Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/zMd7m5mxh6U6DbEOt4OgQ4iJ1U0.roa
File: zMd7m5mxh6U6DbEOt4OgQ4iJ1U0.roa (raw, json)
Hash identifier: bhC49t061SBKpaBxLjJKGavc/n4xCA6rE46xrsPt5jk=
Subject key identifier: CC:C7:7B:9B:99:B1:87:A5:3A:0D:B1:0E:B7:83:A0:43:88:89:D5:4D
Certificate issuer: /CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Certificate serial: 019426D9FDBA5677547952B356D5258093B8
Authority key identifier: 40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/zMd7m5mxh6U6DbEOt4OgQ4iJ1U0.roa
Signing time: Thu 02 Jan 2025 11:50:08 +0000
ROA not before: Thu 02 Jan 2025 11:50:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59854
IP address blocks: 77.81.164.0/23 maxlen: 23
89.35.173.0/24 maxlen: 24
93.119.227.0/24 maxlen: 24
128.0.46.0/23 maxlen: 23
185.171.184.0/24 maxlen: 24
185.171.185.0/24 maxlen: 24
185.171.187.0/24 maxlen: 24
188.214.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:fd:ba:56:77:54:79:52:b3:56:d5:25:80:93:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408af485b4fd0f03717cd4a709ef11c61d3ef46e
Validity
Not Before: Jan 2 11:50:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccc77b9b99b187a53a0db10eb783a0438889d54d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:06:a9:97:85:0c:81:9b:a6:c2:d3:77:f2:90:
5d:c0:93:a9:04:18:b2:20:54:02:7a:d1:88:af:5d:
d9:a5:63:cc:03:d9:cf:58:43:72:4d:00:47:2d:ab:
ea:62:42:4d:b6:00:49:2a:13:54:9f:05:83:df:de:
74:51:47:1d:39:78:9b:fc:9c:d2:81:25:7a:b1:21:
18:dd:91:66:e2:ab:f9:11:54:a0:12:1e:11:a7:e2:
94:fc:75:79:9e:4e:47:4e:d1:aa:2e:66:27:90:cf:
92:49:e7:a0:e9:6a:bf:cb:19:00:25:94:0f:95:94:
c0:9a:81:94:98:7c:2b:6f:f5:47:78:39:b8:7d:ae:
67:7d:6f:d4:c5:37:c8:96:01:c6:64:af:4c:4a:a6:
0c:69:6f:ac:41:33:b8:3d:9f:27:b2:b7:8e:08:9e:
09:9e:c2:57:07:d3:c3:7e:31:e0:78:bf:07:0e:ba:
21:5f:57:8d:72:b9:a2:a7:f8:20:0c:13:4c:16:c4:
54:8f:9c:17:2c:44:89:4f:80:7b:da:02:97:1a:e9:
2b:a7:08:0c:ec:30:f6:26:b4:ad:14:f7:8c:2c:fd:
79:81:32:76:aa:c8:da:a9:c5:ef:df:d6:86:2a:a2:
b7:e6:96:2b:ed:ff:81:b9:52:2a:3a:23:e3:39:23:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:C7:7B:9B:99:B1:87:A5:3A:0D:B1:0E:B7:83:A0:43:88:89:D5:4D
X509v3 Authority Key Identifier:
keyid:40:8A:F4:85:B4:FD:0F:03:71:7C:D4:A7:09:EF:11:C6:1D:3E:F4:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/zMd7m5mxh6U6DbEOt4OgQ4iJ1U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e1171c-5270-49cd-9379-b95b08a23ae1/1/QIr0hbT9DwNxfNSnCe8Rxh0-9G4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.164.0/23
89.35.173.0/24
93.119.227.0/24
