Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/sT64_r4WthvCyzVyB3E-Psv_afc.roa
File: sT64_r4WthvCyzVyB3E-Psv_afc.roa (raw, json)
Hash identifier: JV3KmP839OiGVkSCgS8tVdnI3cJc0KWSQvX/RcZE/68=
Subject key identifier: B1:3E:B8:FE:BE:16:B6:1B:C2:CB:35:72:07:71:3E:3E:CB:FF:69:F7
Certificate issuer: /CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Certificate serial: 01973AF52443E00CAB75DE4649A5A35D42FA
Authority key identifier: 17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/sT64_r4WthvCyzVyB3E-Psv_afc.roa
Signing time: Wed 04 Jun 2025 12:40:33 +0000
ROA not before: Wed 04 Jun 2025 12:40:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204383
IP address blocks: 77.78.77.0/24 maxlen: 24
77.78.78.0/23 maxlen: 23
77.78.94.0/24 maxlen: 24
77.78.112.0/22 maxlen: 22
77.78.116.0/23 maxlen: 23
81.0.230.0/24 maxlen: 24
81.0.242.0/23 maxlen: 23
82.208.4.0/23 maxlen: 23
82.208.26.0/24 maxlen: 24
82.208.32.0/23 maxlen: 23
82.208.60.0/22 maxlen: 22
85.239.253.0/24 maxlen: 24
109.123.206.0/23 maxlen: 23
109.123.208.0/23 maxlen: 23
217.11.232.0/23 maxlen: 23
217.11.243.0/24 maxlen: 24
217.11.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.mft
rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:f5:24:43:e0:0c:ab:75:de:46:49:a5:a3:5d:42:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174847f8667d52fa2cf9cf9afcc43a07915575ca
Validity
Not Before: Jun 4 12:40:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b13eb8febe16b61bc2cb357207713e3ecbff69f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8e:9e:50:04:72:a4:9c:8a:67:68:fc:b5:90:
60:41:f6:c2:53:6d:db:01:4e:ee:61:e8:63:b9:7a:
5f:17:fd:9e:2d:95:75:e3:5e:77:94:08:cd:69:c8:
59:0d:75:5e:1a:c7:b2:e0:0b:3a:5e:5c:e8:5a:0d:
a6:1e:08:1a:a5:f1:fd:c5:36:c0:8d:64:b1:f0:fc:
3e:cd:2a:f8:4c:1b:3f:86:7b:9d:b8:47:7f:27:13:
03:f8:dd:a7:c9:32:92:e4:7a:c3:b8:3e:e1:87:f7:
17:a0:35:49:0b:57:c3:6b:38:23:50:d4:c9:f9:c6:
42:c8:98:6f:d8:66:4a:29:30:45:0a:7b:2d:76:b3:
52:87:27:f0:05:20:70:7b:10:43:ac:07:4c:eb:d4:
6b:3d:2f:0b:ee:33:d7:ca:93:5a:6b:0e:56:5f:e3:
d2:f5:be:5d:97:5d:54:4d:36:da:35:62:d2:56:ec:
75:be:2f:02:ec:c2:b8:0e:aa:93:69:d1:3c:3c:81:
2b:26:90:ab:69:db:3e:f3:f7:dd:96:a1:e1:57:52:
6e:87:28:41:65:ef:3f:77:52:d6:73:ae:be:b7:a4:
31:20:36:23:b1:cd:6f:6f:7c:06:1f:d4:4d:27:ab:
10:e1:58:b1:d2:75:79:8f:ce:79:3c:3d:8e:59:81:
8e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3E:B8:FE:BE:16:B6:1B:C2:CB:35:72:07:71:3E:3E:CB:FF:69:F7
X509v3 Authority Key Identifier:
keyid:17:48:47:F8:66:7D:52:FA:2C:F9:CF:9A:FC:C4:3A:07:91:55:75:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/sT64_r4WthvCyzVyB3E-Psv_afc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/72cc4a-2d9c-4808-823e-1454ffe6182c/1/F0hH-GZ9Uvos-c-a_MQ6B5FVdco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.77.0-77.78.79.255
