Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/Mq4KEjTO5-3eXlg2Z24LUeQDfPk.roa
File: Mq4KEjTO5-3eXlg2Z24LUeQDfPk.roa (raw, json)
Hash identifier: iw4ECgSPXnY1fZL4AMAR4ZlIFQjssIsKBQeuJNCApWM=
Subject key identifier: 32:AE:0A:12:34:CE:E7:ED:DE:5E:58:36:67:6E:0B:51:E4:03:7C:F9
Certificate issuer: /CN=c9dcb695c70db4b96370600750918a4b3a8a21a9
Certificate serial: 019423D734C55FA81B1A71B0A9042F73CA80
Authority key identifier: C9:DC:B6:95:C7:0D:B4:B9:63:70:60:07:50:91:8A:4B:3A:8A:21:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydy2lccNtLljcGAHUJGKSzqKIak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/Mq4KEjTO5-3eXlg2Z24LUeQDfPk.roa
Signing time: Wed 01 Jan 2025 21:48:13 +0000
ROA not before: Wed 01 Jan 2025 21:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56865
IP address blocks: 77.240.84.0/23 maxlen: 23
77.240.84.0/24 maxlen: 24
77.240.85.0/24 maxlen: 24
85.184.238.0/23 maxlen: 23
85.184.238.0/24 maxlen: 24
85.184.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/ydy2lccNtLljcGAHUJGKSzqKIak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/ydy2lccNtLljcGAHUJGKSzqKIak.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydy2lccNtLljcGAHUJGKSzqKIak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:34:c5:5f:a8:1b:1a:71:b0:a9:04:2f:73:ca:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9dcb695c70db4b96370600750918a4b3a8a21a9
Validity
Not Before: Jan 1 21:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ae0a1234cee7edde5e5836676e0b51e4037cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:16:b2:40:0a:e6:85:52:c8:01:dd:2d:89:
3a:5f:94:79:e9:89:b4:69:7c:f1:8a:f0:c3:e2:82:
3f:7b:3d:d2:f6:6e:b2:f0:0a:81:44:1b:c3:b4:40:
a7:8b:ff:63:b7:df:fe:b1:fe:e9:47:6f:8d:f8:d9:
12:21:b5:72:38:0c:9a:fc:bc:d0:4d:03:51:2e:cd:
ad:cd:f8:dc:c7:cb:b0:05:6d:f0:f4:eb:32:e0:87:
eb:e1:0b:06:35:85:3f:f9:77:0b:37:e6:1b:72:7a:
fa:91:37:a8:e2:45:a2:fb:87:14:55:a9:44:4f:f7:
ec:b0:0f:20:3c:6b:7d:05:d6:cc:eb:9e:0e:7f:78:
b3:ed:cb:5d:a6:31:3b:10:d5:ea:c9:cb:9f:c2:9b:
f6:d0:1c:b8:46:d2:72:a7:8d:38:44:58:3f:18:81:
24:ef:13:02:d7:3d:d7:5c:89:1f:cb:e5:81:6c:31:
09:22:f9:8c:ff:0e:0d:89:b6:a7:88:b5:a1:9c:9b:
b6:80:be:93:ce:1e:3e:30:26:57:36:cc:b5:1e:e5:
19:98:ea:4d:1a:97:93:fd:85:37:2c:e3:60:ce:52:
70:3d:16:9c:ed:f0:a8:a3:4f:26:15:05:c8:2a:80:
29:58:68:3f:09:5f:96:ca:af:b2:35:a1:d4:d5:eb:
31:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:AE:0A:12:34:CE:E7:ED:DE:5E:58:36:67:6E:0B:51:E4:03:7C:F9
X509v3 Authority Key Identifier:
keyid:C9:DC:B6:95:C7:0D:B4:B9:63:70:60:07:50:91:8A:4B:3A:8A:21:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydy2lccNtLljcGAHUJGKSzqKIak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/Mq4KEjTO5-3eXlg2Z24LUeQDfPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/0222fe-dcc8-4a7d-bfa2-eca978c3cb85/1/ydy2lccNtLljcGAHUJGKSzqKIak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.84.0/23
