Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/cH-X-ulnDgrmeI6ntF2FauYD2zI.roa
File: cH-X-ulnDgrmeI6ntF2FauYD2zI.roa (raw, json)
Hash identifier: B66TpsABhY+Cv7gtRmhelNJxkxgl+8OT8/JHttC8CN4=
Subject key identifier: 70:7F:97:FA:E9:67:0E:0A:E6:78:8E:A7:B4:5D:85:6A:E6:03:DB:32
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747F4E3EBF004B6DABBD2C449AD72AC
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/cH-X-ulnDgrmeI6ntF2FauYD2zI.roa
Signing time: Thu 02 Jan 2025 13:50:14 +0000
ROA not before: Thu 02 Jan 2025 13:50:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61071
IP address blocks: 77.78.25.0/24 maxlen: 24
77.78.39.0/24 maxlen: 24
77.78.40.0/24 maxlen: 24
77.78.41.0/24 maxlen: 24
77.78.50.0/24 maxlen: 24
77.78.52.0/24 maxlen: 24
77.78.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f4:e3:eb:f0:04:b6:da:bb:d2:c4:49:ad:72:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=707f97fae9670e0ae6788ea7b45d856ae603db32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:51:e0:74:9f:82:9d:c7:80:e3:33:09:9f:ab:
ab:03:d6:42:2a:8d:a4:6f:dd:dc:08:3f:9a:5a:64:
57:37:76:55:b7:c0:74:05:72:d5:f4:41:1c:90:54:
d0:36:49:f0:48:95:d3:fa:fb:91:1c:0c:a3:11:68:
24:ed:cc:e2:35:87:2f:51:c0:ac:b8:01:73:a9:a0:
ae:9f:f5:6b:1d:e3:57:8b:a6:ff:0a:ed:26:ec:8d:
88:82:36:4c:e2:2d:21:bb:90:a6:11:99:cc:79:7a:
5b:b3:34:18:62:02:c8:1e:53:09:8a:b3:b3:5d:80:
7d:ac:53:bd:19:58:c6:42:07:09:cf:50:37:31:6e:
33:81:bb:38:11:f5:e0:af:e6:d9:db:ec:57:ac:84:
ce:f3:4b:27:4b:bb:f4:cc:d0:e9:0e:5f:f8:32:8b:
65:24:c2:5c:80:34:13:8d:86:39:53:46:ad:c3:32:
28:13:d4:68:49:65:fb:66:3a:b4:29:91:76:f0:94:
94:f1:9f:22:e3:f5:f5:ae:d5:67:a8:b5:11:8f:7d:
26:6e:f9:1b:48:79:d7:ce:42:8c:e1:f6:f3:b0:49:
10:06:5b:91:36:40:92:54:e1:b0:89:1c:49:7c:ef:
20:e6:88:83:30:57:44:49:80:67:aa:72:1c:75:85:
95:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:7F:97:FA:E9:67:0E:0A:E6:78:8E:A7:B4:5D:85:6A:E6:03:DB:32
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/cH-X-ulnDgrmeI6ntF2FauYD2zI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.78.25.0/24
77.78.39.0-77.78.41.255
77.78.50.0/24
77.78.52.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:c6:3b:df:5d:83:2d:5a:7e:fe:ce:9e:83:27:50:f1:15:84:
15:8c:b4:45:f1:9d:43:01:50:6c:63:12:06:10:05:2a:bf:47:
8f:5b:07:05:e3:76:0e:d1:d4:a1:97:88:f7:85:5d:c5:1a:59:
96:4e:08:d3:20:f4:74:2d:88:66:d4:43:46:e6:01:23:c6:54:
26:48:61:36:48:c7:44:be:92:e2:a0:51:97:7a:4b:ec:de:22:
8d:56:4b:d5:21:38:c8:b4:e0:34:c3:dc:5c:d0:b6:83:c8:84:
42:47:0f:29:89:a2:d8:d2:e2:72:39:6b:fc:27:7f:51:58:41:
d9:f6:e1:21:25:e7:bd:07:63:88:14:d2:ad:65:27:a8:d3:73:
0b:ad:f6:56:52:2c:71:84:7d:a7:bb:a2:20:2c:08:aa:5d:b8:
a5:19:35:76:b6:f1:f5:bd:12:0c:36:97:28:da:df:bc:ac:55:
3b:82:fb:63:61:74:05:a6:36:9a:67:60:0b:d3:45:c0:ad:c5:
b1:39:a8:98:00:f0:40:a8:1b:96:92:04:63:be:d9:ed:8b:b4:
a9:f2:d7:75:58:98:e3:37:f4:97:c3:6d:64:d3:72:ce:cd:d4:
b0:ad:d8:cd:58:82:42:67:d0:18:9a:78:eb:15:a9:7e:a4:d9:
e7:ec:dc:49
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQnR/Tj6/AEttq70sRJrXKsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDdmOTdmYWU5NjcwZTBhZTY3ODhlYTdiNDVkODU2YWU2MDNkYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlHgdJ+CnceA4zMJn6urA9ZCKo2k
b93cCD+aWmRXN3ZVt8B0BXLV9EEckFTQNknwSJXT+vuRHAyjEWgk7cziNYcvUcCs
uAFzqaCun/VrHeNXi6b/Cu0m7I2IgjZM4i0hu5CmEZnMeXpbszQYYgLIHlMJirOz
XYB9rFO9GVjGQgcJz1A3MW4zgbs4EfXgr+bZ2+xXrITO80snS7v0zNDpDl/4Motl
JMJcgDQTjYY5U0atwzIoE9RoSWX7Zjq0KZF28JSU8Z8i4/X1rtVnqLURj30mbvkb
SHnXzkKM4fbzsEkQBluRNkCSVOGwiRxJfO8g5oiDMFdESYBnqnIcdYWVAwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHB/l/rpZw4K5niOp7RdhWrmA9syMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvY0gtWC11bG5EZ3JtZUk2bnRGMkZhdVlEMnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQATU4ZMAwD
BABNTicDBAFNTigDBABNTjIDBAFNTjQwDQYJKoZIhvcNAQELBQADggEBACrGO99d
gy1afv7OnoMnUPEVhBWMtEXxnUMBUGxjEgYQBSq/R49bBwXjdg7R1KGXiPeFXcUa
WZZOCNMg9HQtiGbUQ0bmASPGVCZIYTZIx0S+kuKgUZd6S+zeIo1WS9UhOMi04DTD
3FzQtoPIhEJHDymJotjS4nI5a/wnf1FYQdn24SEl570HY4gU0q1lJ6jTcwut9lZS
LHGEfae7oiAsCKpduKUZNXa28fW9Egw2lyja37ysVTuC+2NhdAWmNppnYAvTRcCt
xbE5qJgA8ECoG5aSBGO+2e2LtKny13VYmOM39JfDbWTTcs7N1LCt2M1YgkJn0Bia
eOsVqX6k2efs3Ek=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:37:09 2025 by rpki-client