77.78.94.0/24
77.78.112.0-77.78.117.255
81.0.230.0/24
81.0.242.0/23
82.208.4.0/23
82.208.26.0/24
82.208.32.0/23
82.208.60.0/22
85.239.253.0/24
109.123.206.0-109.123.209.255
217.11.232.0/23
217.11.243.0/24
217.11.246.0/23
Signature Algorithm: sha256WithRSAEncryption
99:15:99:5e:a9:f0:f5:f6:91:27:49:7c:14:44:08:ab:b8:27:
4a:28:d3:4d:79:8a:16:3b:0b:e8:39:2d:27:31:33:eb:4e:84:
fa:c2:8d:4b:d2:2a:33:23:c5:7c:c2:af:e3:07:4d:ee:aa:fd:
27:50:07:01:8d:34:0d:4f:d4:11:07:48:ea:aa:3a:03:c2:d8:
e9:50:e1:ab:d4:91:81:b2:b2:fc:9f:63:24:eb:ca:71:50:c0:
59:4d:ff:16:05:ee:5c:30:1e:3e:17:e3:b2:08:0c:6b:2e:30:
a6:1d:b7:3b:27:f8:fa:68:5f:4c:2c:19:71:8b:a3:dd:b1:91:
d5:e2:2c:c5:4b:48:2e:07:80:11:e6:a7:d8:ad:53:37:5e:d4:
52:3c:ad:5f:1b:03:bc:92:23:59:f6:70:fc:ff:0a:fc:ab:10:
b8:02:24:34:3e:5f:38:b3:57:5f:4c:97:a6:46:e1:a8:2c:9b:
86:6e:6d:3c:1b:4d:d1:4b:d2:bd:fb:e3:07:fc:a3:34:df:bd:
01:8c:56:05:31:96:72:d3:40:b0:31:81:49:35:74:92:32:17:
dd:79:a3:69:52:c8:df:29:88:6d:88:51:7e:d2:90:8b:b6:81:
35:df:e8:50:21:1e:06:d4:d9:c3:d8:00:cc:fe:e8:8f:40:c8:
64:e6:42:48
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZc69SRD4Ayrdd5GSaWjXUL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDg0N2Y4NjY3ZDUyZmEyY2Y5Y2Y5YWZjYzQzYTA3OTE1
NTc1Y2EwHhcNMjUwNjA0MTI0MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNlYjhmZWJlMTZiNjFiYzJjYjM1NzIwNzcxM2UzZWNiZmY2OWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA246eUARypJyKZ2j8tZBgQfbCU23b
AU7uYehjuXpfF/2eLZV14153lAjNachZDXVeGsey4As6XlzoWg2mHggapfH9xTbA
jWSx8Pw+zSr4TBs/hnuduEd/JxMD+N2nyTKS5HrDuD7hh/cXoDVJC1fDazgjUNTJ
+cZCyJhv2GZKKTBFCnstdrNShyfwBSBwexBDrAdM69RrPS8L7jPXypNaaw5WX+PS
9b5dl11UTTbaNWLSVux1vi8C7MK4DqqTadE8PIErJpCrads+8/fdlqHhV1JuhyhB
Ze8/d1LWc66+t6QxIDYjsc1vb3wGH9RNJ6sQ4Vix0nV5j855PD2OWYGO0wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFLE+uP6+FrYbwss1cgdxPj7L/2n3MB8GA1UdIwQY
MBaAFBdIR/hmfVL6LPnPmvzEOgeRVXXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2Ut
MTQ1NGZmZTYxODJjLzEvc1Q2NF9yNFd0aHZDeXpWeUIzRS1Qc3ZfYWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My83MmNjNGEtMmQ5Yy00ODA4LTgyM2UtMTQ1NGZmZTYxODJj
LzEvRjBoSC1HWjlVdm9zLWMtYV9NUTZCNUZWZGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbDAMAwQATU5N
AwQETU5AAwQATU5eMAwDBARNTnADBAFNTnQDBABRAOYDBAFRAPIDBAFS0AQDBABS
0BoDBAFS0CADBAJS0DwDBABV7/0wDAMEAW17zgMEAW170AMEAdkL6AMEANkL8wME
AdkL9jANBgkqhkiG9w0BAQsFAAOCAQEAmRWZXqnw9faRJ0l8FEQIq7gnSijTTXmK
FjsL6DktJzEz606E+sKNS9IqMyPFfMKv4wdN7qr9J1AHAY00DU/UEQdI6qo6A8LY
6VDhq9SRgbKy/J9jJOvKcVDAWU3/FgXuXDAePhfjsggMay4wph23Oyf4+mhfTCwZ
cYuj3bGR1eIsxUtILgeAEean2K1TN17UUjytXxsDvJIjWfZw/P8K/KsQuAIkND5f
OLNXX0yXpkbhqCybhm5tPBtN0UvSvfvjB/yjNN+9AYxWBTGWctNAsDGBSTV0kjIX
3XmjaVLI3ymIbYhRftKQi7aBNd/oUCEeBtTZw9gAzP7oj0DIZOZCSA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 05:59:37 2025 by rpki-client