Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/39XR9gBKQrG6LxG2wzVWL_KkeMU.roa
File: 39XR9gBKQrG6LxG2wzVWL_KkeMU.roa (raw, json)
Hash identifier: mU6/EG59BLaesa87kFWpZhizLk/RVNBRnMmVidKQ8CI=
Subject key identifier: DF:D5:D1:F6:00:4A:42:B1:BA:2F:11:B6:C3:35:56:2F:F2:A4:78:C5
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 0194258F8464DF853E273A02B82AC94BB670
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/39XR9gBKQrG6LxG2wzVWL_KkeMU.roa
Signing time: Thu 02 Jan 2025 05:49:10 +0000
ROA not before: Thu 02 Jan 2025 05:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25500
IP address blocks: 77.47.128.0/17 maxlen: 17
77.47.128.0/21 maxlen: 21
77.47.128.0/24 maxlen: 24
77.47.136.0/22 maxlen: 22
77.47.140.0/23 maxlen: 23
77.47.160.0/20 maxlen: 20
77.47.176.0/23 maxlen: 23
77.47.184.0/21 maxlen: 21
77.47.192.0/20 maxlen: 20
77.47.194.0/24 maxlen: 24
77.47.208.0/23 maxlen: 23
77.47.214.0/23 maxlen: 23
77.47.216.0/21 maxlen: 21
77.47.224.0/20 maxlen: 20
2a02:db0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:84:64:df:85:3e:27:3a:02:b8:2a:c9:4b:b6:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Jan 2 05:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfd5d1f6004a42b1ba2f11b6c335562ff2a478c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:78:e3:1d:8c:bc:be:99:75:ee:5a:e1:d0:27:
ae:8c:89:4e:0f:7c:3b:04:47:e0:bc:9b:94:58:c5:
13:8e:3b:74:95:3e:cc:a6:14:78:07:50:81:73:67:
fa:f9:7e:e9:af:79:82:34:9d:9e:0a:a8:51:b7:43:
5b:c3:6a:08:e6:42:7a:40:8b:26:f0:7b:7c:a3:ed:
87:e4:f5:1a:be:f5:ab:8e:f3:e3:17:1a:37:67:30:
9d:61:93:e6:20:00:6a:5f:d6:87:52:6e:29:52:d7:
70:53:51:05:0a:29:a6:ca:a6:4a:d9:02:83:1e:b2:
62:86:00:64:8e:3a:70:46:6b:c9:ac:96:9e:48:a8:
f4:a1:b9:4c:5b:36:d3:78:ad:49:fe:38:d1:a9:b5:
c9:9a:bb:f5:82:58:f1:15:83:f6:39:43:ee:64:3c:
2c:97:b0:96:f6:d2:aa:05:52:22:e9:c2:d9:32:4e:
c2:b6:66:d0:37:2e:cb:54:6d:69:fb:e4:10:06:52:
ec:73:0e:54:90:28:85:b3:c9:bc:cc:f9:ae:9a:4a:
a0:f2:dd:22:93:8f:c8:64:85:c4:f9:42:27:0f:97:
88:97:19:04:96:85:24:af:00:da:24:a0:af:d3:3f:
39:60:c2:e9:27:fc:a4:81:02:01:9d:da:2a:89:8b:
c5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D5:D1:F6:00:4A:42:B1:BA:2F:11:B6:C3:35:56:2F:F2:A4:78:C5
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/39XR9gBKQrG6LxG2wzVWL_KkeMU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.128.0/17
IPv6:
2a02:db0::/32
Signature Algorithm: sha256WithRSAEncryption
bd:4f:cc:08:02:99:1b:7c:9b:57:c6:c2:ee:32:bb:e3:3e:4f:
ae:cb:bf:30:d2:36:64:6c:26:4f:02:f9:94:ed:be:55:45:e7:
c7:14:37:4a:4f:48:9c:99:60:df:06:2a:ec:43:a2:80:c7:15:
2d:51:1d:5b:6e:fa:94:58:6c:89:21:3a:69:5c:5f:bb:b4:7d:
32:3f:c7:18:b0:bc:73:45:95:88:de:b7:9e:d8:62:be:a9:dc:
76:c1:28:89:80:f4:b0:eb:46:20:61:0d:ed:f5:db:dd:53:8e:
17:c9:3d:00:8c:8c:14:8f:b3:cd:33:a9:25:e6:c3:45:52:52:
c4:83:f1:b1:d8:f6:67:ed:23:88:a4:e8:89:57:3c:10:7d:96:
e4:a2:8e:e6:4a:96:51:78:a1:2a:4e:1f:92:e2:56:2d:ce:cc:
01:fd:e5:84:cc:ea:a0:13:6b:65:47:92:96:87:08:ea:9d:e2:
41:2b:5c:5e:d1:ff:1c:81:49:ec:21:58:90:13:db:66:8e:75:
62:28:7d:b9:b4:49:27:29:98:db:eb:45:c0:cc:26:3f:b2:90:
86:da:3d:63:10:ee:0c:bc:b6:49:d9:63:09:62:31:18:1e:3c:
a4:e6:98:5b:07:41:86:05:3b:9b:a6:4f:a0:ca:e9:d0:a6:6c:
dc:f4:b2:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQlj4Rk34U+JzoCuCrJS7ZwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUwMTAyMDU0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ1ZDFmNjAwNGE0MmIxYmEyZjExYjZjMzM1NTYyZmYyYTQ3OGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnjjHYy8vpl17lrh0CeujIlOD3w7
BEfgvJuUWMUTjjt0lT7MphR4B1CBc2f6+X7pr3mCNJ2eCqhRt0Nbw2oI5kJ6QIsm
8Ht8o+2H5PUavvWrjvPjFxo3ZzCdYZPmIABqX9aHUm4pUtdwU1EFCimmyqZK2QKD
HrJihgBkjjpwRmvJrJaeSKj0oblMWzbTeK1J/jjRqbXJmrv1gljxFYP2OUPuZDws
l7CW9tKqBVIi6cLZMk7CtmbQNy7LVG1p++QQBlLscw5UkCiFs8m8zPmumkqg8t0i
k4/IZIXE+UInD5eIlxkEloUkrwDaJKCv0z85YMLpJ/ykgQIBndoqiYvFdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFN/V0fYASkKxui8RtsM1Vi/ypHjFMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvMzlYUjlnQktRckc2THhHMnd6VldMX0trZU1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHTS+AMA0E
AgACMAcDBQAqAg2wMA0GCSqGSIb3DQEBCwUAA4IBAQC9T8wIApkbfJtXxsLuMrvj
Pk+uy78w0jZkbCZPAvmU7b5VRefHFDdKT0icmWDfBirsQ6KAxxUtUR1bbvqUWGyJ
ITppXF+7tH0yP8cYsLxzRZWI3ree2GK+qdx2wSiJgPSw60YgYQ3t9dvdU44XyT0A
jIwUj7PNM6kl5sNFUlLEg/Gx2PZn7SOIpOiJVzwQfZbkoo7mSpZReKEqTh+S4lYt
zswB/eWEzOqgE2tlR5KWhwjqneJBK1xe0f8cgUnsIViQE9tmjnViKH25tEknKZjb
60XAzCY/spCG2j1jEO4MvLZJ2WMJYjEYHjyk5phbB0GGBTubpk+gyunQpmzc9LI9
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:22:22 2025 by rpki-client