3:1d:1c:21:b1:
1a:99:4e:f2:16:f0:c0:ea:56:96:29:b1:65:e9:a7:62:45:7d:
ae:ce:4b:b6:70:fc:19:4c:fe:84:b2:19:40:90:68:45:a6:cb:
81:de:42:ed
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZLm9c7cpEhOnXdVzKfhWHy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjQxMTAxMDkwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2JjMzFiNjlkY2U5MzM3YjA4NmRhZDIwYWVlM2VkYTg2YWFjZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi+5hHz/DXH7EjyEKLvyVDOz4ByB
ye3UeJBQzclmMHGVAWgd2bJojVx4YblUW9Tm0E1b53X25sEPb7Ez4N8qF7LSR+S8
ZvKLIIow8kLxolX+6Y5DGEckRrk9oYZwo/qAeBICkpXRV/wime63XSirtDTIY37l
16CFaaxKIjwxFToKkBvp+EqQDE89ZuaVJdKtHDMmqeOs0xzMw7lTbYu2tseyag5h
lCvHZ0Vbfi1+VMfI3z/Q9HwAv1nxZ3XjMpkPpIfU15FXCUFTRofCBWc3PO9SfSd8
TLZ+RIHU7yyLiBGn+UZHMd0xA69wuAO69VVmYPp+1Ytd0cjFe6ujoNKJRwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMe8MbadzpM3sIba0gruPtqGqs3vMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEveDd3eHRwM09remV3aHRyU0N1NC0yb2FxemU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBTSUEMAwD
BAFNJWIDBANNJWAwDAMEAU0lagMEBE0lYAMEBV1/4AMEArmrTDANBgkqhkiG9w0B
AQsFAAOCAQEAM8PlvM3MXuV2SH1RihJ1QtN7cPFPIqoyovPt13NxgXRsjcFmQKF1
JtYp3bpAuP2FWpIgpRTXP70K1MJhA7ksgBPIKs3KNcWY9Gw+QC/NRT10UAzkt7o6
1XXYLgJfxJMdWjexQ6WGprkHBK+qvzrjurYlZIlEON8x9SqJAiGxrFPJdk4XIaOU
VjKjXwsTT6meepRPz/mHUe6N8s0yf2ej9NQWQpP9ZKS1wV26Ih0YChySxQc8o7El
6KXMjrZ4SdEzxCTN8RnGlxsj8RvnHa7Gl5yEZfMdHCGxGplO8hbwwOpWlimxZemn
YkV9rs5LtnD8GUz+hLIZQJBoRabLgd5C7Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:06:51 2024 by rpki-client on console-fra.rpki-client.org