Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/6FBdm52HrIwxns50lJrMCqThYUM.roa
File: 6FBdm52HrIwxns50lJrMCqThYUM.roa (raw, json)
Hash identifier: Fb4owa3jjdnAYqjY2HP/KocZ2u55DXUdS4g1VNhxtCk=
Subject key identifier: E8:50:5D:9B:9D:87:AC:8C:31:9E:CE:74:94:9A:CC:0A:A4:E1:61:43
Certificate issuer: /CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Certificate serial: 0194266B38A9C751EED8C55745DDE55B4A12
Authority key identifier: 77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/6FBdm52HrIwxns50lJrMCqThYUM.roa
Signing time: Thu 02 Jan 2025 09:49:08 +0000
ROA not before: Thu 02 Jan 2025 09:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41750
IP address blocks: 77.235.0.0/19 maxlen: 19
77.235.0.0/20 maxlen: 20
77.235.4.0/24 maxlen: 24
77.235.5.0/24 maxlen: 24
77.235.6.0/24 maxlen: 24
77.235.7.0/24 maxlen: 24
77.235.16.0/20 maxlen: 20
77.235.22.0/24 maxlen: 24
92.245.96.0/19 maxlen: 19
92.245.96.0/20 maxlen: 20
92.245.112.0/20 maxlen: 20
109.201.160.0/19 maxlen: 19
158.181.0.0/19 maxlen: 19
158.181.0.0/20 maxlen: 20
158.181.16.0/20 maxlen: 20
158.181.128.0/17 maxlen: 17
158.181.128.0/20 maxlen: 20
158.181.144.0/20 maxlen: 20
158.181.160.0/20 maxlen: 20
158.181.176.0/20 maxlen: 20
158.181.192.0/20 maxlen: 20
158.181.208.0/20 maxlen: 20
158.181.224.0/20 maxlen: 20
158.181.240.0/20 maxlen: 20
176.123.224.0/19 maxlen: 19
185.138.100.0/22 maxlen: 22
2a04:5600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.mft
rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:38:a9:c7:51:ee:d8:c5:57:45:dd:e5:5b:4a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77e3c2900b599754283f27f3b4e8d7f6c4510972
Validity
Not Before: Jan 2 09:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8505d9b9d87ac8c319ece74949acc0aa4e16143
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:be:f9:65:31:b8:56:d9:89:96:f8:91:b0:45:
4a:cf:a3:8f:46:36:c0:c3:df:97:8d:50:58:6d:d1:
10:06:26:4e:2f:16:54:66:a8:33:35:62:71:c0:98:
2a:8e:50:2b:17:00:7d:85:b1:b2:61:02:cd:7b:b5:
f3:eb:bb:f1:d7:4a:fa:e5:b7:44:d3:ed:da:67:a0:
2a:67:02:23:81:1b:43:31:4d:38:bb:8d:5a:0b:2a:
66:74:d5:70:e9:5e:67:15:77:a6:90:eb:b5:e9:e4:
1f:18:67:67:4a:94:71:dd:ac:19:87:4b:fd:6f:20:
4b:9a:f9:2e:b1:c9:5a:92:47:30:a0:a2:40:c5:e4:
2d:27:a5:96:e0:ab:05:44:f0:ee:68:ca:46:3a:2f:
ea:27:0b:7d:c1:c4:93:a3:ac:5b:aa:8e:b7:59:2b:
4f:94:d5:09:42:c9:32:78:74:25:58:20:1e:50:5b:
f3:b5:f0:0e:54:35:2f:38:c5:bf:f3:60:e0:ee:24:
ec:29:a4:e4:f4:e1:ac:a6:43:94:ee:e5:7f:fc:cd:
c4:7c:bb:c7:fb:af:cd:ac:f8:3a:fc:5d:85:77:b9:
4e:b7:59:2d:e3:42:da:58:f6:06:a3:78:ce:4f:a4:
ef:44:6f:97:bc:16:5b:50:15:24:72:c0:0c:e4:79:
6b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:50:5D:9B:9D:87:AC:8C:31:9E:CE:74:94:9A:CC:0A:A4:E1:61:43
X509v3 Authority Key Identifier:
