Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/y08vt-6XfGq4rmWBd5xWgiqilPE.roa
File: y08vt-6XfGq4rmWBd5xWgiqilPE.roa (raw, json)
Hash identifier: Aq7IiQBdCPg8kz97DvBqBJmTkJ1OIzksvzSyrjSG9R0=
Subject key identifier: CB:4F:2F:B7:EE:97:7C:6A:B8:AE:65:81:77:9C:56:82:2A:A2:94:F1
Certificate issuer: /CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Certificate serial: 0194266B1BFB24BBA7607D510B2F21FD2C2B
Authority key identifier: ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/y08vt-6XfGq4rmWBd5xWgiqilPE.roa
Signing time: Thu 02 Jan 2025 09:49:01 +0000
ROA not before: Thu 02 Jan 2025 09:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57782
IP address blocks: 79.110.168.0/23 maxlen: 24
139.28.206.0/24 maxlen: 24
185.202.104.0/24 maxlen: 24
2a06:1e83:cafe::/48 maxlen: 48
2a06:1e83:caff::/48 maxlen: 48
2a06:1e85::/32 maxlen: 48
2a0d:1a40::/29 maxlen: 48
2a0d:1a40:5500::/48 maxlen: 48
2a0d:1a45::/32 maxlen: 48
2a0d:9cc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:1b:fb:24:bb:a7:60:7d:51:0b:2f:21:fd:2c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed77e6b925b3b7a7abb92885d55d733dc5fa62d2
Validity
Not Before: Jan 2 09:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4f2fb7ee977c6ab8ae6581779c56822aa294f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f8:04:fe:17:fd:a0:d7:af:ed:a7:43:26:55:
f3:1e:e3:d3:7a:56:b1:e9:74:6a:a2:96:4d:0a:da:
34:54:63:ab:1c:92:69:42:31:8d:a3:aa:8e:e5:bb:
03:86:a9:a9:65:ec:ba:32:a3:89:ed:db:9b:ea:06:
6c:db:95:d7:93:a5:8e:7d:2b:3c:30:1c:ac:13:87:
95:fc:5f:37:1a:f5:61:ba:98:78:45:b1:d7:7d:f3:
08:7d:97:f7:a2:28:40:13:63:3f:50:2d:e7:dd:b6:
bc:2b:5c:93:e0:25:ce:e1:00:05:a3:3d:15:75:08:
bb:e3:66:de:97:dc:a4:50:7f:b4:12:b3:7c:3a:69:
0c:41:e6:9a:52:65:a7:14:7a:f6:fc:fe:37:3b:d9:
bc:45:14:3a:6b:95:ca:03:8d:cb:9a:b3:cc:90:08:
a3:c6:3a:78:80:1f:b6:b8:f7:f0:b9:63:3d:fd:49:
7c:52:e9:33:1b:7f:30:68:58:f1:6e:44:24:28:a1:
3a:c4:32:cd:c7:53:c6:e4:71:96:dc:ee:6d:e6:a0:
22:15:49:11:7d:fe:2d:c5:2a:14:54:a3:a7:ff:d2:
4b:e6:d8:39:eb:f9:15:8c:51:a3:64:2a:64:1a:2b:
22:b5:8d:ff:6e:eb:0f:bd:22:9e:02:83:17:47:60:
8e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4F:2F:B7:EE:97:7C:6A:B8:AE:65:81:77:9C:56:82:2A:A2:94:F1
X509v3 Authority Key Identifier:
keyid:ED:77:E6:B9:25:B3:B7:A7:AB:B9:28:85:D5:5D:73:3D:C5:FA:62:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XfmuSWzt6eruSiF1V1zPcX6YtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/y08vt-6XfGq4rmWBd5xWgiqilPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d83777-5ba8-4f1e-851c-92819de8a036/1/7XfmuSWzt6eruSiF1V1zPcX6YtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.168.0/23
