Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/2ocBNxmBQmUkoRPjhlhWgOYgiMs.roa
File: 2ocBNxmBQmUkoRPjhlhWgOYgiMs.roa (raw, json)
Hash identifier: vHBT5RZYwMgp/JaFcd7djyz4ta6PJ5W0BzdunzoRb3k=
Subject key identifier: DA:87:01:37:19:81:42:65:24:A1:13:E3:86:58:56:80:E6:20:88:CB
Certificate issuer: /CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Certificate serial: 01942143F6A8BA77C69D60CED398268DD0F3
Authority key identifier: 85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/2ocBNxmBQmUkoRPjhlhWgOYgiMs.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43281
IP address blocks: 37.77.168.0/22 maxlen: 24
37.77.172.0/24 maxlen: 24
77.247.200.0/21 maxlen: 24
2a03:9d80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f6:a8:ba:77:c6:9d:60:ce:d3:98:26:8d:d0:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=857a2c74af5a44d9aae47a0b89425fa4f7fc7c19
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da8701371981426524a113e386585680e62088cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:7e:c8:42:83:1e:73:b2:23:27:9a:43:b2:
b2:96:11:05:57:83:94:8e:27:c7:c7:33:4e:ad:14:
f9:9e:15:ef:ee:c4:c8:a7:0d:a1:73:bb:1d:66:0e:
89:91:17:6e:a5:33:27:c7:63:75:84:d5:84:28:fb:
65:1a:ec:da:a8:c9:b0:bc:e4:d0:48:52:86:75:e3:
6c:87:b8:22:07:67:6c:94:26:52:f6:78:4d:2f:e3:
80:c6:75:f8:50:90:17:40:13:fe:14:fb:28:86:85:
4b:69:b2:e3:20:aa:6b:75:f6:a9:35:8f:12:94:79:
50:5e:5d:7e:da:89:21:79:14:ae:72:36:be:75:08:
dd:9b:fc:8c:39:fe:73:e4:dd:86:02:d4:8e:4c:9c:
8b:10:61:ad:46:47:2d:ec:85:77:86:b7:22:24:cd:
00:3f:40:69:c3:08:ea:81:93:64:03:67:5e:15:3d:
a7:e8:6d:8d:45:64:24:48:c6:56:d8:fb:ef:f3:9c:
6a:63:c0:88:0e:45:04:7a:a5:a1:dc:17:0d:0d:31:
28:7f:54:01:a6:06:7b:20:70:a0:7b:5b:a2:69:01:
82:fd:eb:d6:db:37:59:21:27:31:9e:88:8e:e9:8d:
c0:69:be:58:d8:b4:55:b1:ae:74:b5:df:cc:2c:ff:
f6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:87:01:37:19:81:42:65:24:A1:13:E3:86:58:56:80:E6:20:88:CB
X509v3 Authority Key Identifier:
keyid:85:7A:2C:74:AF:5A:44:D9:AA:E4:7A:0B:89:42:5F:A4:F7:FC:7C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXosdK9aRNmq5HoLiUJfpPf8fBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/2ocBNxmBQmUkoRPjhlhWgOYgiMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/0a9a33-99dc-4b92-8ced-836ac97c01bb/1/hXosdK9aRNmq5HoLiUJfpPf8fBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.168.0-37.77.172.255
77.247.200.0/21
IPv6:
2a03:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
