Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/J2yd4O1iL2KCY7LAQ3uRto73WwQ.roa
File: J2yd4O1iL2KCY7LAQ3uRto73WwQ.roa (raw, json)
Hash identifier: FnyzxFKFKQYZ99+AO0ucXUQHZHZrzRIvFySr51HyBug=
Subject key identifier: 27:6C:9D:E0:ED:62:2F:62:82:63:B2:C0:43:7B:91:B6:8E:F7:5B:04
Certificate issuer: /CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Certificate serial: 0194228E245DC5DF84EDEEAB5290F10FC811
Authority key identifier: 34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/J2yd4O1iL2KCY7LAQ3uRto73WwQ.roa
Signing time: Wed 01 Jan 2025 15:48:48 +0000
ROA not before: Wed 01 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51162
IP address blocks: 77.220.206.0/24 maxlen: 24
91.103.106.0/24 maxlen: 24
91.103.107.0/24 maxlen: 24
91.147.112.0/24 maxlen: 24
91.147.113.0/24 maxlen: 24
91.216.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:24:5d:c5:df:84:ed:ee:ab:52:90:f1:0f:c8:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34bca94f6b61e10100dc3a7186ffa3f9b00c69dd
Validity
Not Before: Jan 1 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=276c9de0ed622f628263b2c0437b91b68ef75b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:48:31:74:ae:89:24:e3:6c:24:3a:f4:88:
6b:b2:73:68:ff:6e:41:4e:40:aa:b4:49:c1:9f:5b:
35:87:2e:2f:45:83:14:ba:22:a0:cc:14:e6:62:5f:
08:f3:06:ae:f1:56:38:74:dc:3a:89:46:f9:aa:ca:
fb:74:02:b9:0d:11:5a:81:bb:ae:e1:d9:7b:2a:90:
26:9a:98:c8:0f:eb:b5:eb:3a:bd:64:6c:d6:e4:7f:
c7:c1:ea:3b:7a:29:2a:a4:d0:55:ad:92:c6:72:ef:
ce:e8:18:2b:bc:9c:b1:e5:53:fd:24:a3:7d:d7:29:
12:d9:bc:db:21:e5:d0:ae:d3:3c:2b:fc:ca:9a:42:
b2:91:fc:ad:30:1e:eb:17:df:9e:6b:2e:a0:fe:59:
93:e6:26:7d:53:15:00:b5:d7:32:31:91:91:35:82:
ef:82:c1:a0:9c:92:d1:77:ca:a3:6e:1d:c1:d9:42:
d3:a3:81:e8:be:44:98:e9:95:b3:00:14:4e:5f:d2:
7e:c5:df:db:76:00:1c:4e:43:41:4f:41:6b:ab:a4:
69:0e:4b:26:b1:e1:7a:28:e7:27:2f:53:6a:06:fd:
82:f4:e1:e8:e8:11:ac:f7:26:32:d2:b8:ae:e8:48:
24:b3:6d:3b:29:45:3f:52:99:2e:29:0a:f0:6c:a4:
1c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:6C:9D:E0:ED:62:2F:62:82:63:B2:C0:43:7B:91:B6:8E:F7:5B:04
X509v3 Authority Key Identifier:
keyid:34:BC:A9:4F:6B:61:E1:01:00:DC:3A:71:86:FF:A3:F9:B0:0C:69:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NLypT2th4QEA3Dpxhv-j-bAMad0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/J2yd4O1iL2KCY7LAQ3uRto73WwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f4ea59-1810-4210-98f3-709f03624e7e/1/NLypT2th4QEA3Dpxhv-j-bAMad0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.206.0/24
