Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/e1wZ773J_IwnQvW8HmcdAEsfbmk.roa
File: e1wZ773J_IwnQvW8HmcdAEsfbmk.roa (raw, json)
Hash identifier: /Hb9wRohhE6DgKG34thBOanjq8+9uKXnY/XXzkRgSyQ=
Subject key identifier: 7B:5C:19:EF:BD:C9:FC:8C:27:42:F5:BC:1E:67:1D:00:4B:1F:6E:69
Certificate issuer: /CN=60fcd55b9130858d8ea583c0987dad00f614db39
Certificate serial: 0196896C2E92BBCB3162E9FE2E4F4185B846
Authority key identifier: 60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/e1wZ773J_IwnQvW8HmcdAEsfbmk.roa
Signing time: Thu 01 May 2025 01:18:10 +0000
ROA not before: Thu 01 May 2025 01:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398464
IP address blocks: 77.247.116.0/22 maxlen: 22
185.217.166.0/24 maxlen: 24
195.64.122.0/24 maxlen: 24
2a10:d501::/32 maxlen: 32
2a10:d503::/32 maxlen: 32
2a10:d505::/32 maxlen: 32
2a14:2500::/29 maxlen: 29
2a14:2700::/29 maxlen: 29
2a14:2b00::/29 maxlen: 29
2a14:2d00::/29 maxlen: 29
2a14:2f00::/29 maxlen: 29
2a14:3300::/29 maxlen: 29
2a14:3500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.mft
rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:6c:2e:92:bb:cb:31:62:e9:fe:2e:4f:41:85:b8:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60fcd55b9130858d8ea583c0987dad00f614db39
Validity
Not Before: May 1 01:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b5c19efbdc9fc8c2742f5bc1e671d004b1f6e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:32:e7:ee:93:e2:90:57:bb:7e:c1:fd:01:95:
1d:08:70:69:fd:d5:f3:86:84:60:af:f2:01:a3:8d:
e4:4c:d3:fa:9d:d3:9d:a3:a7:8c:a6:fb:33:b1:04:
90:f1:8e:34:b3:54:8d:41:93:65:31:35:0d:83:fc:
7a:88:da:9b:ec:57:95:6a:0c:d9:70:67:64:de:17:
f9:87:43:b5:bc:2e:44:29:90:da:14:ef:8f:87:3d:
dd:00:c3:ea:03:bc:05:2d:d6:40:23:a8:a7:74:4d:
04:6c:e1:dc:ef:ff:83:2e:43:dd:68:b7:eb:75:02:
0c:d9:16:72:af:ea:c8:f6:de:c7:cb:9c:e2:c0:48:
d4:c8:9e:c0:98:8a:70:70:fc:02:7f:3f:eb:1c:40:
40:14:e6:9a:db:92:ec:d1:62:f6:76:12:95:f4:a2:
79:2c:fd:54:87:d1:ea:2f:d2:62:59:a7:cc:b9:97:
f7:ce:44:6c:ea:98:3c:f7:81:8c:b4:10:96:f6:72:
9a:31:fd:7f:8d:b4:62:16:14:7c:31:ef:ed:23:4f:
eb:44:6a:54:ea:ab:c0:11:6e:22:c9:22:07:ba:fb:
18:23:af:9b:17:ca:36:9b:79:38:d6:49:5e:9e:1a:
9f:3d:fd:fd:97:e1:aa:d0:04:be:20:77:01:19:14:
ee:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:5C:19:EF:BD:C9:FC:8C:27:42:F5:BC:1E:67:1D:00:4B:1F:6E:69
X509v3 Authority Key Identifier:
keyid:60:FC:D5:5B:91:30:85:8D:8E:A5:83:C0:98:7D:AD:00:F6:14:DB:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YPzVW5EwhY2OpYPAmH2tAPYU2zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/e1wZ773J_IwnQvW8HmcdAEsfbmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/82233d-ec07-42fb-8799-ed30b9bb12d5/1/YPzVW5EwhY2OpYPAmH2tAPYU2zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.116.0/22