85.184.238.0/23
Signature Algorithm: sha256WithRSAEncryption
92:5c:b1:1f:32:45:02:9c:cb:96:71:38:75:9a:5f:94:99:5b:
43:ec:bc:b0:0c:18:ad:bb:a4:62:92:06:63:b8:19:27:af:bc:
39:47:2d:ec:f6:92:f3:d1:27:74:ab:eb:01:5b:22:79:c8:ea:
69:41:eb:41:72:39:74:5a:2b:8d:90:de:ca:bb:a1:2e:b3:0b:
fb:15:de:97:6c:97:da:b9:d0:a2:7d:47:49:5d:28:7f:1c:26:
13:9a:ba:a5:63:6b:c9:57:f4:33:7d:f1:35:fc:c2:32:d6:b3:
e9:8e:38:0d:2b:fc:4c:e9:15:6b:2f:a4:94:dd:61:e9:7c:47:
ea:a7:79:eb:3d:9a:9a:1a:c6:11:d9:0c:47:60:20:1a:93:ef:
54:73:b4:e8:83:66:a2:88:01:4a:25:c6:3e:f6:d1:14:8e:d8:
85:d9:ec:32:18:6c:a8:9c:e7:59:06:17:23:ac:be:88:1c:ad:
85:53:0f:31:99:f6:64:ed:dc:e0:4b:e1:37:5a:42:77:b0:16:
ba:cc:58:43:63:5d:09:6d:62:c2:bd:73:f4:3f:db:a8:18:a1:
8f:4d:30:91:89:19:84:22:89:ca:78:3a:9a:1f:79:d6:0d:d0:
58:83:a6:cb:cd:df:20:55:f6:aa:4b:5e:e0:d2:46:9d:2b:4e:
b7:72:25:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1zTFX6gbGnGwqQQvc8qAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZGNiNjk1YzcwZGI0Yjk2MzcwNjAwNzUwOTE4YTRiM2E4
YTIxYTkwHhcNMjUwMTAxMjE0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmFlMGExMjM0Y2VlN2VkZGU1ZTU4MzY2NzZlMGI1MWU0MDM3Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVkWskAK5oVSyAHdLYk6X5R56Ym0
aXzxivDD4oI/ez3S9m6y8AqBRBvDtECni/9jt9/+sf7pR2+N+NkSIbVyOAya/LzQ
TQNRLs2tzfjcx8uwBW3w9Osy4Ifr4QsGNYU/+XcLN+Ybcnr6kTeo4kWi+4cUValE
T/fssA8gPGt9BdbM654Of3iz7ctdpjE7ENXqycufwpv20By4RtJyp404RFg/GIEk
7xMC1z3XXIkfy+WBbDEJIvmM/w4NibaniLWhnJu2gL6Tzh4+MCZXNsy1HuUZmOpN
GpeT/YU3LONgzlJwPRac7fCoo08mFQXIKoApWGg/CV+Wyq+yNaHU1esxrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDKuChI0zuft3l5YNmduC1HkA3z5MB8GA1UdIwQY
MBaAFMnctpXHDbS5Y3BgB1CRiks6iiGpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWR5MmxjY050TGxqY0dBSFVKR0tTenFLSWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8wMjIyZmUtZGNjOC00YTdkLWJmYTIt
ZWNhOTc4YzNjYjg1LzEvTXE0S0VqVE81LTNlWGxnMloyNExVZVFEZlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8wMjIyZmUtZGNjOC00YTdkLWJmYTItZWNhOTc4YzNjYjg1
LzEveWR5MmxjY050TGxqY0dBSFVKR0tTenFLSWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTfBUAwQB
VbjuMA0GCSqGSIb3DQEBCwUAA4IBAQCSXLEfMkUCnMuWcTh1ml+UmVtD7LywDBit
u6RikgZjuBknr7w5Ry3s9pLz0Sd0q+sBWyJ5yOppQetBcjl0WiuNkN7Ku6Euswv7
Fd6XbJfaudCifUdJXSh/HCYTmrqlY2vJV/QzffE1/MIy1rPpjjgNK/xM6RVrL6SU
3WHpfEfqp3nrPZqaGsYR2QxHYCAak+9Uc7Tog2aiiAFKJcY+9tEUjtiF2ewyGGyo
nOdZBhcjrL6IHK2FUw8xmfZk7dzgS+E3WkJ3sBa6zFhDY10JbWLCvXP0P9uoGKGP
TTCRiRmEIonKeDqaH3nWDdBYg6bLzd8gVfaqS17g0kadK063ciXD
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:19 2025 by rpki-client