Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/D1ApEIwb1kjfyIq9DKRzPBBfvvY.roa
File: D1ApEIwb1kjfyIq9DKRzPBBfvvY.roa (raw, json)
Hash identifier: xg03oxBmRY8/OHWbSAoqzOUqsR3adUdWhS3XjYzzmwE=
Subject key identifier: 0F:50:29:10:8C:1B:D6:48:DF:C8:8A:BD:0C:A4:73:3C:10:5F:BE:F6
Certificate issuer: /CN=32bdecf2b1a410f6523c20e630826709cb6dac19
Certificate serial: 01942444CFB30581795F2CA476B247F731E7
Authority key identifier: 32:BD:EC:F2:B1:A4:10:F6:52:3C:20:E6:30:82:67:09:CB:6D:AC:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mr3s8rGkEPZSPCDmMIJnCcttrBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/D1ApEIwb1kjfyIq9DKRzPBBfvvY.roa
Signing time: Wed 01 Jan 2025 23:47:56 +0000
ROA not before: Wed 01 Jan 2025 23:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42189
IP address blocks: 77.240.96.0/20 maxlen: 24
185.115.8.0/22 maxlen: 24
2a00:1aa8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/Mr3s8rGkEPZSPCDmMIJnCcttrBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/Mr3s8rGkEPZSPCDmMIJnCcttrBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mr3s8rGkEPZSPCDmMIJnCcttrBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:cf:b3:05:81:79:5f:2c:a4:76:b2:47:f7:31:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32bdecf2b1a410f6523c20e630826709cb6dac19
Validity
Not Before: Jan 1 23:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f5029108c1bd648dfc88abd0ca4733c105fbef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e4:6b:0c:b9:bd:87:bc:d1:f2:f0:83:5f:45:
6c:69:33:40:8c:c0:8b:35:a7:4e:f8:35:13:be:09:
8f:a8:89:e4:29:28:b9:ef:84:b4:d7:6a:f9:c3:13:
57:d8:d9:06:2b:28:7d:ca:b9:b0:1d:70:1d:3f:13:
ff:59:b9:77:1e:3b:84:0b:1f:14:dd:a5:aa:b6:b5:
d3:55:76:43:31:90:7f:35:c3:de:34:20:a9:e9:eb:
f3:34:88:d7:89:c8:1b:86:3c:9f:99:b7:07:f7:2d:
53:ca:e2:7e:1c:9f:6c:c0:62:88:45:11:59:ab:fa:
30:a8:8e:71:7c:b6:80:e4:c0:30:af:df:b1:c6:76:
17:f3:5f:61:26:cd:1f:a3:27:89:a6:4f:5d:e5:2e:
01:d6:b3:67:62:84:0a:25:e7:0a:3d:6b:1e:8f:79:
ac:f6:fb:15:d9:10:a8:ec:1c:84:51:62:42:5a:a8:
64:48:30:f1:fd:cd:03:66:fc:56:dc:f7:ff:c3:33:
a8:34:72:6b:d8:fa:d6:74:32:91:53:2e:c4:84:6b:
29:e7:ea:11:da:0f:fa:75:b4:6d:ad:f6:d9:4f:f5:
61:dc:06:78:5d:31:76:3d:4b:6e:5c:e1:f8:68:5e:
4d:d6:d7:7f:9f:cc:5c:9c:f1:96:3e:a5:0d:c9:e2:
0c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:50:29:10:8C:1B:D6:48:DF:C8:8A:BD:0C:A4:73:3C:10:5F:BE:F6
X509v3 Authority Key Identifier:
keyid:32:BD:EC:F2:B1:A4:10:F6:52:3C:20:E6:30:82:67:09:CB:6D:AC:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mr3s8rGkEPZSPCDmMIJnCcttrBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/D1ApEIwb1kjfyIq9DKRzPBBfvvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e1544b-1b2c-4ebd-8658-77839eb5f820/1/Mr3s8rGkEPZSPCDmMIJnCcttrBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.96.0/20
