Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/4XJYPiN1fgyY_K6wVqkzO9GGpIo.roa
File: 4XJYPiN1fgyY_K6wVqkzO9GGpIo.roa (raw, json)
Hash identifier: HslWaDijgsXRLbUJY37P5SIKUX/YCI1vBK/fp1leFRU=
Subject key identifier: E1:72:58:3E:23:75:7E:0C:98:FC:AE:B0:56:A9:33:3B:D1:86:A4:8A
Certificate issuer: /CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Certificate serial: 019426D9D69D5F325FF8296D89051F5EC1F5
Authority key identifier: 31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/4XJYPiN1fgyY_K6wVqkzO9GGpIo.roa
Signing time: Thu 02 Jan 2025 11:49:57 +0000
ROA not before: Thu 02 Jan 2025 11:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199422
IP address blocks: 77.95.64.0/22 maxlen: 22
77.95.64.0/23 maxlen: 23
77.95.66.0/23 maxlen: 23
185.92.20.0/24 maxlen: 24
2a03:9180::/32 maxlen: 32
2a03:9180::/33 maxlen: 33
2a03:9180:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d6:9d:5f:32:5f:f8:29:6d:89:05:1f:5e:c1:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=311d62b7fd9fcfc87dfea987515767c838e21bb9
Validity
Not Before: Jan 2 11:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e172583e23757e0c98fcaeb056a9333bd186a48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:59:e4:05:6c:40:44:ea:49:ca:02:bb:80:
f2:91:89:f5:09:80:e2:fe:b3:fd:bd:cb:5a:13:eb:
46:06:4e:92:38:00:9e:68:9d:66:7e:0e:28:d2:96:
cd:cd:71:03:3a:27:14:d0:a6:73:a5:5e:60:be:3c:
32:70:fa:96:ec:71:71:50:02:e3:ae:80:8e:ce:f2:
0c:b7:5c:86:d8:f4:31:4e:9b:45:c7:7c:81:7c:6c:
ee:ae:4b:e9:a8:3a:d2:d5:86:50:09:fd:f7:c3:2a:
14:25:26:6a:36:94:c7:4d:c8:dc:99:56:0d:30:88:
5f:95:3d:e5:82:d5:f0:a5:5d:c3:6a:1a:58:6c:a9:
21:ef:cd:18:10:c7:15:37:39:6b:24:b7:75:60:f2:
0d:fd:ce:f9:d3:11:4c:70:a1:d8:15:6f:57:27:fb:
23:3b:1f:12:d0:a1:28:0b:18:99:ce:60:4d:c3:3a:
79:ac:b3:65:b4:d3:ee:75:20:56:28:23:fa:6b:c4:
5d:01:f9:a9:c4:79:61:78:89:81:7d:85:42:d2:ff:
0b:31:69:4f:f3:de:36:09:2c:b1:6d:7d:0d:ff:4c:
22:fa:f8:e8:9a:81:26:74:d3:c4:10:2f:2c:7b:bf:
99:a0:12:28:c1:a2:f5:6e:09:cc:bd:17:5d:6d:61:
16:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:72:58:3E:23:75:7E:0C:98:FC:AE:B0:56:A9:33:3B:D1:86:A4:8A
X509v3 Authority Key Identifier:
keyid:31:1D:62:B7:FD:9F:CF:C8:7D:FE:A9:87:51:57:67:C8:38:E2:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MR1it_2fz8h9_qmHUVdnyDjiG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/4XJYPiN1fgyY_K6wVqkzO9GGpIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/57688e-a964-4933-8631-850f34906229/1/MR1it_2fz8h9_qmHUVdnyDjiG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.64.0/22