185.217.166.0/24
195.64.122.0/24
IPv6:
2a10:d501::/32
2a10:d503::/32
2a10:d505::/32
2a14:2500::/29
2a14:2700::/29
2a14:2b00::/29
2a14:2d00::/29
2a14:2f00::/29
2a14:3300::/29
2a14:3500::/29
Signature Algorithm: sha256WithRSAEncryption
43:53:b7:3a:36:51:d4:0a:66:53:a3:10:98:be:d1:d1:6a:b5:
fd:fd:fe:d1:ba:1c:0b:aa:64:d4:e1:65:fd:f9:10:79:20:49:
b0:1b:32:c8:11:44:0a:f2:8d:64:14:80:d3:21:cd:8a:9c:1b:
43:f2:6a:3c:2d:b4:e2:1a:07:9f:27:f7:ed:98:43:37:5b:14:
89:81:0c:f4:e6:fb:9f:2b:61:0f:7e:c9:27:ba:ab:2f:aa:79:
86:6a:b2:5d:26:eb:96:2c:0f:20:29:36:0b:06:d2:72:de:6c:
89:38:6a:0a:ef:19:dc:35:6f:0b:2d:91:0e:f3:ec:3c:f9:ab:
6d:b7:69:81:72:6e:a8:a8:0f:c3:03:39:47:ef:e4:31:bf:60:
de:5f:f0:2e:73:3c:34:88:3d:42:5b:1e:4f:be:da:6b:c9:f9:
ce:e9:65:d9:69:f4:87:d7:67:af:37:a1:5e:c0:ff:2e:e0:28:
6d:a5:69:0c:0f:d1:ae:87:50:73:ce:ff:03:7b:aa:f6:79:9b:
fd:b2:cf:29:dd:60:02:e8:e6:1b:19:52:76:8b:8c:01:7a:57:
58:75:90:0a:7b:8e:20:3c:96:13:3e:55:94:77:75:c2:4f:99:
37:c3:9a:d5:9e:db:fb:59:89:54:e5:ca:7f:6b:24:57:83:99:
19:4a:39:87
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZaJbC6Su8sxYun+Lk9BhbhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZmNkNTViOTEzMDg1OGQ4ZWE1ODNjMDk4N2RhZDAwZjYx
NGRiMzkwHhcNMjUwNTAxMDExODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjVjMTllZmJkYzlmYzhjMjc0MmY1YmMxZTY3MWQwMDRiMWY2ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzLn7pPikFe7fsH9AZUdCHBp/dXz
hoRgr/IBo43kTNP6ndOdo6eMpvszsQSQ8Y40s1SNQZNlMTUNg/x6iNqb7FeVagzZ
cGdk3hf5h0O1vC5EKZDaFO+Phz3dAMPqA7wFLdZAI6indE0EbOHc7/+DLkPdaLfr
dQIM2RZyr+rI9t7Hy5ziwEjUyJ7AmIpwcPwCfz/rHEBAFOaa25Ls0WL2dhKV9KJ5
LP1Uh9HqL9JiWafMuZf3zkRs6pg894GMtBCW9nKaMf1/jbRiFhR8Me/tI0/rRGpU
6qvAEW4iySIHuvsYI6+bF8o2m3k41klenhqfPf39l+Gq0AS+IHcBGRTu3wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFHtcGe+9yfyMJ0L1vB5nHQBLH25pMB8GA1UdIwQY
MBaAFGD81VuRMIWNjqWDwJh9rQD2FNs5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTkt
ZWQzMGI5YmIxMmQ1LzEvZTF3Wjc3M0pfSXduUXZXOEhtY2RBRXNmYm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MjIzM2QtZWMwNy00MmZiLTg3OTktZWQzMGI5YmIxMmQ1
LzEvWVB6Vlc1RXdoWTJPcFlQQW1IMnRBUFlVMnprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDAYBAIAATASAwQCTfd0AwQA
udmmAwQAw0B6MEwEAgACMEYDBQAqENUBAwUAKhDVAwMFACoQ1QUDBQMqFCUAAwUD
KhQnAAMFAyoUKwADBQMqFC0AAwUDKhQvAAMFAyoUMwADBQMqFDUAMA0GCSqGSIb3
DQEBCwUAA4IBAQBDU7c6NlHUCmZToxCYvtHRarX9/f7RuhwLqmTU4WX9+RB5IEmw
GzLIEUQK8o1kFIDTIc2KnBtD8mo8LbTiGgefJ/ftmEM3WxSJgQz05vufK2EPfskn
uqsvqnmGarJdJuuWLA8gKTYLBtJy3myJOGoK7xncNW8LLZEO8+w8+attt2mBcm6o
qA/DAzlH7+Qxv2DeX/Auczw0iD1CWx5PvtpryfnO6WXZafSH12evN6FewP8u4Cht
pWkMD9Guh1Bzzv8De6r2eZv9ss8p3WAC6OYbGVJ2i4wBeldYdZAKe44gPJYTPlWU
d3XCT5k3w5rVntv7WYlU5cp/ayRXg5kZSjmH
-----END CERTIFICATE-----
Generated at Wed May 7 07:00:52 2025 by rpki-client