Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QiI8gDDw-xAJA3ePxVIRRlGEYdI.roa
File: QiI8gDDw-xAJA3ePxVIRRlGEYdI.roa (raw, json)
Hash identifier: C246FPX5mXJCm4V+/x93EQQYecFpNkWeuxla6G3+Gtw=
Subject key identifier: 42:22:3C:80:30:F0:FB:10:09:03:77:8F:C5:52:11:46:51:84:61:D2
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019562B58D61878056E7CD8CBB9D4BBE6B1B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QiI8gDDw-xAJA3ePxVIRRlGEYdI.roa
Signing time: Tue 04 Mar 2025 19:50:20 +0000
ROA not before: Tue 04 Mar 2025 19:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 77.81.1.0/24 maxlen: 24
94.177.27.0/24 maxlen: 24
176.223.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 23:27:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:62:b5:8d:61:87:80:56:e7:cd:8c:bb:9d:4b:be:6b:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Mar 4 19:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42223c8030f0fb100903778fc5521146518461d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e3:bd:99:33:1b:49:91:a1:07:cd:a5:39:8f:
db:96:71:6f:39:3c:4e:de:04:dc:ae:00:24:7f:a5:
0e:81:ed:e2:52:35:c7:e3:6d:13:d1:b2:39:8d:ba:
3a:81:9d:ca:d8:9b:45:ab:74:f6:0d:d8:bb:53:69:
41:39:f4:0f:41:dc:53:7c:c5:02:2a:f8:d9:e0:23:
c0:ed:54:9f:76:85:a4:8b:cf:64:f0:65:66:e9:42:
a8:d1:71:55:e6:9d:7a:a4:6b:10:37:0f:2e:f8:49:
7b:e6:bd:85:fd:ae:ae:d6:26:14:35:2c:1d:8a:f6:
04:8b:93:76:3e:08:b4:70:3f:88:65:51:4a:40:62:
f4:59:fe:c6:ee:c1:62:95:6a:46:a8:4b:fe:a5:ce:
f9:3c:b8:03:24:92:94:51:1a:98:94:c8:b2:19:f0:
53:2c:9e:d0:c1:24:c2:8b:11:02:ad:3d:7b:e2:9f:
b8:bb:96:4b:0c:fb:a7:89:ac:2f:f6:4f:c8:4e:49:
9e:fe:1a:88:32:2d:11:57:56:86:a7:01:c4:f0:ce:
5c:eb:2e:1f:53:ce:05:e5:b7:15:f0:f6:a4:9e:d1:
35:d5:07:c7:24:97:ee:23:b9:7b:cb:70:08:47:ba:
89:9d:32:ba:0f:b5:9b:e5:26:79:e8:d4:91:2f:d2:
3c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:22:3C:80:30:F0:FB:10:09:03:77:8F:C5:52:11:46:51:84:61:D2
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/QiI8gDDw-xAJA3ePxVIRRlGEYdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
94.177.27.0/24
176.223.181.0/24
Signature Algorithm: sha256WithRSAEncryption
67:92:b8:b2:3c:a1:77:e9:fc:e1:04:00:02:c5:60:b7:78:b4:
c5:b7:3c:ac:0e:c9:27:b7:db:f7:c0:80:1e:97:74:16:1b:c2:
30:32:01:f4:1b:35:7b:57:0e:48:49:ef:cd:8c:74:be:ae:7f:
82:69:b8:1b:3f:26:73:45:51:2c:85:63:e3:fc:cd:c8:20:a0:
3a:0e:1c:22:d1:23:4f:1e:6e:4a:8e:4e:91:4d:07:cc:08:35:
64:f5:6a:12:85:22:0f:e6:9f:bc:e8:b9:64:c5:d2:11:4b:84:
25:22:da:e0:47:f6:09:22:84:d3:5b:48:a9:9e:5c:43:19:60:
a9:46:a8:64:e6:6e:8f:d6:04:c8:0a:be:a7:d4:c3:23:df:72:
88:45:cb:7c:03:ad:55:a5:87:94:40:ff:f3:a4:ea:6a:a2:22:
99:85:03:60:d3:b0:d4:2f:f8:8d:9f:70:9b:e7:c2:a3:12:50:
1c:ff:7f:91:9b:52:ee:9e:14:13:88:6b:69:de:89:4b:3e:e7:
36:65:38:36:d4:b6:37:46:4d:5f:89:2d:6a:96:49:a2:f7:ca:
9c:f0:80:6f:b1:59:42:70:57:e7:1f:09:67:1c:a1:2d:c0:1e:
2d:9b:09:d7:23:ea:9a:51:8d:e4:51:c6:43:63:88:f7:2a:ec:
0a:bf:a9:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZVitY1hh4BW582Mu51LvmsbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMzA0MTk1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MjIyM2M4MDMwZjBmYjEwMDkwMzc3OGZjNTUyMTE0NjUxODQ2MWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseO9mTMbSZGhB82lOY/blnFvOTxO
3gTcrgAkf6UOge3iUjXH420T0bI5jbo6gZ3K2JtFq3T2Ddi7U2lBOfQPQdxTfMUC
KvjZ4CPA7VSfdoWki89k8GVm6UKo0XFV5p16pGsQNw8u+El75r2F/a6u1iYUNSwd
ivYEi5N2Pgi0cD+IZVFKQGL0Wf7G7sFilWpGqEv+pc75PLgDJJKUURqYlMiyGfBT
LJ7QwSTCixECrT174p+4u5ZLDPuniawv9k/ITkme/hqIMi0RV1aGpwHE8M5c6y4f
U84F5bcV8PakntE11QfHJJfuI7l7y3AIR7qJnTK6D7Wb5SZ56NSRL9I8dQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEIiPIAw8PsQCQN3j8VSEUZRhGHSMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUWlJOGdERHcteEFKQTNlUHhWSVJSbEdFWWRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVEBAwQA
XrEbAwQAsN+1MA0GCSqGSIb3DQEBCwUAA4IBAQBnkriyPKF36fzhBAACxWC3eLTF
tzysDsknt9v3wIAel3QWG8IwMgH0GzV7Vw5ISe/NjHS+rn+CabgbPyZzRVEshWPj
/M3IIKA6Dhwi0SNPHm5Kjk6RTQfMCDVk9WoShSIP5p+86LlkxdIRS4QlItrgR/YJ
IoTTW0ipnlxDGWCpRqhk5m6P1gTICr6n1MMj33KIRct8A61VpYeUQP/zpOpqoiKZ
hQNg07DUL/iNn3Cb58KjElAc/3+Rm1LunhQTiGtp3olLPuc2ZTg21LY3Rk1fiS1q
lkmi98qc8IBvsVlCcFfnHwlnHKEtwB4tmwnXI+qaUY3kUcZDY4j3KuwKv6k/
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:45:59 2025 by rpki-client