Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dyZAc8NxmgpIJ7ReLwLtCdf8iuU.roa
File: dyZAc8NxmgpIJ7ReLwLtCdf8iuU.roa (raw, json)
Hash identifier: yzcV6FbEvYdi3FxJ85d1AG7eZonaFrOWx4BQurNQcLA=
Subject key identifier: 77:26:40:73:C3:71:9A:0A:48:27:B4:5E:2F:02:ED:09:D7:FC:8A:E5
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 0195EBEB2087DBF2F533ADB67A178C5DE957
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dyZAc8NxmgpIJ7ReLwLtCdf8iuU.roa
Signing time: Mon 31 Mar 2025 11:16:49 +0000
ROA not before: Mon 31 Mar 2025 11:16:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 91.200.248.0/22 maxlen: 24
94.45.36.0/22 maxlen: 24
94.45.60.0/22 maxlen: 24
193.43.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:eb:eb:20:87:db:f2:f5:33:ad:b6:7a:17:8c:5d:e9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 31 11:16:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77264073c3719a0a4827b45e2f02ed09d7fc8ae5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6f:e9:fd:c8:d1:f9:3a:2e:58:db:73:d4:ba:
0f:d9:3b:4b:8b:98:13:42:3b:04:4e:ff:ea:71:28:
d2:90:eb:eb:4f:1e:d6:e9:dd:f1:61:7b:dd:71:d5:
ed:27:79:55:c3:d1:24:c7:42:bd:8c:d4:e0:88:87:
42:33:dc:b6:2e:55:de:05:88:59:08:56:0e:cd:69:
c5:12:61:08:f6:fd:98:7c:5d:25:fd:d6:88:8d:9f:
b3:d4:3e:42:c0:53:04:62:d2:6b:3c:c2:35:7c:73:
14:33:99:e2:85:9d:c6:0d:67:ec:e4:95:28:49:a5:
65:8c:a2:7a:21:fe:10:15:eb:f3:7c:cf:ca:cd:eb:
b1:25:f6:20:aa:43:1e:17:b2:81:20:dc:b5:6f:34:
71:76:e8:8e:1e:90:a0:89:ae:8d:5a:5e:b4:bf:22:
9c:4c:27:03:96:09:41:94:d0:32:81:a3:ca:8b:61:
3e:f0:f2:66:49:c5:ad:c8:67:02:7d:77:67:af:c7:
f7:b1:45:b4:ee:cc:68:f3:56:ee:e0:c6:8a:1b:db:
d6:2b:29:a0:e8:62:6c:db:47:90:5d:db:d5:66:e4:
88:52:36:cc:e0:b3:e8:c5:96:3e:da:dd:ff:d7:96:
8a:29:f1:14:d9:e0:63:ba:21:4e:cb:80:fa:9e:28:
4b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:26:40:73:C3:71:9A:0A:48:27:B4:5E:2F:02:ED:09:D7:FC:8A:E5
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/dyZAc8NxmgpIJ7ReLwLtCdf8iuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.248.0/22
94.45.36.0/22
94.45.60.0/22
193.43.224.0/22
Signature Algorithm: sha256WithRSAEncryption
23:3a:73:c7:4c:83:1c:58:ba:64:66:a9:62:a2:24:c7:aa:c5:
e6:9c:15:4c:32:fb:39:59:61:78:92:3a:03:f5:05:ac:14:cb:
2b:a6:1f:89:bd:57:4b:33:4c:35:96:98:4c:e7:c9:6d:cb:36:
e2:17:c7:c8:e3:c9:8a:52:b5:96:ae:f0:63:57:e0:c2:24:98:
b8:a3:58:0e:a4:cf:e1:36:ee:4a:e2:23:a1:b9:ea:b6:7f:b1:
e2:fa:62:14:06:fe:23:f5:92:5e:a2:fb:fe:8c:4f:7a:68:4c:
a2:00:ef:10:5f:61:11:1a:39:2c:a2:f5:3b:c8:72:d4:c0:dd:
bb:c3:f3:86:23:54:1b:c9:0d:9d:30:d6:19:c2:96:f4:45:39:
bc:b2:8f:e4:ba:c6:e1:f1:0e:e7:4c:1d:16:b1:93:a0:5e:d7:
25:5a:af:70:b5:fd:ae:55:fb:e3:4d:21:94:3b:c8:c9:89:02:
97:e7:9b:18:e5:7b:cc:e9:00:20:f6:8d:dc:94:9b:e0:e9:0f:
91:ac:6f:25:e6:dd:f0:df:a9:15:2d:bc:00:9e:00:03:20:a2:
6b:e4:53:55:09:c9:71:9f:88:0e:25:6d:53:2a:2c:75:23:c9:
44:ba:41:93:e1:95:c4:12:1a:63:d6:bf:70:7e:a0:c0:58:93:
fe:42:1e:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXr6yCH2/L1M622eheMXelXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjUwMzMxMTExNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI2NDA3M2MzNzE5YTBhNDgyN2I0NWUyZjAyZWQwOWQ3ZmM4YWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm/p/cjR+TouWNtz1LoP2TtLi5gT
QjsETv/qcSjSkOvrTx7W6d3xYXvdcdXtJ3lVw9Ekx0K9jNTgiIdCM9y2LlXeBYhZ
CFYOzWnFEmEI9v2YfF0l/daIjZ+z1D5CwFMEYtJrPMI1fHMUM5nihZ3GDWfs5JUo
SaVljKJ6If4QFevzfM/KzeuxJfYgqkMeF7KBINy1bzRxduiOHpCgia6NWl60vyKc
TCcDlglBlNAygaPKi2E+8PJmScWtyGcCfXdnr8f3sUW07sxo81bu4MaKG9vWKymg
6GJs20eQXdvVZuSIUjbM4LPoxZY+2t3/15aKKfEU2eBjuiFOy4D6nihLqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHcmQHPDcZoKSCe0Xi8C7QnX/IrlMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvZHlaQWM4TnhtZ3BJSjdSZUx3THRDZGY4aXVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8j4AwQC
Xi0kAwQCXi08AwQCwSvgMA0GCSqGSIb3DQEBCwUAA4IBAQAjOnPHTIMcWLpkZqli
oiTHqsXmnBVMMvs5WWF4kjoD9QWsFMsrph+JvVdLM0w1lphM58ltyzbiF8fI48mK
UrWWrvBjV+DCJJi4o1gOpM/hNu5K4iOhueq2f7Hi+mIUBv4j9ZJeovv+jE96aEyi
AO8QX2ERGjksovU7yHLUwN27w/OGI1QbyQ2dMNYZwpb0RTm8so/kusbh8Q7nTB0W
sZOgXtclWq9wtf2uVfvjTSGUO8jJiQKX55sY5XvM6QAg9o3clJvg6Q+RrG8l5t3w
36kVLbwAngADIKJr5FNVCclxn4gOJW1TKix1I8lEukGT4ZXEEhpj1r9wfqDAWJP+
Qh6i
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:08:10 2025 by rpki-client