139.28.206.0/24
185.202.104.0/24
IPv6:
2a06:1e83:cafe::/47
2a06:1e85::/32
2a0d:1a40::/29
2a0d:9cc0::/29
Signature Algorithm: sha256WithRSAEncryption
01:e2:bf:4b:58:9a:48:42:69:77:4d:71:08:89:a6:31:47:86:
0d:4e:1e:5d:ca:60:86:9b:7a:c2:ed:10:ed:69:c1:03:5a:7d:
12:22:e5:9c:48:dd:c2:3c:4c:bc:99:c8:83:e2:c7:8e:cc:50:
c9:c5:1c:f3:57:12:1c:95:d8:76:5c:fb:86:81:76:89:6f:ca:
1b:53:8c:07:3f:98:f0:d5:c3:10:ea:b5:40:cd:13:ef:29:d2:
df:be:04:7b:d2:df:e6:4f:88:9f:52:5d:0c:24:09:1c:e5:e5:
f1:1d:1a:ed:5d:be:16:b6:99:e3:97:c5:e6:35:6e:17:6a:03:
55:8f:85:18:73:04:a8:7d:9b:32:13:4e:ea:5a:45:ac:17:80:
6b:3b:84:eb:22:71:89:aa:c8:5e:e8:78:75:b5:5f:c1:05:dc:
0e:14:05:03:77:ea:65:b1:2a:2b:37:c5:3b:10:78:c8:c0:7d:
19:28:7b:d5:1f:74:ad:e6:c9:65:98:05:e1:6b:c6:66:53:00:
01:1d:df:82:c4:20:8d:6c:8c:0e:09:32:8b:e7:ab:a7:80:d3:
1e:c1:81:5e:00:ce:cc:02:6e:a8:58:d3:7f:91:18:fe:ab:b4:
b3:6f:4b:ae:f5:36:37:c6:e1:1d:a6:eb:41:cf:0b:91:4b:91:
e5:fa:46:f3
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQmaxv7JLunYH1RCy8h/SwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzdlNmI5MjViM2I3YTdhYmI5Mjg4NWQ1NWQ3MzNkYzVm
YTYyZDIwHhcNMjUwMTAyMDk0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRmMmZiN2VlOTc3YzZhYjhhZTY1ODE3NzljNTY4MjJhYTI5NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPgE/hf9oNev7adDJlXzHuPTelax
6XRqopZNCto0VGOrHJJpQjGNo6qO5bsDhqmpZey6MqOJ7dub6gZs25XXk6WOfSs8
MBysE4eV/F83GvVhuph4RbHXffMIfZf3oihAE2M/UC3n3ba8K1yT4CXO4QAFoz0V
dQi742bel9ykUH+0ErN8OmkMQeaaUmWnFHr2/P43O9m8RRQ6a5XKA43LmrPMkAij
xjp4gB+2uPfwuWM9/Ul8UukzG38waFjxbkQkKKE6xDLNx1PG5HGW3O5t5qAiFUkR
ff4txSoUVKOn/9JL5tg56/kVjFGjZCpkGisitY3/busPvSKeAoMXR2COBQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMtPL7ful3xquK5lgXecVoIqopTxMB8GA1UdIwQY
MBaAFO135rkls7enq7kohdVdcz3F+mLSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMt
OTI4MTlkZThhMDM2LzEveTA4dnQtNlhmR3E0cm1XQmQ1eFdnaXFpbFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9kODM3NzctNWJhOC00ZjFlLTg1MWMtOTI4MTlkZThhMDM2
LzEvN1hmbXVTV3p0NmVydVNpRjFWMXpQY1g2WXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAYBAIAATASAwQBT26oAwQA
ixzOAwQAucpoMCQEAgACMB4DBwEqBh6Dyv4DBQAqBh6FAwUDKg0aQAMFAyoNnMAw
DQYJKoZIhvcNAQELBQADggEBAAHiv0tYmkhCaXdNcQiJpjFHhg1OHl3KYIabesLt
EO1pwQNafRIi5ZxI3cI8TLyZyIPix47MUMnFHPNXEhyV2HZc+4aBdolvyhtTjAc/
mPDVwxDqtUDNE+8p0t++BHvS3+ZPiJ9SXQwkCRzl5fEdGu1dvha2meOXxeY1bhdq
A1WPhRhzBKh9mzITTupaRawXgGs7hOsicYmqyF7oeHW1X8EF3A4UBQN36mWxKis3
xTsQeMjAfRkoe9UfdK3myWWYBeFrxmZTAAEd34LEII1sjA4JMovnq6eA0x7BgV4A
zswCbqhY03+RGP6rtLNvS671NjfG4R2m60HPC5FLkeX6RvM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:44:28 2025 by rpki-client