Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/9T4HxwhZJwyiGHa48SYje1ufatI.roa
File: 9T4HxwhZJwyiGHa48SYje1ufatI.roa (raw, json)
Hash identifier: 8ElIYheNmp/FmPzPS1uvi2rYFBqzm++XUQWo1OHXuE0=
Subject key identifier: F5:3E:07:C7:08:59:27:0C:A2:18:76:B8:F1:26:23:7B:5B:9F:6A:D2
Certificate issuer: /CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Certificate serial: 01968058D8C3908537550A322F0653AB0DEE
Authority key identifier: 7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/9T4HxwhZJwyiGHa48SYje1ufatI.roa
Signing time: Tue 29 Apr 2025 07:00:28 +0000
ROA not before: Tue 29 Apr 2025 07:00:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201642
IP address blocks: 77.111.66.0/23 maxlen: 23
185.143.237.0/24 maxlen: 24
194.164.0.0/23 maxlen: 23
2a14:3200:2a14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 21:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:58:d8:c3:90:85:37:55:0a:32:2f:06:53:ab:0d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df904ab14066c7a9fe61a521d5492a0e52965ca
Validity
Not Before: Apr 29 07:00:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f53e07c70859270ca21876b8f126237b5b9f6ad2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ca:89:21:24:cc:0d:80:8d:bd:88:60:b7:ae:
f2:01:82:10:20:b0:6a:a1:74:1e:04:07:93:f1:a3:
9f:75:a1:76:f1:d4:a6:1e:6e:cb:93:23:a4:a7:56:
53:8c:ac:4a:6b:6b:c8:04:4e:3f:9e:34:3c:d2:d9:
ce:5e:6e:6f:0c:a1:67:a2:14:d7:12:64:2e:e1:fb:
54:2f:d4:a7:36:30:8e:c6:0a:b2:29:8f:a2:69:ab:
80:c0:16:d2:04:42:5e:bf:0d:6a:91:78:e6:8c:57:
89:a0:76:ad:1b:b3:0b:10:3b:2c:da:ee:84:23:20:
bc:fd:62:8c:fa:22:78:32:9b:8b:3e:9c:e8:95:4e:
86:2e:a3:14:49:ca:b8:47:91:2f:e6:9b:50:1f:2d:
99:39:78:32:93:b4:e4:ce:e5:0f:7d:f2:eb:8f:28:
7d:77:82:f6:d4:00:7f:11:44:dc:27:d9:6a:58:14:
f3:6f:08:6b:b7:88:74:4a:5e:a7:8d:e7:77:99:6f:
ec:65:18:6b:ce:3a:95:5d:90:cc:10:7a:52:bc:99:
4c:fb:89:97:88:cf:b0:b0:14:3e:05:44:d5:f9:92:
03:90:a6:46:5f:df:41:3c:fd:96:7a:f4:64:05:87:
a9:22:09:a4:e3:56:52:33:78:17:b5:fb:85:9e:92:
57:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3E:07:C7:08:59:27:0C:A2:18:76:B8:F1:26:23:7B:5B:9F:6A:D2
X509v3 Authority Key Identifier:
keyid:7D:F9:04:AB:14:06:6C:7A:9F:E6:1A:52:1D:54:92:A0:E5:29:65:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffkEqxQGbHqf5hpSHVSSoOUpZco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/9T4HxwhZJwyiGHa48SYje1ufatI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/53fb34-25db-4684-984f-3b445f29f5b7/1/ffkEqxQGbHqf5hpSHVSSoOUpZco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.66.0/23
