Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YvOFDjWkP383cdRDW4QM6UbCg_I.roa
File: YvOFDjWkP383cdRDW4QM6UbCg_I.roa (raw, json)
Hash identifier: 3TC5tMF9zwv04XeY3NG8JzsXRg+MXSNv8Om6AtDQBRM=
Subject key identifier: 62:F3:85:0E:35:A4:3F:7F:37:71:D4:43:5B:84:0C:E9:46:C2:83:F2
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C6F3014790FCA00EDC2DB8D71A98D
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YvOFDjWkP383cdRDW4QM6UbCg_I.roa
Signing time: Thu 02 Jan 2025 09:50:28 +0000
ROA not before: Thu 02 Jan 2025 09:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34584
IP address blocks: 77.82.128.0/20 maxlen: 20
85.114.64.0/19 maxlen: 19
85.114.80.0/21 maxlen: 21
85.114.84.0/22 maxlen: 22
85.114.85.0/24 maxlen: 24
87.225.0.0/17 maxlen: 17
87.225.0.0/18 maxlen: 18
87.225.44.0/23 maxlen: 23
87.225.48.0/21 maxlen: 21
87.225.64.0/18 maxlen: 18
87.225.72.0/21 maxlen: 21
87.225.80.0/20 maxlen: 20
87.225.122.0/24 maxlen: 24
92.37.128.0/17 maxlen: 17
92.37.128.0/18 maxlen: 18
92.37.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:6f:30:14:79:0f:ca:00:ed:c2:db:8d:71:a9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62f3850e35a43f7f3771d4435b840ce946c283f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:41:06:03:e1:dd:7e:3a:31:9f:aa:7c:b9:58:
c6:ef:e1:f7:e7:85:ab:cf:1f:6f:bc:c2:c0:32:56:
98:7f:70:42:d5:e7:55:a0:68:de:1b:7c:58:d6:e0:
2f:1e:d3:48:5a:6d:17:0f:b4:44:1b:6a:3e:f0:d8:
43:7e:f5:3d:c1:53:13:94:6c:67:c5:6d:ce:aa:95:
b7:64:6e:1c:2c:7d:c8:38:ae:57:59:1c:9f:1a:fc:
73:53:c1:f8:aa:7c:77:a9:39:ac:84:88:ee:3a:cc:
02:71:40:22:7e:7e:81:66:9b:50:fe:25:2d:52:89:
ea:1e:35:8c:84:ea:9c:44:8c:e0:05:a9:4e:93:f5:
d5:6d:4e:60:a2:cb:8b:6d:dc:7d:28:6f:a4:13:f7:
e9:40:e7:e1:2a:a1:2b:ba:a8:a3:b5:d3:57:1f:b9:
1e:6b:ff:36:a3:51:0f:a9:af:42:e2:f3:e0:02:0c:
5f:ab:07:f9:8b:f2:7b:4c:8f:9e:b2:09:8c:82:d6:
28:06:4d:0c:6c:4b:6d:cb:00:69:8f:4c:c2:18:a1:
01:28:67:b6:38:25:09:b4:ab:34:b9:69:95:c4:5c:
10:e0:90:f0:b5:57:41:43:94:ac:f4:b5:9e:90:f6:
be:8d:e2:f0:59:82:f1:aa:de:7e:6a:a5:b8:81:95:
14:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F3:85:0E:35:A4:3F:7F:37:71:D4:43:5B:84:0C:E9:46:C2:83:F2
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/YvOFDjWkP383cdRDW4QM6UbCg_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.82.128.0/20
85.114.64.0/19
87.225.0.0/17
92.37.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2a:0d:b9:31:37:a9:10:62:9c:47:e7:54:14:b0:8d:ba:89:66:
2f:d4:bd:85:f7:0d:ad:7e:5a:56:04:13:9a:75:5d:f9:1e:98:
87:bc:57:4c:aa:1e:93:17:a3:a3:4b:38:21:8a:9d:a9:a3:78:
96:ab:3b:fa:65:a2:6e:f1:ad:ed:36:67:48:3f:48:21:57:8f:
73:8f:bb:e6:be:aa:2c:80:f7:1c:85:75:2c:80:18:33:90:26:
42:7f:ea:6a:f5:0b:c7:97:1f:a4:7f:2a:e1:96:cb:03:11:00:
a4:21:ad:10:79:8b:4c:e5:e1:32:20:e7:7a:d7:d2:58:26:e2:
d5:58:1f:d0:af:57:cd:3d:49:72:d7:b8:9c:a4:38:68:e3:59:
e0:c4:66:2c:4a:d3:8f:fe:a0:b6:44:9d:9a:1b:d2:87:8d:28:
0a:f7:a1:72:9d:c4:77:16:f7:7f:99:c2:4e:36:97:81:1a:71:
d5:7f:6e:09:67:8f:21:ae:f5:4f:f5:d3:43:c2:b6:d1:f1:95:
5e:d6:18:b0:f0:b3:61:20:32:47:b5:f9:06:41:32:9a:7a:61:
39:a3:15:14:36:50:37:01:f5:06:c8:8a:2c:8f:55:27:bb:5a:
ac:ce:cd:cd:2b:e5:dc:f9:b7:5b:c1:ad:df:e2:51:05:09:4e:
b0:a7:f2:87
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQmbG8wFHkPygDtwtuNcamNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmYzODUwZTM1YTQzZjdmMzc3MWQ0NDM1Yjg0MGNlOTQ2YzI4M2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskEGA+Hdfjoxn6p8uVjG7+H354Wr
zx9vvMLAMlaYf3BC1edVoGjeG3xY1uAvHtNIWm0XD7REG2o+8NhDfvU9wVMTlGxn
xW3OqpW3ZG4cLH3IOK5XWRyfGvxzU8H4qnx3qTmshIjuOswCcUAifn6BZptQ/iUt
UonqHjWMhOqcRIzgBalOk/XVbU5gosuLbdx9KG+kE/fpQOfhKqEruqijtdNXH7ke
a/82o1EPqa9C4vPgAgxfqwf5i/J7TI+esgmMgtYoBk0MbEttywBpj0zCGKEBKGe2
OCUJtKs0uWmVxFwQ4JDwtVdBQ5Ss9LWekPa+jeLwWYLxqt5+aqW4gZUUTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGLzhQ41pD9/N3HUQ1uEDOlGwoPyMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWXZPRkRqV2tQMzgzY2RSRFc0UU02VWJDZ19JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETVKAAwQF
VXJAAwQHV+EAAwQHXCWAMA0GCSqGSIb3DQEBCwUAA4IBAQAqDbkxN6kQYpxH51QU
sI26iWYv1L2F9w2tflpWBBOadV35HpiHvFdMqh6TF6OjSzghip2po3iWqzv6ZaJu
8a3tNmdIP0ghV49zj7vmvqosgPcchXUsgBgzkCZCf+pq9QvHlx+kfyrhlssDEQCk
Ia0QeYtM5eEyIOd619JYJuLVWB/Qr1fNPUly17icpDho41ngxGYsStOP/qC2RJ2a
G9KHjSgK96FyncR3Fvd/mcJONpeBGnHVf24JZ48hrvVP9dNDwrbR8ZVe1hiw8LNh
IDJHtfkGQTKaemE5oxUUNlA3AfUGyIosj1Unu1qszs3NK+Xc+bdbwa3f4lEFCU6w
p/KH
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:14 2025 by rpki-client