Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tKMYskPULHrcExm9t_zqsBHITcI.roa
File: tKMYskPULHrcExm9t_zqsBHITcI.roa (raw, json)
Hash identifier: R31NKmso4WbL0fd7lkKVeCkSUgER4Iw5rjhqu8nTNvA=
Subject key identifier: B4:A3:18:B2:43:D4:2C:7A:DC:13:19:BD:B7:FC:EA:B0:11:C8:4D:C2
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 019425FC7180199FFABC62FA92749B529750
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tKMYskPULHrcExm9t_zqsBHITcI.roa
Signing time: Thu 02 Jan 2025 07:48:08 +0000
ROA not before: Thu 02 Jan 2025 07:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43545
IP address blocks: 77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
78.40.144.0/21 maxlen: 21
78.40.144.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
80.84.80.0/21 maxlen: 21
80.84.86.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.90.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
185.113.216.0/24 maxlen: 24
185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
212.84.64.0/21 maxlen: 24
212.84.68.0/24 maxlen: 24
212.84.72.0/21 maxlen: 24
212.84.80.0/21 maxlen: 24
212.84.88.0/21 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:71:80:19:9f:fa:bc:62:fa:92:74:9b:52:97:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 2 07:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4a318b243d42c7adc1319bdb7fceab011c84dc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a2:71:4a:af:10:dc:28:22:07:f4:87:41:c2:
37:c2:71:ba:1c:29:49:82:b2:53:74:60:80:00:aa:
7e:b1:87:af:6a:d1:51:6f:fe:39:77:41:e4:19:72:
20:a3:a0:d2:e3:c2:89:b4:3e:d6:6f:29:b9:98:bd:
78:8d:73:be:e5:5f:7f:83:9c:5b:f1:f5:48:d8:d3:
8e:b7:6c:54:cc:a8:4d:ce:14:19:5a:aa:db:dd:38:
b2:72:b2:2b:fa:c2:88:df:6b:6a:84:6a:e5:52:d6:
20:a1:45:63:41:a3:3c:50:71:97:a0:b9:a5:31:b4:
34:2e:c7:37:76:fb:b2:ad:8d:0f:51:80:1c:ea:69:
10:56:8a:70:86:07:1d:0d:24:d3:cc:b9:fa:81:a7:
26:ed:19:d4:8e:09:69:30:3b:2b:e9:ea:0e:71:26:
8d:11:68:5b:5e:91:53:54:4f:bd:fb:f9:7f:06:e3:
5f:d5:c7:e5:99:1d:2d:8f:47:57:86:9b:48:a1:37:
f2:24:5f:8a:1c:f8:8c:d3:24:3c:9e:e9:79:62:db:
63:f5:ac:fb:69:9a:f7:31:15:78:bc:fb:bc:67:2b:
d5:aa:9d:fb:86:25:ed:f0:f6:74:e2:3a:31:bb:90:
5a:19:dc:c2:72:91:b3:71:27:11:4d:55:6c:42:a6:
5c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A3:18:B2:43:D4:2C:7A:DC:13:19:BD:B7:FC:EA:B0:11:C8:4D:C2
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/tKMYskPULHrcExm9t_zqsBHITcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.80.0/20
185.113.216.0/22
212.84.64.0/19
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
59:8d:07:49:9e:37:df:07:08:e0:9e:5b:ce:3f:57:df:02:13:
5b:40:a7:db:3a:9a:fe:d4:40:b2:34:02:e6:21:9a:a5:3d:af:
6d:26:07:44:95:88:70:2e:96:67:f6:57:33:bc:71:46:7e:de:
56:4d:55:7e:34:59:d0:b1:da:0a:67:43:2f:9b:31:7f:42:dc:
3d:77:ec:c0:86:13:82:45:11:10:c2:ad:4b:27:1d:19:59:cf:
f8:0a:1b:12:49:73:64:66:54:7e:1b:b6:b9:8a:3d:c4:87:40:
74:dc:78:36:75:1e:e5:68:97:13:44:01:d0:84:44:6a:89:11:
be:1f:69:3e:87:b1:ac:df:21:cc:fa:68:dd:97:b7:37:77:48:
cc:0d:f8:81:d7:e6:91:40:a1:93:93:4e:91:a3:b2:96:f1:f2:
35:d5:88:27:58:0b:eb:8b:08:6c:a4:29:4a:64:58:d6:8c:8f:
c8:c2:b3:32:1a:53:4b:51:aa:d2:d0:bc:2d:f6:8b:e7:ee:fb:
5b:f5:cd:50:c4:e9:c5:8a:c3:20:8e:01:d3:92:d5:38:53:84:
8c:f7:c7:31:9a:6c:57:e9:32:66:ce:b5:bc:2c:5b:b6:9b:be:
29:4f:39:73:01:d7:92:f2:20:62:fc:66:92:47:7e:b0:23:58:
30:44:86:b9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQl/HGAGZ/6vGL6knSbUpdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjUwMTAyMDc0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGEzMThiMjQzZDQyYzdhZGMxMzE5YmRiN2ZjZWFiMDExYzg0ZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqJxSq8Q3CgiB/SHQcI3wnG6HClJ
grJTdGCAAKp+sYevatFRb/45d0HkGXIgo6DS48KJtD7Wbym5mL14jXO+5V9/g5xb
8fVI2NOOt2xUzKhNzhQZWqrb3TiycrIr+sKI32tqhGrlUtYgoUVjQaM8UHGXoLml
MbQ0Lsc3dvuyrY0PUYAc6mkQVopwhgcdDSTTzLn6gacm7RnUjglpMDsr6eoOcSaN
EWhbXpFTVE+9+/l/BuNf1cflmR0tj0dXhptIoTfyJF+KHPiM0yQ8nul5Yttj9az7
aZr3MRV4vPu8ZyvVqp37hiXt8PZ04joxu5BaGdzCcpGzcScRTVVsQqZcawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLSjGLJD1Cx63BMZvbf86rARyE3CMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvdEtNWXNrUFVMSHJjRXhtOXRfenFzQkhJVGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUpoAwQD
TiiQAwQEUFRQAwQCuXHYAwQF1FRAMA0EAgACMAcDBQAqAiTQMA0GCSqGSIb3DQEB
CwUAA4IBAQBZjQdJnjffBwjgnlvOP1ffAhNbQKfbOpr+1ECyNALmIZqlPa9tJgdE
lYhwLpZn9lczvHFGft5WTVV+NFnQsdoKZ0MvmzF/Qtw9d+zAhhOCRREQwq1LJx0Z
Wc/4ChsSSXNkZlR+G7a5ij3Eh0B03Hg2dR7laJcTRAHQhERqiRG+H2k+h7Gs3yHM
+mjdl7c3d0jMDfiB1+aRQKGTk06Ro7KW8fI11YgnWAvriwhspClKZFjWjI/IwrMy
GlNLUarS0Lwt9ovn7vtb9c1QxOnFisMgjgHTktU4U4SM98cxmmxX6TJmzrW8LFu2
m74pTzlzAdeS8iBi/GaSR36wI1gwRIa5
-----END CERTIFICATE-----
Generated at Wed Apr 16 01:56:28 2025 by rpki-client