Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/fRZWH_M0OyQ2q7C3l2YZBzviPzY.roa
File: fRZWH_M0OyQ2q7C3l2YZBzviPzY.roa (raw, json)
Hash identifier: F07+RgoevJOf1u0ML2Jb2xCzFrPFpbtH07Gxnbmp3Hg=
Subject key identifier: 7D:16:56:1F:F3:34:3B:24:36:AB:B0:B7:97:66:19:07:3B:E2:3F:36
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 0196EE702A7E0137E6FAAA2768A2675872D3
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/fRZWH_M0OyQ2q7C3l2YZBzviPzY.roa
Signing time: Tue 20 May 2025 16:04:10 +0000
ROA not before: Tue 20 May 2025 16:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.230.0/24 maxlen: 24
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
2a02:6601:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ee:70:2a:7e:01:37:e6:fa:aa:27:68:a2:67:58:72:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: May 20 16:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d16561ff3343b2436abb0b7976619073be23f36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:73:f1:5f:56:f9:40:7d:b7:c3:70:3b:77:87:
cb:e2:c5:77:f7:1a:91:40:16:d9:d2:97:74:e9:bc:
54:3d:9c:ea:c3:0f:40:56:73:a1:a9:7e:f8:10:21:
4c:eb:8e:78:91:d2:6f:f3:4e:87:82:54:08:1f:d7:
c4:ef:6a:90:f8:89:c4:ee:cd:f7:03:82:59:bc:50:
27:de:5a:5f:e8:05:93:65:19:f8:b0:39:73:9f:6f:
31:a3:b3:7e:7e:5f:bd:20:e4:20:0a:9f:fc:52:8e:
d0:b5:49:58:e1:5b:c4:1c:c6:b6:1f:6d:51:9f:28:
95:55:ef:30:ee:c3:53:32:e3:45:ea:71:9b:14:20:
53:ee:0f:50:65:f4:d1:cd:45:94:9f:45:2f:f2:d5:
fc:c0:f1:86:1c:e8:08:32:1f:2f:a2:4e:2c:c1:9f:
b2:e5:5e:4c:59:ac:63:c5:55:da:e2:28:ca:b4:cd:
28:f5:84:f1:05:e1:64:95:f1:21:47:65:97:80:73:
32:89:05:68:0d:5b:02:7d:67:02:35:8f:da:5f:06:
d5:11:c8:e5:19:65:ab:ba:23:dd:46:e4:63:5f:53:
96:14:5d:ce:0d:a9:11:4f:0b:bf:3a:29:ae:72:b1:
8c:d3:23:52:22:63:d8:de:b2:c3:72:93:60:49:9d:
4b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:16:56:1F:F3:34:3B:24:36:AB:B0:B7:97:66:19:07:3B:E2:3F:36
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/fRZWH_M0OyQ2q7C3l2YZBzviPzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
6b:0d:98:d4:9e:d3:46:3a:15:c9:c1:9c:5d:a1:d5:1b:b1:21:
94:f0:cf:69:9d:87:76:58:13:83:49:dd:f8:86:62:84:8c:6c:
a8:72:16:8a:63:4b:0a:cf:7d:ef:bd:79:f5:ba:b1:d8:0e:2c:
ab:20:44:59:f4:19:c6:a1:11:a9:62:e4:9a:a0:ae:a2:ee:38:
40:eb:59:cb:2e:83:81:0c:44:05:7f:65:68:7e:75:59:e2:21:
e7:9b:e4:27:c7:58:d5:a8:2b:f4:2c:34:12:c0:0e:a3:3f:3d:
3c:ed:69:ae:f2:ea:0a:df:6a:88:af:b9:56:08:5e:8f:3e:07:
12:3c:ac:75:2b:f7:27:07:7f:03:7a:da:06:38:77:3b:ce:83:
4f:c1:e0:23:36:fa:b0:43:2f:4e:04:ba:2f:83:a8:3a:12:50:
f3:45:92:6f:54:17:4f:97:b2:62:00:79:65:f0:5e:dc:10:6f:
45:20:74:08:e2:84:f1:b1:e1:5d:b2:40:74:f6:18:20:ed:a7:
5b:db:f7:3d:f3:a9:51:bd:42:51:06:12:72:f7:a4:2e:c6:c8:
34:15:13:ee:fc:48:c3:73:a2:14:2b:be:c7:f3:9d:37:61:7a:
15:15:80:e3:49:95:95:6d:4d:38:6e:ba:5d:d6:67:d1:a1:aa:
aa:24:d0:02
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZbucCp+ATfm+qonaKJnWHLTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjUwNTIwMTYwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDE2NTYxZmYzMzQzYjI0MzZhYmIwYjc5NzY2MTkwNzNiZTIzZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXPxX1b5QH23w3A7d4fL4sV39xqR
QBbZ0pd06bxUPZzqww9AVnOhqX74ECFM6454kdJv806HglQIH9fE72qQ+InE7s33
A4JZvFAn3lpf6AWTZRn4sDlzn28xo7N+fl+9IOQgCp/8Uo7QtUlY4VvEHMa2H21R
nyiVVe8w7sNTMuNF6nGbFCBT7g9QZfTRzUWUn0Uv8tX8wPGGHOgIMh8vok4swZ+y
5V5MWaxjxVXa4ijKtM0o9YTxBeFklfEhR2WXgHMyiQVoDVsCfWcCNY/aXwbVEcjl
GWWruiPdRuRjX1OWFF3ODakRTwu/OimucrGM0yNSImPY3rLDcpNgSZ1LIwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFH0WVh/zNDskNquwt5dmGQc74j82MB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvZlJaV0hfTTBPeVEycTdDM2wyWVpCenZpUHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAaw2Y
1J7TRjoVycGcXaHVG7EhlPDPaZ2HdlgTg0nd+IZihIxsqHIWimNLCs9977159bqx
2A4sqyBEWfQZxqERqWLkmqCuou44QOtZyy6DgQxEBX9laH51WeIh55vkJ8dY1agr
9Cw0EsAOoz89PO1prvLqCt9qiK+5Vghejz4HEjysdSv3Jwd/A3raBjh3O86DT8Hg
Izb6sEMvTgS6L4OoOhJQ80WSb1QXT5eyYgB5ZfBe3BBvRSB0COKE8bHhXbJAdPYY
IO2nW9v3PfOpUb1CUQYScvekLsbINBUT7vxIw3OiFCu+x/OdN2F6FRWA40mVlW1N
OG66XdZn0aGqqiTQAg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:00:04 2025 by rpki-client