Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/ItISHm4O4QJFdkbLsV5WDIWED7s.roa
File: ItISHm4O4QJFdkbLsV5WDIWED7s.roa (raw, json)
Hash identifier: 2xIHnBqGiS6+ukAkvA/7S7nXNG6Syaw25jRPupH88/A=
Subject key identifier: 22:D2:12:1E:6E:0E:E1:02:45:76:46:CB:B1:5E:56:0C:85:84:0F:BB
Certificate issuer: /CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
Certificate serial: 0196A4D95CE5654AAB3507DCDF05739C2CC7
Authority key identifier: 07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/ItISHm4O4QJFdkbLsV5WDIWED7s.roa
Signing time: Tue 06 May 2025 09:07:10 +0000
ROA not before: Tue 06 May 2025 09:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 77.237.64.0/19 maxlen: 19
77.237.65.0/24 maxlen: 24
77.237.68.0/24 maxlen: 24
77.237.69.0/24 maxlen: 24
77.237.70.0/24 maxlen: 24
77.237.72.0/24 maxlen: 24
77.237.74.0/24 maxlen: 24
77.237.75.0/24 maxlen: 24
77.237.76.0/24 maxlen: 24
77.237.77.0/24 maxlen: 24
77.237.78.0/23 maxlen: 23
77.237.78.0/24 maxlen: 24
77.237.79.0/24 maxlen: 24
77.237.80.0/20 maxlen: 20
77.237.80.0/24 maxlen: 24
77.237.81.0/24 maxlen: 24
77.237.82.0/24 maxlen: 24
77.237.83.0/24 maxlen: 24
77.237.84.0/23 maxlen: 24
77.237.84.0/24 maxlen: 24
77.237.85.0/24 maxlen: 24
77.237.87.0/24 maxlen: 24
77.237.88.0/24 maxlen: 24
77.237.89.0/24 maxlen: 24
77.237.91.0/24 maxlen: 24
77.237.94.0/24 maxlen: 24
77.237.95.0/24 maxlen: 24
92.242.192.0/19 maxlen: 19
92.242.192.0/23 maxlen: 23
92.242.192.0/24 maxlen: 24
92.242.193.0/24 maxlen: 24
92.242.194.0/24 maxlen: 24
92.242.195.0/24 maxlen: 24
92.242.198.0/24 maxlen: 24
92.242.200.0/21 maxlen: 21
92.242.202.0/23 maxlen: 23
92.242.202.0/24 maxlen: 24
92.242.203.0/24 maxlen: 24
92.242.204.0/24 maxlen: 24
92.242.205.0/24 maxlen: 24
92.242.206.0/24 maxlen: 24
92.242.207.0/24 maxlen: 24
92.242.208.0/20 maxlen: 20
92.242.208.0/24 maxlen: 24
92.242.210.0/23 maxlen: 23
92.242.210.0/24 maxlen: 24
92.242.211.0/24 maxlen: 24
92.242.212.0/22 maxlen: 22
92.242.214.0/24 maxlen: 24
92.242.215.0/24 maxlen: 24
92.242.220.0/24 maxlen: 24
92.242.223.0/24 maxlen: 24
185.14.160.0/22 maxlen: 22
185.14.160.0/24 maxlen: 24
185.225.240.0/24 maxlen: 24
185.225.241.0/24 maxlen: 24
185.225.242.0/23 maxlen: 23
185.225.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 20:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:d9:5c:e5:65:4a:ab:35:07:dc:df:05:73:9c:2c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07afdcd5e97ac1c102479c954d5f922b126cbc14
Validity
Not Before: May 6 09:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22d2121e6e0ee102457646cbb15e560c85840fbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ac:9c:57:58:b7:1c:2c:80:a7:60:06:8b:e6:
12:05:d1:41:99:ea:67:5e:61:35:6b:94:e2:31:92:
6a:24:68:8e:f1:de:71:09:2e:99:36:7b:ab:12:81:
b4:05:39:1e:5c:ab:21:da:05:01:fc:99:c5:82:7c:
b4:a9:05:49:56:3c:89:85:58:9b:c3:b2:4a:ba:4f:
f6:56:39:90:44:3a:c3:6d:de:cd:5e:7f:45:d2:31:
93:9c:1a:d6:be:fb:7a:c0:de:07:c5:9b:59:fa:09:
30:b5:77:c0:de:1f:cd:70:aa:a3:c0:7f:53:aa:09:
41:87:ee:94:f2:34:b7:a0:23:c0:b6:29:86:04:30:
7c:fd:bc:ca:7b:56:eb:44:c5:38:55:14:a2:4a:02:
81:50:33:99:fc:e6:d7:c7:3f:42:85:2c:58:73:77:
14:27:48:4e:9c:9b:79:16:e2:7a:84:22:60:15:5c:
28:5b:28:a5:f5:6f:bb:1d:7d:5c:b2:f2:16:d4:45:
