Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/FG-qCrDb70MUjmpPeG_ABqm2g4I.roa
File: FG-qCrDb70MUjmpPeG_ABqm2g4I.roa (raw, json)
Hash identifier: hYgrw8pe3ohnrPXEYOqOtmTKKEz+HL/P8NWGWnKRQYA=
Subject key identifier: 14:6F:AA:0A:B0:DB:EF:43:14:8E:6A:4F:78:6F:C0:06:A9:B6:83:82
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 019426D9CD7FF899705F1DFA06931104B24B
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/FG-qCrDb70MUjmpPeG_ABqm2g4I.roa
Signing time: Thu 02 Jan 2025 11:49:55 +0000
ROA not before: Thu 02 Jan 2025 11:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42310
IP address blocks: 77.72.72.0/23 maxlen: 23
77.72.74.0/23 maxlen: 23
77.72.76.0/23 maxlen: 23
77.72.78.0/23 maxlen: 23
77.72.78.0/24 maxlen: 24
77.72.79.0/24 maxlen: 24
2a01:4b0::/48 maxlen: 48
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 13:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:cd:7f:f8:99:70:5f:1d:fa:06:93:11:04:b2:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Jan 2 11:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=146faa0ab0dbef43148e6a4f786fc006a9b68382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:87:7d:09:14:7c:ff:73:ba:95:d7:96:ef:32:
45:6a:a5:9c:d7:d5:2e:56:4f:b5:c4:91:53:2e:15:
8d:fc:53:88:de:19:1d:de:f9:07:c8:67:e3:60:33:
ea:39:76:28:24:bc:24:21:40:0c:99:75:2f:80:69:
60:2d:fb:29:5e:d3:24:6d:c0:b3:10:72:1a:5d:7f:
e5:9a:03:f6:03:6d:fd:8a:d3:76:d2:1a:be:a5:f8:
7a:f9:c0:51:3c:4b:f6:b3:27:20:6d:d2:ca:cb:85:
b0:17:60:97:80:6b:8e:66:6b:0c:2d:bf:ff:32:6d:
9b:31:0a:6d:98:af:5a:4d:92:95:d0:26:22:57:a1:
46:f8:81:a7:cb:94:28:3c:6b:e6:61:1c:24:37:2d:
57:c1:de:b0:b8:b3:19:46:b5:50:52:a3:04:96:5a:
2c:2f:66:70:51:f2:b1:b8:9f:89:e5:1d:26:f6:76:
33:56:31:0a:31:66:7b:4a:5c:de:1c:a1:c1:d1:a0:
49:4b:c0:b2:bb:63:7e:87:25:20:76:8f:40:f5:8e:
8f:c8:c7:dc:47:fc:dd:ee:99:e8:9d:4a:a3:50:e4:
aa:af:31:3f:90:8b:4e:05:42:18:a8:e1:af:1d:b8:
81:c3:0d:2d:8d:e8:2b:17:08:8b:bf:23:fd:66:7c:
c4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:6F:AA:0A:B0:DB:EF:43:14:8E:6A:4F:78:6F:C0:06:A9:B6:83:82
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/FG-qCrDb70MUjmpPeG_ABqm2g4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0/21
IPv6:
2a01:4b0::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6c:d7:e8:b4:4d:ff:e6:7f:19:a9:c6:7d:65:1a:1c:3b:c8:c5:
34:85:c0:30:74:b7:99:de:6b:19:33:f1:07:ea:9b:c9:04:a8:
bc:12:7a:0f:07:d3:cf:bf:94:6b:fe:0a:f3:ef:7f:ae:2d:f3:
db:6c:05:56:db:68:3d:01:30:65:f9:31:19:16:d7:11:75:79:
82:c1:a2:e2:68:88:d7:6f:b4:e2:86:50:f7:23:d6:05:53:50:
3c:06:2b:be:06:09:ca:8c:c0:63:d7:84:94:e5:90:04:92:ee:
d6:67:49:97:84:4f:50:8e:df:22:96:3a:fa:9b:90:e9:97:80:
d9:85:26:33:c3:7c:bd:30:0a:3d:af:18:83:6f:38:81:a9:98:
c1:fc:e2:68:a8:53:87:1d:97:30:1b:d3:74:7c:0c:da:21:3d:
7e:1a:84:d7:ba:10:69:f0:6c:84:a7:58:44:8a:00:bb:62:82:
26:cd:b0:bb:90:af:d1:1b:48:77:09:64:58:22:4c:13:3b:88:
b6:ef:51:d1:77:32:4a:1c:fc:21:fc:ae:5e:73:91:1d:62:e2:
f7:87:32:74:b6:51:df:23:c7:52:00:d4:5b:27:14:4e:b2:16:
e6:0b:36:42:2f:2a:59:0c:70:ec:ae:3e:65:1e:ee:b5:0e:c8:
54:fd:81:c8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQm2c1/+JlwXx36BpMRBLJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjUwMTAyMTE0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDZmYWEwYWIwZGJlZjQzMTQ4ZTZhNGY3ODZmYzAwNmE5YjY4MzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3od9CRR8/3O6ldeW7zJFaqWc19Uu
Vk+1xJFTLhWN/FOI3hkd3vkHyGfjYDPqOXYoJLwkIUAMmXUvgGlgLfspXtMkbcCz
EHIaXX/lmgP2A239itN20hq+pfh6+cBRPEv2sycgbdLKy4WwF2CXgGuOZmsMLb//
Mm2bMQptmK9aTZKV0CYiV6FG+IGny5QoPGvmYRwkNy1Xwd6wuLMZRrVQUqMEllos
L2ZwUfKxuJ+J5R0m9nYzVjEKMWZ7SlzeHKHB0aBJS8Cyu2N+hyUgdo9A9Y6PyMfc
R/zd7pnonUqjUOSqrzE/kItOBUIYqOGvHbiBww0tjegrFwiLvyP9ZnzEXQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBRvqgqw2+9DFI5qT3hvwAaptoOCMB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvRkctcUNyRGI3ME1Vam1wUGVHX0FCcW0yZzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQDTUhIMBgE
AgACMBIwEAMFBCoBBLADBwAqAQSwAAIwDQYJKoZIhvcNAQELBQADggEBAGzX6LRN
/+Z/GanGfWUaHDvIxTSFwDB0t5neaxkz8Qfqm8kEqLwSeg8H08+/lGv+CvPvf64t
89tsBVbbaD0BMGX5MRkW1xF1eYLBouJoiNdvtOKGUPcj1gVTUDwGK74GCcqMwGPX
hJTlkASS7tZnSZeET1CO3yKWOvqbkOmXgNmFJjPDfL0wCj2vGINvOIGpmMH84mio
U4cdlzAb03R8DNohPX4ahNe6EGnwbISnWESKALtigibNsLuQr9EbSHcJZFgiTBM7
iLbvUdF3Mkoc/CH8rl5zkR1i4veHMnS2Ud8jx1IA1FsnFE6yFuYLNkIvKlkMcOyu
PmUe7rUOyFT9gcg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 20:15:15 2025 by rpki-client