Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/IdcqQLaLPNCQJzdTXpACnqYscnI.roa
File: IdcqQLaLPNCQJzdTXpACnqYscnI.roa (raw, json)
Hash identifier: H+1S4n+OyXlFrQgh9A84gwVt0xMSOKKs5oiKIXtOgjU=
Subject key identifier: 21:D7:2A:40:B6:8B:3C:D0:90:27:37:53:5E:90:02:9E:A6:2C:72:72
Certificate issuer: /CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Certificate serial: 0194228E3967A5FF9001AF35E7EFFACE61C5
Authority key identifier: 4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/IdcqQLaLPNCQJzdTXpACnqYscnI.roa
Signing time: Wed 01 Jan 2025 15:48:53 +0000
ROA not before: Wed 01 Jan 2025 15:48:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 77.91.88.0/24 maxlen: 24
77.91.89.0/24 maxlen: 24
77.91.90.0/24 maxlen: 24
77.91.91.0/24 maxlen: 24
77.91.92.0/24 maxlen: 24
77.91.93.0/24 maxlen: 24
77.91.94.0/24 maxlen: 24
77.91.95.0/24 maxlen: 24
185.149.144.0/24 maxlen: 24
185.149.145.0/24 maxlen: 24
185.149.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 13:43:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:39:67:a5:ff:90:01:af:35:e7:ef:fa:ce:61:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Validity
Not Before: Jan 1 15:48:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21d72a40b68b3cd0902737535e90029ea62c7272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:14:e2:67:12:d0:8b:ca:53:45:a9:fc:91:de:
f6:f3:d6:06:29:af:3a:21:d1:97:cc:5a:9a:49:17:
b1:f0:63:bd:3a:64:ab:e4:8d:81:e2:f5:d0:d6:a5:
e4:3a:c3:2f:dd:5a:6d:53:6a:03:34:4a:dd:7c:b8:
05:f2:73:47:04:76:bd:36:72:54:b2:ff:3d:34:79:
f2:ce:47:e6:9e:49:a2:ea:f7:12:a5:e9:4f:db:83:
2c:e8:1d:f1:97:28:9e:db:a7:12:75:ae:55:73:ea:
a5:27:30:d3:36:b2:38:47:96:65:a8:e7:a1:24:59:
84:26:7f:4a:7f:db:2b:1d:5c:8d:39:9e:07:df:b7:
4c:69:f7:d0:23:21:77:a0:09:ea:0b:80:a9:0a:24:
c4:e3:56:7f:fc:b2:70:f4:52:63:f6:27:c3:f5:f8:
63:b3:ee:a1:cb:e7:9f:e5:fe:3b:68:a4:ce:b7:dd:
65:a9:7c:49:1a:61:cc:1b:5a:5a:d5:26:a0:e9:9d:
41:d2:5d:eb:1b:2a:b4:93:a1:b2:34:64:2d:d1:67:
ef:53:a0:58:4f:a6:92:27:a7:53:df:97:d4:da:86:
8d:02:76:62:f9:0a:26:c6:02:82:be:e9:54:13:c5:
2c:16:34:cd:3e:bd:34:e7:aa:0d:e7:82:f5:d2:99:
b3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:D7:2A:40:B6:8B:3C:D0:90:27:37:53:5E:90:02:9E:A6:2C:72:72
X509v3 Authority Key Identifier:
keyid:4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/IdcqQLaLPNCQJzdTXpACnqYscnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.88.0/21
