Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/aa2iqnGJjm8dqVZRU3DDGx1OPnc.roa
File: aa2iqnGJjm8dqVZRU3DDGx1OPnc.roa (raw, json)
Hash identifier: y950PBsNWZIFFJZtmJx7ziK3xXbDqGMaez6zI7FiGR4=
Subject key identifier: 69:AD:A2:AA:71:89:8E:6F:1D:A9:56:51:53:70:C3:1B:1D:4E:3E:77
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 01941FFA46A90B40C732510DF69550297447
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/aa2iqnGJjm8dqVZRU3DDGx1OPnc.roa
Signing time: Wed 01 Jan 2025 03:48:03 +0000
ROA not before: Wed 01 Jan 2025 03:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31736
IP address blocks: 77.37.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:46:a9:0b:40:c7:32:51:0d:f6:95:50:29:74:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Jan 1 03:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69ada2aa71898e6f1da956515370c31b1d4e3e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d3:f4:47:30:f2:c6:bf:3f:06:47:1c:19:5d:
25:74:fd:41:ca:36:44:6b:23:03:6d:cb:12:e8:7c:
64:be:85:51:73:07:2b:90:19:2a:0c:45:6a:32:5e:
7f:eb:64:cc:d2:07:03:65:5e:3c:25:89:6c:70:58:
05:35:e8:37:b6:34:f4:9c:ce:fb:5c:ce:cf:02:8a:
08:4d:c2:41:c8:45:2c:f0:6d:3b:e2:4e:13:ec:9c:
aa:6b:66:24:c6:47:d9:4e:90:d2:ef:9d:9f:36:82:
0e:98:b8:25:51:cc:35:73:44:86:de:ac:50:e7:de:
2b:5d:b4:9b:a1:37:95:de:25:4a:29:02:8d:08:4e:
a5:a7:d0:95:29:5d:07:08:5e:57:b7:f8:c1:62:6d:
54:be:75:6d:1a:08:57:42:c9:7f:fe:f0:d1:90:8d:
ce:ac:d4:ee:85:41:7b:a7:78:d4:00:b5:4c:e7:91:
49:f6:6b:b3:19:73:24:23:bb:3a:a1:97:a0:eb:be:
9b:95:d0:a9:86:c5:44:65:0f:4e:ee:f5:0b:2c:d9:
11:b6:db:11:5c:e0:74:0e:3e:50:cf:81:94:d3:d7:
b0:e0:8b:42:18:cd:97:2f:72:72:9d:52:32:05:5f:
86:0c:ae:55:17:8c:63:06:9c:18:6e:5f:14:88:41:
5f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AD:A2:AA:71:89:8E:6F:1D:A9:56:51:53:70:C3:1B:1D:4E:3E:77
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/aa2iqnGJjm8dqVZRU3DDGx1OPnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.37.8.0/24
Signature Algorithm: sha256WithRSAEncryption
63:85:04:82:d6:7c:b6:0d:9b:29:d1:d3:fd:bb:8f:23:55:ef:
9d:98:56:00:b9:30:7a:31:cc:48:44:2c:37:ce:4b:60:8c:28:
10:d3:e9:33:16:6a:26:f6:e4:ca:3e:1b:45:99:15:aa:50:be:
ee:f1:24:b2:b2:08:19:2a:4f:6e:55:8d:02:65:b0:2b:91:8b:
04:16:ba:90:af:8e:ca:ef:a4:4b:c2:aa:36:9d:5a:3a:39:a8:
11:0a:b7:ad:9e:18:de:00:40:17:dd:dc:6c:32:ff:a9:0f:69:
19:87:97:73:73:b1:c4:fe:a0:96:70:c8:ae:27:68:6c:ed:04:
4e:7f:53:0b:3d:60:c9:ae:fc:c5:65:df:92:0e:e0:75:ff:af:
ad:05:75:ed:00:71:63:9f:dc:20:7b:36:73:29:04:bb:dc:56:
89:9a:c2:f1:f5:b9:55:7f:ff:6f:15:c3:52:3f:1e:ac:88:68:
0d:c0:94:ff:3a:a1:a9:f2:26:23:9c:fd:72:33:b4:b1:8b:fe:
18:6f:60:62:3b:bf:3b:14:1b:da:a0:75:41:3f:15:56:b2:a0:
53:08:c8:db:76:2f:2c:01:73:aa:47:27:e4:9e:63:cd:0f:c3:
d1:f4:9e:b6:d3:f2:9d:08:10:28:5c:66:a3:2d:ae:d6:4c:28:
60:32:77:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+kapC0DHMlEN9pVQKXRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjUwMTAxMDM0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWFkYTJhYTcxODk4ZTZmMWRhOTU2NTE1MzcwYzMxYjFkNGUzZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytP0RzDyxr8/BkccGV0ldP1ByjZE
ayMDbcsS6HxkvoVRcwcrkBkqDEVqMl5/62TM0gcDZV48JYlscFgFNeg3tjT0nM77
XM7PAooITcJByEUs8G074k4T7Jyqa2YkxkfZTpDS752fNoIOmLglUcw1c0SG3qxQ
594rXbSboTeV3iVKKQKNCE6lp9CVKV0HCF5Xt/jBYm1UvnVtGghXQsl//vDRkI3O
rNTuhUF7p3jUALVM55FJ9muzGXMkI7s6oZeg676bldCphsVEZQ9O7vULLNkRttsR
XOB0Dj5Qz4GU09ew4ItCGM2XL3JynVIyBV+GDK5VF4xjBpwYbl8UiEFfsQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGmtoqpxiY5vHalWUVNwwxsdTj53MB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvYWEyaXFuR0pqbThkcVZaUlUzRERHeDFPUG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATSUIMA0G
CSqGSIb3DQEBCwUAA4IBAQBjhQSC1ny2DZsp0dP9u48jVe+dmFYAuTB6McxIRCw3
zktgjCgQ0+kzFmom9uTKPhtFmRWqUL7u8SSysggZKk9uVY0CZbArkYsEFrqQr47K
76RLwqo2nVo6OagRCretnhjeAEAX3dxsMv+pD2kZh5dzc7HE/qCWcMiuJ2hs7QRO
f1MLPWDJrvzFZd+SDuB1/6+tBXXtAHFjn9wgezZzKQS73FaJmsLx9blVf/9vFcNS
Px6siGgNwJT/OqGp8iYjnP1yM7Sxi/4Yb2BiO787FBvaoHVBPxVWsqBTCMjbdi8s
AXOqRyfknmPND8PR9J620/KdCBAoXGajLa7WTChgMnc1
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:25:41 2025 by rpki-client