7f:2a:9f:22:a8:2d:90:43:2a:67:66:22:64:fc:01:57:fe:62:
12:98:6c:4c:7c:c3:5f:62:21:32:b7:7b:9f:2d:a9:25:2a:12:
ab:c9:4e:6f:82:66:e1:4d:62:de:4b:19:1b:76:db:c6:b4:6b:
50:dc:24:75:4e:dc:94:4c:86:9b:87:9a:3f:06:fe:d6:72:a1:
0a:98:46:5c:46:90:14:3b:9b:c6:3c:9d:f0:5c:ca:41:6c:b5:
70:04:34:0a:be:ef:a9:7f:24:f6:dd:74:9e:f0:ee:d4:62:6b:
7a:89:f2:70:8f:16:ed:06:3f:0a:a4:17:1e:2b:7b:be:5c:47:
44:e2:1e:ef:84:d2:b9:42:e8:e1:67:e1:3c:c3:9a:6c:6b:12:
cc:53:4c:68:93:4e:30:a5:6b:9e:2e:39:24:62:e8:a3:3c:3d:
3b:28:0c:a1:6d:f1:1a:10:ae:9b:51:43:7e:c0:d1:d6:15:81:
1f:62:f8:82:64:71:94:6b:66:fe:df:88:69:38:9b:3f:40:62:
01:c5:de:29:a8:16:a3:28:0b:e4:d4:75:81:69:a3:7c:e3:65:
a0:63:82:80:38:3e:cf:72:5d:cc:7f:57:b2:0d:93:cd:06:7d:
b1:20:77:36:5f:77:52:58:43:02:22:0a:f3:24:56:67:a0:62:
98:84:0d:47
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQhQ/aounfGnWDO05gmjdDzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1N2EyYzc0YWY1YTQ0ZDlhYWU0N2EwYjg5NDI1ZmE0Zjdm
YzdjMTkwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTg3MDEzNzE5ODE0MjY1MjRhMTEzZTM4NjU4NTY4MGU2MjA4OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Z+yEKDHnOyIyeaQ7KylhEFV4OU
jifHxzNOrRT5nhXv7sTIpw2hc7sdZg6JkRdupTMnx2N1hNWEKPtlGuzaqMmwvOTQ
SFKGdeNsh7giB2dslCZS9nhNL+OAxnX4UJAXQBP+FPsohoVLabLjIKprdfapNY8S
lHlQXl1+2okheRSucja+dQjdm/yMOf5z5N2GAtSOTJyLEGGtRkct7IV3hrciJM0A
P0BpwwjqgZNkA2deFT2n6G2NRWQkSMZW2Pvv85xqY8CIDkUEeqWh3BcNDTEof1QB
pgZ7IHCge1uiaQGC/evW2zdZIScxnoiO6Y3Aab5Y2LRVsa50td/MLP/29QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNqHATcZgUJlJKET44ZYVoDmIIjLMB8GA1UdIwQY
MBaAFIV6LHSvWkTZquR6C4lCX6T3/HwZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQt
ODM2YWM5N2MwMWJiLzEvMm9jQk54bUJRbVVrb1JQamhsaFdnT1lnaU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My8wYTlhMzMtOTlkYy00YjkyLThjZWQtODM2YWM5N2MwMWJi
LzEvaFhvc2RLOWFSTm1xNUhvTGlVSmZwUGY4ZkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAMlTagD
BAAlTawDBANN98gwDQQCAAIwBwMFACoDnYAwDQYJKoZIhvcNAQELBQADggEBAH8q
nyKoLZBDKmdmImT8AVf+YhKYbEx8w19iITK3e58tqSUqEqvJTm+CZuFNYt5LGRt2
28a0a1DcJHVO3JRMhpuHmj8G/tZyoQqYRlxGkBQ7m8Y8nfBcykFstXAENAq+76l/
JPbddJ7w7tRia3qJ8nCPFu0GPwqkFx4re75cR0TiHu+E0rlC6OFn4TzDmmxrEsxT
TGiTTjCla54uOSRi6KM8PTsoDKFt8RoQrptRQ37A0dYVgR9i+IJkcZRrZv7fiGk4
mz9AYgHF3imoFqMoC+TUdYFpo3zjZaBjgoA4Ps9yXcx/V7INk80GfbEgdzZfd1JY
QwIiCvMkVmegYpiEDUc=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:12 2025 by rpki-client