185.92.20.0/24
IPv6:
2a03:9180::/32
Signature Algorithm: sha256WithRSAEncryption
26:72:d5:56:6c:9b:02:18:c6:cd:bd:f3:95:92:67:d0:d1:00:
65:73:07:cb:db:88:0f:72:b6:03:d8:97:d1:31:38:7b:de:ed:
f1:8b:a7:18:f1:c7:0d:e1:91:66:aa:d0:55:c7:cd:3c:84:a0:
89:1f:45:58:f1:7e:1f:63:d8:a3:39:f4:b0:c6:97:fb:6b:63:
5b:36:39:c1:00:c2:f2:63:65:e0:c7:c1:a7:9d:42:5c:d5:f6:
d8:af:72:ec:7f:72:41:1a:30:cd:c7:8f:c9:02:c9:15:21:67:
18:8a:36:bc:48:fb:54:cd:6b:79:2f:5f:c0:00:08:cb:2f:60:
31:4f:00:b3:6a:21:e9:57:7d:8c:4b:e9:8f:9e:90:b7:66:76:
6f:82:9d:45:19:de:f3:76:b3:cb:5e:c6:b4:46:fb:16:6e:7c:
c1:69:55:c0:0f:23:23:d1:ad:93:5f:4f:da:28:dd:f8:4e:00:
20:72:07:41:37:e0:cf:ab:73:29:c3:d7:b5:47:38:21:4f:2f:
97:04:49:d8:4c:32:0a:30:25:9a:9d:4a:05:43:08:c7:24:43:
d5:b4:00:12:33:63:b9:e0:cc:6c:a6:0f:5f:af:11:f9:fe:6e:
4d:b0:bc:de:74:4e:3a:a5:d6:50:cb:2b:e6:5e:2a:2d:21:b5:
36:ab:7e:23
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2dadXzJf+CltiQUfXsH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxMWQ2MmI3ZmQ5ZmNmYzg3ZGZlYTk4NzUxNTc2N2M4Mzhl
MjFiYjkwHhcNMjUwMTAyMTE0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTcyNTgzZTIzNzU3ZTBjOThmY2FlYjA1NmE5MzMzYmQxODZhNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSZZ5AVsQETqScoCu4DykYn1CYDi
/rP9vctaE+tGBk6SOACeaJ1mfg4o0pbNzXEDOicU0KZzpV5gvjwycPqW7HFxUALj
roCOzvIMt1yG2PQxTptFx3yBfGzurkvpqDrS1YZQCf33wyoUJSZqNpTHTcjcmVYN
MIhflT3lgtXwpV3DahpYbKkh780YEMcVNzlrJLd1YPIN/c750xFMcKHYFW9XJ/sj
Ox8S0KEoCxiZzmBNwzp5rLNltNPudSBWKCP6a8RdAfmpxHlheImBfYVC0v8LMWlP
8942CSyxbX0N/0wi+vjomoEmdNPEEC8se7+ZoBIowaL1bgnMvRddbWEWXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOFyWD4jdX4MmPyusFapMzvRhqSKMB8GA1UdIwQY
MBaAFDEdYrf9n8/Iff6ph1FXZ8g44hu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEt
ODUwZjM0OTA2MjI5LzEvNFhKWVBpTjFmZ3lZX0s2d1Zxa3pPOUdHcElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NzY4OGUtYTk2NC00OTMzLTg2MzEtODUwZjM0OTA2MjI5
LzEvTVIxaXRfMmZ6OGg5X3FtSFVWZG55RGppRzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCTV9AAwQA
uVwUMA0EAgACMAcDBQAqA5GAMA0GCSqGSIb3DQEBCwUAA4IBAQAmctVWbJsCGMbN
vfOVkmfQ0QBlcwfL24gPcrYD2JfRMTh73u3xi6cY8ccN4ZFmqtBVx808hKCJH0VY
8X4fY9ijOfSwxpf7a2NbNjnBAMLyY2Xgx8GnnUJc1fbYr3Lsf3JBGjDNx4/JAskV
IWcYija8SPtUzWt5L1/AAAjLL2AxTwCzaiHpV32MS+mPnpC3ZnZvgp1FGd7zdrPL
Xsa0RvsWbnzBaVXADyMj0a2TX0/aKN34TgAgcgdBN+DPq3Mpw9e1RzghTy+XBEnY
TDIKMCWanUoFQwjHJEPVtAASM2O54Mxspg9frxH5/m5NsLzedE46pdZQyyvmXiot
IbU2q34j
-----END CERTIFICATE-----
Generated at Sat Apr 19 03:14:31 2025 by rpki-client