Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/m0QV2IP9XDoRAA5Le0Qj5c9ke4w.roa
File: m0QV2IP9XDoRAA5Le0Qj5c9ke4w.roa (raw, json)
Hash identifier: lh4Iy7RKfPfR+hML4ecnQVxkSJBUgKzE07fTUDux0oo=
Subject key identifier: 9B:44:15:D8:83:FD:5C:3A:11:00:0E:4B:7B:44:23:E5:CF:64:7B:8C
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0194274835B882C5C3C2A1D141D4F6895380
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/m0QV2IP9XDoRAA5Le0Qj5c9ke4w.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28064
IP address blocks: 201.77.50.0/24 maxlen: 24
201.77.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:35:b8:82:c5:c3:c2:a1:d1:41:d4:f6:89:53:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b4415d883fd5c3a11000e4b7b4423e5cf647b8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:1a:a4:ac:dd:bc:63:62:90:07:5b:7a:fb:d0:
11:1a:8d:16:e9:85:6a:b1:be:8b:35:75:41:83:33:
39:a7:1d:4d:99:21:bd:d7:9b:77:e2:f1:78:94:dc:
7c:62:38:9f:64:e1:76:2d:2d:f3:b5:18:f2:b0:76:
ce:9f:f4:ba:78:9b:59:62:06:cd:bf:cb:f8:bc:79:
d4:8b:b8:01:b1:53:27:c2:53:4f:ee:32:ce:84:07:
06:5a:9e:c3:a1:73:1f:97:9f:c3:05:31:df:58:97:
42:7a:15:78:2b:a9:fb:1d:95:f1:18:02:83:ee:f2:
61:51:09:97:a8:88:ce:c2:2a:7f:07:04:7d:2d:3e:
92:b6:a2:be:57:56:73:92:44:9b:8b:c5:6e:e0:75:
a5:e6:92:77:b0:b1:3f:1a:07:c9:2d:cc:96:ec:df:
1a:36:70:a9:3f:64:5e:e0:71:45:85:be:37:af:3f:
6a:47:3c:d7:76:09:6b:7c:41:ae:5a:eb:a6:11:30:
55:7e:14:56:e0:81:49:4f:82:2d:9e:2f:49:e5:12:
83:ce:55:d5:b6:97:3d:7b:80:48:3d:b5:12:f2:39:
6a:f3:7b:9a:79:dc:56:b7:b9:a7:e2:af:53:2e:89:
aa:7d:07:4c:62:28:47:c4:bf:1a:56:c0:e4:c3:db:
83:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:44:15:D8:83:FD:5C:3A:11:00:0E:4B:7B:44:23:E5:CF:64:7B:8C
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/m0QV2IP9XDoRAA5Le0Qj5c9ke4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.77.50.0/24
201.77.52.0/24
Signature Algorithm: sha256WithRSAEncryption
09:33:fd:4b:dc:e4:c9:5c:cf:6e:46:9c:5f:c5:aa:7a:cd:24:
d4:32:7e:e8:1d:27:2c:45:2f:54:f8:6e:6d:3c:52:90:cf:4f:
22:11:b8:75:7e:9a:f7:1f:f0:41:b3:05:33:06:d5:56:87:f8:
60:98:93:51:f6:23:89:b8:1a:1d:aa:24:01:34:4c:9d:cc:99:
70:3e:dc:69:68:06:40:ee:00:c2:c0:79:c5:2a:d0:50:b5:e7:
30:3e:23:0e:5d:91:e0:86:16:f8:ee:e4:8c:1a:ec:55:00:7b:
49:27:5c:ba:3d:9f:73:31:fa:91:3b:be:c7:35:d4:e2:c0:5c:
04:5e:35:ea:06:50:6d:a9:9d:95:e9:9a:9a:2b:2d:b1:65:3f:
ea:a5:07:e6:56:13:17:48:5a:4c:5f:4f:9d:1b:95:22:af:7e:
05:ce:51:04:94:ce:5c:4a:4a:18:8e:96:f3:49:bd:6b:7a:d7:
c4:64:46:a4:f1:65:1f:85:bb:31:91:d7:0a:e2:38:0d:a7:e3:
ae:9b:39:9a:ef:48:6d:d5:d6:89:36:5a:0c:9a:ab:fd:bc:95:
41:b6:fd:24:c6:4f:60:e4:19:22:74:8f:3f:b3:f7:75:e8:57:
14:b7:05:5f:30:6f:9f:0d:1e:5d:a0:32:64:17:ff:74:6b:96:
2f:54:b9:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSDW4gsXDwqHRQdT2iVOAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ0MTVkODgzZmQ1YzNhMTEwMDBlNGI3YjQ0MjNlNWNmNjQ3YjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+xqkrN28Y2KQB1t6+9ARGo0W6YVq
sb6LNXVBgzM5px1NmSG915t34vF4lNx8YjifZOF2LS3ztRjysHbOn/S6eJtZYgbN
v8v4vHnUi7gBsVMnwlNP7jLOhAcGWp7DoXMfl5/DBTHfWJdCehV4K6n7HZXxGAKD
7vJhUQmXqIjOwip/BwR9LT6StqK+V1ZzkkSbi8Vu4HWl5pJ3sLE/GgfJLcyW7N8a
NnCpP2Re4HFFhb43rz9qRzzXdglrfEGuWuumETBVfhRW4IFJT4Itni9J5RKDzlXV
tpc9e4BIPbUS8jlq83uaedxWt7mn4q9TLomqfQdMYihHxL8aVsDkw9uDfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtEFdiD/Vw6EQAOS3tEI+XPZHuMMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbTBRVjJJUDlYRG9SQUE1TGUwUWo1YzlrZTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAyU0yAwQA
yU00MA0GCSqGSIb3DQEBCwUAA4IBAQAJM/1L3OTJXM9uRpxfxap6zSTUMn7oHScs
RS9U+G5tPFKQz08iEbh1fpr3H/BBswUzBtVWh/hgmJNR9iOJuBodqiQBNEydzJlw
PtxpaAZA7gDCwHnFKtBQtecwPiMOXZHghhb47uSMGuxVAHtJJ1y6PZ9zMfqRO77H
NdTiwFwEXjXqBlBtqZ2V6ZqaKy2xZT/qpQfmVhMXSFpMX0+dG5Uir34FzlEElM5c
SkoYjpbzSb1retfEZEak8WUfhbsxkdcK4jgNp+Oumzma70ht1daJNloMmqv9vJVB
tv0kxk9g5BkidI8/s/d16FcUtwVfMG+fDR5doDJkF/90a5YvVLm6
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:47:35 2025 by rpki-client