Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zNBrt8b_ORyqQSO4aCrRbgzOM0k.roa
File: zNBrt8b_ORyqQSO4aCrRbgzOM0k.roa (raw, json)
Hash identifier: JPrR5Q/6R3hbokDk+J7WmGsUILsQwl4oN4sTvCmroWc=
Subject key identifier: CC:D0:6B:B7:C6:FF:39:1C:AA:41:23:B8:68:2A:D1:6E:0C:CE:33:49
Certificate issuer: /CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Certificate serial: 01982E8F14D9A0BC1E842C873F31773DA58F
Authority key identifier: D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zNBrt8b_ORyqQSO4aCrRbgzOM0k.roa
Signing time: Mon 21 Jul 2025 19:56:25 +0000
ROA not before: Mon 21 Jul 2025 19:56:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398704
IP address blocks: 77.110.66.0/24 maxlen: 24
77.110.71.0/24 maxlen: 24
77.110.74.0/24 maxlen: 24
77.110.79.0/24 maxlen: 24
77.110.80.0/24 maxlen: 24
77.110.82.0/24 maxlen: 24
77.110.85.0/24 maxlen: 24
77.110.87.0/24 maxlen: 24
77.110.88.0/24 maxlen: 24
77.110.90.0/24 maxlen: 24
77.110.93.0/24 maxlen: 24
77.110.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2e:8f:14:d9:a0:bc:1e:84:2c:87:3f:31:77:3d:a5:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Validity
Not Before: Jul 21 19:56:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccd06bb7c6ff391caa4123b8682ad16e0cce3349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d1:df:81:e8:43:d7:35:01:bf:19:86:6a:50:
9b:85:28:b1:cf:7c:9e:16:53:c8:7e:59:ba:75:bb:
24:30:62:84:ee:86:35:ce:fd:bb:63:f9:9c:83:76:
6a:f3:d9:d2:5a:9b:cc:91:73:43:af:f6:ea:87:03:
a8:17:b6:f5:05:4e:05:1b:89:26:08:0e:1d:be:57:
2e:c9:5b:0e:b5:6e:0a:3b:54:e1:8f:f4:5d:93:d3:
49:ed:a3:5e:71:fa:70:62:80:57:c4:29:ae:f6:17:
6b:7b:a7:f9:85:5d:87:11:a8:12:ad:b0:b2:f6:f2:
66:20:14:c2:e0:8c:25:a3:79:51:80:0e:e5:4d:f6:
89:2c:18:20:7a:38:19:bf:4c:55:2f:64:e2:77:5a:
00:54:3a:0e:18:e6:b9:03:dc:14:01:8c:e6:7a:ca:
65:2c:b0:99:d6:10:e9:4a:07:38:86:55:28:50:67:
c9:f3:e3:a0:fb:e3:8f:e9:50:35:d8:d3:d1:8a:cf:
37:08:56:96:36:4e:9d:55:85:c7:69:a7:43:5e:89:
97:8c:63:99:f4:e2:13:e9:6c:00:13:34:44:29:6a:
da:b7:21:fe:ef:aa:7e:2a:46:77:7d:c0:ee:0c:de:
75:8a:8a:c1:76:bb:0b:25:a1:81:64:25:ae:86:63:
e1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D0:6B:B7:C6:FF:39:1C:AA:41:23:B8:68:2A:D1:6E:0C:CE:33:49
X509v3 Authority Key Identifier:
keyid:D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zNBrt8b_ORyqQSO4aCrRbgzOM0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.66.0/24
77.110.71.0/24
77.110.74.0/24
77.110.79.0-77.110.80.255
77.110.82.0/24
77.110.85.0/24
77.110.87.0-77.110.88.255
