Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/v0zBDXFOccttRX2cT7fDoONDswQ.roa
File: v0zBDXFOccttRX2cT7fDoONDswQ.roa (raw, json)
Hash identifier: 4vPi5VK0C1d8kjVecT9rugkIfwxa9eC7Ww52TXS0hqA=
Subject key identifier: BF:4C:C1:0D:71:4E:71:CB:6D:45:7D:9C:4F:B7:C3:A0:E3:43:B3:04
Certificate issuer: /CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Certificate serial: 019427B48FD82537FE90ACA7CD3A808154D6
Authority key identifier: 71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/v0zBDXFOccttRX2cT7fDoONDswQ.roa
Signing time: Thu 02 Jan 2025 15:48:52 +0000
ROA not before: Thu 02 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203210
IP address blocks: 77.87.73.0/24 maxlen: 24
77.87.74.0/24 maxlen: 24
91.196.48.0/22 maxlen: 22
91.196.48.0/24 maxlen: 24
91.196.49.0/24 maxlen: 24
91.196.50.0/24 maxlen: 24
91.196.51.0/24 maxlen: 24
195.22.124.0/23 maxlen: 23
195.22.124.0/24 maxlen: 24
195.22.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 00:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:8f:d8:25:37:fe:90:ac:a7:cd:3a:80:81:54:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71c1690ef57afcffae73bdb9934309f8b70ebb61
Validity
Not Before: Jan 2 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf4cc10d714e71cb6d457d9c4fb7c3a0e343b304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:3b:11:34:bd:13:e5:0a:5e:f0:9c:ef:ae:53:
7a:ae:aa:37:a6:b7:d5:c2:a9:9f:b3:15:0b:7e:21:
52:92:b3:23:83:0e:30:a7:14:28:c4:dc:bb:b1:37:
5a:93:08:a7:5c:49:c5:55:39:81:b2:f9:06:2e:83:
07:d2:25:fa:2b:f5:e2:16:fd:68:43:c1:66:7f:c4:
d6:a2:af:66:42:51:2b:86:77:fb:63:57:16:22:51:
d6:06:20:a3:1c:20:45:46:0e:b4:4a:75:4c:02:9a:
40:84:4c:3a:98:47:43:fa:fc:11:b0:f1:1e:84:df:
b1:a3:7c:cc:8b:93:f8:93:56:59:17:2d:58:b7:75:
9b:78:a3:0b:0c:8b:0c:5b:85:a3:9e:1d:ab:fd:5a:
da:6a:75:fa:8c:eb:b5:33:c6:04:ac:31:f7:ca:c0:
af:41:10:76:6d:e4:66:7c:0f:f0:ac:ae:ef:31:77:
c7:5e:72:57:ee:0e:46:fc:86:74:c2:10:bd:2f:47:
21:3c:ee:1b:e5:d2:47:23:42:d9:9d:63:38:7f:7f:
98:bf:aa:8a:5d:49:13:ea:e5:3e:d1:f5:26:30:f9:
66:1e:1f:16:7a:1e:bc:57:63:75:a3:25:2d:7e:43:
74:a4:eb:03:f4:41:38:68:55:47:bf:7c:de:7e:f2:
b5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:4C:C1:0D:71:4E:71:CB:6D:45:7D:9C:4F:B7:C3:A0:E3:43:B3:04
X509v3 Authority Key Identifier:
keyid:71:C1:69:0E:F5:7A:FC:FF:AE:73:BD:B9:93:43:09:F8:B7:0E:BB:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ccFpDvV6_P-uc725k0MJ-LcOu2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/v0zBDXFOccttRX2cT7fDoONDswQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/9c70e9-3df3-4bc7-82e6-006e9bb8ed59/1/ccFpDvV6_P-uc725k0MJ-LcOu2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.73.0-77.87.74.255
