Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/hsH2HQBoiRDw665UcWSV1lTXYOg.roa
File: hsH2HQBoiRDw665UcWSV1lTXYOg.roa (raw, json)
Hash identifier: 3M/n4+ffcKMFrGFddlkXam66igSrpB60cTzmDDLi+7s=
Subject key identifier: 86:C1:F6:1D:00:68:89:10:F0:EB:AE:54:71:64:95:D6:54:D7:60:E8
Certificate issuer: /CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Certificate serial: 019426D9CCD49C461899E743BC9E3D0E24B5
Authority key identifier: BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/hsH2HQBoiRDw665UcWSV1lTXYOg.roa
Signing time: Thu 02 Jan 2025 11:49:55 +0000
ROA not before: Thu 02 Jan 2025 11:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 786
IP address blocks: 77.72.72.0/23 maxlen: 23
77.72.74.0/23 maxlen: 23
77.72.76.0/23 maxlen: 23
2a01:4b0:1::/48 maxlen: 48
2a01:4b0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:cc:d4:9c:46:18:99:e7:43:bc:9e:3d:0e:24:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd7410f4e62c7772c78d5750b21fc214339e94a2
Validity
Not Before: Jan 2 11:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86c1f61d00688910f0ebae54716495d654d760e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c1:00:f5:98:f4:16:fb:b3:66:ac:05:52:12:
1f:4b:2c:b2:b2:ad:9e:10:20:6c:78:04:85:e6:9e:
05:9f:85:9b:5e:dc:7c:09:75:b3:4d:6b:cb:75:b9:
9c:ab:c2:00:4a:9d:31:a3:91:ad:c7:5b:a7:ea:e2:
45:01:98:68:b1:70:da:03:ed:33:ae:f2:22:8a:a6:
b6:66:55:6d:e6:a3:b5:85:78:6f:1b:b8:24:17:8e:
15:ed:56:87:41:29:da:9a:19:1e:47:45:5c:40:8a:
1a:7e:bf:1a:89:26:0c:e9:f5:46:6b:d2:8f:fe:01:
c1:92:56:0e:0e:ca:9f:80:3b:92:89:93:3f:37:df:
6a:f7:1d:e4:0d:6c:c1:ae:ab:54:f6:90:9a:d7:eb:
00:af:64:06:3f:ea:7f:1f:0a:d6:74:69:e3:d6:f7:
56:ff:89:1d:ba:5d:3e:fd:c8:ff:d4:07:85:8e:a6:
d8:8c:63:8f:64:a8:3c:5b:7a:34:e5:3a:eb:3a:57:
64:eb:45:b8:b7:17:36:df:35:be:f8:11:40:9e:17:
9a:9f:3c:1f:be:a4:a8:dd:c5:91:3d:53:84:f2:e6:
0d:8a:84:61:44:a1:f6:5c:f7:a8:99:5f:7c:7e:59:
c2:29:f8:54:77:13:2d:35:a4:b2:75:f1:d7:00:b8:
25:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C1:F6:1D:00:68:89:10:F0:EB:AE:54:71:64:95:D6:54:D7:60:E8
X509v3 Authority Key Identifier:
keyid:BD:74:10:F4:E6:2C:77:72:C7:8D:57:50:B2:1F:C2:14:33:9E:94:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vXQQ9OYsd3LHjVdQsh_CFDOelKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/hsH2HQBoiRDw665UcWSV1lTXYOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/22c60e-72fd-47af-99f3-26848ffee765/1/vXQQ9OYsd3LHjVdQsh_CFDOelKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.72.0-77.72.77.255
