Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/dK1BXPCUXOQRT5oOEUWvGxP9gQk.roa
File: dK1BXPCUXOQRT5oOEUWvGxP9gQk.roa (raw, json)
Hash identifier: Ys5B95zExSqqxQNADZXH3Qy0NLQy7XLhKxBDY3n6xFE=
Subject key identifier: 74:AD:41:5C:F0:94:5C:E4:11:4F:9A:0E:11:45:AF:1B:13:FD:81:09
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01942444D89E97AB1E9BD89B7A92E36AAF8D
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/dK1BXPCUXOQRT5oOEUWvGxP9gQk.roa
Signing time: Wed 01 Jan 2025 23:47:59 +0000
ROA not before: Wed 01 Jan 2025 23:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60949
IP address blocks: 77.246.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d8:9e:97:ab:1e:9b:d8:9b:7a:92:e3:6a:af:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Jan 1 23:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74ad415cf0945ce4114f9a0e1145af1b13fd8109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:3a:32:92:07:33:76:b4:f8:d0:d0:24:67:62:
38:e0:e4:66:48:de:b4:d1:cd:9c:e2:a1:6b:3e:f7:
fe:d3:6d:aa:ce:ff:3c:77:11:a1:a2:14:e9:9f:0c:
35:04:e8:c3:74:ca:44:dc:6d:59:83:31:95:10:4f:
3c:4b:89:1c:9a:07:4e:20:c3:b6:76:30:54:ab:ce:
71:b3:9d:b6:b1:1a:9c:4c:b5:77:ac:bf:9f:32:87:
3b:d8:45:4b:c2:f3:38:f0:b0:37:75:68:c0:11:02:
5f:94:fb:d8:e7:6b:59:ed:b5:60:88:b2:2d:e6:03:
17:b3:ed:d9:c9:da:cf:09:f1:d8:e0:e5:05:7c:eb:
d5:d2:68:32:9b:5a:2a:8d:9b:44:18:82:bf:16:bb:
f5:6b:58:ca:25:e5:ea:67:dd:71:17:86:74:d6:3f:
d5:fa:fc:3d:a7:9f:f8:94:cb:eb:29:fc:a5:fd:b8:
64:09:b2:d6:96:1b:b7:16:b8:ef:7f:21:2c:2a:e0:
4d:89:f7:6d:85:ae:96:d3:d3:5d:83:59:68:0b:47:
91:11:a8:23:0f:bd:be:c5:98:b8:14:a2:29:31:df:
fd:d5:37:31:65:15:d8:f6:87:39:03:b3:b9:99:f1:
2b:0c:a4:6f:a2:ec:77:13:a2:29:3b:12:f0:7e:62:
e4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:AD:41:5C:F0:94:5C:E4:11:4F:9A:0E:11:45:AF:1B:13:FD:81:09
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/dK1BXPCUXOQRT5oOEUWvGxP9gQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.221.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:df:f4:13:55:c3:cc:4f:4e:f8:be:ee:e8:f4:c7:4c:db:e5:
98:f0:59:01:ac:46:fa:20:35:88:90:f7:5b:8e:b5:f7:49:07:
4c:d9:89:09:9e:58:4e:64:c4:b9:f7:3d:1c:05:ef:a1:c2:3e:
dc:ab:38:2e:48:de:58:94:eb:7c:02:eb:52:ca:15:3e:52:90:
ca:73:81:99:cb:b9:74:5a:80:5e:ea:59:8c:3b:2a:0d:6b:18:
a2:5e:65:a3:51:01:7e:bd:8f:e6:e4:4c:95:42:b3:2a:17:44:
b3:aa:96:da:8d:de:57:28:a1:99:ea:f7:91:67:6a:8c:bf:68:
df:e9:03:99:c2:c1:2e:2f:6d:2c:4e:5e:8b:84:1b:e6:7f:2f:
df:47:ed:84:d6:b4:56:94:b7:10:d5:7d:b5:a0:ce:03:03:5a:
13:a6:10:85:3d:fa:04:34:25:29:94:ac:1a:d6:67:c2:87:18:
c6:cb:03:64:7b:64:88:0c:3f:24:e9:fe:bc:4f:27:a5:e2:51:
60:08:c3:51:a7:71:de:c9:d1:ed:ae:c1:fb:bb:51:e7:6e:4f:
85:63:23:dc:3a:57:ca:90:77:4e:a0:ef:d7:39:4c:e6:ee:03:
14:c5:51:ce:ea:7b:53:66:82:3b:24:21:de:ac:69:f6:c9:c1:
cf:cd:84:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNiel6sem9ibepLjaq+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwMTAxMjM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGFkNDE1Y2YwOTQ1Y2U0MTE0ZjlhMGUxMTQ1YWYxYjEzZmQ4MTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmToykgczdrT40NAkZ2I44ORmSN60
0c2c4qFrPvf+022qzv88dxGhohTpnww1BOjDdMpE3G1ZgzGVEE88S4kcmgdOIMO2
djBUq85xs522sRqcTLV3rL+fMoc72EVLwvM48LA3dWjAEQJflPvY52tZ7bVgiLIt
5gMXs+3ZydrPCfHY4OUFfOvV0mgym1oqjZtEGIK/Frv1a1jKJeXqZ91xF4Z01j/V
+vw9p5/4lMvrKfyl/bhkCbLWlhu3FrjvfyEsKuBNifdtha6W09Ndg1loC0eREagj
D72+xZi4FKIpMd/91TcxZRXY9oc5A7O5mfErDKRvoux3E6IpOxLwfmLkMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHStQVzwlFzkEU+aDhFFrxsT/YEJMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvZEsxQlhQQ1VYT1FSVDVvT0VVV3ZHeFA5Z1FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATfbdMA0G
CSqGSIb3DQEBCwUAA4IBAQBP3/QTVcPMT074vu7o9MdM2+WY8FkBrEb6IDWIkPdb
jrX3SQdM2YkJnlhOZMS59z0cBe+hwj7cqzguSN5YlOt8AutSyhU+UpDKc4GZy7l0
WoBe6lmMOyoNaxiiXmWjUQF+vY/m5EyVQrMqF0Szqpbajd5XKKGZ6veRZ2qMv2jf
6QOZwsEuL20sTl6LhBvmfy/fR+2E1rRWlLcQ1X21oM4DA1oTphCFPfoENCUplKwa
1mfChxjGywNke2SIDD8k6f68Tyel4lFgCMNRp3HeydHtrsH7u1Hnbk+FYyPcOlfK
kHdOoO/XOUzm7gMUxVHO6ntTZoI7JCHerGn2ycHPzYTa
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:35:04 2025 by rpki-client