Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_l-kXEP7uNjKBXPQ_iDyaiai-0s.roa
File: _l-kXEP7uNjKBXPQ_iDyaiai-0s.roa (raw, json)
Hash identifier: yKpSNSngqAM/eyMmWKP/S33qgMa9todToBwJi00eda0=
Subject key identifier: FE:5F:A4:5C:43:FB:B8:D8:CA:05:73:D0:FE:20:F2:6A:26:A2:FB:4B
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019496BEFDF0D74BEAEDA291B726DF0B88B7
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_l-kXEP7uNjKBXPQ_iDyaiai-0s.roa
Signing time: Fri 24 Jan 2025 05:18:06 +0000
ROA not before: Fri 24 Jan 2025 05:18:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44112
IP address blocks: 77.222.32.0/24 maxlen: 24
77.222.36.0/22 maxlen: 24
77.222.40.0/21 maxlen: 24
77.222.48.0/20 maxlen: 24
77.222.48.0/23 maxlen: 24
80.93.60.0/22 maxlen: 24
2a02:408:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:96:be:fd:f0:d7:4b:ea:ed:a2:91:b7:26:df:0b:88:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 24 05:18:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe5fa45c43fbb8d8ca0573d0fe20f26a26a2fb4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0d:0b:17:58:dc:3a:51:22:fe:ec:88:4f:67:
7f:01:a6:d7:bb:aa:21:d4:66:93:4b:ea:1b:90:50:
cf:39:a9:bf:b3:95:01:7f:bb:61:0f:6c:9c:8a:0f:
41:99:a8:31:0c:2f:4f:a4:43:89:96:e3:f4:00:e0:
c5:a8:5f:31:e1:b4:d1:53:e2:40:b6:73:5c:8f:1c:
2c:d5:61:f0:d3:97:ae:cd:f5:f4:9e:55:53:da:ca:
b6:23:72:f2:ae:e9:e7:b3:bc:8e:42:16:e7:e0:52:
d7:71:ce:81:c6:21:50:07:cf:c9:7c:d9:05:37:69:
fb:c4:0a:cc:51:ab:d6:39:f4:99:b8:7e:02:3a:71:
36:aa:14:b1:34:44:31:75:3f:4e:8e:49:12:e5:f5:
ee:91:14:2a:e5:71:2f:09:a1:1d:3d:af:2c:08:a1:
05:da:ee:58:7f:a7:0d:e8:09:fa:1a:e4:71:81:36:
09:f9:d5:08:d7:77:17:7d:8c:56:f3:00:75:66:1f:
d9:98:ba:37:95:c4:1c:3d:8a:ef:65:e6:46:b7:cb:
bd:2b:e0:81:bd:9f:23:8e:ce:e1:69:e8:19:b1:6e:
b1:a6:1a:81:11:44:05:01:1f:55:32:be:99:bb:24:
34:39:30:c9:c1:d3:e9:b5:65:e9:25:17:0a:e3:0a:
c0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5F:A4:5C:43:FB:B8:D8:CA:05:73:D0:FE:20:F2:6A:26:A2:FB:4B
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/_l-kXEP7uNjKBXPQ_iDyaiai-0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.32.0/24
77.222.36.0-77.222.63.255
80.93.60.0/22
IPv6:
2a02:408:7722::/48
Signature Algorithm: sha256WithRSAEncryption
07:61:53:69:ae:62:46:da:43:a3:ef:e0:57:00:fc:41:b6:c1:
9f:ac:1a:4c:f8:48:4b:97:f0:71:6a:e2:8d:5a:25:50:a6:84:
2e:f0:e5:61:32:d2:10:a0:03:20:20:22:50:e3:1f:85:2a:1c:
0f:91:ef:b7:0e:87:40:a8:91:73:42:61:00:06:89:d2:98:7a:
77:02:a3:f9:95:89:ee:68:82:80:bc:45:22:2c:ac:2c:0e:be:
69:13:8e:46:5a:c9:09:26:c1:1f:94:17:67:9b:a6:fc:3c:1d:
e5:24:a0:aa:88:02:d9:e1:4b:7d:ad:ba:b5:c0:ca:29:b4:96:
b9:df:e9:d6:a1:84:e4:b6:68:6f:fe:3b:43:45:78:99:68:7b:
09:64:3a:77:6e:cd:99:27:85:ab:f0:c3:16:c4:80:c2:41:79:
d5:b0:15:fe:5c:0b:ad:4e:ce:0b:51:48:f3:4e:74:ae:9b:87:
76:a4:aa:17:6d:39:bd:fb:a9:e1:98:d3:de:15:8e:7c:62:aa:
d7:41:25:a6:c3:15:f0:1a:3b:17:a7:91:89:5c:4a:42:58:d2:
19:7a:fa:8c:cc:56:36:2f:f0:ba:94:71:e1:9b:97:e3:78:7c:
e6:f9:ed:60:72:9a:67:fd:a1:e3:1a:38:9c:1a:08:6c:d2:77:
e8:d5:d5:d6
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZSWvv3w10vq7aKRtybfC4i3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjUwMTI0MDUxODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVmYTQ1YzQzZmJiOGQ4Y2EwNTczZDBmZTIwZjI2YTI2YTJmYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q0LF1jcOlEi/uyIT2d/AabXu6oh
1GaTS+obkFDPOam/s5UBf7thD2ycig9BmagxDC9PpEOJluP0AODFqF8x4bTRU+JA
tnNcjxws1WHw05euzfX0nlVT2sq2I3Lyrunns7yOQhbn4FLXcc6BxiFQB8/JfNkF
N2n7xArMUavWOfSZuH4COnE2qhSxNEQxdT9OjkkS5fXukRQq5XEvCaEdPa8sCKEF
2u5Yf6cN6An6GuRxgTYJ+dUI13cXfYxW8wB1Zh/ZmLo3lcQcPYrvZeZGt8u9K+CB
vZ8jjs7haegZsW6xphqBEUQFAR9VMr6ZuyQ0OTDJwdPptWXpJRcK4wrAcwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFP5fpFxD+7jYygVz0P4g8momovtLMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvX2wta1hFUDd1TmpLQlhQUV9pRHlhaWFpLTBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQATd4gMAwD
BAJN3iQDBAZN3gADBAJQXTwwDwQCAAIwCQMHACoCBAh3IjANBgkqhkiG9w0BAQsF
AAOCAQEAB2FTaa5iRtpDo+/gVwD8QbbBn6waTPhIS5fwcWrijVolUKaELvDlYTLS
EKADICAiUOMfhSocD5Hvtw6HQKiRc0JhAAaJ0ph6dwKj+ZWJ7miCgLxFIiysLA6+
aROORlrJCSbBH5QXZ5um/Dwd5SSgqogC2eFLfa26tcDKKbSWud/p1qGE5LZob/47
Q0V4mWh7CWQ6d27NmSeFq/DDFsSAwkF51bAV/lwLrU7OC1FI8050rpuHdqSqF205
vfup4ZjT3hWOfGKq10ElpsMV8Bo7F6eRiVxKQljSGXr6jMxWNi/wupRx4ZuX43h8
5vntYHKaZ/2h4xo4nBoIbNJ36NXV1g==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:29 2025 by rpki-client