Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/ypFL40Xoi4y05qu3ogA3n6gvBmc.roa
File: ypFL40Xoi4y05qu3ogA3n6gvBmc.roa (raw, json)
Hash identifier: Osn8j8oSksWpQIeEIhv5U30zU1XAWvsewtWKW4S5v1U=
Subject key identifier: CA:91:4B:E3:45:E8:8B:8C:B4:E6:AB:B7:A2:00:37:9F:A8:2F:06:67
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 0194236A1784D67330941BDE43E39288DB81
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/ypFL40Xoi4y05qu3ogA3n6gvBmc.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.27.0/24 maxlen: 24
37.77.28.0/24 maxlen: 24
37.77.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 13:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:17:84:d6:73:30:94:1b:de:43:e3:92:88:db:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca914be345e88b8cb4e6abb7a200379fa82f0667
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7e:a4:3e:87:3f:a5:b2:03:66:44:ca:51:33:
ee:d4:5f:8c:73:e5:db:e4:15:a6:2c:38:19:4b:4e:
ea:40:0f:07:7c:34:01:a6:cf:7a:43:19:c6:d2:4c:
2c:0b:b3:f7:eb:30:8a:7f:09:ff:77:07:80:33:33:
7a:c2:ca:84:83:ab:92:61:ca:c0:92:38:51:53:0c:
f0:06:60:fe:75:60:5e:b0:8c:c1:8a:f6:f4:2c:f7:
9f:8f:df:07:d1:ed:8b:6f:eb:97:56:70:b1:da:89:
7b:41:c4:25:27:55:29:2f:e9:d7:8d:14:25:6c:1c:
66:75:22:80:1f:cb:06:9e:00:bd:72:4d:b6:7c:cc:
97:82:1b:ba:94:1b:b7:78:be:bc:a6:ad:8f:c5:98:
36:55:36:fa:4f:60:6a:9f:81:d8:f7:26:d5:73:e5:
19:37:0e:c9:0c:c6:2b:2e:64:06:1a:db:c5:24:5f:
cc:39:b2:6b:08:33:d7:c5:1a:82:32:b1:fe:12:30:
10:ef:46:39:8b:83:2f:ec:d6:e9:ca:86:07:47:b3:
3b:d1:06:f8:50:5c:5f:ae:3e:f6:4a:ad:c5:d6:b4:
46:5c:5a:6e:d9:86:f3:87:87:c3:0c:e3:50:a7:13:
5c:77:63:fa:46:48:f3:d8:6e:08:ed:f1:c9:bd:c7:
e0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:91:4B:E3:45:E8:8B:8C:B4:E6:AB:B7:A2:00:37:9F:A8:2F:06:67
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/ypFL40Xoi4y05qu3ogA3n6gvBmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.21.0-37.77.22.255
37.77.27.0-37.77.29.255
Signature Algorithm: sha256WithRSAEncryption
09:bc:c2:4e:43:95:d6:88:ac:f5:54:2d:4d:18:6e:13:fe:34:
0e:c3:c3:06:1f:ce:55:d5:4b:bb:45:cf:75:54:ee:33:6d:f3:
20:46:c1:3c:94:e4:ba:d4:e6:04:66:a9:02:94:32:08:a6:8a:
37:7b:df:66:21:0d:86:19:fe:6b:11:54:ad:ed:e5:50:be:52:
ad:08:b2:ac:72:5f:b5:6f:a1:56:bc:9e:8c:cd:45:c7:bd:52:
b0:85:27:04:e3:b8:72:47:bc:30:0a:4e:09:f8:4f:0e:44:1a:
fa:04:ec:a5:3b:38:0f:bf:f1:69:0c:35:14:ac:15:b5:50:cd:
23:11:69:dd:5d:c2:6f:47:3e:fb:ff:15:0d:92:ca:21:61:86:
5d:f9:d8:55:55:dd:4f:03:41:95:a8:09:0d:fd:e7:27:83:99:
d5:c9:a8:d1:ca:c0:84:bf:88:a9:2a:ba:83:a9:df:41:3d:8c:
f8:0e:8c:4e:9b:2a:46:05:5f:46:2f:bc:08:a1:7c:99:fd:bc:
6a:bd:3a:55:9d:7e:53:7c:2a:65:7d:70:e5:41:02:a8:23:9e:
ea:a0:93:3b:ab:1f:81:02:e5:e2:36:55:6d:b8:61:d4:85:5c:
b6:cd:b9:09:f5:42:e6:dc:e9:6e:a4:73:bb:bf:52:29:36:2e:
01:f1:22:75
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQjaheE1nMwlBveQ+OSiNuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkxNGJlMzQ1ZTg4YjhjYjRlNmFiYjdhMjAwMzc5ZmE4MmYwNjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq36kPoc/pbIDZkTKUTPu1F+Mc+Xb
5BWmLDgZS07qQA8HfDQBps96QxnG0kwsC7P36zCKfwn/dweAMzN6wsqEg6uSYcrA
kjhRUwzwBmD+dWBesIzBivb0LPefj98H0e2Lb+uXVnCx2ol7QcQlJ1UpL+nXjRQl
bBxmdSKAH8sGngC9ck22fMyXghu6lBu3eL68pq2PxZg2VTb6T2Bqn4HY9ybVc+UZ
Nw7JDMYrLmQGGtvFJF/MObJrCDPXxRqCMrH+EjAQ70Y5i4Mv7NbpyoYHR7M70Qb4
UFxfrj72Sq3F1rRGXFpu2Ybzh4fDDONQpxNcd2P6Rkjz2G4I7fHJvcfg2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFMqRS+NF6IuMtOart6IAN5+oLwZnMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEveXBGTDQwWG9pNHkwNXF1M29nQTNuNmd2Qm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAAlTRUD
BAAlTRYwDAMEACVNGwMEASVNHDANBgkqhkiG9w0BAQsFAAOCAQEACbzCTkOV1ois
9VQtTRhuE/40DsPDBh/OVdVLu0XPdVTuM23zIEbBPJTkutTmBGapApQyCKaKN3vf
ZiENhhn+axFUre3lUL5SrQiyrHJftW+hVryejM1Fx71SsIUnBOO4cke8MApOCfhP
DkQa+gTspTs4D7/xaQw1FKwVtVDNIxFp3V3Cb0c++/8VDZLKIWGGXfnYVVXdTwNB
lagJDf3nJ4OZ1cmo0crAhL+IqSq6g6nfQT2M+A6MTpsqRgVfRi+8CKF8mf28ar06
VZ1+U3wqZX1w5UECqCOe6qCTO6sfgQLl4jZVbbhh1IVcts25CfVC5tzpbqRzu79S
KTYuAfEidQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:30:32 2025 by rpki-client