Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/i98iWuWx9xAdmw4XlgpiqIeaPDc.roa
File: i98iWuWx9xAdmw4XlgpiqIeaPDc.roa (raw, json)
Hash identifier: MY1rX1+tnTwLEb12ND0xNO/b0/tTMkEcvxBSJaeKQVM=
Subject key identifier: 8B:DF:22:5A:E5:B1:F7:10:1D:9B:0E:17:96:0A:62:A8:87:9A:3C:37
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 01966288BD5D25C9B94012E454E1933C644D
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/i98iWuWx9xAdmw4XlgpiqIeaPDc.roa
Signing time: Wed 23 Apr 2025 12:04:10 +0000
ROA not before: Wed 23 Apr 2025 12:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
2a02:6601:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:88:bd:5d:25:c9:b9:40:12:e4:54:e1:93:3c:64:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Apr 23 12:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8bdf225ae5b1f7101d9b0e17960a62a8879a3c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:60:b6:f8:13:62:38:89:08:64:5a:49:c7:ef:
66:a3:78:46:59:cb:10:9d:58:94:1b:38:2f:61:cb:
e5:0f:e0:8b:ef:3e:ec:ef:e8:03:00:66:5c:f2:87:
34:85:56:1b:6b:e0:80:15:4d:e1:53:47:9d:0f:d3:
11:05:1d:a8:86:eb:b5:ad:2c:55:0b:60:99:65:d5:
a1:8a:d0:ef:e7:c0:60:76:ff:95:c5:d7:87:46:92:
ac:db:36:8b:cf:7c:71:d9:e8:2d:93:c0:18:55:53:
c8:06:3f:9e:26:14:d1:c9:69:da:90:a5:a6:93:c0:
3f:10:4f:f0:e7:da:98:6d:02:4a:9a:9c:35:0f:56:
8b:a8:ce:6c:99:46:b6:cb:48:0e:0c:cf:5e:1e:4f:
23:48:56:72:b8:eb:91:84:00:92:0b:45:1f:d7:39:
2c:ba:4f:d0:5c:fe:54:d1:cb:0d:66:66:e6:9b:7a:
d4:74:76:68:64:0c:77:ec:8a:5e:3c:9a:ed:1d:f3:
e5:f2:40:20:76:17:62:05:ae:ba:fc:89:a6:ca:e7:
c8:e9:15:bb:f8:48:d8:8e:45:72:1f:64:6a:9e:dd:
fe:44:85:7d:c9:f6:b5:33:22:88:71:93:86:1c:8a:
f2:27:9d:9d:52:e6:2f:e8:b6:cf:74:03:2d:6b:82:
69:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DF:22:5A:E5:B1:F7:10:1D:9B:0E:17:96:0A:62:A8:87:9A:3C:37
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/i98iWuWx9xAdmw4XlgpiqIeaPDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
54:01:69:7f:95:1c:d9:54:43:39:fa:00:25:64:97:35:80:7e:
c6:cf:16:f6:ff:78:6a:6a:90:73:29:04:a8:cf:6c:1d:a9:29:
d9:1c:e8:d8:c0:81:63:d5:84:db:60:19:80:f4:26:74:3a:fe:
f7:e7:ee:0a:3a:b1:b5:92:39:ce:02:36:45:6e:21:8f:dd:df:
2a:7a:9e:64:6e:f3:61:38:9c:c4:0a:3b:7f:a7:b2:77:0b:6a:
b5:f0:e3:42:a8:3f:72:c6:0b:d2:7a:3c:1f:47:3b:29:95:a4:
99:77:9c:3a:6c:e0:1f:aa:d2:3d:42:be:33:59:d7:4c:e5:77:
6a:61:11:31:20:45:a0:a8:18:92:bf:a8:4d:05:48:eb:09:d1:
5e:c6:d5:45:79:20:06:ec:ca:86:f7:84:14:2c:a8:8f:f5:06:
10:33:6a:7c:f4:a8:36:6b:c1:db:20:6d:1c:26:ac:13:95:51:
33:a2:32:f4:c2:7d:c5:cf:32:f4:7b:38:bb:45:85:50:1c:27:
14:0e:18:74:8f:76:3f:3b:2c:28:fe:2a:52:89:08:72:dd:04:
22:b3:31:55:f3:c2:68:52:fa:c1:a6:5c:b4:15:50:4d:f9:06:
3a:00:b3:7d:71:61:e3:f6:78:61:0a:8d:51:c1:72:bc:cc:47:
c4:b4:f1:c2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZZiiL1dJcm5QBLkVOGTPGRNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjUwNDIzMTIwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmRmMjI1YWU1YjFmNzEwMWQ5YjBlMTc5NjBhNjJhODg3OWEzYzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGC2+BNiOIkIZFpJx+9mo3hGWcsQ
nViUGzgvYcvlD+CL7z7s7+gDAGZc8oc0hVYba+CAFU3hU0edD9MRBR2ohuu1rSxV
C2CZZdWhitDv58Bgdv+VxdeHRpKs2zaLz3xx2egtk8AYVVPIBj+eJhTRyWnakKWm
k8A/EE/w59qYbQJKmpw1D1aLqM5smUa2y0gODM9eHk8jSFZyuOuRhACSC0Uf1zks
uk/QXP5U0csNZmbmm3rUdHZoZAx37IpePJrtHfPl8kAgdhdiBa66/ImmyufI6RW7
+EjYjkVyH2Rqnt3+RIV9yfa1MyKIcZOGHIryJ52dUuYv6LbPdAMta4Jp8QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIvfIlrlsfcQHZsOF5YKYqiHmjw3MB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvaTk4aVd1V3g5eEFkbXc0WGxncGlxSWVhUERjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAVAFp
f5Uc2VRDOfoAJWSXNYB+xs8W9v94amqQcykEqM9sHakp2Rzo2MCBY9WE22AZgPQm
dDr+9+fuCjqxtZI5zgI2RW4hj93fKnqeZG7zYTicxAo7f6eydwtqtfDjQqg/csYL
0no8H0c7KZWkmXecOmzgH6rSPUK+M1nXTOV3amERMSBFoKgYkr+oTQVI6wnRXsbV
RXkgBuzKhveEFCyoj/UGEDNqfPSoNmvB2yBtHCasE5VRM6Iy9MJ9xc8y9Hs4u0WF
UBwnFA4YdI92PzssKP4qUokIct0EIrMxVfPCaFL6waZctBVQTfkGOgCzfXFh4/Z4
YQqNUcFyvMxHxLTxwg==
-----END CERTIFICATE-----
Generated at Tue May 13 07:08:36 2025 by rpki-client