Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/7NaNhfKzkHk-4U6P-rr5I2f5Dns.roa
File: 7NaNhfKzkHk-4U6P-rr5I2f5Dns.roa (raw, json)
Hash identifier: ho2GvZ21Aa+NkGp3FzrcTvxIRbuhiRhcV51nfQsaRvI=
Subject key identifier: EC:D6:8D:85:F2:B3:90:79:3E:E1:4E:8F:FA:BA:F9:23:67:F9:0E:7B
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 01942445A7AD7EF99ECB2F444024C6BA917D
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/7NaNhfKzkHk-4U6P-rr5I2f5Dns.roa
Signing time: Wed 01 Jan 2025 23:48:52 +0000
ROA not before: Wed 01 Jan 2025 23:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208324
IP address blocks: 37.77.64.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.66.0/24 maxlen: 24
37.77.67.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
37.77.72.0/24 maxlen: 24
37.77.73.0/24 maxlen: 24
37.77.74.0/24 maxlen: 24
37.77.75.0/24 maxlen: 24
37.77.76.0/24 maxlen: 24
37.77.77.0/24 maxlen: 24
37.77.78.0/24 maxlen: 24
37.77.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a7:ad:7e:f9:9e:cb:2f:44:40:24:c6:ba:91:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jan 1 23:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecd68d85f2b390793ee14e8ffabaf92367f90e7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:df:a3:a3:50:01:e6:f0:f6:6f:d4:b6:1b:32:
c0:8c:43:83:83:98:ee:8a:c9:5f:cf:10:3e:ba:ea:
1c:a5:ba:9c:e4:3e:00:77:80:39:a7:20:c6:06:9d:
13:07:af:44:79:0c:6a:57:5e:8f:15:c8:f9:ef:b6:
aa:81:58:07:5e:94:81:58:e3:11:76:fa:a7:c8:1d:
30:aa:97:e9:47:f7:8f:6d:ed:9d:a8:b4:32:b2:b8:
46:20:34:ca:83:91:7f:63:9c:93:44:80:8d:47:a9:
6b:ca:65:be:35:e7:96:03:ec:28:28:35:97:5d:9f:
de:bb:4b:c4:76:3f:f6:1c:dc:d9:5f:c5:0f:fa:f2:
59:c1:09:4d:42:b5:b2:30:88:cf:31:20:25:72:7a:
32:bd:82:ea:4d:89:d6:3d:f8:2f:ce:cc:fe:6f:c7:
fa:da:6b:f0:39:bb:c4:57:9c:41:41:df:93:e1:80:
5f:05:1b:71:0b:4c:cb:fa:ec:fd:ff:ac:7c:01:62:
89:6f:03:8c:ec:44:38:18:62:26:c5:7b:6c:c1:66:
aa:cc:f2:97:d8:bd:bf:d3:38:08:c2:59:ca:1d:f0:
0d:e2:0b:0a:eb:81:cc:c3:4c:ca:00:c5:d3:6b:35:
13:ca:7e:1b:61:1e:ca:20:de:e8:f7:e1:09:c7:c7:
1d:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D6:8D:85:F2:B3:90:79:3E:E1:4E:8F:FA:BA:F9:23:67:F9:0E:7B
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/7NaNhfKzkHk-4U6P-rr5I2f5Dns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/20
Signature Algorithm: sha256WithRSAEncryption
9a:64:9a:f2:51:0d:29:34:cd:f6:bd:b3:a1:1e:be:cd:3d:34:
f4:50:e4:91:d5:8d:91:a4:28:0f:b9:af:e5:8a:1c:97:6d:a1:
40:1c:74:af:21:1a:5a:e6:88:e7:12:f7:82:12:2b:e1:2e:0d:
69:a2:20:5b:68:45:1b:42:ff:6e:dd:73:5b:d2:9d:aa:9f:37:
8c:06:ea:04:61:9e:59:f4:a7:be:98:36:a2:62:8b:bc:e6:72:
fa:91:e7:68:06:ba:71:04:6c:4a:01:12:00:26:2f:89:d7:48:
a3:76:af:e9:77:16:66:22:f3:d9:0e:35:b0:ec:5b:93:0c:6c:
6e:e2:1a:9a:13:58:08:b2:02:6d:81:e6:63:4c:cc:d7:a2:0a:
6f:c4:55:62:eb:51:e4:8d:63:ad:66:df:5d:a8:3a:70:e3:2e:
23:d2:3f:92:37:ef:75:0d:f0:18:29:90:bd:1d:2a:96:fa:32:
f1:5d:b7:ad:87:dc:8b:93:3b:74:8f:5d:ac:06:ab:11:c1:97:
7d:17:e3:05:83:34:e2:9a:9e:f7:06:73:4f:4e:97:97:5f:5d:
bb:73:69:bd:95:48:c1:7d:d5:45:e4:1f:af:4d:88:c0:f2:06:
d9:ec:01:9c:7f:5b:6b:ab:c5:54:5e:af:4e:86:86:c5:29:68:
10:3f:46:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaetfvmeyy9EQCTGupF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjUwMTAxMjM0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Q2OGQ4NWYyYjM5MDc5M2VlMTRlOGZmYWJhZjkyMzY3ZjkwZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9+jo1AB5vD2b9S2GzLAjEODg5ju
islfzxA+uuocpbqc5D4Ad4A5pyDGBp0TB69EeQxqV16PFcj577aqgVgHXpSBWOMR
dvqnyB0wqpfpR/ePbe2dqLQysrhGIDTKg5F/Y5yTRICNR6lrymW+NeeWA+woKDWX
XZ/eu0vEdj/2HNzZX8UP+vJZwQlNQrWyMIjPMSAlcnoyvYLqTYnWPfgvzsz+b8f6
2mvwObvEV5xBQd+T4YBfBRtxC0zL+uz9/6x8AWKJbwOM7EQ4GGImxXtswWaqzPKX
2L2/0zgIwlnKHfAN4gsK64HMw0zKAMXTazUTyn4bYR7KIN7o9+EJx8cdGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzWjYXys5B5PuFOj/q6+SNn+Q57MB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvN05hTmhmS3prSGstNFU2UC1ycjVJMmY1RG5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJU1AMA0G
CSqGSIb3DQEBCwUAA4IBAQCaZJryUQ0pNM32vbOhHr7NPTT0UOSR1Y2RpCgPua/l
ihyXbaFAHHSvIRpa5ojnEveCEivhLg1poiBbaEUbQv9u3XNb0p2qnzeMBuoEYZ5Z
9Ke+mDaiYou85nL6kedoBrpxBGxKARIAJi+J10ijdq/pdxZmIvPZDjWw7FuTDGxu
4hqaE1gIsgJtgeZjTMzXogpvxFVi61HkjWOtZt9dqDpw4y4j0j+SN+91DfAYKZC9
HSqW+jLxXbeth9yLkzt0j12sBqsRwZd9F+MFgzTimp73BnNPTpeXX127c2m9lUjB
fdVF5B+vTYjA8gbZ7AGcf1trq8VUXq9OhobFKWgQP0ae
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:22:55 2025 by rpki-client