Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/YSMyo0r9Sisa_qEUD5bNOCn6J7k.roa
File: YSMyo0r9Sisa_qEUD5bNOCn6J7k.roa (raw, json)
Hash identifier: 2e6jr3gF4oxshJJOD15Mpry9Shp0v5NKkIGpPv8Ct7k=
Subject key identifier: 61:23:32:A3:4A:FD:4A:2B:1A:FE:A1:14:0F:96:CD:38:29:FA:27:B9
Certificate issuer: /CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Certificate serial: 019647FE9AF7C2BC7379C385F1A8DD393F86
Authority key identifier: CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/YSMyo0r9Sisa_qEUD5bNOCn6J7k.roa
Signing time: Fri 18 Apr 2025 08:23:10 +0000
ROA not before: Fri 18 Apr 2025 08:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31445
IP address blocks: 77.88.224.0/20 maxlen: 24
185.112.40.0/22 maxlen: 24
195.128.226.0/23 maxlen: 24
195.177.70.0/24 maxlen: 24
2a10:23c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 05:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:47:fe:9a:f7:c2:bc:73:79:c3:85:f1:a8:dd:39:3f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cea79dcd5a3dee450eaf3f93152ed6da806bbf71
Validity
Not Before: Apr 18 08:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=612332a34afd4a2b1afea1140f96cd3829fa27b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3e:03:2e:5b:df:39:4d:89:ce:ce:05:d0:89:
47:35:bc:9d:75:08:47:c1:9b:1c:ee:ef:82:b5:13:
c6:cd:7e:be:93:19:8a:b2:6d:2d:e6:42:0b:2b:2e:
b6:c8:f7:4f:f8:4b:08:f1:f8:4e:b4:2e:98:e6:35:
59:8b:a0:ef:60:df:e7:72:df:54:ed:ad:1a:9b:e3:
52:a1:63:9f:2d:13:31:63:e9:17:af:1f:e6:76:b1:
4e:e8:cb:a3:12:fd:c3:5d:98:81:38:f2:21:f6:3f:
26:d9:f5:2a:03:16:84:16:47:3b:ec:84:48:3e:9f:
4d:ac:29:c1:d8:9e:a1:b6:72:ec:40:a4:86:af:da:
25:9f:86:02:4b:f9:5c:55:29:65:35:ee:ca:32:93:
49:7a:e4:28:3d:95:1f:fe:94:f1:a8:a1:af:25:ca:
36:37:7e:3f:26:8a:60:8d:17:ed:8e:4c:d1:8d:22:
65:48:95:03:61:8b:03:fc:00:13:7e:d2:af:e0:58:
ca:9e:d4:ce:a3:0f:03:e1:4d:f7:a4:22:fd:30:36:
0b:e7:ea:9e:72:b6:ca:d3:bc:38:bd:6e:42:ef:60:
7c:07:22:5a:54:0e:fd:52:93:47:c6:c1:d7:14:55:
8c:77:07:7a:75:23:29:ed:f2:4b:e2:ca:59:b5:2f:
64:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:23:32:A3:4A:FD:4A:2B:1A:FE:A1:14:0F:96:CD:38:29:FA:27:B9
X509v3 Authority Key Identifier:
keyid:CE:A7:9D:CD:5A:3D:EE:45:0E:AF:3F:93:15:2E:D6:DA:80:6B:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zqedzVo97kUOrz-TFS7W2oBrv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/YSMyo0r9Sisa_qEUD5bNOCn6J7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f819cc-b294-460e-8be4-86e24260516f/1/zqedzVo97kUOrz-TFS7W2oBrv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.88.224.0/20