77.110.90.0/24
77.110.93.0/24
77.110.95.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:19:94:8a:97:bf:0a:26:d5:9f:72:34:e4:79:ea:19:ee:8f:
00:8a:04:f6:2f:d0:53:3c:4c:bc:3c:da:87:92:32:12:ef:70:
09:8f:2b:f4:da:bc:47:6d:24:09:e0:c3:80:2a:5f:50:a7:b6:
e5:ae:f7:46:e8:0b:cb:09:fb:1e:ae:c9:cd:93:9d:04:4c:bd:
44:28:49:91:b4:41:8b:89:d2:69:08:e7:84:a5:9f:9c:15:d9:
82:1d:44:06:88:e1:c1:ab:e5:6e:35:f2:ba:df:c2:ca:01:ce:
bb:4b:70:b5:77:42:26:11:67:da:56:bc:21:e0:a4:0f:35:94:
af:22:2c:a0:34:7c:e6:bc:a6:0e:81:2c:95:8c:8d:58:94:72:
c3:f0:23:43:3b:f7:e9:cf:a4:33:58:dc:64:32:e3:c3:61:49:
ba:56:f4:5e:15:eb:a8:c0:e5:3b:5a:75:63:84:30:8a:ce:bf:
cc:6a:5d:98:04:0c:7e:a6:cf:73:33:0d:f1:b6:6d:7f:3f:6d:
63:45:69:d5:b4:c0:a4:07:e5:27:c8:e4:73:12:99:bd:7f:c0:
57:49:6b:42:c6:d8:99:56:4d:90:4e:66:98:f1:e9:24:15:76:
de:1b:90:51:72:3c:65:52:73:47:c4:ee:25:72:1f:6b:d8:c6:
37:a0:2f:9f
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZgujxTZoLwehCyHPzF3PaWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2UyYmYwMDAxY2Q0MzBlOTI3N2ZiMDBlZDFhYmU1MWMw
YjVjN2MwHhcNMjUwNzIxMTk1NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QwNmJiN2M2ZmYzOTFjYWE0MTIzYjg2ODJhZDE2ZTBjY2UzMzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9HfgehD1zUBvxmGalCbhSixz3ye
FlPIflm6dbskMGKE7oY1zv27Y/mcg3Zq89nSWpvMkXNDr/bqhwOoF7b1BU4FG4km
CA4dvlcuyVsOtW4KO1Thj/Rdk9NJ7aNecfpwYoBXxCmu9hdre6f5hV2HEagSrbCy
9vJmIBTC4Iwlo3lRgA7lTfaJLBggejgZv0xVL2Tid1oAVDoOGOa5A9wUAYzmespl
LLCZ1hDpSgc4hlUoUGfJ8+Og++OP6VA12NPRis83CFaWNk6dVYXHaadDXomXjGOZ
9OIT6WwAEzREKWratyH+76p+KkZ3fcDuDN51iorBdrsLJaGBZCWuhmPhYwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFMzQa7fG/zkcqkEjuGgq0W4MzjNJMB8GA1UdIwQY
MBaAFNTOK/AAHNQw6Sd/sA7Rq+UcC1x8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEt
MWY1NDMxZTJhNWFmLzEvek5CcnQ4Yl9PUnlxUVNPNGFDclJiZ3pPTTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEtMWY1NDMxZTJhNWFm
LzEvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQATW5CAwQA
TW5HAwQATW5KMAwDBABNbk8DBABNblADBABNblIDBABNblUwDAMEAE1uVwMEAE1u
WAMEAE1uWgMEAE1uXQMEAE1uXzANBgkqhkiG9w0BAQsFAAOCAQEApxmUipe/CibV
n3I05HnqGe6PAIoE9i/QUzxMvDzah5IyEu9wCY8r9Nq8R20kCeDDgCpfUKe25a73
RugLywn7Hq7JzZOdBEy9RChJkbRBi4nSaQjnhKWfnBXZgh1EBojhwavlbjXyut/C
ygHOu0twtXdCJhFn2la8IeCkDzWUryIsoDR85rymDoEslYyNWJRyw/AjQzv36c+k
M1jcZDLjw2FJulb0XhXrqMDlO1p1Y4Qwis6/zGpdmAQMfqbPczMN8bZtfz9tY0Vp
1bTApAflJ8jkcxKZvX/AV0lrQsbYmVZNkE5mmPHpJBV23huQUXI8ZVJzR8TuJXIf
a9jGN6Avnw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:44:14 2025 by rpki-client