Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xvL0p77JiJrGiBjGCkpTdIl0pqg.roa
File: xvL0p77JiJrGiBjGCkpTdIl0pqg.roa (raw, json)
Hash identifier: TOTVx2FQSqH/I+BZfh59ASt+a7+rGFaqiWuc53BIqus=
Subject key identifier: C6:F2:F4:A7:BE:C9:88:9A:C6:88:18:C6:0A:4A:53:74:89:74:A6:A8
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 0194258F90584AB9E42B58AFD8797037195C
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xvL0p77JiJrGiBjGCkpTdIl0pqg.roa
Signing time: Thu 02 Jan 2025 05:49:13 +0000
ROA not before: Thu 02 Jan 2025 05:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202183
IP address blocks: 77.36.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 02:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:90:58:4a:b9:e4:2b:58:af:d8:79:70:37:19:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 05:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6f2f4a7bec9889ac68818c60a4a53748974a6a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c7:54:da:eb:37:6b:fb:27:21:b9:87:6f:9e:
e3:3a:15:60:a0:dd:8d:01:33:45:bf:54:22:d3:cf:
7e:5a:6a:76:86:a2:d9:10:48:27:79:01:b6:06:fc:
4a:1b:b6:cb:ac:5a:cf:db:53:7f:69:58:8c:26:a5:
3b:c2:0b:0c:5a:7b:be:7a:da:80:f7:34:b8:30:dc:
53:18:b1:c4:f5:53:ef:b4:19:34:06:e5:db:e4:b6:
49:87:45:61:7e:72:fb:8c:bd:db:06:42:64:f7:a9:
db:41:32:72:6b:a0:00:18:86:f0:d5:d3:8e:47:47:
77:de:5a:61:56:47:ee:d1:eb:7e:3d:f6:d1:02:62:
97:56:b3:30:79:48:66:e0:5b:8c:3e:11:e2:03:90:
87:d4:c7:6d:ab:e2:cd:b0:0e:e1:5b:81:08:fb:df:
f9:3f:95:ae:ef:f7:2c:bb:ac:b6:ad:f7:e1:2d:a8:
89:b8:95:4b:bd:e8:0f:08:6b:88:09:a4:bc:7f:82:
2b:95:19:da:f8:de:dd:5e:f3:42:61:46:05:8b:23:
fd:93:7c:1f:ad:b3:0f:7c:fb:dd:13:73:ba:22:3e:
68:27:19:a8:31:44:b7:ca:18:70:2f:ea:09:c1:0c:
b3:f5:a7:23:e3:60:15:63:fa:55:13:e2:00:e0:27:
44:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:F2:F4:A7:BE:C9:88:9A:C6:88:18:C6:0A:4A:53:74:89:74:A6:A8
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/xvL0p77JiJrGiBjGCkpTdIl0pqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.31.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b9:8a:f6:94:9e:c8:5f:02:dd:d7:26:01:9a:ee:5b:4e:4a:
dc:62:b6:90:16:db:ca:2b:9e:0b:ba:b4:66:77:7a:52:72:88:
0a:64:32:1c:98:15:7e:77:70:22:aa:f9:1b:90:8b:1f:08:35:
26:65:71:25:60:27:33:65:f4:f4:b5:df:f8:ac:96:43:ff:8d:
93:73:d2:b7:aa:86:a6:bf:c1:1c:52:2d:49:65:64:fb:05:6f:
9f:a9:0c:ca:1f:f3:a2:f8:43:a9:96:7c:e4:28:a5:da:f5:ee:
cc:6b:de:c4:c8:10:47:cc:f9:4e:cc:ca:d9:73:9b:3e:86:ca:
3b:74:b1:db:a9:e4:4a:90:eb:4c:0b:19:7f:73:bc:3b:60:ca:
33:95:86:fc:56:3d:26:75:0c:a7:41:28:0c:77:40:f6:cc:96:
f5:2c:ff:2b:13:5a:b1:cc:33:fc:a1:be:fa:3c:09:82:b1:51:
68:70:de:7e:8f:69:43:2e:ad:63:76:99:a7:cc:67:44:e5:dd:
88:2f:44:ad:37:ff:c1:9a:bf:e3:a7:b4:6e:b4:1f:83:dc:df:
e1:09:fa:d1:39:6a:9e:cd:73:1c:20:fa:5d:22:e3:76:2c:ab:
a4:24:fd:26:47:e2:7b:1e:1e:22:a7:68:46:d9:f4:08:03:3c:
12:0b:15:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj5BYSrnkK1iv2HlwNxlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTAyMDU0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmYyZjRhN2JlYzk4ODlhYzY4ODE4YzYwYTRhNTM3NDg5NzRhNmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8dU2us3a/snIbmHb57jOhVgoN2N
ATNFv1Qi089+Wmp2hqLZEEgneQG2BvxKG7bLrFrP21N/aViMJqU7wgsMWnu+etqA
9zS4MNxTGLHE9VPvtBk0BuXb5LZJh0VhfnL7jL3bBkJk96nbQTJya6AAGIbw1dOO
R0d33lphVkfu0et+PfbRAmKXVrMweUhm4FuMPhHiA5CH1Mdtq+LNsA7hW4EI+9/5
P5Wu7/csu6y2rffhLaiJuJVLvegPCGuICaS8f4IrlRna+N7dXvNCYUYFiyP9k3wf
rbMPfPvdE3O6Ij5oJxmoMUS3yhhwL+oJwQyz9acj42AVY/pVE+IA4CdEZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMby9Ke+yYiaxogYxgpKU3SJdKaoMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEveHZMMHA3N0ppSnJHaUJqR0NrcFRkSWwwcHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATSQfMA0G
CSqGSIb3DQEBCwUAA4IBAQBUuYr2lJ7IXwLd1yYBmu5bTkrcYraQFtvKK54LurRm
d3pScogKZDIcmBV+d3AiqvkbkIsfCDUmZXElYCczZfT0td/4rJZD/42Tc9K3qoam
v8EcUi1JZWT7BW+fqQzKH/Oi+EOplnzkKKXa9e7Ma97EyBBHzPlOzMrZc5s+hso7
dLHbqeRKkOtMCxl/c7w7YMozlYb8Vj0mdQynQSgMd0D2zJb1LP8rE1qxzDP8ob76
PAmCsVFocN5+j2lDLq1jdpmnzGdE5d2IL0StN//Bmr/jp7RutB+D3N/hCfrROWqe
zXMcIPpdIuN2LKukJP0mR+J7Hh4ip2hG2fQIAzwSCxU5
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:19:48 2025 by rpki-client