Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/sdwBrQY4WiA2lt3H1cKis5W9S04.roa
File: sdwBrQY4WiA2lt3H1cKis5W9S04.roa (raw, json)
Hash identifier: Mk3APkF4fBeIqw1OvvqRXpLXb2g4dXwfd7H1jQoWJzI=
Subject key identifier: B1:DC:01:AD:06:38:5A:20:36:96:DD:C7:D5:C2:A2:B3:95:BD:4B:4E
Certificate issuer: /CN=d524a83fff2f000e99c1f28ec19648986f8ddc37
Certificate serial: 0194244569CEA34FE15EB7D3A53401FB30AE
Authority key identifier: D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/sdwBrQY4WiA2lt3H1cKis5W9S04.roa
Signing time: Wed 01 Jan 2025 23:48:36 +0000
ROA not before: Wed 01 Jan 2025 23:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42763
IP address blocks: 77.87.0.0/21 maxlen: 24
91.193.120.0/22 maxlen: 24
193.33.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:69:ce:a3:4f:e1:5e:b7:d3:a5:34:01:fb:30:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d524a83fff2f000e99c1f28ec19648986f8ddc37
Validity
Not Before: Jan 1 23:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1dc01ad06385a203696ddc7d5c2a2b395bd4b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:47:1d:b2:87:99:77:f6:c9:c2:8a:ac:5e:15:
66:f3:60:31:13:9e:0f:c4:a8:f8:5d:88:69:f9:07:
2f:84:0d:28:99:20:7d:5d:c5:6a:4a:16:24:a4:b0:
c2:f8:2e:0e:47:0a:3e:d2:da:15:e8:98:aa:73:34:
f1:ba:e4:a0:da:a0:33:de:8a:8d:f9:39:5c:7e:e8:
8a:63:3b:9c:18:b6:15:45:0b:a5:e9:34:40:3f:62:
ac:4e:ea:7d:28:19:ab:cc:c5:98:ee:de:2a:27:e5:
7f:8a:a1:3f:11:7a:23:1c:a9:0b:2e:c0:79:07:b8:
3a:a7:b1:97:36:7d:a2:8e:66:e3:e2:3b:1a:8b:6d:
d6:34:36:d0:82:fd:3e:c9:c6:41:76:0d:96:66:66:
83:ff:7a:22:b0:e9:4b:ae:99:9c:0c:84:fc:46:69:
c9:82:4d:80:e2:08:b2:7e:36:fa:a6:1b:fa:a7:d2:
f5:ad:73:46:a7:92:fe:d0:42:16:9f:9d:78:78:38:
ae:7d:cf:98:0a:96:6b:0b:a2:52:b7:53:6c:71:f3:
1f:f1:50:15:e8:2d:98:01:84:a3:e0:d8:b7:17:f9:
a4:86:6a:ee:94:b8:f9:35:bd:64:cf:aa:8a:85:05:
54:f6:a0:ae:e0:96:8f:9e:df:e6:a3:e6:c8:34:56:
78:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DC:01:AD:06:38:5A:20:36:96:DD:C7:D5:C2:A2:B3:95:BD:4B:4E
X509v3 Authority Key Identifier:
keyid:D5:24:A8:3F:FF:2F:00:0E:99:C1:F2:8E:C1:96:48:98:6F:8D:DC:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/sdwBrQY4WiA2lt3H1cKis5W9S04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/dbafcd-a51d-446b-9cd7-44d40d1c46d5/1/1SSoP_8vAA6ZwfKOwZZImG-N3Dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.0.0/21
91.193.120.0/22
193.33.174.0/23
Signature Algorithm: sha256WithRSAEncryption
