Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/RYGAn9C_Ou69Eoi399PAz8YhqQg.roa
File: RYGAn9C_Ou69Eoi399PAz8YhqQg.roa (raw, json)
Hash identifier: lI6JFkFgD/U2fy5Yl8TbhtbTV9cGpRV0TUsde5LTDE4=
Subject key identifier: 45:81:80:9F:D0:BF:3A:EE:BD:12:88:B7:F7:D3:C0:CF:C6:21:A9:08
Certificate issuer: /CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Certificate serial: 018CC64AA73E1C54FF1656F9B0373201618F
Authority key identifier: 12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/RYGAn9C_Ou69Eoi399PAz8YhqQg.roa
Signing time: Mon 01 Jan 2024 18:30:30 +0000
ROA not before: Mon 01 Jan 2024 18:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39246
IP address blocks: 77.78.134.0/24 maxlen: 24
77.78.133.0/24 maxlen: 24
77.78.139.0/24 maxlen: 24
77.78.138.0/24 maxlen: 24
77.78.137.0/24 maxlen: 24
77.78.136.0/24 maxlen: 24
77.78.135.0/24 maxlen: 24
77.78.144.0/24 maxlen: 24
77.78.143.0/24 maxlen: 24
77.78.142.0/24 maxlen: 24
77.78.141.0/24 maxlen: 24
77.78.140.0/24 maxlen: 24
77.78.132.0/24 maxlen: 24
77.78.131.0/24 maxlen: 24
77.78.130.0/24 maxlen: 24
77.78.129.0/24 maxlen: 24
77.78.128.0/24 maxlen: 24
109.121.132.0/24 maxlen: 24
109.121.131.0/24 maxlen: 24
109.121.130.0/24 maxlen: 24
109.121.129.0/24 maxlen: 24
109.121.151.0/24 maxlen: 24
109.121.150.0/24 maxlen: 24
109.121.149.0/24 maxlen: 24
109.121.148.0/24 maxlen: 24
109.121.155.0/24 maxlen: 24
109.121.154.0/24 maxlen: 24
109.121.158.0/24 maxlen: 24
109.121.157.0/24 maxlen: 24
109.121.156.0/24 maxlen: 24
109.121.165.0/24 maxlen: 24
109.121.164.0/24 maxlen: 24
109.121.169.0/24 maxlen: 24
109.121.168.0/24 maxlen: 24
109.121.167.0/24 maxlen: 24
31.193.189.0/24 maxlen: 24
62.192.132.0/24 maxlen: 24
62.192.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:a7:3e:1c:54:ff:16:56:f9:b0:37:32:01:61:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12ef9e49fecf2509eb6769eee2cdd4a5253b71c5
Validity
Not Before: Jan 1 18:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4581809fd0bf3aeebd1288b7f7d3c0cfc621a908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f3:11:e4:64:a0:54:bb:84:2f:2f:bb:b9:1a:
9b:53:e6:af:3a:62:49:67:23:5d:b0:cc:3b:1b:03:
64:9e:7f:2f:26:1e:1f:53:99:5c:fc:08:04:37:b8:
d0:6c:b2:11:81:2a:10:52:60:35:b7:34:93:8b:96:
56:f9:fa:5b:55:ec:9b:94:6a:b1:8d:70:d0:43:60:
24:f1:ce:b1:ab:39:44:4c:23:fd:eb:1f:a8:b0:6b:
c1:68:4a:46:30:ae:83:0d:81:36:f6:86:30:cf:ef:
4f:79:18:0c:46:aa:bb:11:5a:a3:d0:41:f9:36:1a:
19:d9:25:a5:c7:0a:c8:d0:64:97:34:de:c8:ab:3f:
cb:1f:b2:3a:20:9e:b4:db:d0:64:3a:3b:d4:15:1f:
2d:1b:2c:c2:1c:60:f9:0c:50:77:e7:2b:6c:fc:4f:
92:6e:d0:a9:87:bf:d8:2f:0d:9e:cd:05:9e:01:75:
71:ca:cf:5b:f9:3d:0a:f3:f4:d4:5e:d2:5c:4a:3b:
06:37:54:eb:97:9e:e5:85:f9:09:15:0b:83:fb:64:
a5:5d:4c:de:60:4f:b5:92:47:bb:ce:af:33:9d:4e:
9c:6f:87:d9:65:9f:92:52:1e:73:35:4f:09:9a:1c:
8b:36:4c:cf:c5:32:6c:a9:db:ad:69:a3:ba:58:d4:
d5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:81:80:9F:D0:BF:3A:EE:BD:12:88:B7:F7:D3:C0:CF:C6:21:A9:08
X509v3 Authority Key Identifier:
