Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/OPqqFqqV-JrWbYss9QbQxTdrKKA.roa
File: OPqqFqqV-JrWbYss9QbQxTdrKKA.roa (raw, json)
Hash identifier: hghe6z1NjfdWOVEuMaQtAPQZcmsET9fhQeAJCEDcWYc=
Subject key identifier: 38:FA:AA:16:AA:95:F8:9A:D6:6D:8B:2C:F5:06:D0:C5:37:6B:28:A0
Certificate issuer: /CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Certificate serial: 01941FFA2E38C4F8703C41C82B07B97F821D
Authority key identifier: F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/OPqqFqqV-JrWbYss9QbQxTdrKKA.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216376
IP address blocks: 185.77.98.0/23 maxlen: 23
185.77.98.0/24 maxlen: 24
185.77.99.0/24 maxlen: 24
2a13:ab40::/32 maxlen: 32
2a13:ab40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.mft
rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2e:38:c4:f8:70:3c:41:c8:2b:07:b9:7f:82:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76fd568674856415eb1e21342aaf323b37b7a2e
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38faaa16aa95f89ad66d8b2cf506d0c5376b28a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:90:dd:de:64:94:b2:07:e2:fc:3a:a6:43:c3:
5d:4f:cc:37:a5:f5:97:ba:2c:e5:a5:e2:38:f2:99:
b9:e4:ac:b2:c2:5a:33:f3:1b:68:7e:35:a8:da:9c:
b1:3d:25:6a:5c:f1:5c:af:bc:64:57:a3:d6:fc:a9:
b0:03:f3:1c:f3:e0:d8:b9:c4:55:8a:10:b1:cc:79:
29:05:82:31:d3:6f:df:58:b0:4d:a0:46:9b:5c:63:
4a:d1:c6:c5:d5:b2:5d:8f:31:75:a4:e0:b0:bb:c4:
71:d5:b8:67:90:cd:a7:e9:13:09:c9:32:78:02:e0:
71:37:46:81:7e:5e:94:59:2c:32:73:c7:80:fd:4f:
ca:7e:f8:2a:3a:53:4a:fe:a4:e3:d8:31:92:f9:3d:
98:90:d6:fc:df:ee:29:8e:53:e4:2e:2b:4a:74:38:
b8:96:69:5f:dc:36:5c:e7:d3:fa:75:b6:a4:d4:ce:
65:62:6f:8b:82:66:6f:06:98:17:e6:a2:ec:52:de:
35:57:be:a0:9f:b1:c2:7f:08:d5:f4:41:6f:d3:30:
e8:92:75:7e:94:ae:4f:a3:79:97:9b:6a:a3:ae:60:
68:56:0a:28:6b:82:28:44:80:42:d1:e9:ef:56:31:
ec:58:71:c1:35:e5:cb:41:c0:72:6d:86:21:be:6b:
d7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FA:AA:16:AA:95:F8:9A:D6:6D:8B:2C:F5:06:D0:C5:37:6B:28:A0
X509v3 Authority Key Identifier:
keyid:F7:6F:D5:68:67:48:56:41:5E:B1:E2:13:42:AA:F3:23:B3:7B:7A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92_VaGdIVkFeseITQqrzI7N7ei4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/OPqqFqqV-JrWbYss9QbQxTdrKKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/540da5-27fb-46e6-a132-b54d82d8be7b/1/92_VaGdIVkFeseITQqrzI7N7ei4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.98.0/23
