Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0E7XqwXvQw8zGg6cfEDvAxEUfw4.roa
File: 0E7XqwXvQw8zGg6cfEDvAxEUfw4.roa (raw, json)
Hash identifier: GEurlnwNp4FPEWbJDU+gHsQep+536ZgKzEj3iyCeYrM=
Subject key identifier: D0:4E:D7:AB:05:EF:43:0F:33:1A:0E:9C:7C:40:EF:03:11:14:7F:0E
Certificate issuer: /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial: 01942067E95033CEE9DBB75DA28C6E6C6A8D
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0E7XqwXvQw8zGg6cfEDvAxEUfw4.roa
Signing time: Wed 01 Jan 2025 05:47:48 +0000
ROA not before: Wed 01 Jan 2025 05:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42669
IP address blocks: 77.242.176.0/20 maxlen: 20
185.128.76.0/22 maxlen: 24
2a0b:aa80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:e9:50:33:ce:e9:db:b7:5d:a2:8c:6e:6c:6a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Validity
Not Before: Jan 1 05:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d04ed7ab05ef430f331a0e9c7c40ef0311147f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6e:83:ef:47:9b:43:a3:62:64:37:df:06:71:
37:ba:be:fe:d1:74:2e:8f:1e:0d:a9:07:81:3a:38:
b2:a1:18:c3:eb:ac:18:cd:78:18:83:63:dc:19:7a:
a2:a1:b7:64:f9:c3:4b:3f:f9:05:1a:9e:94:38:b1:
e5:2e:63:d2:b4:80:b8:9e:81:67:d3:a1:3e:17:dc:
63:54:3f:14:7b:14:b2:1b:6b:06:9c:5d:84:dd:2d:
64:7e:69:d3:1a:38:c9:4b:df:eb:ad:dc:f7:f9:15:
2c:71:15:b4:98:97:fa:42:be:2b:86:05:3c:54:9c:
98:b0:8c:92:b4:9d:97:6b:ba:97:eb:4c:50:9b:88:
74:4d:3f:17:e9:76:87:6a:9a:96:6a:9f:9e:69:29:
ba:6a:ff:6f:12:bf:32:9e:c7:74:c1:6b:ef:fe:83:
1f:ec:7f:f5:f7:5f:db:8e:d3:a1:c6:9d:a8:81:30:
6a:a5:dc:e6:74:15:05:b9:08:c4:be:4f:c0:62:04:
50:66:3b:6d:dc:1f:14:cf:26:6e:e8:75:21:81:1e:
16:cb:19:36:47:af:72:3d:ec:1a:a8:96:b0:9f:3b:
46:fc:71:fd:19:3a:18:e9:fa:44:1a:08:a3:17:89:
30:82:19:6d:4f:3c:08:60:4e:d1:94:1f:c4:53:8f:
0f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:4E:D7:AB:05:EF:43:0F:33:1A:0E:9C:7C:40:EF:03:11:14:7F:0E
X509v3 Authority Key Identifier:
keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0E7XqwXvQw8zGg6cfEDvAxEUfw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.176.0/20
185.128.76.0/22
IPv6:
2a0b:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
37:d7:b9:1e:91:f4:45:d2:7e:e6:43:3c:b0:ed:97:00:b8:15:
20:18:be:98:c6:d1:74:2e:e2:44:cd:15:6d:00:4c:bb:91:ce:
cf:11:0b:75:29:21:bc:4e:70:d1:24:6c:a0:07:23:7b:29:3e:
46:75:03:b8:70:9a:5c:28:73:27:bd:d6:5e:02:6d:25:31:72:
49:41:5f:d0:00:3f:d3:79:dd:5b:ad:de:3e:91:9c:1e:a9:a4:
89:15:e9:1a:9a:d1:bf:e9:bd:19:12:c0:fd:4f:5d:b2:19:84:
2e:77:3c:6b:fd:4c:5f:d0:29:74:8b:59:cf:49:29:30:60:4b:
7a:f4:1d:28:2c:10:1b:9e:62:54:1c:2a:3b:f5:ce:11:1f:3d:
c6:b5:c6:15:c1:84:44:09:8f:21:0c:47:85:04:35:16:43:c8:
7d:09:8d:7c:3e:ee:e0:c6:a1:d6:69:40:bf:b0:83:a9:cb:14:
4c:a6:7d:e5:ea:dc:75:db:45:f1:19:c4:3b:89:c6:85:a9:2c:
af:cd:70:4f:44:20:f9:d6:25:40:c1:4e:14:66:9e:9f:cf:28:
46:a0:e5:83:81:64:69:71:74:f4:cf:0a:b1:38:ed:a9:86:a4:
af:61:bd:8f:b0:36:3c:d6:78:4b:d2:4b:5a:a6:2e:b3:a2:ad:
38:e8:2c:d8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgZ+lQM87p27ddooxubGqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWVi
ZTMzYTYwHhcNMjUwMTAxMDU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDRlZDdhYjA1ZWY0MzBmMzMxYTBlOWM3YzQwZWYwMzExMTQ3ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoW6D70ebQ6NiZDffBnE3ur7+0XQu
jx4NqQeBOjiyoRjD66wYzXgYg2PcGXqiobdk+cNLP/kFGp6UOLHlLmPStIC4noFn
06E+F9xjVD8UexSyG2sGnF2E3S1kfmnTGjjJS9/rrdz3+RUscRW0mJf6Qr4rhgU8
VJyYsIyStJ2Xa7qX60xQm4h0TT8X6XaHapqWap+eaSm6av9vEr8ynsd0wWvv/oMf
7H/191/bjtOhxp2ogTBqpdzmdBUFuQjEvk/AYgRQZjtt3B8UzyZu6HUhgR4Wyxk2
R69yPewaqJawnztG/HH9GToY6fpEGgijF4kwghltTzwIYE7RlB/EU48PLQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNBO16sF70MPMxoOnHxA7wMRFH8OMB8GA1UdIwQY
MBaAFNBGh6PuYyK3V96B5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYt
OTdiZTQyNmEyMzM0LzEvMEU3WHF3WHZRdzh6R2c2Y2ZFRHZBeEVVZnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0
LzEvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfKwAwQC
uYBMMA0EAgACMAcDBQMqC6qAMA0GCSqGSIb3DQEBCwUAA4IBAQA317kekfRF0n7m
Qzyw7ZcAuBUgGL6YxtF0LuJEzRVtAEy7kc7PEQt1KSG8TnDRJGygByN7KT5GdQO4
cJpcKHMnvdZeAm0lMXJJQV/QAD/Ted1brd4+kZweqaSJFekamtG/6b0ZEsD9T12y
GYQudzxr/Uxf0Cl0i1nPSSkwYEt69B0oLBAbnmJUHCo79c4RHz3GtcYVwYRECY8h
DEeFBDUWQ8h9CY18Pu7gxqHWaUC/sIOpyxRMpn3l6tx120XxGcQ7icaFqSyvzXBP
RCD51iVAwU4UZp6fzyhGoOWDgWRpcXT0zwqxOO2phqSvYb2PsDY81nhL0ktapi6z
oq046CzY
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:29:43 2025 by rpki-client