Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/qmOZwfWbfR6XjYwl5pYRt79e34Y.roa
File: qmOZwfWbfR6XjYwl5pYRt79e34Y.roa (raw, json)
Hash identifier: wP6Og39PiJakVD6q3dK8IAoysYFGH1TxQgPn9ZY7c8Q=
Subject key identifier: AA:63:99:C1:F5:9B:7D:1E:97:8D:8C:25:E6:96:11:B7:BF:5E:DF:86
Certificate issuer: /CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Certificate serial: 0194228D7C12DAE4D9243495AA0FDE68B1DD
Authority key identifier: 77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/qmOZwfWbfR6XjYwl5pYRt79e34Y.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51964
IP address blocks: 185.84.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7c:12:da:e4:d9:24:34:95:aa:0f:de:68:b1:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77eda8f726a69b504de994943b0a5f2308c2a96b
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa6399c1f59b7d1e978d8c25e69611b7bf5edf86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:79:87:e6:0c:52:74:e8:91:dc:e7:03:34:29:
43:b1:23:20:ab:71:34:f1:14:ff:13:f7:92:e7:2c:
87:9f:93:ce:5e:1e:0e:10:8f:96:5f:8b:27:db:74:
85:d1:55:f9:7c:62:a4:1b:d0:c4:c2:cc:0c:3c:89:
01:58:eb:6b:1f:c4:a7:9e:c8:6a:33:8c:09:85:85:
34:1c:5b:71:07:33:62:ae:ce:08:55:93:60:aa:de:
20:d9:59:2a:30:1a:da:0b:54:90:ce:39:c6:ee:cd:
ad:2e:a2:65:0f:2f:a6:e3:7c:4e:34:b2:b8:89:f2:
70:02:5f:22:b7:e4:c6:5b:70:da:fa:fc:2c:14:85:
62:76:52:9a:77:19:cc:df:23:0c:09:de:5e:f1:84:
46:f2:c5:8c:6b:ed:15:75:73:7f:48:08:f8:27:11:
f6:e9:ae:0b:38:f8:0d:a9:50:38:29:5f:ea:91:42:
d5:4f:fc:50:7c:26:32:50:13:6a:a9:5c:6e:88:2c:
99:25:68:fe:8b:51:09:09:82:77:6a:bd:60:e9:61:
4c:f3:db:5c:8b:60:6b:e6:12:e9:7d:ea:30:ac:45:
9f:c8:df:a1:40:41:a3:30:b7:f5:3b:dd:79:bf:99:
95:5f:17:48:99:b1:80:9e:5f:c3:1d:bc:79:23:62:
3f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:63:99:C1:F5:9B:7D:1E:97:8D:8C:25:E6:96:11:B7:BF:5E:DF:86
X509v3 Authority Key Identifier:
keyid:77:ED:A8:F7:26:A6:9B:50:4D:E9:94:94:3B:0A:5F:23:08:C2:A9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-2o9yamm1BN6ZSUOwpfIwjCqWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/qmOZwfWbfR6XjYwl5pYRt79e34Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/7276f3-c88e-4819-9e59-6084cfc6e4c4/1/d-2o9yamm1BN6ZSUOwpfIwjCqWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.217.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:02:df:d3:40:8d:70:3d:84:af:3e:4b:1d:c8:a3:8e:73:33:
8d:c3:90:24:c1:4d:ad:32:d1:1b:b0:37:63:34:28:76:cb:97:
62:77:bf:12:46:44:b4:80:35:9f:69:07:47:5d:f2:c2:40:0b:
67:78:78:11:92:71:91:fd:7d:f8:13:ec:b7:03:6d:f4:9b:e5:
3b:fc:67:0c:68:1b:e3:c6:c4:aa:f7:c2:27:c2:28:67:e5:53:
14:34:61:6c:03:1b:3e:34:43:f5:fd:72:09:c3:7b:ea:83:99:
ca:28:47:6a:dd:79:79:2b:1a:35:81:06:7c:4c:8d:48:8f:de:
01:79:cc:bb:ef:68:01:44:10:3f:ed:43:07:ef:e8:f6:a6:67:
ed:92:8d:3f:3b:ee:fe:50:64:e8:0f:ff:46:fa:ba:db:f5:be:
00:fd:4f:ae:6d:db:dc:3b:e5:e9:15:f1:a4:ea:aa:e1:91:51:
7f:fe:e7:60:be:69:b4:e4:cb:de:31:89:f6:eb:6f:91:db:26:
42:63:5f:07:63:ce:c8:c6:1e:fb:17:d5:3a:24:39:16:5a:26:
36:79:47:ef:61:e7:64:fa:9f:89:1d:09:39:80:a3:ad:8f:bd:
e1:db:4b:d6:5a:9e:b6:00:5e:4f:3a:c5:90:fd:19:22:b7:81:
b5:c4:15:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijXwS2uTZJDSVqg/eaLHdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZWRhOGY3MjZhNjliNTA0ZGU5OTQ5NDNiMGE1ZjIzMDhj
MmE5NmIwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTYzOTljMWY1OWI3ZDFlOTc4ZDhjMjVlNjk2MTFiN2JmNWVkZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XmH5gxSdOiR3OcDNClDsSMgq3E0
8RT/E/eS5yyHn5POXh4OEI+WX4sn23SF0VX5fGKkG9DEwswMPIkBWOtrH8Snnshq
M4wJhYU0HFtxBzNirs4IVZNgqt4g2VkqMBraC1SQzjnG7s2tLqJlDy+m43xONLK4
ifJwAl8it+TGW3Da+vwsFIVidlKadxnM3yMMCd5e8YRG8sWMa+0VdXN/SAj4JxH2
6a4LOPgNqVA4KV/qkULVT/xQfCYyUBNqqVxuiCyZJWj+i1EJCYJ3ar1g6WFM89tc
i2Br5hLpfeowrEWfyN+hQEGjMLf1O915v5mVXxdImbGAnl/DHbx5I2I/MwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKpjmcH1m30el42MJeaWEbe/Xt+GMB8GA1UdIwQY
MBaAFHftqPcmpptQTemUlDsKXyMIwqlrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTkt
NjA4NGNmYzZlNGM0LzEvcW1PWndmV2JmUjZYall3bDVwWVJ0NzllMzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83Mjc2ZjMtYzg4ZS00ODE5LTllNTktNjA4NGNmYzZlNGM0
LzEvZC0ybzl5YW1tMUJONlpTVU93cGZJd2pDcVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVTZMA0G
CSqGSIb3DQEBCwUAA4IBAQA7At/TQI1wPYSvPksdyKOOczONw5AkwU2tMtEbsDdj
NCh2y5did78SRkS0gDWfaQdHXfLCQAtneHgRknGR/X34E+y3A230m+U7/GcMaBvj
xsSq98Inwihn5VMUNGFsAxs+NEP1/XIJw3vqg5nKKEdq3Xl5Kxo1gQZ8TI1Ij94B
ecy772gBRBA/7UMH7+j2pmftko0/O+7+UGToD/9G+rrb9b4A/U+ubdvcO+XpFfGk
6qrhkVF//udgvmm05MveMYn262+R2yZCY18HY87Ixh77F9U6JDkWWiY2eUfvYedk
+p+JHQk5gKOtj73h20vWWp62AF5POsWQ/Rkit4G1xBWk
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:06:32 2025 by rpki-client