Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/xufGdiw8vu26zsmML7UeTUou5hA.roa
File: xufGdiw8vu26zsmML7UeTUou5hA.roa (raw, json)
Hash identifier: FPD/rr/c4+/3+ME4ysyP2eNMHG6cFBZQMwG4yZOWY+o=
Subject key identifier: C6:E7:C6:76:2C:3C:BE:ED:BA:CE:C9:8C:2F:B5:1E:4D:4A:2E:E6:10
Certificate issuer: /CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Certificate serial: 0194206824E1882463D0162A851714265583
Authority key identifier: 81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/xufGdiw8vu26zsmML7UeTUou5hA.roa
Signing time: Wed 01 Jan 2025 05:48:03 +0000
ROA not before: Wed 01 Jan 2025 05:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42808
IP address blocks: 77.247.0.0/24 maxlen: 24
77.247.13.0/24 maxlen: 24
185.71.49.0/24 maxlen: 24
185.71.51.0/24 maxlen: 24
212.11.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.mft
rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:24:e1:88:24:63:d0:16:2a:85:17:14:26:55:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=815780532ed29a3f80e7ba414efcb379d9ec97c9
Validity
Not Before: Jan 1 05:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6e7c6762c3cbeedbacec98c2fb51e4d4a2ee610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d1:22:ce:ef:05:d8:b0:f8:63:6b:92:f9:73:
87:27:07:4f:42:df:c8:76:de:69:5a:82:24:91:06:
71:b9:df:ca:25:40:a4:7c:04:ff:c4:82:ce:13:27:
0e:d1:54:b4:d6:57:fd:55:9e:d4:3e:a5:e7:cf:7a:
5b:f9:7b:b0:e9:fe:80:bf:b0:11:d8:de:ca:c0:b4:
c1:48:b8:2b:4c:d8:0c:96:9f:11:d6:d9:c4:b1:fe:
ed:0b:de:98:c0:5b:d0:54:67:2b:30:ce:20:d8:cb:
40:e3:da:8d:f2:cf:ff:00:9b:8e:22:d0:0f:52:eb:
f7:c4:08:eb:89:c3:b5:68:ad:3e:00:e7:04:f4:0e:
0a:41:27:5d:ea:e4:5f:5f:1c:1c:3c:a0:94:4a:bd:
94:d1:af:80:92:67:3b:72:fc:e0:bf:19:94:7b:06:
f2:bd:c8:1f:ee:63:53:7d:47:20:53:63:3b:93:a6:
56:ff:d4:14:06:77:ae:d3:e9:a1:92:90:d5:7e:c6:
c0:b1:c9:df:bb:e2:91:c9:9e:c3:5c:e6:c4:b2:91:
ec:a5:e4:3d:1a:11:a7:b9:c2:33:6f:c4:7e:38:cc:
1b:83:c6:55:4a:43:d2:ff:14:47:ec:bd:e5:23:b5:
a2:f5:43:5f:7b:ba:90:75:75:9e:8a:4c:74:5e:d7:
99:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:E7:C6:76:2C:3C:BE:ED:BA:CE:C9:8C:2F:B5:1E:4D:4A:2E:E6:10
X509v3 Authority Key Identifier:
keyid:81:57:80:53:2E:D2:9A:3F:80:E7:BA:41:4E:FC:B3:79:D9:EC:97:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gVeAUy7Smj-A57pBTvyzednsl8k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/xufGdiw8vu26zsmML7UeTUou5hA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/de31a6-aaa3-409d-8d4f-f61554c6c145/1/gVeAUy7Smj-A57pBTvyzednsl8k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.0.0/24