91.103.106.0/23
91.147.112.0/23
91.216.178.0/24
Signature Algorithm: sha256WithRSAEncryption
06:ed:bb:87:74:ff:57:ae:b0:33:d4:01:a3:f8:e0:18:74:39:
a0:28:a3:07:2e:7a:0b:c1:3e:6a:2c:fe:af:70:8e:c5:70:13:
63:e8:a8:a0:09:ff:3d:e3:31:2b:8f:61:f1:5c:45:5f:83:3b:
3f:88:23:5d:fe:64:1f:45:ff:05:77:e8:24:0a:53:16:5c:5a:
10:21:f4:32:d9:e0:36:c0:4b:44:2a:72:21:27:8d:d0:71:2b:
17:73:29:18:cd:e9:70:9d:4d:ea:fe:57:03:ab:fd:dc:a3:05:
17:b4:c9:7e:a9:a4:27:bd:af:ab:6a:5b:97:49:1b:18:f0:d4:
f2:21:64:bd:72:69:25:d2:48:ab:7f:ee:1a:a3:36:44:84:e0:
ec:c8:93:c2:3c:1b:41:3d:89:c5:ec:c9:83:e8:c8:0a:e7:68:
21:e3:d2:6c:a5:bf:72:66:99:b9:a4:02:a4:be:71:37:2c:b2:
a6:51:b6:0e:1a:07:50:a0:42:96:2e:96:b8:47:b2:b5:65:50:
55:36:0b:b3:2e:82:d3:dd:d3:41:3b:cf:ff:66:ce:cf:f6:c6:
09:0f:15:a0:5c:12:a6:f5:35:52:04:f5:de:1a:5d:d2:8c:d8:
aa:77:2f:e4:ff:bb:e0:1f:7b:1f:db:a9:cd:dc:f9:53:ae:4c:
20:6d:9c:2b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijiRdxd+E7e6rUpDxD8gRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YmNhOTRmNmI2MWUxMDEwMGRjM2E3MTg2ZmZhM2Y5YjAw
YzY5ZGQwHhcNMjUwMTAxMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzZjOWRlMGVkNjIyZjYyODI2M2IyYzA0MzdiOTFiNjhlZjc1YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMJIMXSuiSTjbCQ69IhrsnNo/25B
TkCqtEnBn1s1hy4vRYMUuiKgzBTmYl8I8wau8VY4dNw6iUb5qsr7dAK5DRFagbuu
4dl7KpAmmpjID+u16zq9ZGzW5H/Hweo7eikqpNBVrZLGcu/O6BgrvJyx5VP9JKN9
1ykS2bzbIeXQrtM8K/zKmkKykfytMB7rF9+eay6g/lmT5iZ9UxUAtdcyMZGRNYLv
gsGgnJLRd8qjbh3B2ULTo4HovkSY6ZWzABROX9J+xd/bdgAcTkNBT0Frq6RpDksm
seF6KOcnL1NqBv2C9OHo6BGs9yYy0riu6Egks207KUU/UpkuKQrwbKQchQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCdsneDtYi9igmOywEN7kbaO91sEMB8GA1UdIwQY
MBaAFDS8qU9rYeEBANw6cYb/o/mwDGndMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMt
NzA5ZjAzNjI0ZTdlLzEvSjJ5ZDRPMWlMMktDWTdMQVEzdVJ0bzczV3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9mNGVhNTktMTgxMC00MjEwLTk4ZjMtNzA5ZjAzNjI0ZTdl
LzEvTkx5cFQydGg0UUVBM0RweGh2LWotYkFNYWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATdzOAwQB
W2dqAwQBW5NwAwQAW9iyMA0GCSqGSIb3DQEBCwUAA4IBAQAG7buHdP9XrrAz1AGj
+OAYdDmgKKMHLnoLwT5qLP6vcI7FcBNj6KigCf894zErj2HxXEVfgzs/iCNd/mQf
Rf8Fd+gkClMWXFoQIfQy2eA2wEtEKnIhJ43QcSsXcykYzelwnU3q/lcDq/3cowUX
tMl+qaQnva+raluXSRsY8NTyIWS9cmkl0kirf+4aozZEhODsyJPCPBtBPYnF7MmD
6MgK52gh49Jspb9yZpm5pAKkvnE3LLKmUbYOGgdQoEKWLpa4R7K1ZVBVNguzLoLT
3dNBO8//Zs7P9sYJDxWgXBKm9TVSBPXeGl3SjNiqdy/k/7vgH3sf26nN3PlTrkwg
bZwr
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:48 2025 by rpki-client