185.112.40.0/22
195.128.226.0/23
195.177.70.0/24
IPv6:
2a10:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:1f:26:f0:6d:b1:f1:00:12:12:06:56:7a:c8:65:da:7a:f0:
d5:b1:13:87:8f:5e:04:33:97:4c:15:f5:d1:78:d8:f7:a5:d7:
fd:47:24:30:6b:1d:b8:03:ec:25:60:cd:cb:d9:89:9d:45:9a:
f6:48:3e:53:62:fc:8f:0a:f9:90:8b:58:c3:4f:83:9c:2a:a6:
22:c3:b6:35:53:67:0f:50:94:e4:ae:96:c9:eb:4b:56:3d:33:
1b:ba:08:6a:3a:95:ec:1c:04:5a:4a:de:82:de:f6:68:6d:98:
97:a3:b2:4a:fa:e4:89:ea:e4:52:9a:35:e5:ca:8d:ac:7d:77:
b1:62:ed:4b:d8:f3:28:b0:78:ac:67:ef:af:76:1e:1c:f3:13:
a1:e1:71:d4:c9:df:c1:85:76:b0:77:41:13:3f:7e:0d:12:c3:
fb:f2:8c:bc:38:32:7a:c7:28:58:b5:44:1b:12:b0:d4:08:2a:
ad:da:05:4f:a5:6d:91:27:47:65:17:55:b9:61:4f:b0:ea:ab:
0f:3f:c6:00:2c:97:5d:89:05:e5:7b:14:f6:77:31:be:95:fb:
f9:56:7f:33:77:9a:2e:da:16:2f:c2:60:a6:7c:a4:27:88:5b:
64:45:40:87:4b:a0:ae:08:ab:36:90:81:3d:dd:09:bf:bb:83:
05:85:cc:61
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZZH/pr3wrxzecOF8ajdOT+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYTc5ZGNkNWEzZGVlNDUwZWFmM2Y5MzE1MmVkNmRhODA2
YmJmNzEwHhcNMjUwNDE4MDgyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTIzMzJhMzRhZmQ0YTJiMWFmZWExMTQwZjk2Y2QzODI5ZmEyN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z4DLlvfOU2Jzs4F0IlHNbyddQhH
wZsc7u+CtRPGzX6+kxmKsm0t5kILKy62yPdP+EsI8fhOtC6Y5jVZi6DvYN/nct9U
7a0am+NSoWOfLRMxY+kXrx/mdrFO6MujEv3DXZiBOPIh9j8m2fUqAxaEFkc77IRI
Pp9NrCnB2J6htnLsQKSGr9oln4YCS/lcVSllNe7KMpNJeuQoPZUf/pTxqKGvJco2
N34/JopgjRftjkzRjSJlSJUDYYsD/AATftKv4FjKntTOow8D4U33pCL9MDYL5+qe
crbK07w4vW5C72B8ByJaVA79UpNHxsHXFFWMdwd6dSMp7fJL4spZtS9kLQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGEjMqNK/UorGv6hFA+WzTgp+ie5MB8GA1UdIwQY
MBaAFM6nnc1aPe5FDq8/kxUu1tqAa79xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQt
ODZlMjQyNjA1MTZmLzEvWVNNeW8wcjlTaXNhX3FFVUQ1Yk5PQ242SjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mODE5Y2MtYjI5NC00NjBlLThiZTQtODZlMjQyNjA1MTZm
LzEvenFlZHpWbzk3a1VPcnotVEZTN1cyb0JydjNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETVjgAwQC
uXAoAwQBw4DiAwQAw7FGMA0EAgACMAcDBQAqECPAMA0GCSqGSIb3DQEBCwUAA4IB
AQB+HybwbbHxABISBlZ6yGXaevDVsROHj14EM5dMFfXReNj3pdf9RyQwax24A+wl
YM3L2YmdRZr2SD5TYvyPCvmQi1jDT4OcKqYiw7Y1U2cPUJTkrpbJ60tWPTMbughq
OpXsHARaSt6C3vZobZiXo7JK+uSJ6uRSmjXlyo2sfXexYu1L2PMosHisZ++vdh4c
8xOh4XHUyd/BhXawd0ETP34NEsP78oy8ODJ6xyhYtUQbErDUCCqt2gVPpW2RJ0dl
F1W5YU+w6qsPP8YALJddiQXlexT2dzG+lfv5Vn8zd5ou2hYvwmCmfKQniFtkRUCH
S6CuCKs2kIE93Qm/u4MFhcxh
-----END CERTIFICATE-----
Generated at Tue Apr 29 12:14:38 2025 by rpki-client