keyid:77:E3:C2:90:0B:59:97:54:28:3F:27:F3:B4:E8:D7:F6:C4:51:09:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d-PCkAtZl1QoPyfztOjX9sRRCXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/6FBdm52HrIwxns50lJrMCqThYUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/ef2b49-035f-40a4-ae51-d3c55d4fda9d/1/d-PCkAtZl1QoPyfztOjX9sRRCXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.0.0/19
92.245.96.0/19
109.201.160.0/19
158.181.0.0/19
158.181.128.0/17
176.123.224.0/19
185.138.100.0/22
IPv6:
2a04:5600::/29
Signature Algorithm: sha256WithRSAEncryption
8f:3c:04:ad:59:94:fa:7d:cc:5c:25:4f:94:61:f8:3d:be:60:
33:d3:18:7d:72:14:0c:c7:e8:5d:ec:3a:c6:27:f0:18:48:e5:
1a:0c:35:19:34:68:f0:20:51:bc:68:17:53:88:46:14:e1:9a:
ec:32:a2:c0:af:da:c7:89:73:e5:77:d3:84:56:28:a4:02:5b:
8a:0a:34:6b:ba:5b:91:73:31:c0:7f:77:8a:0e:4f:d1:3b:ca:
6d:16:4b:69:26:51:81:de:76:bd:2e:df:37:75:4f:17:13:f9:
2a:a1:1c:7c:28:59:72:ed:ad:19:34:1c:53:04:16:14:82:17:
5c:70:84:ee:71:92:c2:b5:c2:88:96:b7:ff:34:cd:6b:96:f5:
40:cd:08:ef:33:1b:3d:d3:2d:3d:dd:f6:5d:1b:84:12:f6:c5:
8a:89:56:cc:f1:17:1a:7d:43:94:e1:49:f7:a8:43:ef:6c:03:
ea:3e:7d:3d:c0:c5:e1:61:1f:16:f1:6e:24:71:58:0c:8e:2c:
e5:3b:73:8b:71:61:25:91:7d:83:d6:97:3e:ce:24:ea:01:11:
c3:6b:1c:12:cf:0a:b1:40:8a:b6:ab:da:c6:ac:b7:ad:03:66:
89:f3:64:9b:af:f7:3a:7a:1c:eb:be:63:b0:99:b4:22:a1:b0:
a8:15:aa:80
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQmazipx1Hu2MVXRd3lW0oSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZTNjMjkwMGI1OTk3NTQyODNmMjdmM2I0ZThkN2Y2YzQ1
MTA5NzIwHhcNMjUwMTAyMDk0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODUwNWQ5YjlkODdhYzhjMzE5ZWNlNzQ5NDlhY2MwYWE0ZTE2MTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn775ZTG4VtmJlviRsEVKz6OPRjbA
w9+XjVBYbdEQBiZOLxZUZqgzNWJxwJgqjlArFwB9hbGyYQLNe7Xz67vx10r65bdE
0+3aZ6AqZwIjgRtDMU04u41aCypmdNVw6V5nFXemkOu16eQfGGdnSpRx3awZh0v9
byBLmvkusclakkcwoKJAxeQtJ6WW4KsFRPDuaMpGOi/qJwt9wcSTo6xbqo63WStP
lNUJQskyeHQlWCAeUFvztfAOVDUvOMW/82Dg7iTsKaTk9OGspkOU7uV//M3EfLvH
+6/NrPg6/F2Fd7lOt1kt40LaWPYGo3jOT6TvRG+XvBZbUBUkcsAM5HlrhQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFOhQXZudh6yMMZ7OdJSazAqk4WFDMB8GA1UdIwQY
MBaAFHfjwpALWZdUKD8n87To1/bEUQlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEt
ZDNjNTVkNGZkYTlkLzEvNkZCZG01MkhySXd4bnM1MGxKck1DcVRoWVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9lZjJiNDktMDM1Zi00MGE0LWFlNTEtZDNjNTVkNGZkYTlk
LzEvZC1QQ2tBdFpsMVFvUHlmenRPalg5c1JSQ1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFTesAAwQF
XPVgAwQFbcmgAwQFnrUAAwQHnrWAAwQFsHvgAwQCuYpkMA0EAgACMAcDBQMqBFYA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPPAStWZT6fcxcJU+UYfg9vmAz0xh9chQMx+hd
7DrGJ/AYSOUaDDUZNGjwIFG8aBdTiEYU4ZrsMqLAr9rHiXPld9OEViikAluKCjRr
uluRczHAf3eKDk/RO8ptFktpJlGB3na9Lt83dU8XE/kqoRx8KFly7a0ZNBxTBBYU
ghdccITucZLCtcKIlrf/NM1rlvVAzQjvMxs90y093fZdG4QS9sWKiVbM8RcafUOU
4Un3qEPvbAPqPn09wMXhYR8W8W4kcVgMjizlO3OLcWElkX2D1pc+ziTqARHDaxwS
zwqxQIq2q9rGrLetA2aJ82Sbr/c6ehzrvmOwmbQiobCoFaqA
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:38 2025 by rpki-client