Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/__MYyid4GtIkDzQxVkfCnSU_9K0.roa
File: __MYyid4GtIkDzQxVkfCnSU_9K0.roa (raw, json)
Hash identifier: wGfHIHi66rHTs2wGskl+w+/VWjBeUlcRI6guMD/KMNQ=
Subject key identifier: FF:F3:18:CA:27:78:1A:D2:24:0F:34:31:56:47:C2:9D:25:3F:F4:AD
Certificate issuer: /CN=952156c8847f24d09da60d5f5b10542b2ecf9016
Certificate serial: 01941F8C8AE22788713671050F45910F8141
Authority key identifier: 95:21:56:C8:84:7F:24:D0:9D:A6:0D:5F:5B:10:54:2B:2E:CF:90:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSFWyIR_JNCdpg1fWxBUKy7PkBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/__MYyid4GtIkDzQxVkfCnSU_9K0.roa
Signing time: Wed 01 Jan 2025 01:48:11 +0000
ROA not before: Wed 01 Jan 2025 01:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12387
IP address blocks: 77.237.192.0/19 maxlen: 19
77.237.204.0/23 maxlen: 23
77.237.206.0/23 maxlen: 23
77.237.208.0/23 maxlen: 23
2a00:c10::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/lSFWyIR_JNCdpg1fWxBUKy7PkBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/lSFWyIR_JNCdpg1fWxBUKy7PkBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lSFWyIR_JNCdpg1fWxBUKy7PkBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:8a:e2:27:88:71:36:71:05:0f:45:91:0f:81:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=952156c8847f24d09da60d5f5b10542b2ecf9016
Validity
Not Before: Jan 1 01:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fff318ca27781ad2240f34315647c29d253ff4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:36:0d:f6:cb:03:24:76:5e:1a:10:d2:9f:dd:
91:6c:25:98:d8:56:3e:35:f8:c9:04:c4:5c:97:8e:
a9:63:b2:b1:c0:a9:28:05:ea:df:47:f0:f5:37:69:
f5:19:5c:17:13:41:fa:18:f3:8c:58:de:2f:40:58:
fe:d7:6e:90:92:d3:7f:b4:19:d9:44:7a:e8:e0:86:
c3:fa:33:2e:13:04:bc:46:c1:e9:28:56:ac:ea:82:
3a:26:5f:ea:06:a4:29:4c:e9:00:03:0d:52:9b:9f:
e8:68:25:c7:4e:ff:6d:1a:d7:c4:f0:5e:88:0d:a8:
71:7a:b3:68:52:4c:d6:45:34:87:6d:ef:d4:7b:c1:
e7:a9:7a:12:50:c9:13:67:fc:87:5a:31:67:b1:ff:
50:0a:f9:c8:9a:73:f2:bf:f0:f7:14:1b:c2:8b:bc:
66:0a:50:78:00:10:ed:3e:5a:3c:eb:40:bf:d7:e9:
30:b6:58:9b:94:56:6d:c5:3f:43:2d:fe:1c:1d:81:
76:69:86:86:e4:da:94:12:b6:4f:03:70:de:21:a6:
62:c7:05:42:ce:f0:6d:ee:ca:60:58:7e:36:63:a0:
d2:29:08:0f:4d:9c:f7:e3:fd:df:80:29:40:25:a9:
bc:45:7a:8c:c0:8a:8f:1f:33:32:4d:24:ee:1b:dd:
45:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:F3:18:CA:27:78:1A:D2:24:0F:34:31:56:47:C2:9D:25:3F:F4:AD
X509v3 Authority Key Identifier:
keyid:95:21:56:C8:84:7F:24:D0:9D:A6:0D:5F:5B:10:54:2B:2E:CF:90:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSFWyIR_JNCdpg1fWxBUKy7PkBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/__MYyid4GtIkDzQxVkfCnSU_9K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c43d4f-f52c-4387-9362-b3c01d1a6c85/1/lSFWyIR_JNCdpg1fWxBUKy7PkBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.192.0/19
