Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/d6576JrBH9SAWrjxOsX8R_x4jzM.roa
File: d6576JrBH9SAWrjxOsX8R_x4jzM.roa (raw, json)
Hash identifier: tOpLNCmhcfBx5S04WHkAz4ZSeX9flEr3FqNx70rcKF0=
Subject key identifier: 77:AE:7B:E8:9A:C1:1F:D4:80:5A:B8:F1:3A:C5:FC:47:FC:78:8F:33
Certificate issuer: /CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
Certificate serial: 01942143D7F63C17694510F32ADEBD7C2CB6
Authority key identifier: 9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/d6576JrBH9SAWrjxOsX8R_x4jzM.roa
Signing time: Wed 01 Jan 2025 09:48:01 +0000
ROA not before: Wed 01 Jan 2025 09:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42892
IP address blocks: 91.193.220.0/22 maxlen: 22
91.193.220.0/23 maxlen: 23
91.193.222.0/23 maxlen: 23
94.45.192.0/19 maxlen: 19
94.45.192.0/22 maxlen: 22
94.45.196.0/22 maxlen: 22
94.45.199.0/24 maxlen: 24
94.45.200.0/22 maxlen: 22
94.45.201.0/24 maxlen: 24
94.45.204.0/22 maxlen: 22
94.45.208.0/22 maxlen: 22
94.45.212.0/22 maxlen: 22
94.45.216.0/22 maxlen: 22
94.45.220.0/22 maxlen: 22
176.120.224.0/19 maxlen: 19
176.120.224.0/21 maxlen: 21
176.120.236.0/24 maxlen: 24
176.120.237.0/24 maxlen: 24
176.120.238.0/24 maxlen: 24
176.120.239.0/24 maxlen: 24
176.120.240.0/21 maxlen: 21
176.120.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/n8wvPua1w_9txTRqdTVQb6gkEj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/n8wvPua1w_9txTRqdTVQb6gkEj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:d7:f6:3c:17:69:45:10:f3:2a:de:bd:7c:2c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fcc2f3ee6b5c3ff6dc5346a7535506fa824123e
Validity
Not Before: Jan 1 09:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77ae7be89ac11fd4805ab8f13ac5fc47fc788f33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5a:d9:64:35:b0:25:41:75:68:a4:8c:ba:be:
10:63:12:fe:90:a3:b1:e1:e2:96:2a:9b:b2:0e:19:
14:c9:9c:b7:34:c8:d3:1e:da:86:71:f3:6b:fa:ec:
a4:3b:c4:ce:40:54:d2:be:04:43:93:d4:ee:59:56:
36:14:3b:02:7a:0f:aa:43:56:5e:c0:e5:b6:33:8b:
a3:1a:17:03:98:56:0c:bf:33:e3:38:21:6d:54:d9:
49:2b:11:88:97:e9:76:21:6c:17:c8:43:88:b5:03:
62:d6:1c:21:03:ec:8b:6e:79:d6:15:b8:fa:dc:66:
e1:0a:82:64:65:e2:3d:22:d6:e9:25:34:57:45:ac:
3a:63:9e:d3:64:fb:08:7b:8a:77:6f:c0:6f:d0:56:
f7:f2:e7:4a:24:d0:42:d2:70:66:a7:cd:0e:bb:af:
59:8c:e9:a1:ba:54:9d:48:30:a2:de:a9:87:c6:a1:
41:f1:fb:dc:a6:b2:6d:07:2f:40:bc:49:0c:36:e7:
89:7b:78:2f:82:e2:df:8e:54:03:1a:2b:99:ba:af:
d5:0f:6d:ef:c6:bc:1a:57:24:73:3d:4d:c8:81:1a:
17:d7:a4:20:d1:4e:a5:6d:50:20:08:e6:d4:18:e9:
18:00:b3:26:02:a9:39:65:72:e6:2b:5a:5d:71:aa:
f1:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:AE:7B:E8:9A:C1:1F:D4:80:5A:B8:F1:3A:C5:FC:47:FC:78:8F:33
X509v3 Authority Key Identifier:
