Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nVJuPs-aXFVB8jcmoeh6bklRdKM.roa
File: nVJuPs-aXFVB8jcmoeh6bklRdKM.roa (raw, json)
Hash identifier: RymglE7qO2pK8fm0f2PhCnspu+eM4L6U+J6VQT3D4XI=
Subject key identifier: 9D:52:6E:3E:CF:9A:5C:55:41:F2:37:26:A1:E8:7A:6E:49:51:74:A3
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01944A64ABB2484A661F2F213A44466B4128
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nVJuPs-aXFVB8jcmoeh6bklRdKM.roa
Signing time: Thu 09 Jan 2025 09:28:19 +0000
ROA not before: Thu 09 Jan 2025 09:28:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29582
IP address blocks: 77.76.3.0/24 maxlen: 24
78.142.22.0/23 maxlen: 24
79.124.80.0/23 maxlen: 24
91.92.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 05:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:64:ab:b2:48:4a:66:1f:2f:21:3a:44:46:6b:41:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jan 9 09:28:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d526e3ecf9a5c5541f23726a1e87a6e495174a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:5d:5a:aa:b7:26:67:23:61:64:08:1e:76:
38:9e:b2:6c:1e:cc:c2:fc:4c:82:57:4c:40:7f:79:
2d:2b:b0:b8:36:4d:95:b1:46:b1:e8:8e:4a:4f:53:
e6:90:ec:5a:4e:fe:67:1e:c4:7a:a8:56:46:da:b8:
13:42:f6:58:7d:91:5f:6e:07:98:f4:b6:54:df:a5:
7c:e9:83:0b:8e:b7:9e:2a:26:e8:94:89:ab:d7:41:
6f:55:60:ea:59:57:61:52:e2:7c:ab:88:e7:b8:9d:
a8:a1:68:de:bd:d3:f9:ea:b5:29:3f:af:12:e3:fe:
95:d3:3e:cc:a4:b7:90:5e:3a:d3:d7:7b:47:e2:83:
09:ca:d8:aa:b3:ae:38:ba:77:e4:f6:a7:42:31:d3:
84:94:ac:30:14:8e:ae:f4:c3:78:21:b8:88:30:97:
02:9b:a1:38:89:cb:e7:ed:f3:a8:54:4d:ea:0d:ee:
6d:59:e7:3b:79:43:7e:ed:22:1b:fe:6d:7d:1a:7a:
2e:f7:fd:24:a0:b5:f4:7b:c4:ff:96:0c:d4:68:77:
49:ec:3c:23:e6:00:61:5d:3c:40:6d:13:27:b6:1a:
35:c1:92:7a:5c:83:66:87:af:1d:d5:03:1b:2d:b9:
1e:18:cb:b5:c1:57:be:5e:fd:61:03:c2:38:07:8c:
21:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:52:6E:3E:CF:9A:5C:55:41:F2:37:26:A1:E8:7A:6E:49:51:74:A3
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/nVJuPs-aXFVB8jcmoeh6bklRdKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.3.0/24
78.142.22.0/23
79.124.80.0/23
91.92.59.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a9:29:b0:5b:bc:41:41:5d:8d:36:58:c6:73:93:95:fc:9c:
f4:d2:ca:02:cb:26:e4:e0:42:ff:dc:75:03:da:d3:ef:8e:48:
78:74:91:c9:4c:ad:df:fa:1b:6a:78:27:1a:6b:69:1a:35:a0:
72:a1:71:f3:1d:b9:80:34:22:6a:88:1d:20:51:26:a9:8c:e7:
14:99:5a:cb:4d:d6:3d:e0:b9:38:46:cb:f9:7b:71:79:98:9e:
39:68:1d:13:00:72:98:8b:ce:20:81:e7:c2:46:c5:32:2f:31:
8a:e2:a4:8e:2e:18:33:90:1b:3e:bc:4f:eb:02:78:74:0b:ab:
42:d6:16:6f:d6:6b:23:06:26:c5:60:41:ed:28:93:5d:41:d8:
fd:46:3f:5f:44:25:4b:46:7b:f8:90:c0:e1:f5:b1:c6:f3:0d:
ae:80:90:99:41:85:ce:82:6a:9b:28:1f:cf:e8:04:25:cf:d3:
ba:14:a4:7e:88:55:91:00:e3:c4:79:b8:cb:81:a7:d0:54:06:
e4:c3:4b:fe:26:51:6e:34:ac:bc:45:05:0d:de:82:69:45:24:
eb:12:8d:36:6f:51:37:85:9a:6f:97:2c:12:bf:c3:52:3a:80:
52:d5:8d:75:81:1a:cb:2d:f2:b0:fb:d4:95:40:7a:7b:c3:4a:
e6:6c:c5:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRKZKuySEpmHy8hOkRGa0EoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwMTA5MDkyODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDUyNmUzZWNmOWE1YzU1NDFmMjM3MjZhMWU4N2E2ZTQ5NTE3NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJxdWqq3JmcjYWQIHnY4nrJsHszC
/EyCV0xAf3ktK7C4Nk2VsUax6I5KT1PmkOxaTv5nHsR6qFZG2rgTQvZYfZFfbgeY
9LZU36V86YMLjreeKibolImr10FvVWDqWVdhUuJ8q4jnuJ2ooWjevdP56rUpP68S
4/6V0z7MpLeQXjrT13tH4oMJytiqs644unfk9qdCMdOElKwwFI6u9MN4IbiIMJcC
m6E4icvn7fOoVE3qDe5tWec7eUN+7SIb/m19Gnou9/0koLX0e8T/lgzUaHdJ7Dwj
5gBhXTxAbRMntho1wZJ6XINmh68d1QMbLbkeGMu1wVe+Xv1hA8I4B4wh7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ1Sbj7PmlxVQfI3JqHoem5JUXSjMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvblZKdVBzLWFYRlZCOGpjbW9laDZia2xSZEtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATUwDAwQB
To4WAwQBT3xQAwQAW1w7MA0GCSqGSIb3DQEBCwUAA4IBAQBdqSmwW7xBQV2NNljG
c5OV/Jz00soCyybk4EL/3HUD2tPvjkh4dJHJTK3f+htqeCcaa2kaNaByoXHzHbmA
NCJqiB0gUSapjOcUmVrLTdY94Lk4Rsv5e3F5mJ45aB0TAHKYi84ggefCRsUyLzGK
4qSOLhgzkBs+vE/rAnh0C6tC1hZv1msjBibFYEHtKJNdQdj9Rj9fRCVLRnv4kMDh
9bHG8w2ugJCZQYXOgmqbKB/P6AQlz9O6FKR+iFWRAOPEebjLgafQVAbkw0v+JlFu
NKy8RQUN3oJpRSTrEo02b1E3hZpvlywSv8NSOoBS1Y11gRrLLfKw+9SVQHp7w0rm
bMVL
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:08:18 2025 by rpki-client