Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jx2qEovhkKTwgBOjeiYi8WdyYfg.roa
File: jx2qEovhkKTwgBOjeiYi8WdyYfg.roa (raw, json)
Hash identifier: UfW/SUWw9yDcDy0T8E9HaCN8oWwqL+qv36e/5F2LMVc=
Subject key identifier: 8F:1D:AA:12:8B:E1:90:A4:F0:80:13:A3:7A:26:22:F1:67:72:61:F8
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 0194222005D30B7D542E0B1414DC9CC3F26A
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jx2qEovhkKTwgBOjeiYi8WdyYfg.roa
Signing time: Wed 01 Jan 2025 13:48:31 +0000
ROA not before: Wed 01 Jan 2025 13:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212496
IP address blocks: 77.83.245.0/24 maxlen: 24
185.24.109.0/24 maxlen: 24
185.58.114.0/24 maxlen: 24
185.73.183.0/24 maxlen: 24
185.75.135.0/24 maxlen: 24
185.76.240.0/24 maxlen: 24
185.76.241.0/24 maxlen: 24
185.76.242.0/24 maxlen: 24
185.76.243.0/24 maxlen: 24
185.95.230.0/24 maxlen: 24
185.97.79.0/24 maxlen: 24
185.100.159.0/24 maxlen: 24
185.104.148.0/24 maxlen: 24
185.105.47.0/24 maxlen: 24
185.111.25.0/24 maxlen: 24
185.112.59.0/24 maxlen: 24
185.168.208.0/24 maxlen: 24
185.177.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 06:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:05:d3:0b:7d:54:2e:0b:14:14:dc:9c:c3:f2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jan 1 13:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f1daa128be190a4f08013a37a2622f1677261f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:23:a7:e8:cf:4e:e2:86:76:94:39:97:8e:
f3:da:54:58:c7:7b:bc:be:9b:d1:9b:48:e7:44:fd:
e3:d8:64:6b:28:d7:62:8a:e6:2c:b1:3a:da:c5:6e:
90:96:3e:3c:2a:73:73:8e:98:61:31:38:7c:80:b2:
39:ca:4b:2b:e9:f6:57:7e:62:5d:01:4c:88:28:8e:
52:7e:8d:4a:9c:9e:55:65:d2:f8:a0:fc:06:45:82:
0c:c1:38:8e:f1:cc:53:9f:d8:aa:d8:e4:39:8c:4a:
05:54:04:70:70:48:97:76:ce:24:07:dd:85:5f:1a:
c4:74:71:fe:bd:89:44:b3:59:ac:03:1c:2b:8a:5d:
b6:48:e1:47:ca:80:f7:12:7c:9a:7b:aa:cc:c1:b7:
8f:55:90:48:47:ef:a4:a6:a6:a3:bc:57:5f:f7:79:
ce:41:0a:98:42:84:65:19:18:0e:30:9b:e8:77:f9:
8a:56:2a:56:46:08:6e:ed:0d:75:68:c3:44:02:48:
94:cc:db:6b:04:83:00:5a:0a:40:1b:47:ed:b0:89:
c6:c3:5c:e1:9b:d6:51:1e:26:25:60:d2:eb:a1:12:
b7:6b:4b:af:55:85:eb:98:87:45:1e:ed:5d:c7:11:
db:5a:91:ac:3b:25:37:d1:32:c9:29:72:b5:46:96:
1b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:1D:AA:12:8B:E1:90:A4:F0:80:13:A3:7A:26:22:F1:67:72:61:F8
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jx2qEovhkKTwgBOjeiYi8WdyYfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.245.0/24
185.24.109.0/24
