Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/pA7i0ZL7AtI0TbtJpnUhUfABeXw.roa
File: pA7i0ZL7AtI0TbtJpnUhUfABeXw.roa (raw, json)
Hash identifier: ybBvGqQ85U5+uQj1qJ1Pgx569Q606P8U6u5uPaYPlNw=
Subject key identifier: A4:0E:E2:D1:92:FB:02:D2:34:4D:BB:49:A6:75:21:51:F0:01:79:7C
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 0196C8D2A6A63EF81E0CDEADD34485F40DE6
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/pA7i0ZL7AtI0TbtJpnUhUfABeXw.roa
Signing time: Tue 13 May 2025 08:46:10 +0000
ROA not before: Tue 13 May 2025 08:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12338
IP address blocks: 77.26.0.0/18 maxlen: 18
85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 17:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c8:d2:a6:a6:3e:f8:1e:0c:de:ad:d3:44:85:f4:0d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: May 13 08:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a40ee2d192fb02d2344dbb49a6752151f001797c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ef:45:64:6f:da:8a:85:e2:52:60:ae:bb:e0:
52:7d:3a:56:c4:d2:99:96:58:51:86:29:37:aa:25:
0c:3f:a7:36:25:18:3c:34:b0:6b:fc:05:a3:83:8a:
10:b5:a0:e7:5a:eb:40:99:8c:0c:11:17:35:a8:fb:
b5:62:82:6b:3b:2e:60:97:12:93:73:c5:26:fc:1e:
7a:57:28:85:e9:ea:7d:7d:7d:e3:45:7e:4f:93:d0:
93:2f:30:80:c0:a1:7b:76:3a:88:71:e7:b8:10:b3:
0a:fd:ae:6c:b9:43:32:10:ee:1d:5d:2f:af:67:e4:
e8:bf:a7:3c:7b:1c:0c:ce:4e:68:29:87:a6:45:cb:
a5:2d:56:1f:5b:85:b3:1a:df:35:fe:33:69:c0:b5:
fb:70:61:5f:60:60:5a:67:d4:df:04:c6:0a:1d:0f:
1e:83:c3:7a:5a:6a:78:e3:3a:6f:d4:91:6e:8f:7f:
ba:b3:51:b7:85:a0:56:0a:97:99:6a:a6:e3:3a:4c:
2f:7b:8a:c5:c2:3e:59:74:24:a7:7e:b2:f9:cc:72:
50:27:7a:f1:3f:e6:36:35:c1:ac:ac:56:89:42:6b:
c2:de:4e:23:30:a2:f5:f9:e8:59:7f:15:20:34:86:
eb:46:cb:e2:92:21:91:fa:9d:d0:ad:29:d4:4a:71:
44:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0E:E2:D1:92:FB:02:D2:34:4D:BB:49:A6:75:21:51:F0:01:79:7C
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/pA7i0ZL7AtI0TbtJpnUhUfABeXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/18
85.152.104.0/22
85.152.124.0/22
188.171.234.0/24
188.171.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:9a:35:f6:b7:20:7c:7b:5d:4c:71:c0:a2:27:cd:d6:91:1f:
9c:19:bd:01:39:9b:d3:f2:bb:96:f0:b2:b2:3b:a0:0f:42:5c:
ab:78:41:e6:ae:0a:c5:45:6e:ae:23:44:da:3e:e6:e3:54:47:
0b:a6:f4:a7:8a:71:c1:56:e8:7d:fa:0b:2a:20:72:f5:39:11:
7d:4a:0c:bf:e8:0a:27:e9:5d:17:3f:d8:a4:4e:b5:f1:35:64:
76:47:84:d4:12:00:c0:9c:6e:a9:23:4e:8a:76:3e:ce:60:d9:
f3:6e:93:0f:e5:71:af:bf:ec:60:39:96:97:8e:fb:50:39:80:
8e:db:fc:f1:b3:8e:26:0f:46:97:39:10:0a:b4:ec:62:5c:de:
03:9c:83:1e:25:a7:92:f1:59:65:d9:ce:ab:8d:6d:32:30:f5:
af:ba:a0:bb:e2:bc:d0:07:55:b2:2a:40:76:58:df:2c:cd:6e:
fd:6c:53:13:cb:aa:2a:6a:f7:76:cc:06:61:0a:c4:ff:c6:ca:
9c:55:85:09:fa:72:cf:6f:de:20:9d:9e:c1:b7:ad:f0:96:6e:
79:72:4e:44:db:50:da:3e:d6:d4:ec:a8:cc:fd:3b:8c:6b:ba:
69:5a:07:da:d6:d2:99:97:07:b4:59:03:05:0f:c1:2a:0f:7a:
bc:06:37:94
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZbI0qamPvgeDN6t00SF9A3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNTEzMDg0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDBlZTJkMTkyZmIwMmQyMzQ0ZGJiNDlhNjc1MjE1MWYwMDE3OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxe9FZG/aioXiUmCuu+BSfTpWxNKZ
llhRhik3qiUMP6c2JRg8NLBr/AWjg4oQtaDnWutAmYwMERc1qPu1YoJrOy5glxKT
c8Um/B56VyiF6ep9fX3jRX5Pk9CTLzCAwKF7djqIcee4ELMK/a5suUMyEO4dXS+v
Z+Tov6c8exwMzk5oKYemRculLVYfW4WzGt81/jNpwLX7cGFfYGBaZ9TfBMYKHQ8e
g8N6Wmp44zpv1JFuj3+6s1G3haBWCpeZaqbjOkwve4rFwj5ZdCSnfrL5zHJQJ3rx
P+Y2NcGsrFaJQmvC3k4jMKL1+ehZfxUgNIbrRsvikiGR+p3QrSnUSnFETQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKQO4tGS+wLSNE27SaZ1IVHwAXl8MB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvcEE3aTBaTDdBdEkwVGJ0SnBuVWhVZkFCZVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGTRoAAwQC
VZhoAwQCVZh8AwQAvKvqAwQEvKvwMA0GCSqGSIb3DQEBCwUAA4IBAQALmjX2tyB8
e11MccCiJ83WkR+cGb0BOZvT8ruW8LKyO6APQlyreEHmrgrFRW6uI0TaPubjVEcL
pvSninHBVuh9+gsqIHL1ORF9Sgy/6Aon6V0XP9ikTrXxNWR2R4TUEgDAnG6pI06K
dj7OYNnzbpMP5XGvv+xgOZaXjvtQOYCO2/zxs44mD0aXORAKtOxiXN4DnIMeJaeS
8Vll2c6rjW0yMPWvuqC74rzQB1WyKkB2WN8szW79bFMTy6oqavd2zAZhCsT/xsqc
VYUJ+nLPb94gnZ7Bt63wlm55ck5E21DaPtbU7KjM/TuMa7ppWgfa1tKZlwe0WQMF
D8EqD3q8BjeU
-----END CERTIFICATE-----
Generated at Thu May 15 02:31:39 2025 by rpki-client