77.247.13.0/24
185.71.49.0/24
185.71.51.0/24
212.11.81.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:50:88:30:f0:af:b6:c6:e1:cc:ef:48:c7:76:07:af:7f:cf:
51:dc:54:0c:38:f6:bf:68:96:33:ea:dd:ef:87:0b:f4:76:47:
eb:32:3a:8f:5e:41:98:63:e4:b9:4a:46:f1:ab:9e:3b:38:1e:
95:0c:9c:02:58:37:73:9e:a4:b3:35:d9:30:30:29:8c:2e:d6:
b5:5b:6f:fe:66:a8:e6:c8:9d:0d:6b:30:00:d3:de:0b:6a:c1:
e0:d4:f7:4d:5d:0f:88:84:d9:05:50:a9:a5:b0:3e:a3:5a:aa:
1d:71:1d:22:53:1a:99:fb:07:a0:0e:4b:de:a7:d0:88:87:d4:
c5:4a:24:36:d2:f5:3a:a6:a7:06:07:92:f1:28:d9:33:9c:20:
d8:04:9f:93:47:a8:c5:26:4c:08:ae:86:eb:bd:52:0f:bc:37:
f4:2e:28:6e:6c:2f:79:0a:96:2a:f7:51:9f:53:08:f6:0a:61:
ca:e1:cc:cb:85:67:c5:40:a9:cf:86:2c:28:09:2c:c1:a6:84:
fc:c8:09:ed:73:80:d2:e0:ac:9b:ff:3b:30:c5:54:77:da:0b:
fb:88:d9:50:41:eb:e0:ee:d0:66:5d:70:74:aa:ca:b6:7b:fa:
c6:59:46:5c:12:86:60:46:db:8b:25:0e:f5:07:e2:f2:a2:4d:
13:55:8c:06
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQgaCThiCRj0BYqhRcUJlWDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxNTc4MDUzMmVkMjlhM2Y4MGU3YmE0MTRlZmNiMzc5ZDll
Yzk3YzkwHhcNMjUwMTAxMDU0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmU3YzY3NjJjM2NiZWVkYmFjZWM5OGMyZmI1MWU0ZDRhMmVlNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNEizu8F2LD4Y2uS+XOHJwdPQt/I
dt5pWoIkkQZxud/KJUCkfAT/xILOEycO0VS01lf9VZ7UPqXnz3pb+Xuw6f6Av7AR
2N7KwLTBSLgrTNgMlp8R1tnEsf7tC96YwFvQVGcrMM4g2MtA49qN8s//AJuOItAP
Uuv3xAjricO1aK0+AOcE9A4KQSdd6uRfXxwcPKCUSr2U0a+Akmc7cvzgvxmUewby
vcgf7mNTfUcgU2M7k6ZW/9QUBneu0+mhkpDVfsbAscnfu+KRyZ7DXObEspHspeQ9
GhGnucIzb8R+OMwbg8ZVSkPS/xRH7L3lI7Wi9UNfe7qQdXWeikx0XteZtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMbnxnYsPL7tus7JjC+1Hk1KLuYQMB8GA1UdIwQY
MBaAFIFXgFMu0po/gOe6QU78s3nZ7JfJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYt
ZjYxNTU0YzZjMTQ1LzEveHVmR2Rpdzh2dTI2enNtTUw3VWVUVW91NWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZTMxYTYtYWFhMy00MDlkLThkNGYtZjYxNTU0YzZjMTQ1
LzEvZ1ZlQVV5N1Ntai1BNTdwQlR2eXplZG5zbDhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfcAAwQA
TfcNAwQAuUcxAwQAuUczAwQA1AtRMA0GCSqGSIb3DQEBCwUAA4IBAQBaUIgw8K+2
xuHM70jHdgevf89R3FQMOPa/aJYz6t3vhwv0dkfrMjqPXkGYY+S5Skbxq547OB6V
DJwCWDdznqSzNdkwMCmMLta1W2/+ZqjmyJ0NazAA094LasHg1PdNXQ+IhNkFUKml
sD6jWqodcR0iUxqZ+wegDkvep9CIh9TFSiQ20vU6pqcGB5LxKNkznCDYBJ+TR6jF
JkwIrobrvVIPvDf0LihubC95CpYq91GfUwj2CmHK4czLhWfFQKnPhiwoCSzBpoT8
yAntc4DS4Kyb/zswxVR32gv7iNlQQevg7tBmXXB0qsq2e/rGWUZcEoZgRtuLJQ71
B+Lyok0TVYwG
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:57:39 2025 by rpki-client