Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/OdjteK9gKG4YNaSPtAZxPfbKTlg.roa
File: OdjteK9gKG4YNaSPtAZxPfbKTlg.roa (raw, json)
Hash identifier: C1n8BPEFHA0rRgZVDgK4q8CBrVeD5FeMnjLcyYE1XMw=
Subject key identifier: 39:D8:ED:78:AF:60:28:6E:18:35:A4:8F:B4:06:71:3D:F6:CA:4E:58
Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Certificate serial: 01966E76F04FD0CB2BC8AC824DE7F46C27C2
Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/OdjteK9gKG4YNaSPtAZxPfbKTlg.roa
Signing time: Fri 25 Apr 2025 19:40:10 +0000
ROA not before: Fri 25 Apr 2025 19:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214381
IP address blocks: 37.77.18.0/24 maxlen: 24
37.77.19.0/24 maxlen: 24
37.77.20.0/24 maxlen: 24
37.77.21.0/24 maxlen: 24
37.77.22.0/24 maxlen: 24
37.77.23.0/24 maxlen: 24
37.77.24.0/24 maxlen: 24
37.77.25.0/24 maxlen: 24
37.77.26.0/24 maxlen: 24
37.77.27.0/24 maxlen: 24
37.77.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6e:76:f0:4f:d0:cb:2b:c8:ac:82:4d:e7:f4:6c:27:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8
Validity
Not Before: Apr 25 19:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39d8ed78af60286e1835a48fb406713df6ca4e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d8:5c:f1:4f:c2:f8:4e:ea:9a:62:c0:cb:77:
2e:a1:49:9a:95:c0:98:f9:2d:34:01:c1:a5:1d:99:
dd:fb:78:dc:e6:ab:3b:66:3a:98:0c:c2:c3:e1:d2:
c3:c9:2e:b2:b3:09:2e:cc:50:db:d4:95:dd:3f:f1:
31:b4:72:68:8d:2f:24:60:b8:1b:ab:24:5f:56:8b:
59:56:83:23:00:79:0f:99:5b:c0:7d:4e:7a:99:a1:
61:a9:6a:78:51:80:e1:36:26:6a:45:b9:67:d8:61:
38:83:e7:02:11:e2:81:17:6c:24:a5:bb:4f:4c:dd:
69:54:ca:6b:dd:b9:a5:a4:aa:ae:6e:c6:ac:fc:3a:
2f:cc:26:50:d5:bf:c2:02:33:9e:67:d5:1e:8b:96:
23:37:82:50:38:97:05:fa:22:1f:16:35:02:68:81:
63:a0:8e:18:6e:57:10:e6:e7:7d:f9:77:04:62:ac:
04:93:33:ab:14:84:aa:ee:44:71:65:14:22:c4:c7:
9a:38:a1:83:99:69:35:bf:4f:54:1f:16:c6:63:b0:
95:cf:02:a1:15:50:aa:7d:46:d2:a8:5a:7f:09:a8:
ba:08:01:b2:1c:37:29:ca:cc:df:d0:06:35:35:6f:
7f:8a:63:3b:34:43:02:60:67:8b:bc:34:30:37:d2:
45:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D8:ED:78:AF:60:28:6E:18:35:A4:8F:B4:06:71:3D:F6:CA:4E:58
X509v3 Authority Key Identifier:
keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/OdjteK9gKG4YNaSPtAZxPfbKTlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.18.0-37.77.27.255
37.77.30.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:00:bb:95:a6:e1:f7:b8:70:07:2b:7f:18:86:71:98:bf:78:
0d:ae:ec:ac:b7:61:24:32:65:01:eb:16:1d:a9:bb:3b:35:2a:
35:1f:50:da:cf:c3:63:af:e8:5a:8d:ee:68:9d:86:f4:5e:05:
f6:a8:e0:38:b7:fe:6e:d7:1d:a4:f8:06:85:d9:4e:d6:6f:36:
12:51:fd:e2:0d:4a:67:60:86:ed:a9:69:4c:ec:d2:32:96:5d:
d7:39:98:c3:58:15:18:8d:ae:1b:a1:00:22:4a:44:31:54:32:
92:72:af:e6:31:fc:40:13:72:1d:11:06:24:09:0f:7d:8d:72:
88:fb:0a:c8:cf:b6:e5:59:fe:19:88:3b:b9:02:a3:5f:98:b1:
c3:5c:d3:29:9b:1a:39:18:c9:06:a3:b2:b2:e7:b0:42:12:e5:
e9:fb:d2:c8:31:01:a9:f2:3c:e4:94:cf:3d:6e:11:6a:0a:d9:
01:a8:0b:63:5a:9e:dd:91:0a:47:25:bc:1c:3b:df:d5:89:56:
56:54:66:4c:6a:23:3c:87:ad:65:6d:e0:0d:42:4b:7a:17:a3:
1d:df:b2:30:4c:87:2e:e0:57:90:35:94:78:24:b8:dc:3e:aa:
a7:fe:8c:81:af:a8:14:33:c1:6c:2f:ed:d0:a6:85:30:9d:24:
7c:4e:84:52
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZZudvBP0MsryKyCTef0bCfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh
NTI2ZDgwHhcNMjUwNDI1MTk0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ4ZWQ3OGFmNjAyODZlMTgzNWE0OGZiNDA2NzEzZGY2Y2E0ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnthc8U/C+E7qmmLAy3cuoUmalcCY
+S00AcGlHZnd+3jc5qs7ZjqYDMLD4dLDyS6yswkuzFDb1JXdP/ExtHJojS8kYLgb
qyRfVotZVoMjAHkPmVvAfU56maFhqWp4UYDhNiZqRbln2GE4g+cCEeKBF2wkpbtP
TN1pVMpr3bmlpKqubsas/DovzCZQ1b/CAjOeZ9Uei5YjN4JQOJcF+iIfFjUCaIFj
oI4YblcQ5ud9+XcEYqwEkzOrFISq7kRxZRQixMeaOKGDmWk1v09UHxbGY7CVzwKh
FVCqfUbSqFp/Cai6CAGyHDcpyszf0AY1NW9/imM7NEMCYGeLvDQwN9JFmQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDnY7XivYChuGDWkj7QGcT32yk5YMB8GA1UdIwQY
MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt
MWU4MjlmZmExYzNhLzEvT2RqdGVLOWdLRzRZTmFTUHRBWnhQZmJLVGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh
LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAElTRID
BAIlTRgDBAAlTR4wDQYJKoZIhvcNAQELBQADggEBAI8Au5Wm4fe4cAcrfxiGcZi/
eA2u7Ky3YSQyZQHrFh2puzs1KjUfUNrPw2Ov6FqN7midhvReBfao4Di3/m7XHaT4
BoXZTtZvNhJR/eINSmdghu2paUzs0jKWXdc5mMNYFRiNrhuhACJKRDFUMpJyr+Yx
/EATch0RBiQJD32Ncoj7CsjPtuVZ/hmIO7kCo1+YscNc0ymbGjkYyQajsrLnsEIS
5en70sgxAanyPOSUzz1uEWoK2QGoC2Nant2RCkclvBw739WJVlZUZkxqIzyHrWVt
4A1CS3oXox3fsjBMhy7gV5A1lHgkuNw+qqf+jIGvqBQzwWwv7dCmhTCdJHxOhFI=
-----END CERTIFICATE-----
Generated at Mon Apr 28 02:08:40 2025 by rpki-client