185.115.8.0/22
IPv6:
2a00:1aa8::/29
Signature Algorithm: sha256WithRSAEncryption
3e:30:8e:0b:7c:ff:7c:39:d7:d8:b9:7f:ec:14:fa:48:5e:77:
b4:c0:a6:f9:69:3e:3d:ae:59:9e:0f:ef:4c:c7:39:a7:62:2e:
d4:77:0c:b3:ad:83:a6:67:da:4d:5d:be:37:50:88:cd:15:59:
3b:f2:d9:52:20:ad:43:a7:56:ee:fa:c1:c7:6f:89:c8:3b:12:
70:44:9c:30:95:de:66:19:fe:14:0d:a0:4e:44:83:f1:04:3b:
27:b5:06:3a:89:3b:c3:f2:30:da:ef:f6:51:4d:9c:30:58:ee:
a1:0b:ef:77:b3:aa:08:1d:a2:d1:23:57:20:a3:80:74:92:17:
78:74:33:ef:ef:84:b2:a3:ad:41:57:8c:97:b2:b7:dd:b4:1a:
19:e0:d2:59:6c:2a:7b:09:2c:d6:8c:fd:61:2c:ec:d3:29:c9:
a8:02:ef:1d:e0:88:bf:e7:cd:1c:ef:a7:e8:47:8f:e9:fd:ef:
bc:df:39:b8:b0:1a:5b:cc:1b:ec:6e:7c:b3:53:4b:64:c6:57:
f6:cc:d8:c2:7e:13:65:6d:8e:4c:fd:2f:44:88:39:35:4c:9e:
14:10:4a:12:1d:e3:47:c4:47:f4:d9:b8:10:68:8a:25:00:dc:
17:3b:c2:14:b4:57:02:a1:d3:3b:ae:a9:b7:5f:25:c3:4b:01:
74:1a:01:f6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQkRM+zBYF5XyykdrJH9zHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYmRlY2YyYjFhNDEwZjY1MjNjMjBlNjMwODI2NzA5Y2I2
ZGFjMTkwHhcNMjUwMTAxMjM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjUwMjkxMDhjMWJkNjQ4ZGZjODhhYmQwY2E0NzMzYzEwNWZiZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ORrDLm9h7zR8vCDX0VsaTNAjMCL
NadO+DUTvgmPqInkKSi574S012r5wxNX2NkGKyh9yrmwHXAdPxP/Wbl3HjuECx8U
3aWqtrXTVXZDMZB/NcPeNCCp6evzNIjXicgbhjyfmbcH9y1TyuJ+HJ9swGKIRRFZ
q/owqI5xfLaA5MAwr9+xxnYX819hJs0foyeJpk9d5S4B1rNnYoQKJecKPWsej3ms
9vsV2RCo7ByEUWJCWqhkSDDx/c0DZvxW3Pf/wzOoNHJr2PrWdDKRUy7EhGsp5+oR
2g/6dbRtrfbZT/Vh3AZ4XTF2PUtuXOH4aF5N1td/n8xcnPGWPqUNyeIMGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFA9QKRCMG9ZI38iKvQykczwQX772MB8GA1UdIwQY
MBaAFDK97PKxpBD2Ujwg5jCCZwnLbawZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXIzczhyR2tFUFpTUENEbU1JSm5DY3R0ckJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTU0NGItMWIyYy00ZWJkLTg2NTgt
Nzc4MzllYjVmODIwLzEvRDFBcEVJd2Ixa2pmeUlxOURLUnpQQkJmdnZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTU0NGItMWIyYy00ZWJkLTg2NTgtNzc4MzllYjVmODIw
LzEvTXIzczhyR2tFUFpTUENEbU1JSm5DY3R0ckJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfBgAwQC
uXMIMA0EAgACMAcDBQMqABqoMA0GCSqGSIb3DQEBCwUAA4IBAQA+MI4LfP98OdfY
uX/sFPpIXne0wKb5aT49rlmeD+9MxzmnYi7UdwyzrYOmZ9pNXb43UIjNFVk78tlS
IK1Dp1bu+sHHb4nIOxJwRJwwld5mGf4UDaBORIPxBDsntQY6iTvD8jDa7/ZRTZww
WO6hC+93s6oIHaLRI1cgo4B0khd4dDPv74Syo61BV4yXsrfdtBoZ4NJZbCp7CSzW
jP1hLOzTKcmoAu8d4Ii/580c76foR4/p/e+83zm4sBpbzBvsbnyzU0tkxlf2zNjC
fhNlbY5M/S9EiDk1TJ4UEEoSHeNHxEf02bgQaIolANwXO8IUtFcCodM7rqm3XyXD
SwF0GgH2
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:55:46 2025 by rpki-client