Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/7XUdeR7Uiqy2nX_SzaBAY10QtF0.roa
File: 7XUdeR7Uiqy2nX_SzaBAY10QtF0.roa (raw, json)
Hash identifier: NZuDg+MfyuXfdZEwhDepOr5DFbg1lkCScWpvXsHFUtQ=
Subject key identifier: ED:75:1D:79:1E:D4:8A:AC:B6:9D:7F:D2:CD:A0:40:63:5D:10:B4:5D
Certificate issuer: /CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Certificate serial: 0194258F3DB164FA8ABD2FF93E6287447441
Authority key identifier: 8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/7XUdeR7Uiqy2nX_SzaBAY10QtF0.roa
Signing time: Thu 02 Jan 2025 05:48:51 +0000
ROA not before: Thu 02 Jan 2025 05:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55081
IP address blocks: 185.239.172.0/22 maxlen: 22
2a0c:5c80::/32 maxlen: 32
2a0c:5c81::/32 maxlen: 32
2a0c:5c82::/32 maxlen: 32
2a0c:5c83::/32 maxlen: 32
2a0c:5c84::/32 maxlen: 32
2a0c:5c85::/32 maxlen: 32
2a0c:5c86::/32 maxlen: 32
2a0c:5c87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 07:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:3d:b1:64:fa:8a:bd:2f:f9:3e:62:87:44:74:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f281090c400a56166fc88b4f37a5cbaed2185f0
Validity
Not Before: Jan 2 05:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed751d791ed48aacb69d7fd2cda040635d10b45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:42:a5:34:81:e0:f8:d5:7f:53:07:3b:87:
cc:fa:d3:78:57:73:df:b0:7f:87:a9:c1:8e:d1:76:
24:90:e4:e2:2c:4e:8f:76:75:7c:6e:01:81:60:17:
a8:4f:41:35:5a:0a:b1:5d:81:75:b5:f1:fa:f5:50:
de:a0:e3:59:26:a8:08:dd:7e:fa:c0:f7:7d:95:26:
c2:7b:4e:fa:ef:ec:20:35:13:6f:ec:f1:10:02:7f:
50:33:46:f7:4d:ac:46:37:00:1b:37:68:b3:28:61:
a9:b0:dc:fc:19:0f:cf:23:b9:a7:8f:2a:60:4f:c0:
5c:62:16:aa:b4:d4:f9:dc:ff:b1:8f:7e:f3:64:ed:
1e:1f:7b:f4:7c:49:55:dd:55:a2:bc:54:3e:83:50:
31:5b:d8:46:d4:3a:58:36:70:74:fd:c6:d1:61:9b:
c4:b2:29:30:b8:9f:1f:fd:46:aa:eb:0b:a9:d8:2c:
8f:8d:66:64:1f:b3:50:ed:d3:a3:dc:d8:05:2f:47:
2c:d9:e5:3b:fe:45:31:24:ef:72:d5:a5:5b:8c:56:
d7:f6:37:ee:93:19:ab:60:ec:1f:db:3a:af:f5:a0:
92:cb:02:66:3f:41:c9:ad:64:37:d0:05:92:39:bf:
ed:c1:b1:26:96:32:3d:df:b4:5c:a0:07:b5:eb:50:
68:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:75:1D:79:1E:D4:8A:AC:B6:9D:7F:D2:CD:A0:40:63:5D:10:B4:5D
X509v3 Authority Key Identifier:
keyid:8F:28:10:90:C4:00:A5:61:66:FC:88:B4:F3:7A:5C:BA:ED:21:85:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygQkMQApWFm_Ii083pcuu0hhfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/7XUdeR7Uiqy2nX_SzaBAY10QtF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/3222e2-6456-4c6a-b197-205895961493/1/jygQkMQApWFm_Ii083pcuu0hhfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.172.0/22
