Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/_PDfqiydgAhxO9j0sxCdFKtIkKc.roa
File: _PDfqiydgAhxO9j0sxCdFKtIkKc.roa (raw, json)
Hash identifier: YOuCdaiFwxVca+9zs4xrpramJM629b4/EHiWgyL8CG0=
Subject key identifier: FC:F0:DF:AA:2C:9D:80:08:71:3B:D8:F4:B3:10:9D:14:AB:48:90:A7
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 0194221F7B77BEBFA313EF30069F266DBF24
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/_PDfqiydgAhxO9j0sxCdFKtIkKc.roa
Signing time: Wed 01 Jan 2025 13:47:56 +0000
ROA not before: Wed 01 Jan 2025 13:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 22:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:7b:77:be:bf:a3:13:ef:30:06:9f:26:6d:bf:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 1 13:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fcf0dfaa2c9d8008713bd8f4b3109d14ab4890a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:aa:1a:10:e8:a4:65:dd:ff:0d:e4:ed:3a:13:
6c:7f:3e:12:9d:62:03:15:9a:eb:f7:bc:53:44:81:
b4:3f:35:61:ce:a7:c8:43:b8:15:b9:b3:b6:40:bc:
6a:1f:7f:0e:43:79:c4:fe:55:c3:65:6d:dd:28:ef:
3a:b4:ed:03:6e:36:f2:c8:e7:21:3b:93:75:17:87:
b3:85:85:5b:82:d1:8e:19:41:51:34:6a:eb:8a:58:
90:e7:9c:01:60:3b:e9:97:3e:29:57:4a:db:86:32:
1d:4c:75:57:4c:1d:52:9e:1b:37:73:87:a5:38:2d:
6b:59:11:a9:54:fb:d2:ef:d7:71:a3:6b:05:66:89:
88:58:ac:c8:ce:30:e2:05:4d:bf:9f:41:3b:c4:26:
d5:15:a5:b1:98:eb:0f:e1:64:63:fa:31:c3:56:80:
f3:82:c7:2b:8f:7a:f9:ad:d5:a2:51:61:8a:cf:19:
97:c3:e1:20:10:6d:0f:09:4a:9c:56:e6:ed:01:50:
a4:b2:48:3c:bd:14:b3:6b:90:05:7d:e0:cc:cb:ea:
a5:44:a5:9c:fd:76:0f:34:ba:a1:b0:90:44:f8:a3:
02:7f:3b:07:92:6a:14:e9:94:ca:24:d5:9c:09:20:
36:27:f3:6d:a6:c8:71:21:e2:b5:11:cc:0e:d3:33:
73:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:F0:DF:AA:2C:9D:80:08:71:3B:D8:F4:B3:10:9D:14:AB:48:90:A7
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/_PDfqiydgAhxO9j0sxCdFKtIkKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
34:ac:1d:ca:c9:a9:76:11:4c:50:de:45:23:a9:bc:96:06:36:
f1:fc:f3:1d:dd:96:ab:77:e1:ca:82:56:30:87:f3:e5:3b:8b:
ca:05:1a:0f:8a:d9:8f:d5:e1:85:aa:29:4e:00:1b:39:ca:f8:
11:7e:36:7c:38:c1:95:f2:e9:d4:0e:a0:35:c3:84:70:e9:4e:
0c:86:27:82:ef:73:e6:45:78:1a:7d:74:40:fe:b3:f7:83:47:
c3:32:87:87:15:5c:2e:10:7b:d0:08:5e:63:59:cc:3b:1d:0f:
a3:93:06:2f:b3:99:f7:40:be:f0:04:b9:f7:8b:72:61:af:6c:
cc:58:d3:09:9f:18:37:3c:e9:ea:ae:d3:ee:e4:20:30:5b:a4:
53:fc:8f:b9:fa:96:eb:84:1c:6b:8a:46:8f:70:e8:98:4c:b0:
ff:8c:5e:79:e4:4e:73:be:29:0c:56:39:a8:e4:b8:87:e5:f3:
b6:03:5e:85:f8:3d:0e:84:ca:1b:04:17:74:71:54:68:4e:fc:
a3:d9:10:1c:06:ff:da:cc:5f:17:82:92:86:5e:85:14:0a:bc:
d1:4c:82:a2:f1:c4:40:9c:81:58:15:1c:cf:62:a5:2a:9c:79:
b4:1c:6c:40:37:f1:e7:6f:d3:48:bd:fd:9f:31:da:f8:69:a8:
2a:95:b5:89
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQiH3t3vr+jE+8wBp8mbb8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjUwMTAxMTM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2YwZGZhYTJjOWQ4MDA4NzEzYmQ4ZjRiMzEwOWQxNGFiNDg5MGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7aoaEOikZd3/DeTtOhNsfz4SnWID
FZrr97xTRIG0PzVhzqfIQ7gVubO2QLxqH38OQ3nE/lXDZW3dKO86tO0DbjbyyOch
O5N1F4ezhYVbgtGOGUFRNGrriliQ55wBYDvplz4pV0rbhjIdTHVXTB1Snhs3c4el
OC1rWRGpVPvS79dxo2sFZomIWKzIzjDiBU2/n0E7xCbVFaWxmOsP4WRj+jHDVoDz
gscrj3r5rdWiUWGKzxmXw+EgEG0PCUqcVubtAVCkskg8vRSza5AFfeDMy+qlRKWc
/XYPNLqhsJBE+KMCfzsHkmoU6ZTKJNWcCSA2J/NtpshxIeK1EcwO0zNzIQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPzw36osnYAIcTvY9LMQnRSrSJCnMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvX1BEZnFpeWRnQWh4TzlqMHN4Q2RGS3RJa0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEANKwd
ysmpdhFMUN5FI6m8lgY28fzzHd2Wq3fhyoJWMIfz5TuLygUaD4rZj9XhhaopTgAb
Ocr4EX42fDjBlfLp1A6gNcOEcOlODIYngu9z5kV4Gn10QP6z94NHwzKHhxVcLhB7
0AheY1nMOx0Po5MGL7OZ90C+8AS594tyYa9szFjTCZ8YNzzp6q7T7uQgMFukU/yP
ufqW64Qca4pGj3DomEyw/4xeeeROc74pDFY5qOS4h+XztgNehfg9DoTKGwQXdHFU
aE78o9kQHAb/2sxfF4KShl6FFAq80UyCovHEQJyBWBUcz2KlKpx5tBxsQDfx52/T
SL39nzHa+GmoKpW1iQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:36:47 2025 by rpki-client