Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MZS1KgBzYEpeVUbTQVZDkS1Fkh0.roa
File: MZS1KgBzYEpeVUbTQVZDkS1Fkh0.roa (raw, json)
Hash identifier: jkyHfjBYfzGNX/dvuX7neYjxHU4u5AVoT8kUOYqvB+I=
Subject key identifier: 31:94:B5:2A:00:73:60:4A:5E:55:46:D3:41:56:43:91:2D:45:92:1D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019768BBDCC51DA69AE2BD240D59F4EE0C47
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MZS1KgBzYEpeVUbTQVZDkS1Fkh0.roa
Signing time: Fri 13 Jun 2025 10:00:31 +0000
ROA not before: Fri 13 Jun 2025 10:00:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 37.202.203.0/24 maxlen: 24
151.240.77.0/24 maxlen: 24
151.242.202.0/23 maxlen: 23
151.243.206.0/23 maxlen: 23
151.244.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:bb:dc:c5:1d:a6:9a:e2:bd:24:0d:59:f4:ee:0c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 13 10:00:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3194b52a0073604a5e5546d3415643912d45921d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:72:97:bd:bd:18:fe:67:90:2f:03:0c:b7:
a4:0c:96:29:9b:6d:b9:f3:cf:7f:db:df:e6:46:60:
30:05:1b:32:39:42:ed:b8:56:d3:f7:3b:ff:cf:80:
76:a7:0a:ee:ff:bc:6b:15:f6:35:25:29:6e:24:34:
06:55:45:4b:af:13:40:fd:53:83:ec:cd:b2:ad:8c:
c4:f9:13:55:54:8a:b6:d9:2a:1b:e7:5c:7f:b6:46:
f5:7b:c5:ae:80:bf:cd:0b:d0:8c:55:fd:69:77:c0:
77:44:01:3c:2f:b0:1b:94:87:cc:43:2f:e6:4f:9a:
f8:a7:63:d7:8b:ab:3f:e5:35:65:2d:11:ba:af:61:
46:2a:7e:c7:ba:46:05:a1:0d:4a:5e:cf:5e:13:74:
4b:d6:61:e6:c9:1c:f6:68:df:b2:2b:e1:5a:2e:b6:
2d:1e:9a:7b:84:00:33:17:51:3e:6c:b2:20:79:37:
eb:fa:99:52:42:30:12:37:35:4b:df:e1:df:25:e6:
f7:4c:76:a6:17:b6:96:fd:99:be:27:84:1d:64:3f:
9d:ef:db:11:fa:12:41:60:51:66:c0:a9:c1:bc:f6:
29:9c:18:0e:75:d3:7a:49:83:c2:76:5c:57:37:90:
7c:bf:1f:c5:7a:a6:37:11:67:ff:77:02:81:21:7f:
9f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:94:B5:2A:00:73:60:4A:5E:55:46:D3:41:56:43:91:2D:45:92:1D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MZS1KgBzYEpeVUbTQVZDkS1Fkh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
151.240.77.0/24
151.242.202.0/23
151.243.206.0/23
151.244.88.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:15:0f:fa:ab:ed:88:c6:e4:95:ae:c1:2d:da:b8:08:7d:e9:
e8:9b:69:f6:d2:e7:16:95:25:ad:e2:27:18:ed:46:76:4a:3c:
4b:ec:0b:d9:63:1c:7e:dd:12:20:88:db:c8:67:e1:69:5b:76:
89:22:d0:7c:18:59:d3:92:e9:1f:7e:b9:6d:c6:58:3d:75:72:
03:6e:77:66:4b:e9:64:91:57:9e:74:c8:16:d5:5d:d4:5f:b1:
b3:53:73:07:a1:5c:3b:1b:b3:9d:30:24:e0:cc:1c:00:d8:82:
78:8d:30:12:30:53:83:8e:8d:28:b7:2f:99:c3:92:55:a3:73:
a3:8a:2e:27:dd:b8:78:5c:a9:2e:39:bb:9b:98:c2:cb:42:85:
93:fc:b5:5c:0d:f5:ee:1d:2a:da:91:55:e5:c1:ed:1c:15:65:
7a:f1:79:af:ea:1a:83:92:d6:09:5f:77:25:3d:70:e9:83:1e:
8b:a1:14:0f:08:36:e0:bf:99:13:bf:2d:28:a9:12:22:43:db:
37:2c:ab:f7:fb:a8:09:82:94:f9:0b:33:de:1e:bc:59:9d:e5:
38:91:ed:08:90:cd:fa:58:f5:04:77:93:e6:0a:9f:f1:8c:ab:
c9:8a:32:87:2a:98:bd:9a:08:94:a1:c9:89:5f:22:42:2d:ad:
9d:0b:f3:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdou9zFHaaa4r0kDVn07gxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjEzMTAwMDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTk0YjUyYTAwNzM2MDRhNWU1NTQ2ZDM0MTU2NDM5MTJkNDU5MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvZyl729GP5nkC8DDLekDJYpm225
889/29/mRmAwBRsyOULtuFbT9zv/z4B2pwru/7xrFfY1JSluJDQGVUVLrxNA/VOD
7M2yrYzE+RNVVIq22Sob51x/tkb1e8WugL/NC9CMVf1pd8B3RAE8L7AblIfMQy/m
T5r4p2PXi6s/5TVlLRG6r2FGKn7HukYFoQ1KXs9eE3RL1mHmyRz2aN+yK+FaLrYt
Hpp7hAAzF1E+bLIgeTfr+plSQjASNzVL3+HfJeb3THamF7aW/Zm+J4QdZD+d79sR
+hJBYFFmwKnBvPYpnBgOddN6SYPCdlxXN5B8vx/FeqY3EWf/dwKBIX+fFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDGUtSoAc2BKXlVG00FWQ5EtRZIdMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTVpTMUtnQnpZRXBlVlViVFFWWkRrUzFGa2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJcrLAwQA
l/BNAwQBl/LKAwQBl/POAwQAl/RYMA0GCSqGSIb3DQEBCwUAA4IBAQAqFQ/6q+2I
xuSVrsEt2rgIfenom2n20ucWlSWt4icY7UZ2SjxL7AvZYxx+3RIgiNvIZ+FpW3aJ
ItB8GFnTkukffrltxlg9dXIDbndmS+lkkVeedMgW1V3UX7GzU3MHoVw7G7OdMCTg
zBwA2IJ4jTASMFODjo0oty+Zw5JVo3Ojii4n3bh4XKkuObubmMLLQoWT/LVcDfXu
HSrakVXlwe0cFWV68Xmv6hqDktYJX3clPXDpgx6LoRQPCDbgv5kTvy0oqRIiQ9s3
LKv3+6gJgpT5CzPeHrxZneU4ke0IkM36WPUEd5PmCp/xjKvJijKHKpi9mgiUocmJ
XyJCLa2dC/MN
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:17:19 2025 by rpki-client