185.149.144.0/23
185.149.147.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:b7:5f:12:24:30:1e:fa:5e:cd:9d:ef:f4:5e:ae:4b:81:e0:
22:7f:32:79:6f:1e:fc:d5:32:4b:29:8a:dd:e1:47:b9:bb:3e:
60:05:59:7c:f5:56:21:63:e3:1a:d2:b9:67:f7:6d:43:84:37:
81:57:e8:ba:57:79:a9:9d:c1:e8:4b:39:59:f3:b1:11:70:a5:
c2:00:e2:b5:05:ac:1d:4a:1b:81:bb:06:84:16:45:08:da:2e:
36:d7:ed:9d:97:78:12:81:ef:b7:b5:c8:f8:51:39:ae:15:ff:
8b:65:06:27:20:ba:d9:3e:42:5a:c1:01:7a:b5:35:01:4d:da:
f1:93:f1:27:38:68:d9:d7:2c:1e:0f:59:52:6c:fd:63:96:ae:
26:d5:2d:1f:43:c2:97:fa:23:74:5c:a4:cf:ca:64:74:64:3b:
3f:1e:9f:91:44:f6:44:30:ce:7c:df:78:47:ff:33:c0:e9:d5:
a3:1a:f3:ee:ad:20:a4:af:8f:32:24:63:76:ce:0a:bc:80:97:
9d:61:e6:9a:05:e4:fc:a6:79:a9:4b:39:a0:19:a4:bc:1e:11:
c1:5b:a9:46:8e:1d:f0:00:2f:63:0c:2a:e1:f7:14:54:13:6b:
0d:af:e5:a0:34:6e:c1:80:c3:c4:06:4a:34:59:d6:2d:c6:09:
5c:0c:ce:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijjlnpf+QAa815+/6zmHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmQzMGIwMTVlYzRlZjFiMGQzYzY0MzQ3YzhkMWI1OTgy
OTNmODEwHhcNMjUwMTAxMTU0ODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWQ3MmE0MGI2OGIzY2QwOTAyNzM3NTM1ZTkwMDI5ZWE2MmM3MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxTiZxLQi8pTRan8kd7289YGKa86
IdGXzFqaSRex8GO9OmSr5I2B4vXQ1qXkOsMv3VptU2oDNErdfLgF8nNHBHa9NnJU
sv89NHnyzkfmnkmi6vcSpelP24Ms6B3xlyie26cSda5Vc+qlJzDTNrI4R5ZlqOeh
JFmEJn9Kf9srHVyNOZ4H37dMaffQIyF3oAnqC4CpCiTE41Z//LJw9FJj9ifD9fhj
s+6hy+ef5f47aKTOt91lqXxJGmHMG1pa1Sag6Z1B0l3rGyq0k6GyNGQt0WfvU6BY
T6aSJ6dT35fU2oaNAnZi+QomxgKCvulUE8UsFjTNPr0056oN54L10pmzHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCHXKkC2izzQkCc3U16QAp6mLHJyMB8GA1UdIwQY
MBaAFE8tMLAV7E7xsNPGQ0fI0bWYKT+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjkt
NDM1MWJiZjc0YzBjLzEvSWRjcVFMYUxQTkNRSnpkVFhwQUNucVlzY25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjktNDM1MWJiZjc0YzBj
LzEvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVtYAwQB
uZWQAwQAuZWTMA0GCSqGSIb3DQEBCwUAA4IBAQCet18SJDAe+l7Nne/0Xq5LgeAi
fzJ5bx781TJLKYrd4Ue5uz5gBVl89VYhY+Ma0rln921DhDeBV+i6V3mpncHoSzlZ
87ERcKXCAOK1BawdShuBuwaEFkUI2i421+2dl3gSge+3tcj4UTmuFf+LZQYnILrZ
PkJawQF6tTUBTdrxk/EnOGjZ1yweD1lSbP1jlq4m1S0fQ8KX+iN0XKTPymR0ZDs/
Hp+RRPZEMM5833hH/zPA6dWjGvPurSCkr48yJGN2zgq8gJedYeaaBeT8pnmpSzmg
GaS8HhHBW6lGjh3wAC9jDCrh9xRUE2sNr+WgNG7BgMPEBko0WdYtxglcDM4x
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:13:36 2025 by rpki-client