Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/SUOAfAQ0XA-NwcRtQiSTfyb4Wy8.roa
File: SUOAfAQ0XA-NwcRtQiSTfyb4Wy8.roa (raw, json)
Hash identifier: e05e72W3+Ol/fZOV0pLIuKL4jo9MMxa/XkoeJUlntxg=
Subject key identifier: 49:43:80:7C:04:34:5C:0F:8D:C1:C4:6D:42:24:93:7F:26:F8:5B:2F
Certificate issuer: /CN=7415fec4ae76b24e4f02991649917b99b740044a
Certificate serial: 01967B942CDE42479669C919DC712A5B2213
Authority key identifier: 74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/SUOAfAQ0XA-NwcRtQiSTfyb4Wy8.roa
Signing time: Mon 28 Apr 2025 08:47:10 +0000
ROA not before: Mon 28 Apr 2025 08:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.132.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 19:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:94:2c:de:42:47:96:69:c9:19:dc:71:2a:5b:22:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7415fec4ae76b24e4f02991649917b99b740044a
Validity
Not Before: Apr 28 08:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4943807c04345c0f8dc1c46d4224937f26f85b2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:1b:c7:d7:68:82:95:49:78:2e:13:02:b1:80:
0a:bf:36:95:09:d3:6c:fc:96:05:5f:cc:7c:1f:d5:
65:91:47:94:3b:b9:72:08:80:19:1c:e8:a4:f5:10:
9d:ef:c3:a4:9c:a7:18:29:ce:7a:c1:2b:dd:7a:e7:
21:1c:1a:fc:c7:02:35:c4:08:ed:83:9f:b3:5d:f6:
90:83:f9:34:41:a8:e6:b5:0c:e0:21:ca:f1:f0:b2:
fb:22:b5:0d:ab:65:50:9d:45:9d:80:c8:b7:21:11:
aa:4f:7d:8a:ae:1f:b2:40:ea:30:bf:e4:60:47:e1:
ad:ad:09:9c:12:3d:4c:22:3f:22:bb:fd:c0:a2:a9:
89:5b:89:53:f5:2f:dc:c9:db:8d:b4:2c:64:75:14:
f6:ba:9d:8f:27:44:9c:17:bc:df:49:52:24:2e:65:
4c:bf:e1:3a:03:a8:b7:0b:3d:2f:72:56:6f:7d:08:
6b:8f:74:c9:3c:7e:c1:ab:b8:9e:94:07:2b:b1:63:
fe:87:d6:59:dd:bb:95:b9:70:96:0b:f6:08:e4:74:
3d:b9:72:9d:a7:27:43:ef:9a:fa:a7:c8:83:6d:88:
38:20:41:00:86:be:5a:47:b7:f9:7c:e1:27:13:75:
21:7b:65:e8:a4:2c:ad:7f:c0:cd:f4:56:5f:10:83:
40:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:43:80:7C:04:34:5C:0F:8D:C1:C4:6D:42:24:93:7F:26:F8:5B:2F
X509v3 Authority Key Identifier:
keyid:74:15:FE:C4:AE:76:B2:4E:4F:02:99:16:49:91:7B:99:B7:40:04:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dBX-xK52sk5PApkWSZF7mbdABEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/SUOAfAQ0XA-NwcRtQiSTfyb4Wy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/987979-9693-45e3-85ba-ed5358b6da31/1/dBX-xK52sk5PApkWSZF7mbdABEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.132.0/24
77.105.135.0/24
77.105.160.0/24