128.0.46.0/23
185.171.184.0/23
185.171.187.0/24
188.214.142.0/24
Signature Algorithm: sha256WithRSAEncryption
86:32:41:a1:52:c8:a2:05:20:be:50:3c:66:30:f5:11:7f:6d:
54:6c:33:6d:25:69:07:52:68:9b:d7:bf:21:cf:05:33:56:a7:
3e:00:b6:e4:8b:3d:9f:70:29:b3:a3:e9:21:de:c7:d1:fb:f6:
2e:c8:80:57:b3:24:5d:83:25:05:80:9a:09:8c:54:26:be:01:
75:d9:35:0b:37:82:58:1b:35:06:b9:bd:53:8b:08:d2:e8:b3:
96:10:00:ad:c5:fc:ac:73:25:ff:61:2d:eb:24:f7:9d:07:05:
0c:eb:42:86:b4:a4:0c:98:3a:72:76:96:ef:7e:bd:0e:31:64:
b0:aa:39:af:97:1d:85:40:e3:db:9d:10:41:85:28:6e:56:1a:
7a:5c:83:7c:a5:00:01:72:ea:2d:89:fa:0a:64:dd:dd:a4:06:
f4:69:a3:d2:b3:11:34:5d:42:8d:7f:a2:0b:08:49:01:f3:b9:
0b:70:41:e0:09:9d:eb:b8:62:0c:d7:9e:71:2e:6e:d0:f8:9b:
c8:78:b1:f8:1e:45:3b:78:62:45:72:12:e4:47:ca:0a:6f:4b:
df:8a:a9:52:23:e1:43:fd:75:e6:aa:80:b3:fb:0f:62:15:a5:
ba:12:e4:af:14:e1:71:bb:e2:52:5d:3d:2b:0f:a7:25:f7:05:
6b:b3:44:97
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2f26VndUeVKzVtUlgJO4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwOGFmNDg1YjRmZDBmMDM3MTdjZDRhNzA5ZWYxMWM2MWQz
ZWY0NmUwHhcNMjUwMTAyMTE1MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2M3N2I5Yjk5YjE4N2E1M2EwZGIxMGViNzgzYTA0Mzg4ODlkNTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQapl4UMgZumwtN38pBdwJOpBBiy
IFQCetGIr13ZpWPMA9nPWENyTQBHLavqYkJNtgBJKhNUnwWD3950UUcdOXib/JzS
gSV6sSEY3ZFm4qv5EVSgEh4Rp+KU/HV5nk5HTtGqLmYnkM+SSeeg6Wq/yxkAJZQP
lZTAmoGUmHwrb/VHeDm4fa5nfW/UxTfIlgHGZK9MSqYMaW+sQTO4PZ8nsreOCJ4J
nsJXB9PDfjHgeL8HDrohX1eNcrmip/ggDBNMFsRUj5wXLESJT4B72gKXGukrpwgM
7DD2JrStFPeMLP15gTJ2qsjaqcXv39aGKqK35pYr7f+BuVIqOiPjOSOwxwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMzHe5uZsYelOg2xDreDoEOIidVNMB8GA1UdIwQY
MBaAFECK9IW0/Q8DcXzUpwnvEcYdPvRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzkt
Yjk1YjA4YTIzYWUxLzEvek1kN201bXhoNlU2RGJFT3Q0T2dRNGlKMVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lMTE3MWMtNTI3MC00OWNkLTkzNzktYjk1YjA4YTIzYWUx
LzEvUUlyMGhiVDlEd054Zk5TbkNlOFJ4aDAtOUc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBTVGkAwQA
WSOtAwQAXXfjAwQBgAAuAwQBuau4AwQAuau7AwQAvNaOMA0GCSqGSIb3DQEBCwUA
A4IBAQCGMkGhUsiiBSC+UDxmMPURf21UbDNtJWkHUmib178hzwUzVqc+ALbkiz2f
cCmzo+kh3sfR+/YuyIBXsyRdgyUFgJoJjFQmvgF12TULN4JYGzUGub1TiwjS6LOW
EACtxfyscyX/YS3rJPedBwUM60KGtKQMmDpydpbvfr0OMWSwqjmvlx2FQOPbnRBB
hShuVhp6XIN8pQABcuotifoKZN3dpAb0aaPSsxE0XUKNf6ILCEkB87kLcEHgCZ3r
uGIM155xLm7Q+JvIeLH4HkU7eGJFchLkR8oKb0vfiqlSI+FD/XXmqoCz+w9iFaW6
EuSvFOFxu+JSXT0rD6cl9wVrs0SX
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:06:17 2025 by rpki-client