Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/W0ISdcMD3BWsHVPGG7LkFApumXs.roa
File: W0ISdcMD3BWsHVPGG7LkFApumXs.roa (raw, json)
Hash identifier: ycAJc8E2fcKafG7/xeE7xIvkeS6Y7snCVRq4mmzolw0=
Subject key identifier: 5B:42:12:75:C3:03:DC:15:AC:1D:53:C6:1B:B2:E4:14:0A:6E:99:7B
Certificate issuer: /CN=bd6497047f20d6f708d7db42557b698fbfb3d8fb
Certificate serial: 0194222036F89A21144C5E4961EBA3C10C75
Authority key identifier: BD:64:97:04:7F:20:D6:F7:08:D7:DB:42:55:7B:69:8F:BF:B3:D8:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/W0ISdcMD3BWsHVPGG7LkFApumXs.roa
Signing time: Wed 01 Jan 2025 13:48:44 +0000
ROA not before: Wed 01 Jan 2025 13:48:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41371
IP address blocks: 77.240.32.0/24 maxlen: 24
77.240.34.0/24 maxlen: 24
77.240.36.0/24 maxlen: 24
77.240.40.0/24 maxlen: 24
77.240.41.0/24 maxlen: 24
77.240.43.0/24 maxlen: 24
88.151.176.0/21 maxlen: 21
88.151.177.0/24 maxlen: 24
88.151.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:36:f8:9a:21:14:4c:5e:49:61:eb:a3:c1:0c:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd6497047f20d6f708d7db42557b698fbfb3d8fb
Validity
Not Before: Jan 1 13:48:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5b421275c303dc15ac1d53c61bb2e4140a6e997b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:51:6c:2e:30:ba:66:1f:0d:72:c8:7d:bf:93:
ea:2e:03:89:98:ea:ee:1a:a3:dd:31:32:1b:6e:7a:
ad:49:df:48:86:c5:58:8d:8c:63:cc:c3:47:df:20:
36:55:d7:e7:c0:f1:c2:c1:ff:dd:bb:82:10:22:9c:
6f:4f:20:63:aa:e8:49:da:97:47:9a:14:a6:dd:70:
a4:6d:3e:ba:ce:13:99:89:02:4f:0a:10:62:77:be:
eb:b9:02:e8:88:fa:2b:22:68:8f:05:6f:52:52:16:
36:53:4a:ff:ac:a3:e1:59:21:0d:a9:8e:95:bc:62:
cf:20:d6:64:d2:8a:81:46:9d:00:37:f1:1e:1e:49:
f1:75:1a:a9:2c:25:f8:cb:aa:4a:9a:33:3b:ec:df:
f9:c3:a7:6e:b0:b2:1c:e1:6a:90:43:5c:57:90:52:
07:41:c8:fc:35:00:a9:67:e2:58:f0:e1:a1:ea:b5:
d5:3e:47:ec:7b:6f:0f:ac:13:5d:5e:07:ec:60:37:
aa:6f:c7:fe:65:50:ef:28:74:33:21:01:b7:e7:24:
8c:78:4b:5e:96:e9:6c:28:2f:66:c7:dc:0f:ed:00:
c1:90:2a:d5:f6:27:21:09:56:99:5c:6f:4a:04:25:
f3:aa:52:7d:3d:70:a2:aa:7f:3a:ad:b6:db:e5:53:
db:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:42:12:75:C3:03:DC:15:AC:1D:53:C6:1B:B2:E4:14:0A:6E:99:7B
X509v3 Authority Key Identifier:
keyid:BD:64:97:04:7F:20:D6:F7:08:D7:DB:42:55:7B:69:8F:BF:B3:D8:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWSXBH8g1vcI19tCVXtpj7-z2Ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/W0ISdcMD3BWsHVPGG7LkFApumXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/5833f3-2421-41b0-be2e-82a107c4a7e2/1/vWSXBH8g1vcI19tCVXtpj7-z2Ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.32.0/24