IPv6:
2a00:c10::/32
Signature Algorithm: sha256WithRSAEncryption
a5:9e:18:d6:c5:af:6a:a9:52:22:eb:a3:b7:6b:2d:9a:5e:4e:
68:69:ab:92:cf:86:54:36:0f:55:d1:f0:30:8c:63:61:95:2f:
ec:28:ad:1f:ec:a4:fc:1c:9d:11:5a:0e:d2:42:c8:47:02:27:
73:de:43:c9:4d:93:c4:59:5c:c2:73:c6:5c:42:e8:16:0f:5a:
2b:93:4e:50:fc:32:93:52:bd:8a:cb:43:4b:83:96:2e:e3:47:
7a:a0:0c:53:7a:1a:b7:11:79:43:65:0e:af:ac:76:ac:bf:a7:
a4:68:ea:9f:14:a1:03:9f:e9:e3:07:77:a3:07:a1:3f:f6:0a:
48:06:b8:85:ed:1f:2d:d6:a5:21:59:ec:f7:67:d3:47:fc:72:
06:51:26:fd:88:6b:c0:5f:94:0d:12:1b:e8:63:88:c6:60:64:
fe:aa:1f:04:83:1d:79:0a:8a:44:50:14:95:89:2e:1f:1b:48:
ae:8b:e0:ca:d3:98:2a:e9:7e:7e:a3:a3:aa:93:51:73:f3:88:
5e:aa:6c:4d:6c:96:59:ad:95:01:4b:0f:b4:1c:97:82:54:f2:
b9:5f:98:f6:db:eb:db:64:38:6e:0c:4c:a9:24:80:e2:4f:8b:
3b:25:d1:ff:d8:5b:45:2a:8d:76:5d:ce:e6:3f:a2:f3:cf:e0:
80:3f:5e:6e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQfjIriJ4hxNnEFD0WRD4FBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjE1NmM4ODQ3ZjI0ZDA5ZGE2MGQ1ZjViMTA1NDJiMmVj
ZjkwMTYwHhcNMjUwMTAxMDE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmYzMThjYTI3NzgxYWQyMjQwZjM0MzE1NjQ3YzI5ZDI1M2ZmNGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszYN9ssDJHZeGhDSn92RbCWY2FY+
NfjJBMRcl46pY7KxwKkoBerfR/D1N2n1GVwXE0H6GPOMWN4vQFj+126QktN/tBnZ
RHro4IbD+jMuEwS8RsHpKFas6oI6Jl/qBqQpTOkAAw1Sm5/oaCXHTv9tGtfE8F6I
DahxerNoUkzWRTSHbe/Ue8HnqXoSUMkTZ/yHWjFnsf9QCvnImnPyv/D3FBvCi7xm
ClB4ABDtPlo860C/1+kwtliblFZtxT9DLf4cHYF2aYaG5NqUErZPA3DeIaZixwVC
zvBt7spgWH42Y6DSKQgPTZz34/3fgClAJam8RXqMwIqPHzMyTSTuG91FDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP/zGMoneBrSJA80MVZHwp0lP/StMB8GA1UdIwQY
MBaAFJUhVsiEfyTQnaYNX1sQVCsuz5AWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNGV3lJUl9KTkNkcGcxZld4QlVLeTdQa0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jNDNkNGYtZjUyYy00Mzg3LTkzNjIt
YjNjMDFkMWE2Yzg1LzEvX19NWXlpZDRHdElrRHpReFZrZkNuU1VfOUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jNDNkNGYtZjUyYy00Mzg3LTkzNjItYjNjMDFkMWE2Yzg1
LzEvbFNGV3lJUl9KTkNkcGcxZld4QlVLeTdQa0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFTe3AMA0E
AgACMAcDBQAqAAwQMA0GCSqGSIb3DQEBCwUAA4IBAQClnhjWxa9qqVIi66O3ay2a
Xk5oaauSz4ZUNg9V0fAwjGNhlS/sKK0f7KT8HJ0RWg7SQshHAidz3kPJTZPEWVzC
c8ZcQugWD1ork05Q/DKTUr2Ky0NLg5Yu40d6oAxTehq3EXlDZQ6vrHasv6ekaOqf
FKEDn+njB3ejB6E/9gpIBriF7R8t1qUhWez3Z9NH/HIGUSb9iGvAX5QNEhvoY4jG
YGT+qh8Egx15CopEUBSViS4fG0iui+DK05gq6X5+o6Oqk1Fz84heqmxNbJZZrZUB
Sw+0HJeCVPK5X5j22+vbZDhuDEypJIDiT4s7JdH/2FtFKo12Xc7mP6Lzz+CAP15u
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:42:08 2025 by rpki-client