IPv6:
2a13:ab40::/32
Signature Algorithm: sha256WithRSAEncryption
46:71:f1:1d:2a:38:b4:a7:63:83:10:2e:82:35:07:bb:c2:36:
4f:79:cb:73:e3:2b:80:2a:52:5f:4d:34:46:4b:86:2b:34:9f:
f5:d2:6f:69:34:2b:33:17:ee:aa:0d:cc:d9:e7:74:ed:f3:ef:
db:93:ee:75:93:50:94:4b:ed:ba:fe:70:34:7a:fb:e9:85:22:
6c:02:60:a8:f6:e4:a2:ad:7d:73:de:e4:a7:9c:8f:eb:be:25:
bd:d3:35:17:17:45:a2:9f:45:35:9a:63:3f:db:54:e8:ed:5c:
69:3e:33:84:8e:7d:cc:c8:c7:a9:08:0a:35:ad:b9:43:8b:3c:
23:6e:64:78:a3:8f:1e:36:c6:97:23:2b:35:8e:f2:aa:ed:d9:
97:dd:67:89:50:24:dc:81:a0:a1:4b:47:d1:d1:e6:ce:f0:fa:
92:e2:8e:25:b1:c7:1c:7a:9d:0c:36:e7:f1:e7:6f:db:12:ae:
2f:76:90:ce:5f:cd:3d:79:fd:ec:d7:dd:b2:1c:1e:97:38:c2:
a1:14:c2:16:e6:de:95:4f:8d:f9:bc:41:6f:22:a0:c6:e3:d9:
2a:dd:e4:32:34:d6:bc:7c:63:af:b5:ad:d5:f1:73:6a:29:bd:
9a:48:d3:01:c3:a4:6f:2e:55:a5:f7:a0:9b:25:41:bb:ea:c9:
55:39:25:89
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+i44xPhwPEHIKwe5f4IdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmZkNTY4Njc0ODU2NDE1ZWIxZTIxMzQyYWFmMzIzYjM3
YjdhMmUwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZhYWExNmFhOTVmODlhZDY2ZDhiMmNmNTA2ZDBjNTM3NmIyOGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZDd3mSUsgfi/DqmQ8NdT8w3pfWX
uizlpeI48pm55Kyywloz8xtofjWo2pyxPSVqXPFcr7xkV6PW/KmwA/Mc8+DYucRV
ihCxzHkpBYIx02/fWLBNoEabXGNK0cbF1bJdjzF1pOCwu8Rx1bhnkM2n6RMJyTJ4
AuBxN0aBfl6UWSwyc8eA/U/KfvgqOlNK/qTj2DGS+T2YkNb83+4pjlPkLitKdDi4
lmlf3DZc59P6dbak1M5lYm+LgmZvBpgX5qLsUt41V76gn7HCfwjV9EFv0zDoknV+
lK5Po3mXm2qjrmBoVgooa4IoRIBC0envVjHsWHHBNeXLQcBybYYhvmvXPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDj6qhaqlfia1m2LLPUG0MU3ayigMB8GA1UdIwQY
MBaAFPdv1WhnSFZBXrHiE0Kq8yOze3ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzIt
YjU0ZDgyZDhiZTdiLzEvT1BxcUZxcVYtSnJXYllzczlRYlF4VGRyS0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi81NDBkYTUtMjdmYi00NmU2LWExMzItYjU0ZDgyZDhiZTdi
LzEvOTJfVmFHZElWa0Zlc2VJVFFxcnpJN043ZWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuU1iMA0E
AgACMAcDBQAqE6tAMA0GCSqGSIb3DQEBCwUAA4IBAQBGcfEdKji0p2ODEC6CNQe7
wjZPectz4yuAKlJfTTRGS4YrNJ/10m9pNCszF+6qDczZ53Tt8+/bk+51k1CUS+26
/nA0evvphSJsAmCo9uSirX1z3uSnnI/rviW90zUXF0Win0U1mmM/21To7VxpPjOE
jn3MyMepCAo1rblDizwjbmR4o48eNsaXIys1jvKq7dmX3WeJUCTcgaChS0fR0ebO
8PqS4o4lscccep0MNufx52/bEq4vdpDOX809ef3s192yHB6XOMKhFMIW5t6VT435
vEFvIqDG49kq3eQyNNa8fGOvta3V8XNqKb2aSNMBw6RvLlWl96CbJUG76slVOSWJ
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:41:59 2025 by rpki-client