Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/mGMa2C8aCPNU340sWr4PKAqdH-s.roa
File: mGMa2C8aCPNU340sWr4PKAqdH-s.roa (raw, json)
Hash identifier: XaeHxhEDCo5SHwBXvtj0lsgZdM6zqURunvIDevmiEQk=
Subject key identifier: 98:63:1A:D8:2F:1A:08:F3:54:DF:8D:2C:5A:BE:0F:28:0A:9D:1F:EB
Certificate issuer: /CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
Certificate serial: 019440AB59F759F64671FE9FC944A4C3D4F9
Authority key identifier: 07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/mGMa2C8aCPNU340sWr4PKAqdH-s.roa
Signing time: Tue 07 Jan 2025 12:09:19 +0000
ROA not before: Tue 07 Jan 2025 12:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 77.237.64.0/19 maxlen: 19
77.237.65.0/24 maxlen: 24
77.237.68.0/24 maxlen: 24
77.237.69.0/24 maxlen: 24
77.237.70.0/24 maxlen: 24
77.237.72.0/24 maxlen: 24
77.237.74.0/24 maxlen: 24
77.237.75.0/24 maxlen: 24
77.237.76.0/24 maxlen: 24
77.237.77.0/24 maxlen: 24
77.237.78.0/23 maxlen: 23
77.237.78.0/24 maxlen: 24
77.237.79.0/24 maxlen: 24
77.237.80.0/20 maxlen: 20
77.237.80.0/24 maxlen: 24
77.237.81.0/24 maxlen: 24
77.237.82.0/24 maxlen: 24
77.237.83.0/24 maxlen: 24
77.237.84.0/24 maxlen: 24
77.237.85.0/24 maxlen: 24
77.237.87.0/24 maxlen: 24
77.237.88.0/24 maxlen: 24
77.237.89.0/24 maxlen: 24
77.237.91.0/24 maxlen: 24
77.237.94.0/24 maxlen: 24
77.237.95.0/24 maxlen: 24
92.242.192.0/19 maxlen: 19
92.242.192.0/23 maxlen: 23
92.242.192.0/24 maxlen: 24
92.242.193.0/24 maxlen: 24
92.242.194.0/24 maxlen: 24
92.242.195.0/24 maxlen: 24
92.242.198.0/24 maxlen: 24
92.242.200.0/21 maxlen: 21
92.242.202.0/23 maxlen: 23
92.242.202.0/24 maxlen: 24
92.242.203.0/24 maxlen: 24
92.242.204.0/24 maxlen: 24
92.242.205.0/24 maxlen: 24
92.242.206.0/24 maxlen: 24
92.242.207.0/24 maxlen: 24
92.242.208.0/20 maxlen: 20
92.242.208.0/24 maxlen: 24
92.242.210.0/23 maxlen: 23
92.242.210.0/24 maxlen: 24
92.242.211.0/24 maxlen: 24
92.242.212.0/22 maxlen: 22
92.242.215.0/24 maxlen: 24
92.242.220.0/24 maxlen: 24
92.242.223.0/24 maxlen: 24
185.14.160.0/22 maxlen: 22
185.14.160.0/24 maxlen: 24
185.225.240.0/24 maxlen: 24
185.225.241.0/24 maxlen: 24
185.225.242.0/23 maxlen: 23
185.225.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 14:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:40:ab:59:f7:59:f6:46:71:fe:9f:c9:44:a4:c3:d4:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
Validity
Not Before: Jan 7 12:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98631ad82f1a08f354df8d2c5abe0f280a9d1feb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:10:cb:bb:7c:76:df:61:d5:af:ef:9c:71:18:
f4:df:81:19:a7:3e:2e:68:17:6f:d2:49:3c:fd:bc:
a4:b9:f2:fc:1c:31:3d:38:47:bf:4b:19:30:72:cc:
9e:99:7e:c9:1e:0a:c0:33:51:65:bd:c9:c8:54:74:
42:90:97:04:5f:cb:f6:ea:b3:af:27:b4:37:14:7b:
eb:7c:e8:63:c9:ff:d0:dd:11:80:f1:24:d0:4c:0a:
86:c6:42:a8:e8:53:aa:e1:14:8d:47:9e:42:4e:95:
b3:7b:70:ad:3d:11:c1:36:d8:1e:59:b5:56:81:2d:
ee:bf:f3:a1:79:d4:ad:76:d8:d2:90:20:90:7e:37:
0c:7a:bb:39:e8:71:7a:29:d6:f5:c8:b7:8b:b5:2b:
6a:28:4e:a9:57:23:1d:ff:a3:09:85:3e:65:6f:6b:
