Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/WlImTkdj0wNEcwflMaO4AnVa210.roa
File: WlImTkdj0wNEcwflMaO4AnVa210.roa (raw, json)
Hash identifier: zWCGguUKICYgSUBCeaz32D1L+DC9qzh5JbbptYsTHXU=
Subject key identifier: 5A:52:26:4E:47:63:D3:03:44:73:07:E5:31:A3:B8:02:75:5A:DB:5D
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 0194228D6CD363DB20A9B9C5137AF6FB6DC7
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/WlImTkdj0wNEcwflMaO4AnVa210.roa
Signing time: Wed 01 Jan 2025 15:48:01 +0000
ROA not before: Wed 01 Jan 2025 15:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197889
IP address blocks: 77.221.32.0/20 maxlen: 20
77.221.32.0/22 maxlen: 22
77.221.32.0/23 maxlen: 23
77.221.32.0/24 maxlen: 24
77.221.33.0/24 maxlen: 24
77.221.34.0/23 maxlen: 23
77.221.34.0/24 maxlen: 24
77.221.35.0/24 maxlen: 24
77.221.43.0/24 maxlen: 24
77.221.44.0/23 maxlen: 23
77.221.46.0/23 maxlen: 23
77.221.49.0/24 maxlen: 24
77.221.52.0/23 maxlen: 23
77.221.54.0/23 maxlen: 24
77.221.56.0/23 maxlen: 23
77.221.62.0/24 maxlen: 24
2a10:4940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:6c:d3:63:db:20:a9:b9:c5:13:7a:f6:fb:6d:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Jan 1 15:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a52264e4763d303447307e531a3b802755adb5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:cc:67:8e:f1:40:b2:8a:51:ca:59:cc:8d:37:
14:d7:6c:7a:cf:2c:0e:bc:29:b0:ac:be:bc:40:c4:
5f:2c:c1:80:fb:72:be:f1:cb:e2:fe:a2:02:2a:fa:
c6:ff:61:04:42:92:1e:85:3b:67:97:63:d8:9a:74:
d1:bc:cf:d5:89:2f:85:63:09:ee:ef:d3:b1:c6:79:
8c:41:66:c4:16:8c:c5:02:42:ff:88:c8:71:72:db:
18:b7:4f:18:41:01:fc:09:6e:01:86:03:a2:9b:a9:
d7:67:98:f9:f6:81:1f:8b:01:b3:27:5f:56:a7:37:
95:0c:f5:41:37:be:41:e7:7b:a9:90:1d:fd:ee:66:
5b:52:9a:73:1e:7d:8a:b0:fb:0d:4c:35:09:8d:5c:
43:20:b6:9d:97:e8:33:bc:5a:fe:e6:ba:0c:0c:7c:
19:8a:5c:f8:f9:b8:a0:57:b7:d6:38:f5:9a:b3:06:
d9:c7:48:87:3e:eb:6c:bd:10:eb:d3:4a:18:5d:a0:
99:51:7f:35:51:2d:06:0d:8b:e4:7e:1b:9e:06:34:
90:f0:61:30:19:0b:d3:5e:2c:cc:72:61:a4:af:3f:
29:bd:62:d6:13:a5:f4:fe:12:80:18:6a:ef:f3:17:
d2:58:1e:9e:e2:75:68:b4:39:60:44:df:b3:b9:b3:
0d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:52:26:4E:47:63:D3:03:44:73:07:E5:31:A3:B8:02:75:5A:DB:5D
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/WlImTkdj0wNEcwflMaO4AnVa210.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.32.0/20
77.221.49.0/24
77.221.52.0-77.221.57.255
77.221.62.0/24
IPv6:
2a10:4940::/32
Signature Algorithm: sha256WithRSAEncryption
27:53:f1:6e:05:9f:89:bc:e5:73:f6:68:4b:a4:e9:e9:b5:c8:
03:e5:2f:f6:86:59:de:be:0a:00:fc:db:c9:ea:aa:b2:87:7f:
63:3f:e4:23:44:cf:b3:6b:0b:02:75:1f:64:0d:70:97:5c:c7:
be:14:89:7b:21:e2:8c:65:6e:60:25:49:20:08:40:9b:f2:b2:
37:7d:4b:fc:84:ab:f6:03:94:15:bf:a6:59:48:46:9a:03:69:
4c:69:25:a8:73:bb:1f:58:3e:4f:20:e9:59:38:cd:62:78:40:
bd:aa:74:9e:94:38:79:f0:5e:72:c6:84:bc:d3:b5:6c:86:d9:
96:e3:14:5f:a5:ed:09:b3:3d:48:8a:36:b1:a2:ed:5d:32:ce:
22:d4:53:30:14:99:5e:7f:ed:c8:bb:9d:00:7c:76:f5:70:c1:
b4:c7:a1:99:a0:20:a3:d5:16:06:3b:b6:4c:3a:5f:66:b5:b1:
f9:fe:e6:30:b0:3c:d3:ea:df:51:0e:af:a7:89:d3:e6:ed:4a:
ad:b1:62:c1:d6:43:2c:53:5f:59:09:14:a1:7b:02:ce:10:75:
ff:1d:cb:22:4e:05:a5:c1:f1:be:54:8f:d5:e2:dc:3b:70:fd:
c9:45:0b:5e:89:57:78:64:2d:b6:d4:94:88:b4:86:b5:db:0b:
26:29:b8:58
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQijWzTY9sgqbnFE3r2+23HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjUwMTAxMTU0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTUyMjY0ZTQ3NjNkMzAzNDQ3MzA3ZTUzMWEzYjgwMjc1NWFkYjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcxnjvFAsopRylnMjTcU12x6zywO
vCmwrL68QMRfLMGA+3K+8cvi/qICKvrG/2EEQpIehTtnl2PYmnTRvM/ViS+FYwnu
79OxxnmMQWbEFozFAkL/iMhxctsYt08YQQH8CW4BhgOim6nXZ5j59oEfiwGzJ19W
pzeVDPVBN75B53upkB397mZbUppzHn2KsPsNTDUJjVxDILadl+gzvFr+5roMDHwZ
ilz4+bigV7fWOPWaswbZx0iHPutsvRDr00oYXaCZUX81US0GDYvkfhueBjSQ8GEw
GQvTXizMcmGkrz8pvWLWE6X0/hKAGGrv8xfSWB6e4nVotDlgRN+zubMNeQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFpSJk5HY9MDRHMH5TGjuAJ1WttdMB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvV2xJbVRrZGowd05FY3dmbE1hTzRBblZhMjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQETd0gAwQA
Td0xMAwDBAJN3TQDBAFN3TgDBABN3T4wDQQCAAIwBwMFACoQSUAwDQYJKoZIhvcN
AQELBQADggEBACdT8W4Fn4m85XP2aEuk6em1yAPlL/aGWd6+CgD828nqqrKHf2M/
5CNEz7NrCwJ1H2QNcJdcx74UiXsh4oxlbmAlSSAIQJvysjd9S/yEq/YDlBW/pllI
RpoDaUxpJahzux9YPk8g6Vk4zWJ4QL2qdJ6UOHnwXnLGhLzTtWyG2ZbjFF+l7Qmz
PUiKNrGi7V0yziLUUzAUmV5/7ci7nQB8dvVwwbTHoZmgIKPVFgY7tkw6X2a1sfn+
5jCwPNPq31EOr6eJ0+btSq2xYsHWQyxTX1kJFKF7As4Qdf8dyyJOBaXB8b5Uj9Xi
3Dtw/clFC16JV3hkLbbUlIi0hrXbCyYpuFg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:29 2025 by rpki-client