Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cjVSdfcgI6USxReLgdHC9_M0CkU.roa
File: cjVSdfcgI6USxReLgdHC9_M0CkU.roa (raw, json)
Hash identifier: K+5hqpPR7v+LnoyEKIel1in1wybIaUOudcefnvqwGM8=
Subject key identifier: 72:35:52:75:F7:20:23:A5:12:C5:17:8B:81:D1:C2:F7:F3:34:0A:45
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F955E0B4D6D2974B116BA56538392
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cjVSdfcgI6USxReLgdHC9_M0CkU.roa
Signing time: Thu 02 Jan 2025 05:49:14 +0000
ROA not before: Thu 02 Jan 2025 05:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.56.0/24 maxlen: 24
77.232.216.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
91.200.132.0/24 maxlen: 24
91.231.227.0/24 maxlen: 24
91.232.55.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
91.239.225.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
176.96.92.0/24 maxlen: 24
176.116.230.0/23 maxlen: 23
178.159.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:95:5e:0b:4d:6d:29:74:b1:16:ba:56:53:83:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72355275f72023a512c5178b81d1c2f7f3340a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:be:f8:07:67:24:2e:5e:b6:4a:64:5c:71:
72:f3:76:52:94:9e:87:a9:90:0c:5e:1a:20:89:0f:
9f:73:28:ed:f7:51:6a:ad:35:74:95:f9:d5:98:a8:
e2:d0:18:00:56:4c:b3:8c:fd:d4:e5:77:34:a7:65:
8a:da:46:95:39:b6:9c:93:00:f5:82:a7:23:51:e3:
f9:1d:6c:c2:d4:21:b5:fe:15:0e:4b:d2:dc:45:80:
3b:fa:1c:4a:65:9e:c5:d1:91:2c:cd:cc:c3:6a:dc:
4d:c4:fd:ad:84:19:c0:f5:3a:7a:76:88:73:80:16:
1e:fc:0e:f2:7a:05:e4:28:7f:f2:e7:67:90:21:be:
e6:fa:f7:6b:bd:1b:71:79:e1:a8:f3:6a:89:8d:2e:
11:d4:e5:f5:74:ff:41:02:bd:4d:20:af:f7:9c:90:
d8:5d:4b:2f:9b:19:8b:42:32:1f:ee:6e:86:95:bd:
65:ab:52:2a:5c:75:11:ce:96:19:34:95:cf:6e:a8:
06:8f:94:8b:ef:79:01:55:67:7b:f8:36:30:a7:b1:
52:e2:30:8d:32:0b:a2:28:f1:82:86:d0:02:87:ca:
41:01:03:fb:22:d4:3b:de:1f:d5:04:bb:10:a3:4d:
59:2b:b8:5a:aa:91:36:13:a7:6a:0d:1c:ea:a5:a7:
06:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:35:52:75:F7:20:23:A5:12:C5:17:8B:81:D1:C2:F7:F3:34:0A:45
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/cjVSdfcgI6USxReLgdHC9_M0CkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.56.0/24
77.232.216.0-77.232.218.255
91.200.132.0/24
91.231.227.0/24
91.232.55.0/24
91.237.49.0/24
91.237.193.0/24
91.238.38.0/24
91.239.225.0/24
93.120.44.0/23
176.96.92.0/24
176.116.230.0/23
178.159.146.0/24
Signature Algorithm: sha256WithRSAEncryption
85:ce:8a:16:7a:aa:2b:6c:9d:de:07:88:16:fc:e5:1f:01:9d:
64:af:9d:49:50:5c:bc:34:96:84:60:78:d0:16:36:4a:ae:47:
40:3b:63:7a:91:21:a6:f1:ee:da:5d:a2:ea:b3:5b:cd:43:b2:
81:e3:95:c4:17:5d:e4:b3:0b:b1:02:48:e6:9e:75:52:9e:5b:
82:b2:9e:18:be:97:67:75:1c:c5:e0:17:ba:c2:c7:62:27:20:
6f:2d:ed:83:67:4f:56:fc:07:6c:e3:1e:01:c0:68:aa:7a:a8:
83:b0:71:b2:c9:51:71:35:1e:cd:97:c6:4b:1b:2d:b0:1b:ad:
7a:fe:ac:e3:b5:9b:43:cb:a9:36:69:0a:2d:d8:9e:12:40:34:
7c:82:6a:46:47:91:d7:a3:86:67:c5:3a:96:7f:1b:1d:55:81:
2a:a3:38:6e:92:71:9f:10:45:63:22:d1:5a:6d:b5:d1:cc:f4:
34:90:f5:ac:39:61:63:15:06:ed:3c:09:24:94:f6:03:10:6d:
29:c5:0d:40:d4:fa:d2:19:66:f3:3f:48:bd:83:ef:1b:8b:f3:
d1:0d:27:c6:4f:d6:d3:d7:91:26:35:96:87:51:27:91:e7:f8:
59:b7:86:6b:a7:08:8a:6f:50:22:96:9d:f5:08:77:52:e2:9c:
56:8c:43:fc
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZQlj5VeC01tKXSxFrpWU4OSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjM1NTI3NWY3MjAyM2E1MTJjNTE3OGI4MWQxYzJmN2YzMzQwYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui6++AdnJC5etkpkXHFy83ZSlJ6H
qZAMXhogiQ+fcyjt91FqrTV0lfnVmKji0BgAVkyzjP3U5Xc0p2WK2kaVObackwD1
gqcjUeP5HWzC1CG1/hUOS9LcRYA7+hxKZZ7F0ZEszczDatxNxP2thBnA9Tp6dohz
gBYe/A7yegXkKH/y52eQIb7m+vdrvRtxeeGo82qJjS4R1OX1dP9BAr1NIK/3nJDY
XUsvmxmLQjIf7m6Glb1lq1IqXHURzpYZNJXPbqgGj5SL73kBVWd7+DYwp7FS4jCN
MguiKPGChtACh8pBAQP7ItQ73h/VBLsQo01ZK7haqpE2E6dqDRzqpacGlwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFHI1UnX3ICOlEsUXi4HRwvfzNApFMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvY2pWU2RmY2dJNlVTeFJlTGdkSEM5X00wQ2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQATSQ4MAwD
BANN6NgDBABN6NoDBABbyIQDBABb5+MDBABb6DcDBABb7TEDBABb7cEDBABb7iYD
BABb7+EDBAFdeCwDBACwYFwDBAGwdOYDBACyn5IwDQYJKoZIhvcNAQELBQADggEB
AIXOihZ6qitsnd4HiBb85R8BnWSvnUlQXLw0loRgeNAWNkquR0A7Y3qRIabx7tpd
ouqzW81DsoHjlcQXXeSzC7ECSOaedVKeW4Kynhi+l2d1HMXgF7rCx2InIG8t7YNn
T1b8B2zjHgHAaKp6qIOwcbLJUXE1Hs2XxksbLbAbrXr+rOO1m0PLqTZpCi3YnhJA
NHyCakZHkdejhmfFOpZ/Gx1VgSqjOG6ScZ8QRWMi0VpttdHM9DSQ9aw5YWMVBu08
CSSU9gMQbSnFDUDU+tIZZvM/SL2D7xuL89ENJ8ZP1tPXkSY1lodRJ5Hn+Fm3hmun
CIpvUCKWnfUId1LinFaMQ/w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:57:31 2025 by rpki-client