11:96:21:e3:68:3c:c9:99:4b:25:99:ec:f2:47:b7:a2:1f:3a:
d1:92:20:d1:8a:d8:a3:d3:62:e8:e4:e1:ad:55:5c:17:f8:de:
bf:3d:2f:70:54:51:5c:6f:95:4f:bd:fb:37:11:0d:75:fa:5a:
f8:e0:4c:ac:48:df:b1:f8:8e:75:54:1e:26:9d:d5:0d:b7:93:
25:ea:57:a6:57:e4:6b:d9:f3:5e:ac:f2:e6:19:0b:db:3b:9d:
ad:84:9a:e2:a5:cc:2a:c2:f3:11:7c:82:db:65:74:ce:e5:e8:
a9:57:5e:05:89:06:e4:a7:3a:c2:ab:8b:fc:43:a1:36:4e:b4:
c5:72:2e:ed:6d:c3:b6:46:54:1d:be:47:d5:d8:b4:d8:d4:99:
61:a9:ae:02:4a:8e:87:b3:fe:eb:28:19:7d:53:83:7e:7f:18:
82:00:ac:ee:27:c4:a6:55:78:f5:8c:9d:01:a1:94:ad:7d:a8:
52:f6:9d:1a:d0:93:18:c4:13:8b:24:f1:f2:ec:b2:43:ac:dc:
4e:24:50:14:89:07:26:b9:06:41:10:02:04:f6:5d:9e:32:bd:
17:d0:aa:1d:c8:fd:e5:08:ba:0c:c9:3a:6b:bc:55:4c:0d:95:
88:4d:27:67:5d:ea:a6:a5:40:9d:6f:56:ad:03:52:13:31:3f:
bc:38:a9:f6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRWnOo0/hXrfTpTQB+zCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1MjRhODNmZmYyZjAwMGU5OWMxZjI4ZWMxOTY0ODk4NmY4
ZGRjMzcwHhcNMjUwMTAxMjM0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWRjMDFhZDA2Mzg1YTIwMzY5NmRkYzdkNWMyYTJiMzk1YmQ0YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUcdsoeZd/bJwoqsXhVm82AxE54P
xKj4XYhp+QcvhA0omSB9XcVqShYkpLDC+C4ORwo+0toV6JiqczTxuuSg2qAz3oqN
+TlcfuiKYzucGLYVRQul6TRAP2KsTup9KBmrzMWY7t4qJ+V/iqE/EXojHKkLLsB5
B7g6p7GXNn2ijmbj4jsai23WNDbQgv0+ycZBdg2WZmaD/3oisOlLrpmcDIT8RmnJ
gk2A4giyfjb6phv6p9L1rXNGp5L+0EIWn514eDiufc+YCpZrC6JSt1NscfMf8VAV
6C2YAYSj4Ni3F/mkhmrulLj5Nb1kz6qKhQVU9qCu4JaPnt/mo+bINFZ4EwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLHcAa0GOFogNpbdx9XCorOVvUtOMB8GA1UdIwQY
MBaAFNUkqD//LwAOmcHyjsGWSJhvjdw3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDct
NDRkNDBkMWM0NmQ1LzEvc2R3QnJRWTRXaUEybHQzSDFjS2lzNVc5UzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kYmFmY2QtYTUxZC00NDZiLTljZDctNDRkNDBkMWM0NmQ1
LzEvMVNTb1BfOHZBQTZad2ZLT3daWkltRy1OM0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTVcAAwQC
W8F4AwQBwSGuMA0GCSqGSIb3DQEBCwUAA4IBAQARliHjaDzJmUslmezyR7eiHzrR
kiDRitij02Lo5OGtVVwX+N6/PS9wVFFcb5VPvfs3EQ11+lr44EysSN+x+I51VB4m
ndUNt5Ml6lemV+Rr2fNerPLmGQvbO52thJripcwqwvMRfILbZXTO5eipV14FiQbk
pzrCq4v8Q6E2TrTFci7tbcO2RlQdvkfV2LTY1Jlhqa4CSo6Hs/7rKBl9U4N+fxiC
AKzuJ8SmVXj1jJ0BoZStfahS9p0a0JMYxBOLJPHy7LJDrNxOJFAUiQcmuQZBEAIE
9l2eMr0X0KodyP3lCLoMyTprvFVMDZWITSdnXeqmpUCdb1atA1ITMT+8OKn2
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:24:31 2025 by rpki-client