Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/7oIzidmPV5DMaJu71KEE7TN3jrE.roa
File: 7oIzidmPV5DMaJu71KEE7TN3jrE.roa (raw, json)
Hash identifier: kCtY+zZ5Nv1Tl34nUDS681Pc5/oW0aaVlayqB3KyvjU=
Subject key identifier: EE:82:33:89:D9:8F:57:90:CC:68:9B:BB:D4:A1:04:ED:33:77:8E:B1
Certificate issuer: /CN=700002e9cd2c74a0ef8b51b40d44d141a932d283
Certificate serial: 019427B5BC94EE4493742C20B9A0C6E8B559
Authority key identifier: 70:00:02:E9:CD:2C:74:A0:EF:8B:51:B4:0D:44:D1:41:A9:32:D2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAAC6c0sdKDvi1G0DUTRQaky0oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/7oIzidmPV5DMaJu71KEE7TN3jrE.roa
Signing time: Thu 02 Jan 2025 15:50:09 +0000
ROA not before: Thu 02 Jan 2025 15:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13070
IP address blocks: 77.241.160.0/22 maxlen: 22
217.145.208.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/cAAC6c0sdKDvi1G0DUTRQaky0oM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/cAAC6c0sdKDvi1G0DUTRQaky0oM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cAAC6c0sdKDvi1G0DUTRQaky0oM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:bc:94:ee:44:93:74:2c:20:b9:a0:c6:e8:b5:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700002e9cd2c74a0ef8b51b40d44d141a932d283
Validity
Not Before: Jan 2 15:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee823389d98f5790cc689bbbd4a104ed33778eb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:49:41:06:24:33:86:e7:d3:1b:02:51:67:e9:
e9:c7:ac:25:9a:e0:fd:72:72:7e:90:0e:62:ee:c5:
70:d4:a0:3a:86:45:9e:22:d2:56:4a:b0:4e:55:66:
18:da:2e:fc:3a:6b:c3:2b:6c:0b:e9:be:5b:b2:2a:
62:0f:28:ea:c1:f8:80:a1:fa:30:7b:b0:01:52:7a:
f7:8e:97:14:b1:84:eb:ed:10:c5:e8:a0:a1:b1:72:
f4:b6:b6:2a:53:a2:b6:37:24:11:a7:47:eb:a8:5f:
4c:72:cc:40:12:88:fb:78:69:cd:4f:3e:64:f3:ab:
52:08:00:12:f5:40:d3:6d:d0:95:87:81:c8:0d:16:
44:5c:de:70:fc:e9:e5:43:5d:37:8c:3d:64:5e:ad:
6b:02:0a:7f:77:3c:74:63:8d:02:9c:4d:56:8c:b2:
ea:ae:35:b5:32:65:76:14:e4:f6:ad:6d:c1:98:35:
b0:83:5c:6b:50:de:09:5b:84:b5:59:3f:11:5a:4e:
84:31:9a:6f:8e:fb:26:74:39:f9:97:bb:58:31:af:
0a:8a:78:8b:bd:13:f2:a2:d6:97:2f:7d:f6:b7:16:
87:66:8f:a8:eb:54:dc:5c:ab:44:5d:24:f0:01:f5:
82:01:db:2f:e0:79:7e:24:c8:4d:df:a3:a6:77:28:
26:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:82:33:89:D9:8F:57:90:CC:68:9B:BB:D4:A1:04:ED:33:77:8E:B1
X509v3 Authority Key Identifier:
keyid:70:00:02:E9:CD:2C:74:A0:EF:8B:51:B4:0D:44:D1:41:A9:32:D2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAAC6c0sdKDvi1G0DUTRQaky0oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/7oIzidmPV5DMaJu71KEE7TN3jrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/52e0bc-9629-4a20-a002-909209356b2f/1/cAAC6c0sdKDvi1G0DUTRQaky0oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.160.0/22