185.143.237.0/24
194.164.0.0/23
IPv6:
2a14:3200:2a14::/48
Signature Algorithm: sha256WithRSAEncryption
1e:02:12:56:55:8d:93:a2:cb:86:39:ee:52:ab:48:6b:ff:6b:
ba:2f:73:40:02:9b:ad:4e:b2:10:d8:16:43:71:f4:02:f6:0e:
36:06:52:52:dc:43:d3:19:3d:c3:57:ce:a5:d6:db:d8:5f:f7:
11:78:c2:54:03:5d:92:48:29:82:24:4a:f8:79:3d:2d:ee:a4:
b0:82:80:43:9d:bb:de:f6:13:91:b8:53:26:58:b1:8f:ed:ad:
f9:aa:0a:28:ef:fe:c5:72:d3:35:96:29:1d:27:bd:b1:63:97:
3e:93:e0:98:ce:af:53:28:a2:7e:6a:19:14:e0:50:7a:50:00:
70:ee:b3:f5:da:90:f9:f7:20:05:19:22:79:92:4b:80:6b:d8:
31:8c:95:bb:ed:92:e3:bb:06:75:fb:da:a1:4f:e3:6a:2b:e8:
17:01:97:ea:be:21:84:1b:41:4e:e5:73:27:52:72:d1:54:27:
07:b3:9a:04:8a:c9:4c:cb:5a:9b:47:b5:f8:24:bc:c5:61:05:
c0:c9:4b:a6:74:43:b0:7b:e3:ea:97:bd:21:ea:3d:8f:cd:49:
85:de:46:91:5f:ca:3a:e8:e2:1e:39:c1:a8:9e:75:d0:62:3d:
30:28:af:e0:89:54:cc:a2:f3:fe:9e:6e:b9:88:86:f8:63:41:
d1:d2:20:a8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZaAWNjDkIU3VQoyLwZTqw3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjkwNGFiMTQwNjZjN2E5ZmU2MWE1MjFkNTQ5MmEwZTUy
OTY1Y2EwHhcNMjUwNDI5MDcwMDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNlMDdjNzA4NTkyNzBjYTIxODc2YjhmMTI2MjM3YjViOWY2YWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncqJISTMDYCNvYhgt67yAYIQILBq
oXQeBAeT8aOfdaF28dSmHm7LkyOkp1ZTjKxKa2vIBE4/njQ80tnOXm5vDKFnohTX
EmQu4ftUL9SnNjCOxgqyKY+iaauAwBbSBEJevw1qkXjmjFeJoHatG7MLEDss2u6E
IyC8/WKM+iJ4MpuLPpzolU6GLqMUScq4R5Ev5ptQHy2ZOXgyk7TkzuUPffLrjyh9
d4L21AB/EUTcJ9lqWBTzbwhrt4h0Sl6njed3mW/sZRhrzjqVXZDMEHpSvJlM+4mX
iM+wsBQ+BUTV+ZIDkKZGX99BPP2WevRkBYepIgmk41ZSM3gXtfuFnpJXEQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFPU+B8cIWScMohh2uPEmI3tbn2rSMB8GA1UdIwQY
MBaAFH35BKsUBmx6n+YaUh1UkqDlKWXKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYt
M2I0NDVmMjlmNWI3LzEvOVQ0SHh3aFpKd3lpR0hhNDhTWWplMXVmYXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS81M2ZiMzQtMjVkYi00Njg0LTk4NGYtM2I0NDVmMjlmNWI3
LzEvZmZrRXF4UUdiSHFmNWhwU0hWU1NvT1VwWmNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBTW9CAwQA
uY/tAwQBwqQAMA8EAgACMAkDBwAqFDIAKhQwDQYJKoZIhvcNAQELBQADggEBAB4C
ElZVjZOiy4Y57lKrSGv/a7ovc0ACm61OshDYFkNx9AL2DjYGUlLcQ9MZPcNXzqXW
29hf9xF4wlQDXZJIKYIkSvh5PS3upLCCgEOdu972E5G4UyZYsY/trfmqCijv/sVy
0zWWKR0nvbFjlz6T4JjOr1Moon5qGRTgUHpQAHDus/XakPn3IAUZInmSS4Br2DGM
lbvtkuO7BnX72qFP42or6BcBl+q+IYQbQU7lcydSctFUJwezmgSKyUzLWptHtfgk
vMVhBcDJS6Z0Q7B74+qXvSHqPY/NSYXeRpFfyjro4h45waieddBiPTAor+CJVMyi
8/6ebrmIhvhjQdHSIKg=
-----END CERTIFICATE-----
Generated at Sun May 11 05:09:45 2025 by rpki-client