Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/9de0VEdjbWo-tUqmz8gijTg6IaE.roa
File: 9de0VEdjbWo-tUqmz8gijTg6IaE.roa (raw, json)
Hash identifier: f2qUpX3qXVm+Q2CbUSag5dNIyDCVc83yVIgmgfZphx0=
Subject key identifier: F5:D7:B4:54:47:63:6D:6A:3E:B5:4A:A6:CF:C8:22:8D:38:3A:21:A1
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 0194BCCE07792C94428D5FC93BA4895F4F27
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/9de0VEdjbWo-tUqmz8gijTg6IaE.roa
Signing time: Fri 31 Jan 2025 14:40:06 +0000
ROA not before: Fri 31 Jan 2025 14:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39134
IP address blocks: 77.73.239.0/24 maxlen: 24
178.236.20.0/24 maxlen: 24
178.236.21.0/24 maxlen: 24
178.236.28.0/24 maxlen: 24
178.236.30.0/24 maxlen: 24
178.236.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 18:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:bc:ce:07:79:2c:94:42:8d:5f:c9:3b:a4:89:5f:4f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 31 14:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5d7b45447636d6a3eb54aa6cfc8228d383a21a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ee:6f:eb:14:60:da:13:2d:9b:52:66:24:ed:
91:79:15:51:a8:ba:1a:8b:f6:5b:ee:10:38:ad:98:
0f:07:76:76:d2:8a:aa:49:fb:57:54:66:9e:fa:b8:
58:33:2d:de:42:7d:91:fe:58:45:c5:81:28:d1:8a:
5a:dc:25:f4:46:00:98:c9:60:08:bf:4d:14:2d:15:
85:2b:4b:33:16:71:70:62:eb:c1:08:63:f3:22:6c:
47:4d:ea:77:6a:df:ca:6c:10:26:ba:c2:ed:af:d5:
8b:28:06:12:59:69:4f:00:99:60:25:eb:e8:62:ab:
08:50:e6:66:0f:bf:14:2e:ad:23:79:4e:28:4b:ed:
8a:d6:91:ca:fb:43:9a:bf:f4:4a:b9:00:0d:d9:17:
b7:75:8d:97:b4:7f:93:81:a3:af:6a:ff:7b:a1:80:
37:27:0e:2c:b4:3f:25:33:4a:2b:b6:4b:f9:a2:77:
75:db:ac:65:b6:58:6f:4c:53:fd:f7:cf:fe:15:e1:
d4:53:98:25:2a:b2:ed:97:9e:80:9a:26:21:3a:13:
46:f4:f8:1a:6a:8b:ba:b3:ae:ea:66:11:ac:a4:af:
11:fc:ec:1d:f8:66:7f:6c:21:fd:62:62:bf:30:31:
47:4b:6b:af:5c:77:e0:77:a8:2a:b9:ed:4d:4f:c3:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D7:B4:54:47:63:6D:6A:3E:B5:4A:A6:CF:C8:22:8D:38:3A:21:A1
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/9de0VEdjbWo-tUqmz8gijTg6IaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.73.239.0/24
178.236.20.0/23
178.236.28.0/24
178.236.30.0/23
Signature Algorithm: sha256WithRSAEncryption
19:c9:80:f3:19:41:5a:63:53:db:15:b5:04:79:fb:b7:6c:ab:
43:79:4c:16:00:34:a1:25:6b:c0:29:2f:cf:70:fa:8e:4b:23:
f2:80:a3:48:4c:26:86:f7:ed:cd:92:cc:44:0c:46:f7:ee:d3:
ed:ab:9b:36:d3:dd:cf:98:d1:cf:1a:c5:4e:3b:1b:10:5e:01:
bb:df:9a:1b:72:10:a7:c0:60:47:91:a0:c0:bd:02:f0:c1:19:
68:76:50:22:d0:74:d0:bf:77:fc:6d:44:3b:3e:8c:81:60:85:
1d:26:ed:0f:ad:cf:1d:e1:0d:b4:19:ef:8b:5d:8c:53:07:52:
13:55:b8:d0:d3:52:93:e7:a6:46:a4:7e:2f:a7:45:fc:46:df:
37:e4:4d:cc:d0:f1:84:b8:04:c2:6f:59:76:bc:e6:26:41:f2:
66:fa:69:3e:19:18:4f:71:b3:4a:d9:1a:89:ef:6e:7a:c5:b2:
97:e1:33:a3:46:b4:2c:a2:5d:00:37:4f:b1:45:cc:36:50:6a:
53:c4:99:a5:24:88:a0:eb:14:30:7f:7e:c7:85:dc:b2:28:c3:
b0:ce:fc:99:d6:8a:97:8f:22:c9:64:e1:de:42:35:91:a6:a6:
23:9e:4a:72:42:86:81:9e:e9:f8:39:95:25:94:c6:b8:04:75:
1c:78:75:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZS8zgd5LJRCjV/JO6SJX08nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjUwMTMxMTQ0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWQ3YjQ1NDQ3NjM2ZDZhM2ViNTRhYTZjZmM4MjI4ZDM4M2EyMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO5v6xRg2hMtm1JmJO2ReRVRqLoa
i/Zb7hA4rZgPB3Z20oqqSftXVGae+rhYMy3eQn2R/lhFxYEo0Ypa3CX0RgCYyWAI
v00ULRWFK0szFnFwYuvBCGPzImxHTep3at/KbBAmusLtr9WLKAYSWWlPAJlgJevo
YqsIUOZmD78ULq0jeU4oS+2K1pHK+0Oav/RKuQAN2Re3dY2XtH+TgaOvav97oYA3
Jw4stD8lM0ortkv5ond126xltlhvTFP998/+FeHUU5glKrLtl56AmiYhOhNG9Pga
aou6s67qZhGspK8R/Owd+GZ/bCH9YmK/MDFHS2uvXHfgd6gque1NT8MGBwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPXXtFRHY21qPrVKps/IIo04OiGhMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvOWRlMFZFZGpiV28tdFVxbXo4Z2lqVGc2SWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUnvAwQB
suwUAwQAsuwcAwQBsuweMA0GCSqGSIb3DQEBCwUAA4IBAQAZyYDzGUFaY1PbFbUE
efu3bKtDeUwWADShJWvAKS/PcPqOSyPygKNITCaG9+3NksxEDEb37tPtq5s2093P
mNHPGsVOOxsQXgG735obchCnwGBHkaDAvQLwwRlodlAi0HTQv3f8bUQ7PoyBYIUd
Ju0Prc8d4Q20Ge+LXYxTB1ITVbjQ01KT56ZGpH4vp0X8Rt835E3M0PGEuATCb1l2
vOYmQfJm+mk+GRhPcbNK2RqJ7256xbKX4TOjRrQsol0AN0+xRcw2UGpTxJmlJIig
6xQwf37HhdyyKMOwzvyZ1oqXjyLJZOHeQjWRpqYjnkpyQoaBnun4OZUllMa4BHUc
eHVo
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:19:07 2025 by rpki-client