217.145.208.0/20
Signature Algorithm: sha256WithRSAEncryption
6a:ef:7c:53:e8:4d:d8:64:fd:ea:00:13:97:26:56:55:5f:8e:
a5:f7:a9:3c:8c:8a:15:d1:53:0d:46:2e:41:97:54:04:0f:4e:
1d:8b:0c:49:97:31:1c:00:2b:07:40:be:56:86:b8:fa:51:26:
e4:1f:ac:16:e2:cc:52:03:f9:78:ac:b1:d3:1d:52:1e:34:d6:
d6:2b:3e:a3:20:dd:bf:f3:8e:ac:5a:54:08:f9:cf:2e:f4:02:
ba:62:08:ea:30:f6:13:2a:f1:83:ed:f6:0d:b3:56:79:96:8a:
70:0b:67:bd:67:e4:ba:30:8f:e4:d0:ce:8c:66:08:98:ba:b7:
a9:d9:9f:1a:03:4d:41:69:55:c2:af:97:07:fb:c3:13:db:09:
0c:43:2b:a0:36:94:87:e1:2d:56:8e:a7:93:bc:39:39:63:1c:
ea:4d:0b:ac:fe:66:27:22:ed:8c:b9:c7:fe:7a:7d:ea:21:1f:
1a:84:b1:a7:a3:de:ca:5f:5c:35:9a:08:5d:31:07:fb:99:fc:
bc:c7:56:6a:49:27:c6:c6:a7:c1:8d:52:20:cc:92:18:3c:a5:
60:51:10:9c:13:0d:d0:84:76:6e:fb:42:d3:b0:cd:1a:c0:17:
63:ce:3b:06:91:2e:a3:48:48:62:c5:09:d1:ee:4b:b9:6b:f0:
64:ff:d6:bb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQntbyU7kSTdCwguaDG6LVZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMDAwMmU5Y2QyYzc0YTBlZjhiNTFiNDBkNDRkMTQxYTkz
MmQyODMwHhcNMjUwMTAyMTU1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTgyMzM4OWQ5OGY1NzkwY2M2ODliYmJkNGExMDRlZDMzNzc4ZWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUlBBiQzhufTGwJRZ+npx6wlmuD9
cnJ+kA5i7sVw1KA6hkWeItJWSrBOVWYY2i78OmvDK2wL6b5bsipiDyjqwfiAofow
e7ABUnr3jpcUsYTr7RDF6KChsXL0trYqU6K2NyQRp0frqF9McsxAEoj7eGnNTz5k
86tSCAAS9UDTbdCVh4HIDRZEXN5w/OnlQ103jD1kXq1rAgp/dzx0Y40CnE1WjLLq
rjW1MmV2FOT2rW3BmDWwg1xrUN4JW4S1WT8RWk6EMZpvjvsmdDn5l7tYMa8KiniL
vRPyotaXL332txaHZo+o61TcXKtEXSTwAfWCAdsv4Hl+JMhN36OmdygmPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6CM4nZj1eQzGibu9ShBO0zd46xMB8GA1UdIwQY
MBaAFHAAAunNLHSg74tRtA1E0UGpMtKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0FBQzZjMHNkS0R2aTFHMERVVFJRYWt5MG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81MmUwYmMtOTYyOS00YTIwLWEwMDIt
OTA5MjA5MzU2YjJmLzEvN29JemlkbVBWNURNYUp1NzFLRUU3VE4zanJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81MmUwYmMtOTYyOS00YTIwLWEwMDItOTA5MjA5MzU2YjJm
LzEvY0FBQzZjMHNkS0R2aTFHMERVVFJRYWt5MG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfGgAwQE
2ZHQMA0GCSqGSIb3DQEBCwUAA4IBAQBq73xT6E3YZP3qABOXJlZVX46l96k8jIoV
0VMNRi5Bl1QED04diwxJlzEcACsHQL5Whrj6USbkH6wW4sxSA/l4rLHTHVIeNNbW
Kz6jIN2/846sWlQI+c8u9AK6YgjqMPYTKvGD7fYNs1Z5lopwC2e9Z+S6MI/k0M6M
ZgiYurep2Z8aA01BaVXCr5cH+8MT2wkMQyugNpSH4S1WjqeTvDk5YxzqTQus/mYn
Iu2Mucf+en3qIR8ahLGno97KX1w1mghdMQf7mfy8x1ZqSSfGxqfBjVIgzJIYPKVg
URCcEw3QhHZu+0LTsM0awBdjzjsGkS6jSEhixQnR7ku5a/Bk/9a7
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:33 2025 by rpki-client