IPv6:
2a01:4b0:1::-2a01:4b0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:ef:52:32:48:b0:2d:05:52:b5:b7:a4:d6:84:18:f0:c2:cc:
b7:16:6e:ef:7d:5e:2c:be:de:fe:2c:e6:c8:30:b6:ea:50:99:
12:86:60:e3:f7:a2:f1:b9:e3:d3:71:eb:13:85:22:8c:18:14:
9a:a2:7c:e5:b1:bf:5c:80:6b:29:3d:c7:84:a3:69:3e:d2:ee:
25:b2:9d:ca:1d:c5:c5:6c:07:6c:6b:14:f2:5f:0e:ae:a7:68:
9b:3b:aa:93:45:be:ac:39:38:dd:8b:0b:80:63:8e:cf:54:27:
7a:29:ec:c4:aa:1a:41:2f:f2:31:9d:f9:d8:27:f5:d4:41:fd:
1e:d6:93:4a:e1:7b:54:83:eb:21:64:48:a8:59:27:b8:12:78:
bd:07:ff:5b:c9:92:40:28:61:b3:37:1b:54:7a:2d:7c:82:d5:
86:f6:62:3b:ec:f8:63:93:b9:87:a3:fa:d1:12:46:a3:5a:cb:
69:60:1e:d2:3a:f8:a1:1f:ac:35:ba:3d:bd:2e:ab:4e:fa:d0:
5f:a2:6e:c2:c8:0d:d1:08:dd:df:cc:84:29:44:29:5a:f9:b3:
aa:69:99:11:85:bb:67:cc:21:5f:71:c8:9b:cb:fd:29:e3:5e:
51:9c:5b:80:85:df:82:bf:f7:c1:07:61:06:ac:29:56:bf:40:
22:91:9e:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2czUnEYYmedDvJ49DiS1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNzQxMGY0ZTYyYzc3NzJjNzhkNTc1MGIyMWZjMjE0MzM5
ZTk0YTIwHhcNMjUwMTAyMTE0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmMxZjYxZDAwNjg4OTEwZjBlYmFlNTQ3MTY0OTVkNjU0ZDc2MGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsEA9Zj0FvuzZqwFUhIfSyyysq2e
ECBseASF5p4Fn4WbXtx8CXWzTWvLdbmcq8IASp0xo5Gtx1un6uJFAZhosXDaA+0z
rvIiiqa2ZlVt5qO1hXhvG7gkF44V7VaHQSnamhkeR0VcQIoafr8aiSYM6fVGa9KP
/gHBklYODsqfgDuSiZM/N99q9x3kDWzBrqtU9pCa1+sAr2QGP+p/HwrWdGnj1vdW
/4kdul0+/cj/1AeFjqbYjGOPZKg8W3o05TrrOldk60W4txc23zW++BFAnheanzwf
vqSo3cWRPVOE8uYNioRhRKH2XPeomV98flnCKfhUdxMtNaSydfHXALgl5wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIbB9h0AaIkQ8OuuVHFkldZU12DoMB8GA1UdIwQY
MBaAFL10EPTmLHdyx41XULIfwhQznpSiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMt
MjY4NDhmZmVlNzY1LzEvaHNIMkhRQm9pUkR3NjY1VWNXU1YxbFRYWU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8yMmM2MGUtNzJmZC00N2FmLTk5ZjMtMjY4NDhmZmVlNzY1
LzEvdlhRUTlPWXNkM0xIalZkUXNoX0NGRE9lbEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBANNSEgD
BAFNSEwwGgQCAAIwFDASAwcAKgEEsAABAwcAKgEEsAACMA0GCSqGSIb3DQEBCwUA
A4IBAQAA71IySLAtBVK1t6TWhBjwwsy3Fm7vfV4svt7+LObIMLbqUJkShmDj96Lx
uePTcesThSKMGBSaonzlsb9cgGspPceEo2k+0u4lsp3KHcXFbAdsaxTyXw6up2ib
O6qTRb6sOTjdiwuAY47PVCd6KezEqhpBL/IxnfnYJ/XUQf0e1pNK4XtUg+shZEio
WSe4Eni9B/9byZJAKGGzNxtUei18gtWG9mI77Phjk7mHo/rREkajWstpYB7SOvih
H6w1uj29LqtO+tBfom7CyA3RCN3fzIQpRCla+bOqaZkRhbtnzCFfcciby/0p415R
nFuAhd+Cv/fBB2EGrClWv0AikZ42
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:26:03 2025 by rpki-client