Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/nHMt9tnZDRx6m3JgaG-0g5rC0g0.roa
File: nHMt9tnZDRx6m3JgaG-0g5rC0g0.roa (raw, json)
Hash identifier: 1doY6wOIAWaSvtGgJud3474i9gzt/qEdhjfPhIJDXfE=
Subject key identifier: 9C:73:2D:F6:D9:D9:0D:1C:7A:9B:72:60:68:6F:B4:83:9A:C2:D2:0D
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 01942825B110C7BB8455589B32E2E156C6F9
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/nHMt9tnZDRx6m3JgaG-0g5rC0g0.roa
Signing time: Thu 02 Jan 2025 17:52:26 +0000
ROA not before: Thu 02 Jan 2025 17:52:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13306
IP address blocks: 77.76.150.0/23 maxlen: 23
77.76.176.0/22 maxlen: 22
89.106.101.0/24 maxlen: 24
89.106.102.0/23 maxlen: 23
89.106.104.0/23 maxlen: 23
89.106.107.0/24 maxlen: 24
89.106.108.0/23 maxlen: 23
89.106.127.0/24 maxlen: 24
109.107.70.0/23 maxlen: 23
178.75.252.0/22 maxlen: 22
188.124.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:b1:10:c7:bb:84:55:58:9b:32:e2:e1:56:c6:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Jan 2 17:52:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c732df6d9d90d1c7a9b7260686fb4839ac2d20d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:75:d0:29:89:a0:33:5a:81:9f:d2:94:87:b9:
f1:fc:f7:fb:be:62:6a:b1:2b:a6:f2:e3:63:5e:ea:
de:be:1c:62:16:a7:02:c9:27:7f:0b:74:3f:1d:7f:
a4:95:ca:2d:f1:b7:fc:6c:52:14:0d:b7:7c:ce:fa:
e8:24:12:2a:c1:1b:f3:19:00:5c:86:7e:bf:e9:6f:
8c:4d:91:54:88:40:6c:20:e6:4c:70:80:d2:81:f0:
11:bf:a6:2b:d2:5f:39:f9:9e:1c:ac:1a:7a:ab:2c:
ee:c8:e4:21:8f:3c:b7:fe:c2:4c:06:a3:0a:1c:7d:
1c:b1:7d:fa:8c:36:56:97:aa:b3:16:51:1c:eb:62:
60:32:d5:d1:03:41:13:3a:1f:16:f8:1a:f1:95:93:
c1:9e:e5:04:bb:e9:c0:cf:cb:81:1a:b6:47:20:5a:
b9:bd:d8:91:d7:00:c8:d8:18:43:a9:93:47:ab:d8:
31:b0:91:53:68:d7:8a:cc:4f:ff:ce:81:39:34:1b:
08:5a:3d:f2:ac:5a:aa:37:af:7c:66:f7:dd:2d:7e:
c9:51:5f:9e:6e:f6:4c:f5:09:87:b6:74:9f:21:8b:
b4:ee:44:20:be:df:7e:72:a3:04:01:fc:20:a3:a0:
82:75:76:cd:aa:70:eb:f6:84:ee:05:6e:f8:60:c2:
68:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:73:2D:F6:D9:D9:0D:1C:7A:9B:72:60:68:6F:B4:83:9A:C2:D2:0D
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/nHMt9tnZDRx6m3JgaG-0g5rC0g0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.150.0/23
77.76.176.0/22
89.106.101.0-89.106.105.255
89.106.107.0-89.106.109.255
89.106.127.0/24
109.107.70.0/23
178.75.252.0/22
188.124.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:b1:ce:19:00:8e:32:b3:f0:32:dc:7d:ef:80:75:d4:25:9e:
76:34:aa:69:2c:08:46:b7:07:c0:3b:2d:ce:f8:bb:cc:09:9d:
ce:1c:c6:cf:67:1f:6e:68:ed:20:53:1e:87:a2:91:8f:ae:c5:
40:b3:6b:c9:15:35:04:2a:ea:7f:57:af:c7:fd:c5:51:84:f0:
17:b4:98:44:bd:18:a9:ca:2d:cf:ee:29:dd:9c:be:53:83:81:
b2:1b:a4:a8:cd:30:96:0f:8c:54:92:66:a4:a1:39:7b:ff:b2:
be:58:a7:03:db:51:89:2e:ec:fa:d2:04:4a:1e:99:b6:71:55:
ce:fd:cf:ab:02:bb:18:53:4b:b8:0b:1a:a5:87:5c:a4:f8:a4:
5d:70:bd:d7:e4:d4:a8:49:5b:67:a7:44:b2:20:31:56:6c:1f:
6f:10:74:6b:6b:b5:cc:99:c9:a5:74:ac:96:32:41:3e:60:7c:
b6:95:d4:61:90:bd:dd:dc:78:d1:27:8c:c2:f2:64:08:73:64:
44:63:a6:69:eb:89:c0:2d:ae:2b:6f:28:c5:f8:ad:01:ab:25:
dd:b1:7d:f8:bf:e2:1d:63:26:36:d4:23:ec:2b:02:98:c3:cc:
4a:96:d3:1f:8c:0e:3f:1d:70:c4:a5:73:42:c1:32:a9:62:8f:
25:dc:ba:92
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZQoJbEQx7uEVVibMuLhVsb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjUwMTAyMTc1MjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzczMmRmNmQ5ZDkwZDFjN2E5YjcyNjA2ODZmYjQ4MzlhYzJkMjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHXQKYmgM1qBn9KUh7nx/Pf7vmJq
sSum8uNjXurevhxiFqcCySd/C3Q/HX+klcot8bf8bFIUDbd8zvroJBIqwRvzGQBc
hn6/6W+MTZFUiEBsIOZMcIDSgfARv6Yr0l85+Z4crBp6qyzuyOQhjzy3/sJMBqMK
HH0csX36jDZWl6qzFlEc62JgMtXRA0ETOh8W+BrxlZPBnuUEu+nAz8uBGrZHIFq5
vdiR1wDI2BhDqZNHq9gxsJFTaNeKzE//zoE5NBsIWj3yrFqqN698ZvfdLX7JUV+e
bvZM9QmHtnSfIYu07kQgvt9+cqMEAfwgo6CCdXbNqnDr9oTuBW74YMJoLwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJxzLfbZ2Q0ceptyYGhvtIOawtINMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvbkhNdDl0blpEUng2bTNKZ2FHLTBnNXJDMGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQBTUyWAwQC
TUywMAwDBABZamUDBAFZamgwDAMEAFlqawMEAVlqbAMEAFlqfwMEAW1rRgMEArJL
/AMEArx8XDANBgkqhkiG9w0BAQsFAAOCAQEAXLHOGQCOMrPwMtx974B11CWedjSq
aSwIRrcHwDstzvi7zAmdzhzGz2cfbmjtIFMeh6KRj67FQLNryRU1BCrqf1evx/3F
UYTwF7SYRL0Yqcotz+4p3Zy+U4OBshukqM0wlg+MVJJmpKE5e/+yvlinA9tRiS7s
+tIESh6ZtnFVzv3PqwK7GFNLuAsapYdcpPikXXC91+TUqElbZ6dEsiAxVmwfbxB0
a2u1zJnJpXSsljJBPmB8tpXUYZC93dx40SeMwvJkCHNkRGOmaeuJwC2uK28oxfit
Aasl3bF9+L/iHWMmNtQj7CsCmMPMSpbTH4wOPx1wxKVzQsEyqWKPJdy6kg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:03:41 2025 by rpki-client