keyid:9F:CC:2F:3E:E6:B5:C3:FF:6D:C5:34:6A:75:35:50:6F:A8:24:12:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n8wvPua1w_9txTRqdTVQb6gkEj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/d6576JrBH9SAWrjxOsX8R_x4jzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7f840d-3bd4-4fad-9a15-8bf04af4b2b4/1/n8wvPua1w_9txTRqdTVQb6gkEj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.220.0/22
94.45.192.0/19
176.120.224.0/19
Signature Algorithm: sha256WithRSAEncryption
02:28:6f:1d:1d:b1:87:99:35:ac:64:9a:c0:7b:ab:65:38:eb:
dd:07:b3:ca:6b:0b:9c:89:5c:15:b3:a5:13:94:81:74:00:d4:
23:d0:45:12:37:ae:44:d3:16:47:f9:c7:cb:38:da:36:b4:89:
32:c6:0d:30:91:07:9c:00:d1:17:d3:66:de:33:b8:01:f5:c3:
80:a7:b4:eb:b1:05:1a:3a:7a:78:f8:22:54:c6:d1:45:eb:97:
e2:cc:c5:dc:8b:41:36:07:40:8e:60:39:23:7d:a8:48:e7:b9:
72:ad:33:ef:a5:11:2b:2b:34:68:2d:c8:18:9c:b3:fa:30:55:
02:4d:1c:b7:ab:fe:35:05:49:11:64:36:ed:cc:1f:b5:65:29:
90:3d:7a:95:4b:11:d8:b2:4d:b4:4b:47:56:db:97:8b:fa:be:
21:8d:47:1f:c7:8f:ff:2f:1d:6c:af:2f:af:50:e5:9f:aa:e9:
16:19:93:40:61:15:b5:bb:af:8f:f6:e1:01:c6:e4:7a:d0:36:
68:9a:cb:26:a2:ce:bf:4c:c3:ed:7f:52:9c:eb:b2:21:55:2b:
dc:5c:3d:a6:a8:4e:13:b1:5e:83:70:37:86:7e:c2:78:b4:8c:
c4:b2:44:0c:62:8b:ef:60:3f:02:73:c1:b9:c7:b0:9d:d4:fa:
2b:18:70:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ9f2PBdpRRDzKt69fCy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmY2MyZjNlZTZiNWMzZmY2ZGM1MzQ2YTc1MzU1MDZmYTgy
NDEyM2UwHhcNMjUwMTAxMDk0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2FlN2JlODlhYzExZmQ0ODA1YWI4ZjEzYWM1ZmM0N2ZjNzg4ZjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVrZZDWwJUF1aKSMur4QYxL+kKOx
4eKWKpuyDhkUyZy3NMjTHtqGcfNr+uykO8TOQFTSvgRDk9TuWVY2FDsCeg+qQ1Ze
wOW2M4ujGhcDmFYMvzPjOCFtVNlJKxGIl+l2IWwXyEOItQNi1hwhA+yLbnnWFbj6
3GbhCoJkZeI9ItbpJTRXRaw6Y57TZPsIe4p3b8Bv0Fb38udKJNBC0nBmp80Ou69Z
jOmhulSdSDCi3qmHxqFB8fvcprJtBy9AvEkMNueJe3gvguLfjlQDGiuZuq/VD23v
xrwaVyRzPU3IgRoX16Qg0U6lbVAgCObUGOkYALMmAqk5ZXLmK1pdcarxpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHeue+iawR/UgFq48TrF/Ef8eI8zMB8GA1UdIwQY
MBaAFJ/MLz7mtcP/bcU0anU1UG+oJBI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUt
OGJmMDRhZjRiMmI0LzEvZDY1NzZKckJIOVNBV3JqeE9zWDhSX3g0anpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83Zjg0MGQtM2JkNC00ZmFkLTlhMTUtOGJmMDRhZjRiMmI0
LzEvbjh3dlB1YTF3Xzl0eFRScWRUVlFiNmdrRWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8HcAwQF
Xi3AAwQFsHjgMA0GCSqGSIb3DQEBCwUAA4IBAQACKG8dHbGHmTWsZJrAe6tlOOvd
B7PKawuciVwVs6UTlIF0ANQj0EUSN65E0xZH+cfLONo2tIkyxg0wkQecANEX02be
M7gB9cOAp7TrsQUaOnp4+CJUxtFF65fizMXci0E2B0COYDkjfahI57lyrTPvpREr
KzRoLcgYnLP6MFUCTRy3q/41BUkRZDbtzB+1ZSmQPXqVSxHYsk20S0dW25eL+r4h
jUcfx4//Lx1sry+vUOWfqukWGZNAYRW1u6+P9uEBxuR60DZomssmos6/TMPtf1Kc
67IhVSvcXD2mqE4TsV6DcDeGfsJ4tIzEskQMYovvYD8Cc8G5x7Cd1PorGHCR
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:47 2025 by rpki-client