e8:57:e4:2d:ca:37:d5:8c:97:ef:b9:45:63:d4:3f:
0d:25:7f:86:fe:13:4b:42:76:7b:d3:13:d1:d5:50:
ca:ec:e3:66:3e:3e:8b:80:c2:50:ca:ec:29:35:ab:
4b:6e:13:c5:ee:aa:5d:52:1d:32:a9:16:50:1c:f7:
dc:f9:8b:0d:15:4c:cc:8b:8d:ff:be:cd:4c:56:ba:
f8:ba:94:11:a3:a8:f8:99:d0:78:e3:5f:e1:26:c4:
c9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:63:1A:D8:2F:1A:08:F3:54:DF:8D:2C:5A:BE:0F:28:0A:9D:1F:EB
X509v3 Authority Key Identifier:
keyid:07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/mGMa2C8aCPNU340sWr4PKAqdH-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.64.0/19
92.242.192.0/19
185.14.160.0/22
185.225.240.0/22
Signature Algorithm: sha256WithRSAEncryption
21:59:7f:70:51:08:d0:bf:9b:5f:a8:ff:5b:49:57:34:ac:6d:
8a:67:c9:e1:3c:29:3b:0e:c7:92:57:39:48:9c:9a:b5:1f:ac:
07:dc:ad:ab:cc:5b:9e:c4:14:e2:c0:0c:31:60:98:53:d5:38:
f7:b7:c3:92:10:ff:56:dc:ff:62:a9:f9:bd:f6:2d:4d:a6:a7:
02:b1:8b:4a:c7:72:10:8c:d0:fa:02:8d:33:74:f1:5c:71:86:
ea:af:a0:61:8f:48:11:a1:a6:36:8e:c3:28:ee:6a:65:f8:89:
02:bb:04:7c:f4:9a:1b:b8:66:76:d5:85:22:c1:b9:a8:f9:0f:
f0:ef:4f:55:bf:66:33:70:45:a3:ab:89:27:7a:11:d2:75:8c:
14:95:3b:76:b5:41:81:24:cc:07:40:ca:c0:ec:58:93:ec:f1:
7b:79:88:51:57:2e:fd:77:da:53:f8:5e:85:57:39:29:89:d5:
5e:66:83:cc:e9:8f:c5:9e:8c:00:14:db:5f:aa:4c:d6:a0:43:
84:b3:ae:d8:f5:f5:7b:78:74:a9:36:c4:9e:e3:39:ac:72:06:
9a:a9:42:1c:8f:05:08:cb:77:f9:f9:3f:f0:57:cd:ab:9b:44:
a8:69:85:42:32:d9:77:bd:c9:dc:7a:ac:40:42:ee:9a:3a:b3:
85:8c:55:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZRAq1n3WfZGcf6fyUSkw9T5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWZkY2Q1ZTk3YWMxYzEwMjQ3OWM5NTRkNWY5MjJiMTI2
Y2JjMTQwHhcNMjUwMTA3MTIwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODYzMWFkODJmMWEwOGYzNTRkZjhkMmM1YWJlMGYyODBhOWQxZmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhDLu3x232HVr++ccRj034EZpz4u
aBdv0kk8/bykufL8HDE9OEe/SxkwcsyemX7JHgrAM1FlvcnIVHRCkJcEX8v26rOv
J7Q3FHvrfOhjyf/Q3RGA8STQTAqGxkKo6FOq4RSNR55CTpWze3CtPRHBNtgeWbVW
gS3uv/OhedStdtjSkCCQfjcMers56HF6Kdb1yLeLtStqKE6pVyMd/6MJhT5lb2vo
V+QtyjfVjJfvuUVj1D8NJX+G/hNLQnZ70xPR1VDK7ONmPj6LgMJQyuwpNatLbhPF
7qpdUh0yqRZQHPfc+YsNFUzMi43/vs1MVrr4upQRo6j4mdB441/hJsTJowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJhjGtgvGgjzVN+NLFq+DygKnR/rMB8GA1UdIwQY
MBaAFAev3NXpesHBAkeclU1fkisSbLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEt
ZmY2ODUxNzc3MGU0LzEvbUdNYTJDOGFDUE5VMzQwc1dyNFBLQXFkSC1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEtZmY2ODUxNzc3MGU0
LzEvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFTe1AAwQF
XPLAAwQCuQ6gAwQCueHwMA0GCSqGSIb3DQEBCwUAA4IBAQAhWX9wUQjQv5tfqP9b
SVc0rG2KZ8nhPCk7DseSVzlInJq1H6wH3K2rzFuexBTiwAwxYJhT1Tj3t8OSEP9W
3P9iqfm99i1NpqcCsYtKx3IQjND6Ao0zdPFccYbqr6Bhj0gRoaY2jsMo7mpl+IkC
uwR89JobuGZ21YUiwbmo+Q/w709Vv2YzcEWjq4knehHSdYwUlTt2tUGBJMwHQMrA
7FiT7PF7eYhRVy79d9pT+F6FVzkpidVeZoPM6Y/FnowAFNtfqkzWoEOEs67Y9fV7
eHSpNsSe4zmscgaaqUIcjwUIy3f5+T/wV82rm0SoaYVCMtl3vcnceqxAQu6aOrOF
jFUn
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:24:00 2025 by rpki-client