Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/OQJzntpQX9-JYIUpyxk4wn8509U.roa
File: OQJzntpQX9-JYIUpyxk4wn8509U.roa (raw, json)
Hash identifier: Ggxs5bJmZdkTixQ0e3ZJgdCG+tzmPZiiJ2YS72bZMtA=
Subject key identifier: 39:02:73:9E:DA:50:5F:DF:89:60:85:29:CB:19:38:C2:7F:39:D3:D5
Certificate issuer: /CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Certificate serial: 018CC6B927551C6626B66C27AD349924BA17
Authority key identifier: 1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/OQJzntpQX9-JYIUpyxk4wn8509U.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200077
IP address blocks: 77.111.208.0/22 maxlen: 24
185.37.220.0/22 maxlen: 24
2a00:fa60::/32 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:27:55:1c:66:26:b6:6c:27:ad:34:99:24:ba:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef9312cea5aa7438b4d90c0836c82f050a2a00a
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3902739eda505fdf89608529cb1938c27f39d3d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:be:1b:e6:f2:ab:1c:9d:7a:f1:0d:e1:5c:39:
b4:e7:bc:f3:85:36:05:01:cd:ce:26:13:5e:38:4a:
56:36:eb:77:6c:65:73:e9:24:d9:87:b1:7b:ec:fc:
f1:cc:2c:fa:5b:9a:87:1f:7f:5b:44:32:a6:3d:63:
e3:be:cf:91:fb:e9:2d:69:5f:07:7e:3b:90:7a:09:
e2:5d:f1:57:6c:47:d0:e4:00:a4:97:47:95:50:de:
e4:a9:ca:e8:6b:06:70:c2:84:d3:c5:b4:2e:ad:16:
2a:c4:8d:c8:bf:c7:16:9f:1e:3c:b6:a4:c8:21:73:
01:44:32:9c:6c:6a:91:51:30:60:99:22:52:25:71:
ef:f7:c5:14:9b:5c:d2:cf:9b:7b:2d:1e:bf:dc:87:
83:70:e5:ec:f5:5d:e4:ea:58:57:76:f1:48:7b:49:
08:bc:ff:94:1e:a7:55:13:a4:fd:53:8f:14:42:d7:
0f:84:61:a5:b1:a1:fb:6b:ac:d2:e1:54:e3:b6:80:
58:dd:23:ab:b8:c2:86:a3:ae:b1:16:4b:60:9a:66:
23:61:73:2b:38:a3:e7:69:2f:61:cb:e9:9c:0c:73:
77:db:cd:46:d7:ca:26:4f:6c:a6:51:89:4c:d7:53:
13:88:65:9f:32:cf:e6:d4:f7:f8:7a:e6:a3:fc:b2:
a1:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:02:73:9E:DA:50:5F:DF:89:60:85:29:CB:19:38:C2:7F:39:D3:D5
X509v3 Authority Key Identifier:
keyid:1E:F9:31:2C:EA:5A:A7:43:8B:4D:90:C0:83:6C:82:F0:50:A2:A0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvkxLOpap0OLTZDAg2yC8FCioAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/OQJzntpQX9-JYIUpyxk4wn8509U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/e844e8-d2f0-4514-b405-0b801bf80d53/1/HvkxLOpap0OLTZDAg2yC8FCioAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.208.0/22
185.37.220.0/22
IPv6:
2a00:fa60::/32
Signature Algorithm: sha256WithRSAEncryption
