Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/5kgmWFbSotEjp_FBh1D9H4GQdQM.roa
File: 5kgmWFbSotEjp_FBh1D9H4GQdQM.roa (raw, json)
Hash identifier: Zncej6bG8tjRfISSCN9agbd/46PCgnaW+SXrGYXgxc8=
Subject key identifier: E6:48:26:58:56:D2:A2:D1:23:A7:F1:41:87:50:FD:1F:81:90:75:03
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 01978C758CCC69CDF0B7F2FBAAC3C6372422
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/5kgmWFbSotEjp_FBh1D9H4GQdQM.roa
Signing time: Fri 20 Jun 2025 08:30:03 +0000
ROA not before: Fri 20 Jun 2025 08:30:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.129.0/24 maxlen: 24
77.105.132.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 11:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:75:8c:cc:69:cd:f0:b7:f2:fb:aa:c3:c6:37:24:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Jun 20 08:30:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e648265856d2a2d123a7f1418750fd1f81907503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:fb:74:b3:1f:a8:80:20:d9:3f:5e:7f:1f:b6:
80:67:21:53:55:42:e8:70:98:f2:74:42:18:ea:4b:
a7:91:7a:73:77:e0:1f:92:62:ee:00:81:08:2d:87:
7f:57:d3:44:d4:f7:ac:8c:c5:9a:21:10:2c:e6:97:
7f:89:7e:c0:52:c7:24:21:02:86:ce:7d:9b:bf:f3:
25:b3:44:26:5c:72:11:e4:df:71:bf:d4:be:00:2a:
b5:0e:5b:ab:16:85:89:66:5b:9e:70:f3:5d:ca:00:
40:03:be:c3:bd:24:b4:3c:cc:99:c6:36:6f:e5:7d:
ee:d5:b8:63:9a:33:7a:d0:cf:51:80:30:3d:c3:34:
9c:96:cf:2c:cf:10:2a:54:95:58:d9:81:fb:e7:41:
6d:af:1b:2f:9f:da:85:7e:de:c3:e6:b8:6e:39:3f:
25:c8:a2:55:3f:15:3b:3c:4f:7c:74:16:68:c4:95:
a4:f3:df:66:e4:8b:45:11:bf:00:09:b9:27:4d:79:
85:b1:6d:ac:46:6f:02:47:4d:b3:e4:d7:e2:3e:25:
9f:05:c2:be:b6:ed:05:cf:e8:f0:5d:a9:fc:4f:8f:
63:7e:ac:48:61:21:aa:dd:c6:99:b0:cb:2c:cb:11:
e4:8b:d2:17:9a:95:0a:33:c9:b6:2b:ca:4b:bf:5b:
27:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:48:26:58:56:D2:A2:D1:23:A7:F1:41:87:50:FD:1F:81:90:75:03
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/5kgmWFbSotEjp_FBh1D9H4GQdQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.129.0/24
77.105.132.0/24
77.105.134.0/23
77.105.160.0/24
185.225.202.0/24
Signature Algorithm: sha256WithRSAEncryption
17:8d:c1:69:a3:c8:c9:d0:fb:07:35:53:d1:63:01:09:56:5b:
a3:4d:39:0c:a9:b0:3c:69:00:b5:90:31:e7:3c:8b:ab:45:4b:
88:ec:97:db:88:f5:36:17:e3:69:4f:f0:60:42:05:34:06:3a:
4c:6d:63:4a:29:5f:77:e7:14:45:60:62:77:50:31:51:59:4d:
39:c9:c9:24:c8:06:86:8b:92:de:17:6b:42:af:87:d3:7c:6e:
98:41:21:e7:52:94:03:29:28:06:36:09:a4:54:ea:61:8e:bb:
8b:44:c9:17:d0:91:e4:35:3a:9f:f9:33:b1:db:57:38:db:60:
80:a1:eb:7b:f4:00:65:ac:64:83:70:54:c0:9e:2b:c6:fa:94:
64:76:b7:ed:2f:72:41:e7:f1:56:12:58:e6:88:eb:0c:a8:a1:
3f:cf:a6:cf:80:59:e2:48:4c:cc:ba:1c:bb:18:db:32:d0:12:
00:d2:ec:7c:6d:55:f7:7a:6e:9a:af:fc:00:9f:1f:37:ca:91:
cc:b1:a8:e1:f6:62:72:06:10:d4:09:69:71:53:5d:d4:ff:4a:
39:ca:03:60:4c:95:c9:48:73:c6:08:d0:e7:a8:a2:78:3a:87:
34:e3:ef:60:4b:8f:1e:cf:ba:2f:43:48:0b:c7:dc:f2:09:44:
03:8e:f2:30
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZeMdYzMac3wt/L7qsPGNyQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjUwNjIwMDgzMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjQ4MjY1ODU2ZDJhMmQxMjNhN2YxNDE4NzUwZmQxZjgxOTA3NTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4/t0sx+ogCDZP15/H7aAZyFTVULo
cJjydEIY6kunkXpzd+AfkmLuAIEILYd/V9NE1PesjMWaIRAs5pd/iX7AUsckIQKG
zn2bv/Mls0QmXHIR5N9xv9S+ACq1DlurFoWJZluecPNdygBAA77DvSS0PMyZxjZv
5X3u1bhjmjN60M9RgDA9wzScls8szxAqVJVY2YH750Ftrxsvn9qFft7D5rhuOT8l
yKJVPxU7PE98dBZoxJWk899m5ItFEb8ACbknTXmFsW2sRm8CR02z5NfiPiWfBcK+
tu0Fz+jwXan8T49jfqxIYSGq3caZsMssyxHki9IXmpUKM8m2K8pLv1snGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOZIJlhW0qLRI6fxQYdQ/R+BkHUDMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvNWtnbVdGYlNvdEVqcF9GQmgxRDlINEdRZFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATWmBAwQA
TWmEAwQBTWmGAwQATWmgAwQAueHKMA0GCSqGSIb3DQEBCwUAA4IBAQAXjcFpo8jJ
0PsHNVPRYwEJVlujTTkMqbA8aQC1kDHnPIurRUuI7JfbiPU2F+NpT/BgQgU0BjpM
bWNKKV935xRFYGJ3UDFRWU05yckkyAaGi5LeF2tCr4fTfG6YQSHnUpQDKSgGNgmk
VOphjruLRMkX0JHkNTqf+TOx21c422CAoet79ABlrGSDcFTAnivG+pRkdrftL3JB
5/FWEljmiOsMqKE/z6bPgFniSEzMuhy7GNsy0BIA0ux8bVX3em6ar/wAnx83ypHM
sajh9mJyBhDUCWlxU13U/0o5ygNgTJXJSHPGCNDnqKJ4Ooc04+9gS48ez7ovQ0gL
x9zyCUQDjvIw
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:00:14 2025 by rpki-client