Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/5rlrSe1HUXIj3_aBpG64a8NmOts.roa
File: 5rlrSe1HUXIj3_aBpG64a8NmOts.roa (raw, json)
Hash identifier: nRWsn8kltCpTHjq/8c/7GOAD+GlBtZhRnZ/ImlddXgU=
Subject key identifier: E6:B9:6B:49:ED:47:51:72:23:DF:F6:81:A4:6E:B8:6B:C3:66:3A:DB
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 019615C3720C2F7CD7BCFF2B94CAE94B4F61
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/5rlrSe1HUXIj3_aBpG64a8NmOts.roa
Signing time: Tue 08 Apr 2025 14:17:32 +0000
ROA not before: Tue 08 Apr 2025 14:17:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50889
IP address blocks: 77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.173.0/24 maxlen: 24
80.84.174.0/24 maxlen: 24
80.84.175.0/24 maxlen: 24
80.250.96.0/24 maxlen: 24
80.250.97.0/24 maxlen: 24
80.250.98.0/24 maxlen: 24
80.250.99.0/24 maxlen: 24
80.250.100.0/24 maxlen: 24
80.250.101.0/24 maxlen: 24
80.250.102.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
185.136.70.0/24 maxlen: 24
185.136.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:15:c3:72:0c:2f:7c:d7:bc:ff:2b:94:ca:e9:4b:4f:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Apr 8 14:17:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6b96b49ed47517223dff681a46eb86bc3663adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c3:be:62:e0:f7:c5:3a:0c:b8:75:e6:82:65:
d3:80:c4:26:cb:2c:9e:d8:05:f0:6c:97:1f:f8:9e:
0f:80:8b:cd:e2:ed:02:e4:a4:28:ae:14:99:98:99:
6b:38:1e:c2:b4:44:20:38:16:b0:8c:ff:55:86:cc:
9f:53:db:94:1b:15:1d:f4:a3:16:86:75:82:5c:a3:
d3:f5:51:9e:3a:05:14:70:71:26:9d:ec:51:95:49:
00:f9:bc:e2:c3:a2:b3:74:ad:52:d6:cd:34:eb:18:
7e:97:82:8d:9c:2c:0d:51:5d:a6:9b:0e:fe:a2:9e:
34:98:a3:ea:ec:c7:87:ff:ee:43:81:39:c5:68:f4:
e8:dd:4d:a3:8d:af:d0:75:14:34:f8:84:e6:b9:70:
e5:66:1b:d2:9a:f8:8a:66:79:ac:a0:4b:ae:46:a6:
9c:88:35:93:d1:0b:07:89:dd:af:89:82:92:2b:e3:
81:e6:04:09:53:1c:2d:29:d0:cd:ed:c1:fe:2e:58:
79:26:fe:3b:a2:97:0c:cf:4a:ab:26:d2:73:b7:b5:
c3:5a:b1:0e:1b:7a:91:9f:58:e1:2a:bc:b4:15:40:
ce:6f:20:4b:b5:26:67:7a:c3:7d:a4:75:fe:ea:76:
a8:7a:ca:5b:3e:c6:d3:b6:66:7d:1d:55:77:d2:ab:
cf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B9:6B:49:ED:47:51:72:23:DF:F6:81:A4:6E:B8:6B:C3:66:3A:DB
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/5rlrSe1HUXIj3_aBpG64a8NmOts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0/20
80.250.96.0-80.250.102.255
185.136.69.0-185.136.71.255
Signature Algorithm: sha256WithRSAEncryption
64:33:76:a0:f9:91:9b:b1:19:d0:d0:e2:34:5d:38:fe:9a:33:
4b:5b:b5:b7:b8:b1:13:93:5f:ba:81:fc:a2:0e:30:2c:63:81:
18:3f:59:90:2e:55:a0:45:e4:71:87:6d:93:f7:8d:3f:82:e0:
e3:7f:81:e8:5d:68:f9:ad:51:74:e4:42:1c:2d:8e:8c:a7:23:
f6:7c:cf:c5:df:39:63:75:f5:07:1d:1d:d6:06:d6:27:b7:3c:
fd:4e:df:2b:38:02:35:1e:cb:3f:64:fd:61:3e:20:11:a2:8f:
91:67:f5:17:19:b4:c5:fb:87:ea:68:47:0e:77:68:61:f6:8f:
ec:46:dc:95:ce:d4:8f:4b:4b:df:51:d3:73:52:c6:30:8e:f4:
ef:b2:1c:12:9e:26:98:e0:66:84:bc:67:2b:0d:8c:51:4e:66:
64:87:ac:08:f4:25:9d:60:a0:e4:84:fd:82:e4:6c:d9:15:7c:
e5:fd:32:02:41:ec:4b:d1:98:bd:23:da:2c:ed:5a:13:28:a0:
11:5e:c5:54:99:5e:82:4a:54:3d:16:86:e4:45:83:13:55:73:
36:32:37:e8:ca:d9:7b:57:ee:a2:4c:2e:41:3c:72:0a:fb:d0:
30:8d:34:e5:3a:13:58:51:5e:78:5e:e6:d0:9b:7e:b8:67:9f:
35:4d:9d:25
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZYVw3IML3zXvP8rlMrpS09hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjUwNDA4MTQxNzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmI5NmI0OWVkNDc1MTcyMjNkZmY2ODFhNDZlYjg2YmMzNjYzYWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArcO+YuD3xToMuHXmgmXTgMQmyyye
2AXwbJcf+J4PgIvN4u0C5KQorhSZmJlrOB7CtEQgOBawjP9VhsyfU9uUGxUd9KMW
hnWCXKPT9VGeOgUUcHEmnexRlUkA+bziw6KzdK1S1s006xh+l4KNnCwNUV2mmw7+
op40mKPq7MeH/+5DgTnFaPTo3U2jja/QdRQ0+ITmuXDlZhvSmviKZnmsoEuuRqac
iDWT0QsHid2viYKSK+OB5gQJUxwtKdDN7cH+Llh5Jv47opcMz0qrJtJzt7XDWrEO
G3qRn1jhKry0FUDObyBLtSZnesN9pHX+6naoespbPsbTtmZ9HVV30qvPbQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFOa5a0ntR1FyI9/2gaRuuGvDZjrbMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvNXJsclNlMUhVWElqM19hQnBHNjRhOE5tT3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCTW/4AwQE
UFSgMAwDBAVQ+mADBABQ+mYwDAMEALmIRQMEA7mIQDANBgkqhkiG9w0BAQsFAAOC
AQEAZDN2oPmRm7EZ0NDiNF04/pozS1u1t7ixE5NfuoH8og4wLGOBGD9ZkC5VoEXk
cYdtk/eNP4Lg43+B6F1o+a1RdORCHC2OjKcj9nzPxd85Y3X1Bx0d1gbWJ7c8/U7f
KzgCNR7LP2T9YT4gEaKPkWf1Fxm0xfuH6mhHDndoYfaP7Ebclc7Uj0tL31HTc1LG
MI7077IcEp4mmOBmhLxnKw2MUU5mZIesCPQlnWCg5IT9guRs2RV85f0yAkHsS9GY
vSPaLO1aEyigEV7FVJlegkpUPRaG5EWDE1VzNjI36MrZe1fuokwuQTxyCvvQMI00
5ToTWFFeeF7m0Jt+uGefNU2dJQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:52:47 2025 by rpki-client