185.58.114.0/24
185.73.183.0/24
185.75.135.0/24
185.76.240.0/22
185.95.230.0/24
185.97.79.0/24
185.100.159.0/24
185.104.148.0/24
185.105.47.0/24
185.111.25.0/24
185.112.59.0/24
185.168.208.0/24
185.177.238.0/24
Signature Algorithm: sha256WithRSAEncryption
09:8a:f5:a4:82:b3:f9:ca:d4:6f:a7:d6:cf:fd:c4:7e:ab:50:
b9:2e:90:0a:ca:50:d2:cd:da:1a:c7:2e:80:0d:09:d4:5f:02:
e5:6c:ac:76:4c:9b:c6:84:80:d2:8b:be:79:06:fc:c8:8f:bb:
d0:6a:59:28:7d:68:3f:92:09:25:0f:6b:30:18:f1:21:bb:4f:
d0:18:ff:3c:4a:d2:64:66:8d:a8:fd:99:9d:14:80:ed:ad:01:
5c:c9:0a:4b:f7:be:bd:fa:ce:f3:39:28:ea:93:2c:07:aa:c4:
57:8c:db:c3:b6:e3:b0:83:02:0c:5c:9e:8d:c3:1d:40:d0:b8:
4b:80:a6:01:6b:af:02:2c:5b:60:24:8b:8b:fb:f4:ee:04:92:
1a:2d:a8:61:66:8e:47:de:4c:e3:4d:76:97:15:13:fc:3b:6c:
26:aa:39:44:90:a0:5e:c8:3e:22:ee:26:c2:52:da:ac:e5:b5:
c0:a6:67:93:4c:1a:9e:8c:f9:b4:5f:3e:1d:b0:cc:be:8a:13:
48:15:09:4f:c4:e0:db:31:85:ce:03:18:4d:db:5f:2e:46:cf:
af:4d:6d:aa:47:45:3a:2d:d0:1b:87:3d:d4:64:84:84:5f:ad:
b2:6a:5c:94:92:08:dd:d5:f0:61:44:5b:a5:f4:da:c0:98:8e:
a1:e6:55:9c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZQiIAXTC31ULgsUFNycw/JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwMTAxMTM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjFkYWExMjhiZTE5MGE0ZjA4MDEzYTM3YTI2MjJmMTY3NzI2MWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhAjp+jPTuKGdpQ5l47z2lRYx3u8
vpvRm0jnRP3j2GRrKNdiiuYssTraxW6Qlj48KnNzjphhMTh8gLI5yksr6fZXfmJd
AUyIKI5Sfo1KnJ5VZdL4oPwGRYIMwTiO8cxTn9iq2OQ5jEoFVARwcEiXds4kB92F
XxrEdHH+vYlEs1msAxwril22SOFHyoD3Enyae6rMwbePVZBIR++kpqajvFdf93nO
QQqYQoRlGRgOMJvod/mKVipWRghu7Q11aMNEAkiUzNtrBIMAWgpAG0ftsInGw1zh
m9ZRHiYlYNLroRK3a0uvVYXrmIdFHu1dxxHbWpGsOyU30TLJKXK1RpYbDwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFI8dqhKL4ZCk8IATo3omIvFncmH4MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvangycUVvdmhrS1R3Z0JPamVpWWk4V2R5WWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQATVP1AwQA
uRhtAwQAuTpyAwQAuUm3AwQAuUuHAwQCuUzwAwQAuV/mAwQAuWFPAwQAuWSfAwQA
uWiUAwQAuWkvAwQAuW8ZAwQAuXA7AwQAuajQAwQAubHuMA0GCSqGSIb3DQEBCwUA
A4IBAQAJivWkgrP5ytRvp9bP/cR+q1C5LpAKylDSzdoaxy6ADQnUXwLlbKx2TJvG
hIDSi755BvzIj7vQalkofWg/kgklD2swGPEhu0/QGP88StJkZo2o/ZmdFIDtrQFc
yQpL9769+s7zOSjqkywHqsRXjNvDtuOwgwIMXJ6Nwx1A0LhLgKYBa68CLFtgJIuL
+/TuBJIaLahhZo5H3kzjTXaXFRP8O2wmqjlEkKBeyD4i7ibCUtqs5bXApmeTTBqe
jPm0Xz4dsMy+ihNIFQlPxODbMYXOAxhN218uRs+vTW2qR0U6LdAbhz3UZISEX62y
alyUkgjd1fBhRFul9NrAmI6h5lWc
-----END CERTIFICATE-----
Generated at Thu Apr 10 10:26:48 2025 by rpki-client