Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/MVqGmiAksvqJ2-8IshQHupD8YqA.roa
File: MVqGmiAksvqJ2-8IshQHupD8YqA.roa (raw, json)
Hash identifier: VOzR7SVj/z9U9440c6UpsURLibHp9brNkKcVFNmx6Pc=
Subject key identifier: 31:5A:86:9A:20:24:B2:FA:89:DB:EF:08:B2:14:07:BA:90:FC:62:A0
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0197647CEB7BCE9038C675D7DF2FFF4C8DD5
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/MVqGmiAksvqJ2-8IshQHupD8YqA.roa
Signing time: Thu 12 Jun 2025 14:13:17 +0000
ROA not before: Thu 12 Jun 2025 14:13:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203952
IP address blocks: 145.15.40.0/24 maxlen: 24
145.15.41.0/24 maxlen: 24
145.15.108.0/23 maxlen: 24
145.15.110.0/23 maxlen: 24
145.15.112.0/24 maxlen: 24
145.15.113.0/24 maxlen: 24
145.15.208.0/23 maxlen: 24
145.15.212.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:7c:eb:7b:ce:90:38:c6:75:d7:df:2f:ff:4c:8d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Jun 12 14:13:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=315a869a2024b2fa89dbef08b21407ba90fc62a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0a:b9:ae:3b:04:89:68:a9:6a:fb:3f:51:71:
de:72:8b:dd:43:98:8c:73:b8:53:2e:76:94:65:c1:
0c:86:fc:00:49:99:17:b3:c0:ab:b9:1e:f1:11:aa:
07:f1:cb:a7:02:8b:64:a1:95:87:3c:08:a6:13:0d:
10:2a:aa:2c:01:ee:18:31:4a:13:f3:35:44:ac:d2:
1c:b8:03:d0:63:bd:3c:38:58:60:e4:b9:b6:e4:41:
ea:9e:45:4e:43:32:f0:10:b2:7a:46:6d:95:e8:48:
35:60:0d:50:1d:93:82:56:99:db:a3:27:70:a6:7a:
3e:21:d8:fd:86:ad:5b:dc:5b:48:25:8f:76:6a:af:
4e:1e:47:67:f8:17:1d:f3:44:56:a5:80:22:db:60:
a2:1f:e9:22:65:45:af:0a:6c:3a:1d:d7:f2:51:15:
91:9d:fb:7e:ac:e9:97:37:f3:a4:59:6e:76:c9:1f:
74:7d:3a:28:f8:1e:f7:79:c0:5c:a3:4f:13:1d:fb:
c0:3e:c5:17:f7:70:97:14:90:69:67:27:97:16:e7:
f4:e1:d3:70:7c:26:90:5e:c6:ed:d9:ee:66:07:9a:
4c:dd:e9:38:d1:d3:11:94:9e:d2:b6:5b:2e:4d:39:
c0:91:4d:62:7d:dd:48:03:49:6d:2a:71:bd:c1:79:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5A:86:9A:20:24:B2:FA:89:DB:EF:08:B2:14:07:BA:90:FC:62:A0
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/MVqGmiAksvqJ2-8IshQHupD8YqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.15.40.0/23
145.15.108.0-145.15.113.255
145.15.208.0/23
145.15.212.0/23
Signature Algorithm: sha256WithRSAEncryption
54:bd:b7:94:6a:17:1c:2c:12:d6:9a:01:c5:e2:1e:d7:e0:bc:
1d:7d:bf:31:2b:f4:b5:13:f0:37:4d:5a:75:ee:86:3e:eb:a0:
fb:71:11:ad:b8:16:2a:3e:f1:07:67:fc:c3:a5:68:b3:30:0c:
7d:20:a6:af:19:e7:59:b7:d5:7f:07:ae:ef:d1:65:c7:d2:55:
ca:c4:f8:d5:8d:da:6d:6e:5b:cc:29:8d:24:cb:3a:db:b4:67:
8b:f5:d5:c8:18:d0:31:b0:3a:9a:7a:9f:3b:c8:dc:bd:1d:17:
38:2a:7e:48:88:2c:ec:9c:f2:03:bc:45:c7:bf:0b:ab:55:fe:
93:fc:6c:b5:13:fd:64:52:f7:ff:61:66:84:37:aa:ad:a0:c8:
1d:c9:39:2e:8e:ea:f9:85:ee:8a:4b:64:22:20:8a:64:dd:3f:
6a:c8:6a:cc:77:29:e2:01:77:d2:ed:05:1b:e0:92:13:47:a3:
2a:35:95:f3:71:57:f2:79:22:aa:e9:ef:eb:9c:75:9b:f5:d4:
91:60:bb:df:bd:36:3f:12:b3:f7:88:9e:c4:13:ed:15:64:7f:
34:55:0d:7e:1f:c5:8e:9a:68:ce:0d:4b:e0:92:81:88:15:15:
ec:29:48:12:51:a0:69:16:9e:f1:a4:4b:8b:66:27:e7:f2:dc:
98:5d:ed:ac
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZdkfOt7zpA4xnXX3y//TI3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwNjEyMTQxMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTVhODY5YTIwMjRiMmZhODlkYmVmMDhiMjE0MDdiYTkwZmM2MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAq5rjsEiWipavs/UXHecovdQ5iM
c7hTLnaUZcEMhvwASZkXs8CruR7xEaoH8cunAotkoZWHPAimEw0QKqosAe4YMUoT
8zVErNIcuAPQY708OFhg5Lm25EHqnkVOQzLwELJ6Rm2V6Eg1YA1QHZOCVpnboydw
pno+Idj9hq1b3FtIJY92aq9OHkdn+Bcd80RWpYAi22CiH+kiZUWvCmw6HdfyURWR
nft+rOmXN/OkWW52yR90fToo+B73ecBco08THfvAPsUX93CXFJBpZyeXFuf04dNw
fCaQXsbt2e5mB5pM3ek40dMRlJ7StlsuTTnAkU1ifd1IA0ltKnG9wXkUSwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDFahpogJLL6idvvCLIUB7qQ/GKgMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvTVZxR21pQWtzdnFKMi04SXNoUUh1cEQ4WXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBkQ8oMAwD
BAKRD2wDBAGRD3ADBAGRD9ADBAGRD9QwDQYJKoZIhvcNAQELBQADggEBAFS9t5Rq
FxwsEtaaAcXiHtfgvB19vzEr9LUT8DdNWnXuhj7roPtxEa24Fio+8Qdn/MOlaLMw
DH0gpq8Z51m31X8Hru/RZcfSVcrE+NWN2m1uW8wpjSTLOtu0Z4v11cgY0DGwOpp6
nzvI3L0dFzgqfkiILOyc8gO8Rce/C6tV/pP8bLUT/WRS9/9hZoQ3qq2gyB3JOS6O
6vmF7opLZCIgimTdP2rIasx3KeIBd9LtBRvgkhNHoyo1lfNxV/J5Iqrp7+ucdZv1
1JFgu9+9Nj8Ss/eInsQT7RVkfzRVDX4fxY6aaM4NS+CSgYgVFewpSBJRoGkWnvGk
S4tmJ+fy3Jhd7aw=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:22:25 2025 by rpki-client