Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/6c4mStZuLFdhZBFsXfkgnUT06kQ.roa
File: 6c4mStZuLFdhZBFsXfkgnUT06kQ.roa (raw, json)
Hash identifier: 9X0qingJMgYTrqsJkiVxYQdXm9VKJ3coL7dPpBcYOeI=
Subject key identifier: E9:CE:26:4A:D6:6E:2C:57:61:64:11:6C:5D:F9:20:9D:44:F4:EA:44
Certificate issuer: /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial: 019697809C8D90BB08EB63802C3CEA6D02A4
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/6c4mStZuLFdhZBFsXfkgnUT06kQ.roa
Signing time: Sat 03 May 2025 18:55:10 +0000
ROA not before: Sat 03 May 2025 18:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59835
IP address blocks: 77.80.128.0/17 maxlen: 17
77.80.253.0/24 maxlen: 24
77.80.254.0/24 maxlen: 24
77.80.255.0/24 maxlen: 24
185.69.168.0/24 maxlen: 24
2a05:2240::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:97:80:9c:8d:90:bb:08:eb:63:80:2c:3c:ea:6d:02:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
Validity
Not Before: May 3 18:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e9ce264ad66e2c576164116c5df9209d44f4ea44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:77:29:b3:a1:a1:35:41:81:03:58:40:52:71:
f9:f3:6f:49:e3:53:dc:23:10:23:6d:70:68:97:9f:
fc:5f:c9:cf:cb:99:aa:9a:12:a2:84:71:4d:77:fd:
7f:ec:94:fc:09:07:d8:37:b5:f0:38:00:13:30:0a:
47:b0:06:86:28:86:8d:a9:a4:53:69:05:1f:3e:b2:
0e:a9:fe:1a:3d:83:d6:0f:07:93:98:f8:28:6d:07:
61:06:23:1e:2e:79:23:f2:05:c6:79:0c:a1:b3:45:
c2:be:81:5b:7f:b5:67:8b:b7:d7:55:5d:03:01:68:
df:29:a1:cd:14:61:57:77:49:00:ad:46:e4:24:4c:
69:19:e9:cb:15:20:3c:67:c6:9b:27:02:a9:5c:4f:
2c:79:9d:7b:38:6f:bd:5b:e4:7c:0b:d5:bd:a3:8a:
90:64:69:aa:00:e3:71:03:78:90:df:ec:e0:d4:80:
3f:d8:57:5a:f2:c3:9d:f4:a9:17:73:91:88:f3:cc:
bb:3d:7b:a0:c2:39:34:46:10:7e:4b:02:c7:ed:09:
b8:5d:3a:63:de:a8:e1:31:0d:1c:98:6f:5f:0b:f6:
b0:5e:f8:b2:f9:ce:1b:3e:14:76:a8:46:33:6a:da:
17:88:9d:a4:30:cc:d4:2d:51:11:71:37:59:6a:c7:
43:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:CE:26:4A:D6:6E:2C:57:61:64:11:6C:5D:F9:20:9D:44:F4:EA:44
X509v3 Authority Key Identifier:
keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/6c4mStZuLFdhZBFsXfkgnUT06kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.80.128.0/17
185.69.168.0/24
IPv6:
2a05:2240::/32
Signature Algorithm: sha256WithRSAEncryption
61:ba:df:a9:e5:ce:cd:78:ee:90:17:dc:34:14:89:95:58:19:
5b:19:3c:ab:f2:94:6a:12:af:02:ce:1f:22:dd:a5:38:bd:da:
89:d5:dd:e8:41:24:b5:ed:ee:22:4d:9b:67:b0:91:63:84:89:
17:ea:ff:6c:e1:f7:cc:cf:a7:0f:67:09:51:8d:4b:68:a9:da:
be:db:f4:fc:40:8a:a7:8a:57:08:40:03:d0:e6:6c:00:16:a1:
d9:7d:74:dc:e3:35:13:61:bb:b1:5d:89:37:ce:ed:ad:c3:07:
d1:a2:7b:61:6d:48:d3:a9:71:7a:bb:cb:2d:fb:2b:c8:54:e0:
34:c8:78:5f:00:1e:b6:a3:f6:5e:78:df:88:38:6f:5f:81:06:
f5:f1:dc:ce:3f:86:1d:c2:78:6c:ae:af:8c:d9:51:6b:3a:10:
fa:6b:e3:72:98:0b:77:af:b8:61:5e:f7:6f:33:cc:aa:e8:8d:
69:4f:b5:2d:ad:f8:cb:86:93:5f:62:f0:e7:68:13:43:fb:1e:
c8:37:13:78:fc:c7:b6:1d:c8:17:8e:dd:e3:e4:a6:5b:7d:6e:
ec:1d:32:94:65:20:d9:85:68:be:9d:aa:a7:a3:f2:57:bb:f2:
6d:cb:07:9b:29:a7:6f:19:05:c2:96:f1:97:5f:3e:94:08:29:
0e:e8:8f:03
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZaXgJyNkLsI62OALDzqbQKkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MmM4NDJkZmEyYTFlNzE0NzI3YmNjYjk1ZjE2NTM0NzEw
M2YyNzcwHhcNMjUwNTAzMTg1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOWNlMjY0YWQ2NmUyYzU3NjE2NDExNmM1ZGY5MjA5ZDQ0ZjRlYTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Xcps6GhNUGBA1hAUnH5829J41Pc
IxAjbXBol5/8X8nPy5mqmhKihHFNd/1/7JT8CQfYN7XwOAATMApHsAaGKIaNqaRT
aQUfPrIOqf4aPYPWDweTmPgobQdhBiMeLnkj8gXGeQyhs0XCvoFbf7Vni7fXVV0D
AWjfKaHNFGFXd0kArUbkJExpGenLFSA8Z8abJwKpXE8seZ17OG+9W+R8C9W9o4qQ
ZGmqAONxA3iQ3+zg1IA/2Fda8sOd9KkXc5GI88y7PXugwjk0RhB+SwLH7Qm4XTpj
3qjhMQ0cmG9fC/awXviy+c4bPhR2qEYzatoXiJ2kMMzULVERcTdZasdD4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOnOJkrWbixXYWQRbF35IJ1E9OpEMB8GA1UdIwQY
MBaAFGgshC36Kh5xRye8y5XxZTRxA/J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAt
MDhkNjViMzg2MzlkLzEvNmM0bVN0WnVMRmRoWkJGc1hma2duVVQwNmtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAtMDhkNjViMzg2Mzlk
LzEvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQHTVCAAwQA
uUWoMA0EAgACMAcDBQAqBSJAMA0GCSqGSIb3DQEBCwUAA4IBAQBhut+p5c7NeO6Q
F9w0FImVWBlbGTyr8pRqEq8Czh8i3aU4vdqJ1d3oQSS17e4iTZtnsJFjhIkX6v9s
4ffMz6cPZwlRjUtoqdq+2/T8QIqnilcIQAPQ5mwAFqHZfXTc4zUTYbuxXYk3zu2t
wwfRonthbUjTqXF6u8st+yvIVOA0yHhfAB62o/ZeeN+IOG9fgQb18dzOP4Ydwnhs
rq+M2VFrOhD6a+NymAt3r7hhXvdvM8yq6I1pT7UtrfjLhpNfYvDnaBND+x7INxN4
/Me2HcgXjt3j5KZbfW7sHTKUZSDZhWi+naqno/JXu/JtywebKadvGQXClvGXXz6U
CCkO6I8D
-----END CERTIFICATE-----
Generated at Thu May 8 10:04:18 2025 by rpki-client