185.225.202.0/24
Signature Algorithm: sha256WithRSAEncryption
81:ad:f8:cf:90:17:d3:60:28:7a:9f:22:f8:fb:d5:5d:3a:22:
47:7e:ff:4b:9e:33:f1:25:66:ad:68:9c:44:bc:c9:71:13:b9:
58:b3:dc:78:60:05:89:a4:90:4c:47:e7:5e:d4:29:81:a2:37:
df:f3:b8:00:cf:f9:8e:19:e3:03:2e:f1:8c:79:17:24:f9:05:
32:10:e1:e8:93:54:b5:04:1f:b4:22:01:3c:73:8a:a5:70:69:
82:9c:c4:64:58:bc:41:cf:c9:b3:89:58:6f:0d:40:2f:c3:b4:
38:c3:3a:0b:81:ff:c4:df:ba:d1:ca:fa:ea:8d:a0:e7:5d:ce:
f5:22:62:44:72:d2:ef:62:6d:5f:d8:69:e1:d0:24:ba:a8:66:
f3:22:4a:2c:a8:68:07:94:46:71:76:d9:0f:01:36:c7:5e:45:
cd:bd:d3:c4:8b:d3:dd:bb:83:a3:89:dc:c8:7b:da:1e:e9:cc:
a8:21:1f:93:4f:1f:fb:72:25:43:2d:94:cc:7d:26:d7:06:9b:
86:ae:a4:b8:bb:b1:c8:b9:99:c7:0b:e3:cf:22:c0:13:c4:49:
c3:e5:37:02:f1:f2:7c:76:7c:44:e1:c2:2f:f8:3d:17:a3:f5:
7f:fd:18:d9:27:b9:46:08:ae:8c:df:f7:2e:12:e1:4e:1f:43:
eb:14:bf:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZ7lCzeQkeWackZ3HEqWyITMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MTVmZWM0YWU3NmIyNGU0ZjAyOTkxNjQ5OTE3Yjk5Yjc0
MDA0NGEwHhcNMjUwNDI4MDg0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQzODA3YzA0MzQ1YzBmOGRjMWM0NmQ0MjI0OTM3ZjI2Zjg1YjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BvH12iClUl4LhMCsYAKvzaVCdNs
/JYFX8x8H9VlkUeUO7lyCIAZHOik9RCd78OknKcYKc56wSvdeuchHBr8xwI1xAjt
g5+zXfaQg/k0QajmtQzgIcrx8LL7IrUNq2VQnUWdgMi3IRGqT32Krh+yQOowv+Rg
R+GtrQmcEj1MIj8iu/3AoqmJW4lT9S/cyduNtCxkdRT2up2PJ0ScF7zfSVIkLmVM
v+E6A6i3Cz0vclZvfQhrj3TJPH7Bq7ielAcrsWP+h9ZZ3buVuXCWC/YI5HQ9uXKd
pydD75r6p8iDbYg4IEEAhr5aR7f5fOEnE3Uhe2XopCytf8DN9FZfEINAbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFElDgHwENFwPjcHEbUIkk38m+FsvMB8GA1UdIwQY
MBaAFHQV/sSudrJOTwKZFkmRe5m3QARKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEt
ZWQ1MzU4YjZkYTMxLzEvU1VPQWZBUTBYQS1Od2NSdFFpU1RmeWI0V3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy85ODc5NzktOTY5My00NWUzLTg1YmEtZWQ1MzU4YjZkYTMx
LzEvZEJYLXhLNTJzazVQQXBrV1NaRjdtYmRBQkVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWmEAwQA
TWmHAwQATWmgAwQAueHKMA0GCSqGSIb3DQEBCwUAA4IBAQCBrfjPkBfTYCh6nyL4
+9VdOiJHfv9LnjPxJWataJxEvMlxE7lYs9x4YAWJpJBMR+de1CmBojff87gAz/mO
GeMDLvGMeRck+QUyEOHok1S1BB+0IgE8c4qlcGmCnMRkWLxBz8mziVhvDUAvw7Q4
wzoLgf/E37rRyvrqjaDnXc71ImJEctLvYm1f2Gnh0CS6qGbzIkosqGgHlEZxdtkP
ATbHXkXNvdPEi9Pdu4OjidzIe9oe6cyoIR+TTx/7ciVDLZTMfSbXBpuGrqS4u7HI
uZnHC+PPIsATxEnD5TcC8fJ8dnxE4cIv+D0Xo/V//RjZJ7lGCK6M3/cuEuFOH0Pr
FL/f
-----END CERTIFICATE-----
Generated at Fri May 2 05:55:28 2025 by rpki-client