Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/oMpZucICfk-8ZesIjg26RzH9z8Q.roa
File: oMpZucICfk-8ZesIjg26RzH9z8Q.roa (raw, json)
Hash identifier: avfjdtl0mm9+afn2EBtC58m5oIaLp8/rBFhWdaYQq6o=
Subject key identifier: A0:CA:59:B9:C2:02:7E:4F:BC:65:EB:08:8E:0D:BA:47:31:FD:CF:C4
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 019425FC409DFB6561545B8C7D54E8D93AE7
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/oMpZucICfk-8ZesIjg26RzH9z8Q.roa
Signing time: Thu 02 Jan 2025 07:47:55 +0000
ROA not before: Thu 02 Jan 2025 07:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206487
IP address blocks: 77.241.49.0/24 maxlen: 24
77.241.62.0/24 maxlen: 24
89.39.33.0/24 maxlen: 24
89.39.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:40:9d:fb:65:61:54:5b:8c:7d:54:e8:d9:3a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Jan 2 07:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0ca59b9c2027e4fbc65eb088e0dba4731fdcfc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:36:88:5e:a7:b9:d7:52:90:a5:20:70:1c:78:
5f:ba:7f:6f:c6:58:1a:fa:b5:05:28:71:c2:53:4a:
a7:68:39:c8:a7:52:f2:48:82:34:33:2e:bf:38:cf:
5c:d0:75:93:04:59:d8:65:65:20:69:a2:39:b7:35:
7f:aa:d4:0c:98:0f:51:8c:18:b6:5e:e9:78:ff:29:
b7:ec:43:0a:48:bd:ec:65:8b:62:e9:37:08:90:3c:
27:9a:df:98:1e:39:7c:21:42:11:91:8b:45:0c:22:
f8:11:e2:31:be:b7:0d:bb:04:fe:b0:b9:1b:67:6d:
e8:3a:8e:59:5d:90:60:cb:bd:b4:2f:b3:89:e8:d6:
22:02:f4:26:45:72:f8:47:f4:ef:2b:ed:8c:10:17:
5f:41:8f:8c:4b:56:b2:57:6d:b7:1a:de:89:e8:08:
dc:46:b9:8d:bd:85:e6:28:c9:56:24:4e:ce:cd:3b:
4f:f8:e6:75:b8:e2:76:44:04:92:67:98:d2:79:54:
76:6d:b8:d0:70:5b:7c:76:7f:01:27:3b:29:03:d5:
61:0d:a8:74:a0:2f:55:cc:52:c6:e0:d1:e3:64:e9:
42:3a:29:5c:81:a0:96:b8:73:4f:48:7e:3a:92:e8:
aa:dc:9d:a0:7f:5e:7e:4d:73:31:19:4b:b8:72:fe:
fb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CA:59:B9:C2:02:7E:4F:BC:65:EB:08:8E:0D:BA:47:31:FD:CF:C4
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/oMpZucICfk-8ZesIjg26RzH9z8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.49.0/24
77.241.62.0/24
89.39.33.0-89.39.34.255
Signature Algorithm: sha256WithRSAEncryption
29:b0:4c:ff:80:45:72:72:5b:a4:1f:0f:9e:d1:62:fd:d0:91:
bd:98:7b:d6:63:f6:1e:d2:0a:05:98:3f:1b:8c:ff:b2:a7:bd:
41:0a:6f:6f:78:4a:8a:7c:14:a8:71:52:b6:09:b1:04:2a:08:
42:df:56:ed:c6:8d:2a:11:a7:2c:20:28:bf:04:76:6d:7b:3e:
7e:01:0e:d4:9f:f9:7d:73:3a:0d:b7:be:f7:22:aa:86:ec:3c:
53:f7:e1:85:3b:db:11:74:3b:9d:cd:e5:90:55:ee:c3:b4:e7:
cd:0c:13:e7:62:23:a8:f4:3a:2f:74:b5:3a:fd:0d:04:7c:25:
77:5e:06:94:d3:e4:c9:1f:0e:df:f4:fa:a2:1c:1b:c4:fa:99:
03:c3:0a:fd:35:26:86:09:ed:43:4e:f5:2f:1e:46:5f:dd:43:
1c:dd:ab:db:34:ff:86:46:1c:7a:e1:95:aa:e4:ea:28:65:4c:
d2:65:97:ac:4b:6d:2a:58:bb:0c:1c:3d:fe:a4:c2:d7:d8:40:
63:3f:ef:72:1a:53:63:fa:5d:47:4c:9a:64:f3:d4:f8:0c:26:
64:f5:e2:87:dc:84:ce:73:d0:0c:34:31:e1:e0:22:27:5f:1f:
57:4d:26:51:21:0b:50:d8:32:7a:9d:d1:22:cc:dc:5a:cc:81:
ed:48:2c:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/ECd+2VhVFuMfVTo2TrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjUwMTAyMDc0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNhNTliOWMyMDI3ZTRmYmM2NWViMDg4ZTBkYmE0NzMxZmRjZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjaIXqe511KQpSBwHHhfun9vxlga
+rUFKHHCU0qnaDnIp1LySII0My6/OM9c0HWTBFnYZWUgaaI5tzV/qtQMmA9RjBi2
Xul4/ym37EMKSL3sZYti6TcIkDwnmt+YHjl8IUIRkYtFDCL4EeIxvrcNuwT+sLkb
Z23oOo5ZXZBgy720L7OJ6NYiAvQmRXL4R/TvK+2MEBdfQY+MS1ayV223Gt6J6Ajc
RrmNvYXmKMlWJE7OzTtP+OZ1uOJ2RASSZ5jSeVR2bbjQcFt8dn8BJzspA9VhDah0
oC9VzFLG4NHjZOlCOilcgaCWuHNPSH46kuiq3J2gf15+TXMxGUu4cv77uQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKDKWbnCAn5PvGXrCI4Nukcx/c/EMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvb01wWnVjSUNmay04WmVzSWpnMjZSekg5ejhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQATfExAwQA
TfE+MAwDBABZJyEDBABZJyIwDQYJKoZIhvcNAQELBQADggEBACmwTP+ARXJyW6Qf
D57RYv3Qkb2Ye9Zj9h7SCgWYPxuM/7KnvUEKb294Sop8FKhxUrYJsQQqCELfVu3G
jSoRpywgKL8Edm17Pn4BDtSf+X1zOg23vvciqobsPFP34YU72xF0O53N5ZBV7sO0
580ME+diI6j0Oi90tTr9DQR8JXdeBpTT5MkfDt/0+qIcG8T6mQPDCv01JoYJ7UNO
9S8eRl/dQxzdq9s0/4ZGHHrhlark6ihlTNJll6xLbSpYuwwcPf6kwtfYQGM/73Ia
U2P6XUdMmmTz1PgMJmT14ofchM5z0Aw0MeHgIidfH1dNJlEhC1DYMnqd0SLM3FrM
ge1ILGc=
-----END CERTIFICATE-----
Generated at Tue Apr 15 06:17:07 2025 by rpki-client