77.240.34.0/24
77.240.36.0/24
77.240.40.0/23
77.240.43.0/24
88.151.176.0/21
Signature Algorithm: sha256WithRSAEncryption
25:5c:a7:fb:8e:ff:9a:42:76:48:f9:b6:cc:38:4c:67:7b:d0:
dc:e6:04:6c:8d:0e:b5:99:6b:c3:80:df:5a:29:69:60:7f:90:
02:1f:48:50:6b:7b:03:55:f8:4a:d6:f2:ae:d4:4f:53:1c:bc:
60:47:c5:c8:c8:63:f2:80:c8:6f:f8:20:11:51:bb:47:f8:37:
7c:b9:f9:86:03:80:3a:e9:8a:fc:ae:8e:94:5a:31:2f:b8:80:
c7:1f:42:5f:e1:89:cf:91:fb:2c:3b:51:5f:04:31:5e:31:bb:
6a:c4:f5:22:54:db:ed:45:66:bf:0e:30:a4:03:5b:f3:ff:6b:
aa:33:94:79:30:6b:a3:9a:19:7e:62:b1:14:96:e4:c3:19:0c:
9e:d2:ff:42:3c:f0:e3:34:ab:26:53:58:7d:27:9f:2d:d3:07:
a3:06:64:c1:3c:65:ad:7a:39:58:9f:a1:03:9c:e1:13:71:3e:
df:3d:e5:9e:82:5d:7d:cb:aa:64:c0:14:04:1c:79:fe:c4:2d:
e8:9b:33:83:61:75:45:45:84:56:4d:d1:40:c6:bd:63:2a:31:
4b:e3:22:48:15:c3:9d:cf:7e:67:a9:e9:9e:fc:a0:39:9e:f4:
94:6b:84:6e:af:77:3a:ff:ef:68:f6:95:a0:2e:bc:b7:57:3f:
f2:03:fb:b8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQiIDb4miEUTF5JYeujwQx1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjQ5NzA0N2YyMGQ2ZjcwOGQ3ZGI0MjU1N2I2OThmYmZi
M2Q4ZmIwHhcNMjUwMTAxMTM0ODQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjQyMTI3NWMzMDNkYzE1YWMxZDUzYzYxYmIyZTQxNDBhNmU5OTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFFsLjC6Zh8Ncsh9v5PqLgOJmOru
GqPdMTIbbnqtSd9IhsVYjYxjzMNH3yA2VdfnwPHCwf/du4IQIpxvTyBjquhJ2pdH
mhSm3XCkbT66zhOZiQJPChBid77ruQLoiPorImiPBW9SUhY2U0r/rKPhWSENqY6V
vGLPINZk0oqBRp0AN/EeHknxdRqpLCX4y6pKmjM77N/5w6dusLIc4WqQQ1xXkFIH
Qcj8NQCpZ+JY8OGh6rXVPkfse28PrBNdXgfsYDeqb8f+ZVDvKHQzIQG35ySMeEte
lulsKC9mx9wP7QDBkCrV9ichCVaZXG9KBCXzqlJ9PXCiqn86rbbb5VPbnwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFtCEnXDA9wVrB1Txhuy5BQKbpl7MB8GA1UdIwQY
MBaAFL1klwR/INb3CNfbQlV7aY+/s9j7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldTWEJIOGcxdmNJMTl0Q1ZYdHBqNy16MlBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC81ODMzZjMtMjQyMS00MWIwLWJlMmUt
ODJhMTA3YzRhN2UyLzEvVzBJU2RjTUQzQldzSFZQR0c3TGtGQXB1bVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC81ODMzZjMtMjQyMS00MWIwLWJlMmUtODJhMTA3YzRhN2Uy
LzEvdldTWEJIOGcxdmNJMTl0Q1ZYdHBqNy16MlBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATfAgAwQA
TfAiAwQATfAkAwQBTfAoAwQATfArAwQDWJewMA0GCSqGSIb3DQEBCwUAA4IBAQAl
XKf7jv+aQnZI+bbMOExne9Dc5gRsjQ61mWvDgN9aKWlgf5ACH0hQa3sDVfhK1vKu
1E9THLxgR8XIyGPygMhv+CARUbtH+Dd8ufmGA4A66Yr8ro6UWjEvuIDHH0Jf4YnP
kfssO1FfBDFeMbtqxPUiVNvtRWa/DjCkA1vz/2uqM5R5MGujmhl+YrEUluTDGQye
0v9CPPDjNKsmU1h9J58t0wejBmTBPGWtejlYn6EDnOETcT7fPeWegl19y6pkwBQE
HHn+xC3omzODYXVFRYRWTdFAxr1jKjFL4yJIFcOdz35nqeme/KA5nvSUa4Rur3c6
/+9o9pWgLry3Vz/yA/u4
-----END CERTIFICATE-----
Generated at Sun Apr 13 01:32:09 2025 by rpki-client