IPv6:
2a0c:5c80::/29
Signature Algorithm: sha256WithRSAEncryption
5b:d1:0e:89:56:40:15:fc:1b:f3:e2:bc:23:4b:c3:7d:ac:78:
27:ae:5d:68:3b:e1:f5:7c:c8:5f:c1:a5:27:91:61:bd:4a:59:
75:3b:71:b5:0f:79:8c:5b:a5:7e:72:b0:2a:d3:c9:9c:4f:79:
dd:b3:21:79:8c:81:99:fb:be:5c:d6:00:39:c7:a9:14:77:f7:
94:f1:6c:6a:98:fd:69:b0:f1:45:52:29:30:c5:ee:88:92:a4:
75:bd:26:9b:a0:f1:6f:24:ab:71:a6:35:8c:83:11:33:41:3b:
d7:0f:62:49:59:d5:f8:8b:32:48:39:e8:58:7e:38:71:d9:31:
41:8d:32:3c:79:70:d5:5c:f3:61:87:be:d5:bc:6b:a0:e7:e0:
9a:cd:fe:19:bd:29:41:2b:52:6d:ab:53:75:16:f6:97:4f:9e:
09:bc:3f:97:79:bc:14:dd:02:79:16:a3:65:d4:eb:cd:8b:b4:
e2:ec:c1:29:5b:dc:84:06:36:f0:67:e1:2a:9e:b6:7e:2b:b9:
f9:5a:60:30:30:ba:6d:57:8c:7b:b8:4b:cf:c3:41:6c:26:b9:
01:d1:6e:c4:6c:33:f8:a8:23:b7:29:19:28:6a:47:0d:e1:c6:
0c:aa:7b:28:9d:08:f8:fb:61:43:e8:8e:2e:94:15:17:38:4a:
3f:b1:0c:a1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQljz2xZPqKvS/5PmKHRHRBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgxMDkwYzQwMGE1NjE2NmZjODhiNGYzN2E1Y2JhZWQy
MTg1ZjAwHhcNMjUwMTAyMDU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDc1MWQ3OTFlZDQ4YWFjYjY5ZDdmZDJjZGEwNDA2MzVkMTBiNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvRCpTSB4PjVf1MHO4fM+tN4V3Pf
sH+HqcGO0XYkkOTiLE6PdnV8bgGBYBeoT0E1WgqxXYF1tfH69VDeoONZJqgI3X76
wPd9lSbCe0767+wgNRNv7PEQAn9QM0b3TaxGNwAbN2izKGGpsNz8GQ/PI7mnjypg
T8BcYhaqtNT53P+xj37zZO0eH3v0fElV3VWivFQ+g1AxW9hG1DpYNnB0/cbRYZvE
sikwuJ8f/Uaq6wup2CyPjWZkH7NQ7dOj3NgFL0cs2eU7/kUxJO9y1aVbjFbX9jfu
kxmrYOwf2zqv9aCSywJmP0HJrWQ30AWSOb/twbEmljI937RcoAe161Bo9wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFO11HXke1Iqstp1/0s2gQGNdELRdMB8GA1UdIwQY
MBaAFI8oEJDEAKVhZvyItPN6XLrtIYXwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTct
MjA1ODk1OTYxNDkzLzEvN1hVZGVSN1VpcXkyblhfU3phQkFZMTBRdEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny8zMjIyZTItNjQ1Ni00YzZhLWIxOTctMjA1ODk1OTYxNDkz
LzEvanlnUWtNUUFwV0ZtX0lpMDgzcGN1dTBoaGZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue+sMA0E
AgACMAcDBQMqDFyAMA0GCSqGSIb3DQEBCwUAA4IBAQBb0Q6JVkAV/Bvz4rwjS8N9
rHgnrl1oO+H1fMhfwaUnkWG9Sll1O3G1D3mMW6V+crAq08mcT3ndsyF5jIGZ+75c
1gA5x6kUd/eU8WxqmP1psPFFUikwxe6IkqR1vSaboPFvJKtxpjWMgxEzQTvXD2JJ
WdX4izJIOehYfjhx2TFBjTI8eXDVXPNhh77VvGug5+Cazf4ZvSlBK1Jtq1N1FvaX
T54JvD+XebwU3QJ5FqNl1OvNi7Ti7MEpW9yEBjbwZ+EqnrZ+K7n5WmAwMLptV4x7
uEvPw0FsJrkB0W7EbDP4qCO3KRkoakcN4cYMqnsonQj4+2FD6I4ulBUXOEo/sQyh
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:51:12 2025 by rpki-client