Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/ta8u9psNnxLXxOOnjkANI4Fajjk.roa
File: ta8u9psNnxLXxOOnjkANI4Fajjk.roa (raw, json)
Hash identifier: fSNLSNcjXBJXjqSKt5vbfxJa/YEMbXMuFrigLYETmno=
Subject key identifier: B5:AF:2E:F6:9B:0D:9F:12:D7:C4:E3:A7:8E:40:0D:23:81:5A:8E:39
Certificate issuer: /CN=7b732b6e5710ba8289cff4bb226b75bc4b07819f
Certificate serial: 0198747E46E9E815F716ABB127952CCE644F
Authority key identifier: 7B:73:2B:6E:57:10:BA:82:89:CF:F4:BB:22:6B:75:BC:4B:07:81:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e3MrblcQuoKJz_S7Imt1vEsHgZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/ta8u9psNnxLXxOOnjkANI4Fajjk.roa
Signing time: Mon 04 Aug 2025 09:51:29 +0000
ROA not before: Mon 04 Aug 2025 09:51:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200514
IP address blocks: 77.81.120.0/24 maxlen: 24
77.81.121.0/24 maxlen: 24
185.66.140.0/24 maxlen: 24
185.66.141.0/24 maxlen: 24
185.66.142.0/24 maxlen: 24
185.66.143.0/24 maxlen: 24
194.145.208.0/24 maxlen: 24
194.145.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/e3MrblcQuoKJz_S7Imt1vEsHgZ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/e3MrblcQuoKJz_S7Imt1vEsHgZ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e3MrblcQuoKJz_S7Imt1vEsHgZ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 12:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:7e:46:e9:e8:15:f7:16:ab:b1:27:95:2c:ce:64:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b732b6e5710ba8289cff4bb226b75bc4b07819f
Validity
Not Before: Aug 4 09:51:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5af2ef69b0d9f12d7c4e3a78e400d23815a8e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:00:db:18:c3:df:cd:e8:05:0e:7a:e6:44:
bb:16:db:7d:89:03:05:83:17:42:eb:c8:e1:33:80:
30:0f:f3:ed:8a:fa:65:97:c7:a3:db:a5:97:b5:3f:
23:8b:7e:2a:f1:93:42:51:69:dd:45:cb:5f:c8:79:
2f:6b:c8:c0:55:d5:8f:e5:22:90:2b:aa:e8:1b:be:
97:2e:d1:d9:92:be:dc:07:1c:de:d9:3a:90:b0:22:
97:d3:16:48:17:48:76:11:7c:e4:1f:00:4e:17:c2:
1d:4d:da:b2:44:9b:6c:24:c1:d5:4b:86:ad:b5:04:
15:bb:82:8f:f1:79:64:4f:bd:c1:0a:cb:d3:b2:d1:
2e:64:27:ad:47:36:3e:01:df:f0:19:0f:aa:81:ae:
14:d1:1f:3a:15:62:85:35:db:6f:da:1d:07:41:69:
72:42:86:07:91:9f:71:01:c3:4c:0c:0f:ea:58:1b:
70:d3:9c:e6:51:59:b1:7b:d0:b3:36:88:2e:36:54:
1b:45:59:a3:77:29:09:f5:43:c2:b3:28:28:45:85:
1c:13:7a:48:21:ae:91:0f:78:df:a5:8c:a8:91:5d:
66:38:0f:8a:85:12:97:b9:5e:3f:6d:f1:28:81:8d:
e5:90:df:67:33:e3:72:2f:de:9d:45:59:82:ea:a0:
2e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AF:2E:F6:9B:0D:9F:12:D7:C4:E3:A7:8E:40:0D:23:81:5A:8E:39
X509v3 Authority Key Identifier:
keyid:7B:73:2B:6E:57:10:BA:82:89:CF:F4:BB:22:6B:75:BC:4B:07:81:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3MrblcQuoKJz_S7Imt1vEsHgZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/ta8u9psNnxLXxOOnjkANI4Fajjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3391ce-a795-401f-839d-a4d0d10c9016/1/e3MrblcQuoKJz_S7Imt1vEsHgZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.120.0/23
185.66.140.0/22
194.145.208.0/23
Signature Algorithm: sha256WithRSAEncryption
02:b2:6d:5a:c4:0d:46:0d:8d:96:30:a2:7d:10:39:d7:98:ca:
cb:d3:fe:57:79:11:e5:13:f8:45:9a:a6:fd:e2:96:4b:ac:e1:
c8:e1:e4:6d:01:2a:f0:7d:7d:36:49:9a:39:92:ad:cb:1c:e2:
54:cb:4d:20:60:bf:97:7b:c8:0e:fd:10:6d:83:b2:b3:b1:30:
d5:f4:af:1b:96:6e:56:fa:14:c7:0c:6b:f3:72:00:13:02:e6:
37:4b:3d:ac:83:e4:05:71:e2:25:b4:c1:87:1b:60:37:9c:f0:
ea:4f:9c:5b:48:e8:07:b5:5e:49:2d:f4:0c:36:c8:f7:08:b0:
bf:73:b2:53:de:b4:87:21:c0:d7:45:6e:48:b2:0e:2b:5a:0b:
ef:0a:e2:8b:01:2c:58:64:f4:97:b9:63:b5:29:1e:8b:39:ba:
c3:0b:c3:89:d5:a1:55:3c:e2:a0:e9:d1:ae:e6:75:11:ca:ac:
df:1d:b0:e2:6c:c6:cd:bd:9c:c8:f9:c6:68:b1:a4:04:e8:cc:
ca:93:be:d6:4e:13:f3:b8:eb:0f:d0:96:54:e0:0d:4d:5c:64:
89:7d:45:90:3b:dc:0e:dd:17:de:23:d4:0b:bf:53:c9:16:db:
ed:7e:23:a7:ae:be:1a:16:d7:87:de:ec:11:12:df:0c:1c:73:
8d:8b:9c:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZh0fkbp6BX3FquxJ5UszmRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNzMyYjZlNTcxMGJhODI4OWNmZjRiYjIyNmI3NWJjNGIw
NzgxOWYwHhcNMjUwODA0MDk1MTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWFmMmVmNjliMGQ5ZjEyZDdjNGUzYTc4ZTQwMGQyMzgxNWE4ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ0A2xjD383oBQ565kS7Ftt9iQMF
gxdC68jhM4AwD/Ptivpll8ej26WXtT8ji34q8ZNCUWndRctfyHkva8jAVdWP5SKQ
K6roG76XLtHZkr7cBxze2TqQsCKX0xZIF0h2EXzkHwBOF8IdTdqyRJtsJMHVS4at
tQQVu4KP8XlkT73BCsvTstEuZCetRzY+Ad/wGQ+qga4U0R86FWKFNdtv2h0HQWly
QoYHkZ9xAcNMDA/qWBtw05zmUVmxe9CzNoguNlQbRVmjdykJ9UPCsygoRYUcE3pI
Ia6RD3jfpYyokV1mOA+KhRKXuV4/bfEogY3lkN9nM+NyL96dRVmC6qAuwQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLWvLvabDZ8S18Tjp45ADSOBWo45MB8GA1UdIwQY
MBaAFHtzK25XELqCic/0uyJrdbxLB4GfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTNNcmJsY1F1b0tKel9TN0ltdDF2RXNIZ1o4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zMzkxY2UtYTc5NS00MDFmLTgzOWQt
YTRkMGQxMGM5MDE2LzEvdGE4dTlwc05ueExYeE9PbmprQU5JNEZhamprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zMzkxY2UtYTc5NS00MDFmLTgzOWQtYTRkMGQxMGM5MDE2
LzEvZTNNcmJsY1F1b0tKel9TN0ltdDF2RXNIZ1o4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTVF4AwQC
uUKMAwQBwpHQMA0GCSqGSIb3DQEBCwUAA4IBAQACsm1axA1GDY2WMKJ9EDnXmMrL
0/5XeRHlE/hFmqb94pZLrOHI4eRtASrwfX02SZo5kq3LHOJUy00gYL+Xe8gO/RBt
g7KzsTDV9K8blm5W+hTHDGvzcgATAuY3Sz2sg+QFceIltMGHG2A3nPDqT5xbSOgH
tV5JLfQMNsj3CLC/c7JT3rSHIcDXRW5Isg4rWgvvCuKLASxYZPSXuWO1KR6LObrD
C8OJ1aFVPOKg6dGu5nURyqzfHbDibMbNvZzI+cZosaQE6MzKk77WThPzuOsP0JZU
4A1NXGSJfUWQO9wO3RfeI9QLv1PJFtvtfiOnrr4aFteH3uwREt8MHHONi5xP
-----END CERTIFICATE-----
Generated at Tue Aug 5 16:43:22 2025 by rpki-client