Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nNVTBYGKtkoIk8S_LVOXQNR0Flg.roa
File: nNVTBYGKtkoIk8S_LVOXQNR0Flg.roa (raw, json)
Hash identifier: XXFhRnMh+r993mcZLylS/syK7+TNLfPlpioUxY9lgnQ=
Subject key identifier: 9C:D5:53:05:81:8A:B6:4A:08:93:C4:BF:2D:53:97:40:D4:74:16:58
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421441E8490FF5D0744A2364D958C1CA0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nNVTBYGKtkoIk8S_LVOXQNR0Flg.roa
Signing time: Wed 01 Jan 2025 09:48:19 +0000
ROA not before: Wed 01 Jan 2025 09:48:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214140
IP address blocks: 77.93.133.0/24 maxlen: 24
77.93.140.0/24 maxlen: 24
77.93.142.0/24 maxlen: 24
217.144.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:1e:84:90:ff:5d:07:44:a2:36:4d:95:8c:1c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9cd55305818ab64a0893c4bf2d539740d4741658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:20:d4:91:92:44:d7:93:04:3a:bc:b8:6f:39:
5e:53:1e:ba:f4:89:53:24:db:fb:89:a4:08:d9:84:
08:31:8c:7b:17:57:98:ab:ce:09:3b:0a:ee:24:6b:
0c:a0:76:37:c3:17:fb:9c:50:83:d1:dc:5a:a8:e5:
9b:27:5c:85:e4:9d:4f:c7:52:3e:74:c4:19:c5:03:
44:f7:9e:21:e3:16:ac:e9:c5:fd:cb:19:23:21:86:
b3:86:b4:78:9a:eb:44:77:d6:2e:87:d6:40:ff:9e:
4f:20:73:a0:97:a9:c2:6e:4c:33:9b:73:d0:c4:1b:
25:fa:48:8c:b0:71:1d:99:ce:6b:ba:c0:30:0e:8f:
76:8d:8f:81:e0:8c:8c:fc:90:32:6d:e4:12:1c:5b:
ae:77:65:b4:b5:9c:36:c0:58:ed:b8:76:9f:c8:ee:
50:b5:fa:fd:bb:ec:ec:2e:4b:f0:d1:db:2b:b6:df:
47:55:04:7e:9e:bd:37:77:db:16:4c:95:22:0c:55:
c9:16:d5:f6:c0:f1:c4:bc:4f:51:29:02:cd:0b:bf:
43:6e:ee:28:fb:9f:7e:80:c2:81:24:0f:be:25:49:
f5:f6:2f:06:69:c1:6b:d5:2c:14:df:90:d8:8a:7d:
64:c7:07:5a:59:6a:80:13:cb:5a:a8:01:7e:6e:4c:
b2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:D5:53:05:81:8A:B6:4A:08:93:C4:BF:2D:53:97:40:D4:74:16:58
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nNVTBYGKtkoIk8S_LVOXQNR0Flg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.133.0/24
77.93.140.0/24
77.93.142.0/24
217.144.158.0/24
Signature Algorithm: sha256WithRSAEncryption
25:77:5b:36:19:88:63:52:ee:8c:af:cc:26:d9:a8:a0:eb:91:
91:6d:1e:3a:e5:54:6a:0e:1d:ac:9b:04:d4:38:8f:72:11:15:
76:13:84:e3:6c:e0:8e:3f:2c:0c:a7:06:31:62:8d:22:9f:dc:
de:39:01:3a:12:81:89:5e:5b:a7:50:0f:33:0b:41:6f:3d:4b:
b5:97:c1:01:83:e6:71:bb:97:3f:b2:86:1c:de:0c:84:71:e3:
59:82:4e:f7:d4:b3:9a:d4:d2:42:83:3b:08:cd:17:72:fa:69:
3d:3a:8c:2d:cf:25:0b:3a:d4:c0:55:a9:2f:f4:61:7c:fa:ed:
a2:84:d9:06:1e:21:f2:12:f5:ca:a5:d2:14:f6:15:89:e2:86:
c8:4f:ce:90:2f:4e:5f:af:dc:33:a9:73:91:26:92:3d:cf:14:
97:d9:c9:60:90:58:11:33:58:f1:bc:b2:d4:a4:97:16:30:a6:
86:a7:0f:b6:71:a4:1f:19:5b:a7:b6:8e:26:45:e1:8c:10:52:
45:b5:cf:37:a3:80:12:e1:66:11:92:91:14:73:a5:b5:51:29:
77:55:6f:bd:0c:e7:28:1c:ad:83:96:0f:5e:3c:ee:b9:54:2b:
a0:bc:bf:3d:aa:7f:38:63:f3:d1:54:1f:e1:ef:de:4b:4f:cf:
90:c3:de:6a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhRB6EkP9dB0SiNk2VjBygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Y2Q1NTMwNTgxOGFiNjRhMDg5M2M0YmYyZDUzOTc0MGQ0NzQxNjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvCDUkZJE15MEOry4bzleUx669IlT
JNv7iaQI2YQIMYx7F1eYq84JOwruJGsMoHY3wxf7nFCD0dxaqOWbJ1yF5J1Px1I+
dMQZxQNE954h4xas6cX9yxkjIYazhrR4mutEd9Yuh9ZA/55PIHOgl6nCbkwzm3PQ
xBsl+kiMsHEdmc5rusAwDo92jY+B4IyM/JAybeQSHFuud2W0tZw2wFjtuHafyO5Q
tfr9u+zsLkvw0dsrtt9HVQR+nr03d9sWTJUiDFXJFtX2wPHEvE9RKQLNC79Dbu4o
+59+gMKBJA++JUn19i8GacFr1SwU35DYin1kxwdaWWqAE8taqAF+bkyysQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJzVUwWBirZKCJPEvy1Tl0DUdBZYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbk5WVEJZR0t0a29JazhTX0xWT1hRTlIwRmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2FAwQA
TV2MAwQATV2OAwQA2ZCeMA0GCSqGSIb3DQEBCwUAA4IBAQAld1s2GYhjUu6Mr8wm
2aig65GRbR465VRqDh2smwTUOI9yERV2E4TjbOCOPywMpwYxYo0in9zeOQE6EoGJ
XlunUA8zC0FvPUu1l8EBg+Zxu5c/soYc3gyEceNZgk731LOa1NJCgzsIzRdy+mk9
OowtzyULOtTAVakv9GF8+u2ihNkGHiHyEvXKpdIU9hWJ4obIT86QL05fr9wzqXOR
JpI9zxSX2clgkFgRM1jxvLLUpJcWMKaGpw+2caQfGVunto4mReGMEFJFtc83o4AS
4WYRkpEUc6W1USl3VW+9DOcoHK2Dlg9ePO65VCugvL89qn84Y/PRVB/h795LT8+Q
w95q
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:50:04 2025 by rpki-client