Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5TjoLwJS7DaW8tvvNpDFun-n0Cc.roa
File: 5TjoLwJS7DaW8tvvNpDFun-n0Cc.roa (raw, json)
Hash identifier: HdCtIrtzq+h5yg8o2gd2bd8eewHaOb3O1AtqoMla50w=
Subject key identifier: E5:38:E8:2F:02:52:EC:36:96:F2:DB:EF:36:90:C5:BA:7F:A7:D0:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144301AFBC9F1315CEDC252B2CF6A92
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5TjoLwJS7DaW8tvvNpDFun-n0Cc.roa
Signing time: Wed 01 Jan 2025 09:48:24 +0000
ROA not before: Wed 01 Jan 2025 09:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215567
IP address blocks: 77.93.133.0/24 maxlen: 24
77.93.140.0/24 maxlen: 24
77.93.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:30:1a:fb:c9:f1:31:5c:ed:c2:52:b2:cf:6a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e538e82f0252ec3696f2dbef3690c5ba7fa7d027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:08:11:db:d0:ca:80:08:2d:77:fc:8f:e8:38:
fe:31:d2:98:fd:2d:20:29:9d:33:77:5b:45:f5:40:
08:92:9f:3f:c8:e4:78:f8:ab:cd:d2:c5:ba:ec:da:
aa:44:fa:d4:99:df:e1:ce:f2:31:15:e2:6c:2e:fd:
fc:f3:0f:a1:13:88:60:85:4f:bb:dc:96:63:50:c0:
81:a6:cf:46:36:d2:2b:bd:9c:88:0a:2c:7d:a5:05:
73:af:5d:86:e5:40:cb:49:14:84:45:10:61:9e:69:
e1:76:b1:1a:6b:8f:58:af:e3:ce:c4:6f:45:61:fb:
d2:3e:07:22:cf:06:9c:8f:92:e5:c8:c9:0f:0b:a2:
cd:e5:58:05:93:5a:5a:c8:1d:a4:09:78:3b:e3:5f:
b3:01:49:fb:c6:b8:a3:12:94:20:20:2f:8a:37:da:
ff:b0:11:8f:4a:d4:d9:68:2e:19:75:43:1f:3f:2f:
97:6c:12:1c:26:3c:99:b0:ff:88:80:99:ab:8f:fb:
76:8e:da:e9:17:77:04:26:c0:9f:fa:be:e2:7a:87:
a7:d0:83:36:a7:97:46:0c:aa:90:9f:6c:90:1a:d1:
b2:2b:2e:08:5c:6f:06:4d:74:ad:17:cf:d8:37:7c:
9a:c9:1f:31:a6:6c:ae:00:19:c1:0d:d2:e6:9b:95:
c0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:38:E8:2F:02:52:EC:36:96:F2:DB:EF:36:90:C5:BA:7F:A7:D0:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5TjoLwJS7DaW8tvvNpDFun-n0Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.133.0/24
77.93.140.0/24
77.93.142.0/24
Signature Algorithm: sha256WithRSAEncryption
36:18:f1:15:64:57:20:75:78:88:38:f6:25:3f:d3:37:c2:b1:
47:40:2b:7e:f2:bf:11:bf:11:78:e7:d9:70:ce:f1:d7:44:67:
7f:70:43:ad:78:3b:bd:06:25:9c:e2:17:c6:f3:65:fe:c6:ac:
9a:df:7a:e7:cd:b3:48:6f:1e:4c:d8:35:5a:dc:20:db:63:c8:
e5:59:1b:fb:ed:24:71:ab:f5:8d:cd:d2:36:cd:27:3d:46:5e:
b1:db:7f:35:7a:53:1c:41:2a:69:52:ce:40:8e:22:2c:24:94:
82:e9:1c:0e:1c:22:f4:4a:ba:d7:83:75:23:e5:4d:b2:6f:cd:
3f:34:98:10:20:38:8e:ba:e9:8c:d8:a4:f2:40:cd:a6:77:ca:
69:dd:0e:fd:d9:ff:62:2e:a7:54:b3:0b:26:59:f6:2c:f9:4b:
86:10:f2:03:f6:4b:ff:65:7b:cf:bf:d6:1e:44:5f:8f:2f:81:
f8:83:e0:52:fb:a2:35:47:bd:47:ac:88:c9:3b:89:7a:30:a4:
8b:e5:7e:c3:ba:f3:66:75:f0:59:65:d7:82:94:f2:8c:82:0b:
b2:70:2d:f0:e6:61:c4:f2:ee:8c:95:78:cc:ad:e5:57:96:3a:
1a:29:4d:a8:ee:2d:3f:a7:f1:6c:62:cc:85:17:d8:cf:3e:47:
12:97:8d:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhRDAa+8nxMVztwlKyz2qSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTM4ZTgyZjAyNTJlYzM2OTZmMmRiZWYzNjkwYzViYTdmYTdkMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQgR29DKgAgtd/yP6Dj+MdKY/S0g
KZ0zd1tF9UAIkp8/yOR4+KvN0sW67NqqRPrUmd/hzvIxFeJsLv388w+hE4hghU+7
3JZjUMCBps9GNtIrvZyICix9pQVzr12G5UDLSRSERRBhnmnhdrEaa49Yr+POxG9F
YfvSPgcizwacj5LlyMkPC6LN5VgFk1payB2kCXg741+zAUn7xrijEpQgIC+KN9r/
sBGPStTZaC4ZdUMfPy+XbBIcJjyZsP+IgJmrj/t2jtrpF3cEJsCf+r7ieoen0IM2
p5dGDKqQn2yQGtGyKy4IXG8GTXStF8/YN3yayR8xpmyuABnBDdLmm5XADwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOU46C8CUuw2lvLb7zaQxbp/p9AnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNVRqb0x3SlM3RGFXOHR2dk5wREZ1bi1uMENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATV2FAwQA
TV2MAwQATV2OMA0GCSqGSIb3DQEBCwUAA4IBAQA2GPEVZFcgdXiIOPYlP9M3wrFH
QCt+8r8RvxF459lwzvHXRGd/cEOteDu9BiWc4hfG82X+xqya33rnzbNIbx5M2DVa
3CDbY8jlWRv77SRxq/WNzdI2zSc9Rl6x2381elMcQSppUs5AjiIsJJSC6RwOHCL0
SrrXg3Uj5U2yb80/NJgQIDiOuumM2KTyQM2md8pp3Q792f9iLqdUswsmWfYs+UuG
EPID9kv/ZXvPv9YeRF+PL4H4g+BS+6I1R71HrIjJO4l6MKSL5X7DuvNmdfBZZdeC
lPKMgguycC3w5mHE8u6MlXjMreVXljoaKU2o7i0/p/FsYsyFF9jPPkcSl40K
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:45:28 2025 by rpki-client