26:78:c6:40:8c:7b:96:9e:fe:9c:30:bd:e8:a0:b6:a4:ec:fc:
b1:05:b7:a2:e4:8a:a5:c1:46:b6:d9:da:38:58:db:22:de:5a:
07:07:e8:60:27:17:a7:16:f0:c3:60:c2:cd:37:38:61:61:d8:
ac:de:5c:47:aa:b8:00:0a:82:87:75:ec:b2:e5:da:c5:0f:9b:
6d:fe:08:40:a7:91:07:04:16:88:19:87:6a:62:9b:06:d2:9c:
84:e8:66:f2:a4:a4:9f:ce:6f:8c:c4:54:46:5f:77:d6:9f:e4:
63:8b:6a:92:13:c9:87:07:97:d8:eb:8d:99:3c:eb:8c:94:2b:
4f:ed:0f:ca:41:dc:c8:fc:88:c4:b0:9f:4c:0b:50:8b:fb:c4:
79:6c:6b:30:8c:f2:da:d3:0a:42:34:f4:4d:9b:9a:38:fe:8c:
09:e9:b7:73:2e:14:cc:45:d0:92:b5:bd:f9:06:bf:70:7c:5a:
ab:b7:36:c3:49:9a:a9:26:f1:87:4b:ac:27:ea:57:34:15:d5:
09:04:7b:0f:83:45:b4:37:9f:80:ca:d2:9e:3a:2d:23:9b:52:
00:88:6b:37:52:fe:8d:9d:41:ed:39:14:45:dd:64:16:05:f4:
88:ae:ef:56:1d:7e:68:6c:11:01:84:dc:1c:d3:37:b3:7f:e8:
03:44:03:a5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuSdVHGYmtmwnrTSZJLoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjkzMTJjZWE1YWE3NDM4YjRkOTBjMDgzNmM4MmYwNTBh
MmEwMGEwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAyNzM5ZWRhNTA1ZmRmODk2MDg1MjljYjE5MzhjMjdmMzlkM2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL4b5vKrHJ168Q3hXDm057zzhTYF
Ac3OJhNeOEpWNut3bGVz6STZh7F77PzxzCz6W5qHH39bRDKmPWPjvs+R++ktaV8H
fjuQegniXfFXbEfQ5ACkl0eVUN7kqcroawZwwoTTxbQurRYqxI3Iv8cWnx48tqTI
IXMBRDKcbGqRUTBgmSJSJXHv98UUm1zSz5t7LR6/3IeDcOXs9V3k6lhXdvFIe0kI
vP+UHqdVE6T9U48UQtcPhGGlsaH7a6zS4VTjtoBY3SOruMKGo66xFktgmmYjYXMr
OKPnaS9hy+mcDHN3281G18omT2ymUYlM11MTiGWfMs/m1Pf4euaj/LKh1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDkCc57aUF/fiWCFKcsZOMJ/OdPVMB8GA1UdIwQY
MBaAFB75MSzqWqdDi02QwINsgvBQoqAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUt
MGI4MDFiZjgwZDUzLzEvT1FKem50cFFYOS1KWUlVcHl4azR3bjg1MDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9lODQ0ZTgtZDJmMC00NTE0LWI0MDUtMGI4MDFiZjgwZDUz
LzEvSHZreExPcGFwME9MVFpEQWcyeUM4RkNpb0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTW/QAwQC
uSXcMA0EAgACMAcDBQAqAPpgMA0GCSqGSIb3DQEBCwUAA4IBAQAmeMZAjHuWnv6c
ML3ooLak7PyxBbei5IqlwUa22do4WNsi3loHB+hgJxenFvDDYMLNNzhhYdis3lxH
qrgACoKHdeyy5drFD5tt/ghAp5EHBBaIGYdqYpsG0pyE6GbypKSfzm+MxFRGX3fW
n+Rji2qSE8mHB5fY642ZPOuMlCtP7Q/KQdzI/IjEsJ9MC1CL+8R5bGswjPLa0wpC
NPRNm5o4/owJ6bdzLhTMRdCStb35Br9wfFqrtzbDSZqpJvGHS6wn6lc0FdUJBHsP
g0W0N5+AytKeOi0jm1IAiGs3Uv6NnUHtORRF3WQWBfSIru9WHX5obBEBhNwc0zez
f+gDRAOl
-----END CERTIFICATE-----
Generated at Sun May 19 23:07:15 2024 by rpki-client on console-fra.rpki-client.org