51:af:c7:c1:ba:9c:b8:91:b6:18:33:25:d9:a0:0f:
7d:61:78:06:29:96:61:32:1d:89:67:92:14:e8:21:
b4:8a:c2:b2:4d:8a:2e:ab:b1:d3:ee:a5:41:1b:84:
9f:5a:25:9d:0c:d7:0d:2b:1e:56:61:0a:79:44:3e:
ca:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:D2:12:1E:6E:0E:E1:02:45:76:46:CB:B1:5E:56:0C:85:84:0F:BB
X509v3 Authority Key Identifier:
keyid:07:AF:DC:D5:E9:7A:C1:C1:02:47:9C:95:4D:5F:92:2B:12:6C:BC:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6_c1el6wcECR5yVTV-SKxJsvBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/ItISHm4O4QJFdkbLsV5WDIWED7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/0e2744-f646-4429-a25a-ff68517770e4/1/B6_c1el6wcECR5yVTV-SKxJsvBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.64.0/19
92.242.192.0/19
185.14.160.0/22
185.225.240.0/22
Signature Algorithm: sha256WithRSAEncryption
73:d1:59:0d:dc:27:ec:f2:3d:47:54:14:aa:e1:9a:90:72:5a:
92:22:23:a2:fa:21:05:68:b4:d8:dd:db:a7:68:5d:a4:00:70:
7a:17:a1:e1:37:2e:56:d9:32:a7:19:65:bc:05:bc:2a:2b:40:
fe:46:e4:6c:f4:ef:23:d4:17:c8:e7:6f:bc:cf:66:de:bb:ec:
ce:1b:74:f9:91:ad:0e:0c:51:ab:d0:9d:42:d5:b2:c2:7a:4e:
80:c1:5f:5c:8e:d9:ae:08:90:46:22:b0:3e:8f:03:d0:51:d1:
0a:f9:15:21:39:33:1b:90:14:5a:21:ea:da:48:c9:50:97:83:
d1:0a:d9:57:e7:7c:bc:21:dd:b5:10:3c:50:f4:33:0d:7e:1a:
95:d4:42:94:2e:0b:bb:93:16:fe:8c:49:01:eb:fa:03:fd:28:
24:ef:b9:e8:c5:3b:21:8d:23:16:e9:e8:2a:6c:80:08:59:58:
a8:99:7d:cd:e1:c6:dd:c2:07:90:c2:dd:c3:16:1e:18:c6:e6:
71:9f:38:ec:d9:5a:2f:67:a7:55:50:44:28:14:6e:94:cc:8b:
ff:f3:99:d6:8f:4a:48:27:55:3d:0a:23:51:81:27:79:72:86:
19:e0:ee:81:9b:88:7b:76:9f:06:44:d5:93:54:da:6a:27:9b:
86:b2:a9:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZak2VzlZUqrNQfc3wVznCzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YWZkY2Q1ZTk3YWMxYzEwMjQ3OWM5NTRkNWY5MjJiMTI2
Y2JjMTQwHhcNMjUwNTA2MDkwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmQyMTIxZTZlMGVlMTAyNDU3NjQ2Y2JiMTVlNTYwYzg1ODQwZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKycV1i3HCyAp2AGi+YSBdFBmepn
XmE1a5TiMZJqJGiO8d5xCS6ZNnurEoG0BTkeXKsh2gUB/JnFgny0qQVJVjyJhVib
w7JKuk/2VjmQRDrDbd7NXn9F0jGTnBrWvvt6wN4HxZtZ+gkwtXfA3h/NcKqjwH9T
qglBh+6U8jS3oCPAtimGBDB8/bzKe1brRMU4VRSiSgKBUDOZ/ObXxz9ChSxYc3cU
J0hOnJt5FuJ6hCJgFVwoWyil9W+7HX1csvIW1EVRr8fBupy4kbYYMyXZoA99YXgG
KZZhMh2JZ5IU6CG0isKyTYouq7HT7qVBG4SfWiWdDNcNKx5WYQp5RD7KeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCLSEh5uDuECRXZGy7FeVgyFhA+7MB8GA1UdIwQY
MBaAFAev3NXpesHBAkeclU1fkisSbLwUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEt
ZmY2ODUxNzc3MGU0LzEvSXRJU0htNE80UUpGZGtiTHNWNVdESVdFRDdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wZTI3NDQtZjY0Ni00NDI5LWEyNWEtZmY2ODUxNzc3MGU0
LzEvQjZfYzFlbDZ3Y0VDUjV5VlRWLVNLeEpzdkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFTe1AAwQF
XPLAAwQCuQ6gAwQCueHwMA0GCSqGSIb3DQEBCwUAA4IBAQBz0VkN3Cfs8j1HVBSq
4ZqQclqSIiOi+iEFaLTY3dunaF2kAHB6F6HhNy5W2TKnGWW8BbwqK0D+RuRs9O8j
1BfI52+8z2beu+zOG3T5ka0ODFGr0J1C1bLCek6AwV9cjtmuCJBGIrA+jwPQUdEK
+RUhOTMbkBRaIeraSMlQl4PRCtlX53y8Id21EDxQ9DMNfhqV1EKULgu7kxb+jEkB
6/oD/Sgk77noxTshjSMW6egqbIAIWViomX3N4cbdwgeQwt3DFh4YxuZxnzjs2Vov
Z6dVUEQoFG6UzIv/85nWj0pIJ1U9CiNRgSd5coYZ4O6Bm4h7dp8GRNWTVNpqJ5uG
sqkV
-----END CERTIFICATE-----
Generated at Thu May 8 04:39:34 2025 by rpki-client