Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/mxOutmmSzZNxuKpcgLVVZu-l64M.roa
File: mxOutmmSzZNxuKpcgLVVZu-l64M.roa (raw, json)
Hash identifier: 9XVkgMijFdMAyjZxhpANyJaDNj4FdVCkkG/qmNyFekA=
Subject key identifier: 9B:13:AE:B6:69:92:CD:93:71:B8:AA:5C:80:B5:55:66:EF:A5:EB:83
Certificate issuer: /CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Certificate serial: 019593C275FD211BF4F20CA7E08EA0046844
Authority key identifier: F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/mxOutmmSzZNxuKpcgLVVZu-l64M.roa
Signing time: Fri 14 Mar 2025 08:25:49 +0000
ROA not before: Fri 14 Mar 2025 08:25:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42539
IP address blocks: 77.235.64.0/20 maxlen: 20
77.235.80.0/21 maxlen: 21
77.235.88.0/22 maxlen: 22
77.235.92.0/23 maxlen: 23
77.235.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:93:c2:75:fd:21:1b:f4:f2:0c:a7:e0:8e:a0:04:68:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Validity
Not Before: Mar 14 08:25:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b13aeb66992cd9371b8aa5c80b55566efa5eb83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:44:58:4f:d7:aa:3f:78:57:85:5e:ec:61:81:
f8:c3:63:9d:68:62:f1:2a:ea:33:8d:b6:d0:70:75:
0a:fe:10:15:aa:a5:1b:1c:4f:08:b0:d7:0f:40:5a:
3a:9d:0b:4c:b2:2b:b4:17:24:d9:94:6e:5c:b6:7c:
74:2a:da:48:b8:54:f2:90:f7:d8:77:2a:54:f1:8c:
55:c2:af:01:0e:ad:f3:c2:03:b7:c9:f4:de:23:1f:
f8:bf:e2:fe:3f:0c:c8:78:be:a2:84:18:58:03:33:
bb:fa:22:9a:dd:fa:e2:d2:36:a9:71:9b:39:53:ba:
d9:c9:03:17:9a:a9:7b:36:1d:dc:18:45:d3:01:af:
1c:de:46:53:ea:00:75:e0:3b:8f:1a:26:59:1a:34:
56:b4:f1:5c:c2:40:c4:85:c4:64:91:9e:9e:57:ac:
f7:cf:ba:54:ae:ae:70:ae:79:3f:20:ca:9a:eb:7e:
55:83:b8:39:37:1d:50:4d:24:8f:b3:a0:a1:11:2b:
05:54:10:41:f6:2b:5e:d2:93:ad:1a:65:46:30:d1:
6e:e1:1a:eb:80:eb:eb:f3:8a:7a:1e:14:25:f6:e3:
42:59:cb:33:5b:3e:c4:b5:78:d3:ce:e2:9a:c4:05:
d8:30:c9:d3:f9:d0:37:0e:56:c0:1a:91:03:b5:2f:
2a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:13:AE:B6:69:92:CD:93:71:B8:AA:5C:80:B5:55:66:EF:A5:EB:83
X509v3 Authority Key Identifier:
keyid:F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/mxOutmmSzZNxuKpcgLVVZu-l64M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.64.0-77.235.94.255
Signature Algorithm: sha256WithRSAEncryption
29:d8:65:76:4d:81:ba:e6:8f:97:ca:f6:2e:b7:58:ce:87:72:
d2:aa:72:b6:be:b0:d1:c9:4e:97:a2:84:13:75:f1:c7:fa:17:
4f:56:42:94:d9:3d:ac:5e:9b:b0:7f:80:18:ad:66:ea:a8:d5:
73:b7:3b:c8:0f:37:03:01:68:68:72:81:d6:42:83:4d:53:2c:
b7:b4:8b:0d:f8:c3:f2:84:26:f9:b4:1f:03:ef:ae:ae:ef:32:
96:75:88:ee:01:7a:4c:9c:ac:21:ba:1f:2a:a7:99:d2:9d:a9:
d7:d7:06:74:36:86:0d:1e:de:fd:8c:ba:16:da:7b:fd:31:f7:
cf:39:be:0b:45:45:6b:ef:73:f8:ab:61:a5:4c:5a:7f:26:14:
68:4b:c5:44:d2:ee:38:bd:15:04:32:46:27:39:46:6e:e0:21:
42:7b:03:f6:91:8f:29:c2:ae:b4:71:b5:20:f8:81:10:5d:69:
89:06:85:b5:e4:42:ab:c7:b2:69:b9:a7:cc:df:73:39:84:28:
71:f3:47:f0:be:ec:42:8b:9e:0e:e8:86:b7:9e:4e:d5:42:f4:
e3:6f:a3:ae:fd:2b:10:97:86:a2:52:f9:e7:cd:7b:47:85:92:
0f:2e:31:b1:97:8a:c5:51:9f:10:2b:0f:65:c3:ec:b3:6d:97:
13:98:25:72
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZWTwnX9IRv08gyn4I6gBGhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YWE4YTNlYTk5MTMzMzM5M2YzZWYyYTE4MjI0NTExMjNk
M2VlYzcwHhcNMjUwMzE0MDgyNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjEzYWViNjY5OTJjZDkzNzFiOGFhNWM4MGI1NTU2NmVmYTVlYjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0RYT9eqP3hXhV7sYYH4w2OdaGLx
KuozjbbQcHUK/hAVqqUbHE8IsNcPQFo6nQtMsiu0FyTZlG5ctnx0KtpIuFTykPfY
dypU8YxVwq8BDq3zwgO3yfTeIx/4v+L+PwzIeL6ihBhYAzO7+iKa3fri0japcZs5
U7rZyQMXmql7Nh3cGEXTAa8c3kZT6gB14DuPGiZZGjRWtPFcwkDEhcRkkZ6eV6z3
z7pUrq5wrnk/IMqa635Vg7g5Nx1QTSSPs6ChESsFVBBB9ite0pOtGmVGMNFu4Rrr
gOvr84p6HhQl9uNCWcszWz7EtXjTzuKaxAXYMMnT+dA3DlbAGpEDtS8qAQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJsTrrZpks2TcbiqXIC1VWbvpeuDMB8GA1UdIwQY
MBaAFPmqij6pkTMzk/PvKhgiRREj0+7HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1hcUtQcW1STXpPVDgtOHFHQ0pGRVNQVDdzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2
LTAzOGQ1M2MyM2MzOS8xL214T3V0bW1TelpOeHVLcGNnTFZWWnUtbDY0TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2LTAzOGQ1M2MyM2Mz
OS8xLzEtYXFLUHFtUk16T1Q4LThxR0NKRkVTUFQ3c2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEBk3r
QAMEAE3rXjANBgkqhkiG9w0BAQsFAAOCAQEAKdhldk2BuuaPl8r2LrdYzody0qpy
tr6w0clOl6KEE3Xxx/oXT1ZClNk9rF6bsH+AGK1m6qjVc7c7yA83AwFoaHKB1kKD
TVMst7SLDfjD8oQm+bQfA++uru8ylnWI7gF6TJysIbofKqeZ0p2p19cGdDaGDR7e
/Yy6Ftp7/TH3zzm+C0VFa+9z+KthpUxafyYUaEvFRNLuOL0VBDJGJzlGbuAhQnsD
9pGPKcKutHG1IPiBEF1piQaFteRCq8eyabmnzN9zOYQocfNH8L7sQoueDuiGt55O
1UL042+jrv0rEJeGolL55817R4WSDy4xsZeKxVGfECsPZcPss22XE5glcg==
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:51:29 2025 by rpki-client