91.196.48.0/22
195.22.124.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:03:1e:b3:7b:ca:12:1c:0c:71:d1:ec:8a:0b:fd:91:94:4b:
34:c6:8e:04:7d:36:85:93:87:80:fb:a4:d8:ad:07:85:32:94:
98:38:61:fc:de:ee:69:ae:4e:22:a0:a4:62:7d:6b:77:36:82:
48:80:d6:06:63:b5:d3:96:65:70:5a:66:73:b7:e6:af:04:6b:
c9:fa:95:9a:9b:a7:32:86:9e:66:e9:0a:62:d5:c9:e3:b8:c7:
24:4b:ea:14:5e:b6:f2:81:1e:db:43:86:99:70:8e:3f:67:41:
0d:8b:0c:bd:41:d6:d1:7b:bf:93:48:7b:e2:8c:e6:83:c8:8e:
35:95:ca:92:49:2d:5c:fd:63:9d:24:cd:b3:ee:0e:d7:45:a6:
b8:4b:d1:28:a8:38:f3:0f:0f:bb:73:e4:c2:7f:2a:f3:11:1f:
8d:9c:4a:ee:c3:db:02:4e:3c:05:46:6f:42:7d:04:50:e1:23:
9b:f2:21:30:ae:eb:01:ec:a6:79:9b:b8:71:26:8b:41:66:98:
f2:57:1b:4f:0f:f4:0a:5f:15:2c:10:34:84:4a:e9:51:b5:68:
14:73:55:91:bc:65:27:c3:8d:32:df:71:b0:c1:3b:33:00:4a:
f4:43:98:c0:75:b5:4d:e2:04:a1:75:0f:50:1c:9d:ac:aa:54:
87:d4:6b:f6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQntI/YJTf+kKynzTqAgVTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYzE2OTBlZjU3YWZjZmZhZTczYmRiOTkzNDMwOWY4Yjcw
ZWJiNjEwHhcNMjUwMTAyMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjRjYzEwZDcxNGU3MWNiNmQ0NTdkOWM0ZmI3YzNhMGUzNDNiMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jsRNL0T5Qpe8JzvrlN6rqo3prfV
wqmfsxULfiFSkrMjgw4wpxQoxNy7sTdakwinXEnFVTmBsvkGLoMH0iX6K/XiFv1o
Q8Fmf8TWoq9mQlErhnf7Y1cWIlHWBiCjHCBFRg60SnVMAppAhEw6mEdD+vwRsPEe
hN+xo3zMi5P4k1ZZFy1Yt3WbeKMLDIsMW4Wjnh2r/VraanX6jOu1M8YErDH3ysCv
QRB2beRmfA/wrK7vMXfHXnJX7g5G/IZ0whC9L0chPO4b5dJHI0LZnWM4f3+Yv6qK
XUkT6uU+0fUmMPlmHh8Weh68V2N1oyUtfkN0pOsD9EE4aFVHv3zefvK1FwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFL9MwQ1xTnHLbUV9nE+3w6DjQ7MEMB8GA1UdIwQY
MBaAFHHBaQ71evz/rnO9uZNDCfi3DrthMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYt
MDA2ZTliYjhlZDU5LzEvdjB6QkRYRk9jY3R0UlgyY1Q3ZkRvT05Ec3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS85YzcwZTktM2RmMy00YmM3LTgyZTYtMDA2ZTliYjhlZDU5
LzEvY2NGcER2VjZfUC11YzcyNWswTUotTGNPdTJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABNV0kD
BABNV0oDBAJbxDADBAHDFnwwDQYJKoZIhvcNAQELBQADggEBAFoDHrN7yhIcDHHR
7IoL/ZGUSzTGjgR9NoWTh4D7pNitB4UylJg4Yfze7mmuTiKgpGJ9a3c2gkiA1gZj
tdOWZXBaZnO35q8Ea8n6lZqbpzKGnmbpCmLVyeO4xyRL6hRetvKBHttDhplwjj9n
QQ2LDL1B1tF7v5NIe+KM5oPIjjWVypJJLVz9Y50kzbPuDtdFprhL0SioOPMPD7tz
5MJ/KvMRH42cSu7D2wJOPAVGb0J9BFDhI5vyITCu6wHspnmbuHEmi0FmmPJXG08P
9ApfFSwQNIRK6VG1aBRzVZG8ZSfDjTLfcbDBOzMASvRDmMB1tU3iBKF1D1Acnayq
VIfUa/Y=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:47:12 2025 by rpki-client