keyid:12:EF:9E:49:FE:CF:25:09:EB:67:69:EE:E2:CD:D4:A5:25:3B:71:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/RYGAn9C_Ou69Eoi399PAz8YhqQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/9c27c2-fdbe-4e39-ba92-1d5d945a05a3/1/Eu-eSf7PJQnrZ2nu4s3UpSU7ccU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.189.0/24
62.192.132.0/23
77.78.128.0-77.78.144.255
109.121.129.0-109.121.132.255
109.121.148.0/22
109.121.154.0-109.121.158.255
109.121.164.0/23
109.121.167.0-109.121.169.255
Signature Algorithm: sha256WithRSAEncryption
5f:25:82:7b:90:18:cf:de:d9:67:2d:9b:7c:77:25:7f:ae:20:
9f:ca:f6:bb:9f:bc:be:3b:60:b3:d0:31:25:47:ac:40:58:53:
71:45:46:7f:82:30:99:40:b2:7d:0b:aa:03:c9:a8:32:26:f0:
d8:89:57:7b:b1:e0:f2:b8:a1:80:36:ed:c7:b5:55:89:74:6f:
ba:ce:19:eb:1b:76:02:29:6e:78:75:ef:75:e7:c0:58:47:16:
2d:e0:a9:4d:01:ba:d2:dd:47:7c:a9:82:d4:9c:a9:59:5e:14:
7d:9a:6d:ec:d5:8e:b8:a8:a9:c1:10:a4:0c:ec:ca:89:bf:d2:
c5:65:17:de:07:95:19:1a:a4:71:19:aa:65:1f:1e:fc:dc:9e:
9b:de:17:74:93:cd:ff:41:0f:2c:1f:24:03:79:e4:46:d0:92:
fa:f3:19:c1:0d:d2:95:68:19:ae:a5:05:43:d0:c9:49:bd:c2:
bc:eb:16:c7:85:e0:19:9e:c7:2a:e1:0a:ba:5b:0d:ba:20:a3:
07:07:85:81:ae:c5:4d:d6:7d:a2:f8:43:e2:27:4e:7a:03:1b:
6b:9b:bf:dc:c3:32:f8:08:83:c4:1f:2f:2b:d2:49:96:06:e5:
02:29:3e:46:45:bf:bd:a1:28:6c:4a:2f:9e:76:c6:1b:43:ac:
7c:99:f5:d8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYzGSqc+HFT/Flb5sDcyAWGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZWY5ZTQ5ZmVjZjI1MDllYjY3NjllZWUyY2RkNGE1MjUz
YjcxYzUwHhcNMjQwMTAxMTgzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTgxODA5ZmQwYmYzYWVlYmQxMjg4YjdmN2QzYzBjZmM2MjFhOTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/MR5GSgVLuELy+7uRqbU+avOmJJ
ZyNdsMw7GwNknn8vJh4fU5lc/AgEN7jQbLIRgSoQUmA1tzSTi5ZW+fpbVeyblGqx
jXDQQ2Ak8c6xqzlETCP96x+osGvBaEpGMK6DDYE29oYwz+9PeRgMRqq7EVqj0EH5
NhoZ2SWlxwrI0GSXNN7Iqz/LH7I6IJ6029BkOjvUFR8tGyzCHGD5DFB35yts/E+S
btCph7/YLw2ezQWeAXVxys9b+T0K8/TUXtJcSjsGN1Trl57lhfkJFQuD+2SlXUze
YE+1kke7zq8znU6cb4fZZZ+SUh5zNU8JmhyLNkzPxTJsqdutaaO6WNTVqQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEWBgJ/QvzruvRKIt/fTwM/GIakIMB8GA1UdIwQY
MBaAFBLvnkn+zyUJ62dp7uLN1KUlO3HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTIt
MWQ1ZDk0NWEwNWEzLzEvUllHQW45Q19PdTY5RW9pMzk5UEF6OFlocVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS85YzI3YzItZmRiZS00ZTM5LWJhOTItMWQ1ZDk0NWEwNWEz
LzEvRXUtZVNmN1BKUW5yWjJudTRzM1VwU1U3Y2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAH8G9AwQB
PsCEMAwDBAdNToADBABNTpAwDAMEAG15gQMEAG15hAMEAm15lDAMAwQBbXmaAwQA
bXmeAwQBbXmkMAwDBABteacDBAFteagwDQYJKoZIhvcNAQELBQADggEBAF8lgnuQ
GM/e2Wctm3x3JX+uIJ/K9rufvL47YLPQMSVHrEBYU3FFRn+CMJlAsn0LqgPJqDIm
8NiJV3ux4PK4oYA27ce1VYl0b7rOGesbdgIpbnh173XnwFhHFi3gqU0ButLdR3yp
gtScqVleFH2abezVjrioqcEQpAzsyom/0sVlF94HlRkapHEZqmUfHvzcnpveF3ST
zf9BDywfJAN55EbQkvrzGcEN0pVoGa6lBUPQyUm9wrzrFseF4BmexyrhCrpbDbog
owcHhYGuxU3WfaL4Q+InTnoDG2ubv9zDMvgIg8QfLyvSSZYG5QIpPkZFv72hKGxK
L552xhtDrHyZ9dg=
-----END CERTIFICATE-----
Generated at Thu May 2 09:11:03 2024 by rpki-client on console-ams.rpki-client.org