Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/MgJgYL9l6eKJ0Kmwl4y3YpthS-M.roa
File: MgJgYL9l6eKJ0Kmwl4y3YpthS-M.roa (raw, json)
Hash identifier: igpzPJYbXYIv+C9ih5BbtSw1dZ2mBgNdp+reY422/cw=
Subject key identifier: 32:02:60:60:BF:65:E9:E2:89:D0:A9:B0:97:8C:B7:62:9B:61:4B:E3
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0196721A06D9917B3D13F5D788506C989981
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/MgJgYL9l6eKJ0Kmwl4y3YpthS-M.roa
Signing time: Sat 26 Apr 2025 12:37:10 +0000
ROA not before: Sat 26 Apr 2025 12:37:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56380
IP address blocks: 194.41.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:72:1a:06:d9:91:7b:3d:13:f5:d7:88:50:6c:98:99:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 26 12:37:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32026060bf65e9e289d0a9b0978cb7629b614be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:9a:d7:ac:62:c7:d7:49:cc:c6:d3:1c:ef:51:
6c:66:2a:d9:1b:ef:76:09:1f:02:2d:24:8a:fd:74:
fc:bb:b6:d8:66:fa:37:a3:95:39:34:1c:d1:73:ea:
08:8b:c0:2e:0a:90:98:74:1e:ea:6b:cb:7c:f7:e2:
a8:ae:9e:25:81:f1:58:8c:34:2a:bd:29:ee:b8:e0:
44:7f:73:78:b5:56:66:42:5e:40:e7:37:a9:08:e1:
f3:62:c2:2a:6c:6d:d0:3c:0c:d7:3c:2e:9b:c1:05:
aa:ab:e1:92:b6:31:b3:89:4f:08:b2:39:16:6c:21:
d7:16:d9:f5:54:06:a2:c5:c7:96:00:8b:f6:e8:08:
0f:7d:f5:e9:ad:ce:a2:1d:ab:b2:0a:51:e7:6f:75:
4e:51:65:f4:60:58:0a:3f:9a:ee:25:0f:90:62:a5:
48:ed:06:46:23:f2:e5:25:87:60:2b:bd:d9:7a:4d:
9c:92:48:ae:26:d5:9e:3a:15:d0:6d:11:25:17:be:
6a:ee:4e:29:b2:15:94:b8:79:d1:69:22:e1:6c:57:
12:fc:6c:e8:0b:da:08:2d:55:b6:dd:9e:ea:bc:1d:
da:ed:3a:7d:6e:cc:23:57:fc:1f:02:eb:b2:cf:ba:
2e:03:b3:71:b5:0a:91:e2:82:98:bb:fc:3b:ef:ad:
b7:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:02:60:60:BF:65:E9:E2:89:D0:A9:B0:97:8C:B7:62:9B:61:4B:E3
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/MgJgYL9l6eKJ0Kmwl4y3YpthS-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.41.115.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:53:33:15:a8:79:c5:d6:a0:47:47:f0:4e:45:3d:f7:35:78:
20:d9:50:ef:88:d2:26:24:5f:a2:68:d7:dc:42:75:28:01:c4:
22:54:0d:09:e8:06:c3:25:dc:f0:50:3e:8e:88:d8:ae:9d:63:
ad:56:83:7e:a3:83:b4:3d:09:32:12:ff:49:67:1c:36:9b:fe:
3a:0e:2d:21:8f:61:a4:79:7a:96:0c:75:72:bb:e8:7f:d5:a2:
e6:eb:83:f3:87:ac:e3:36:9a:8f:59:21:79:ee:bc:b2:f5:7d:
cf:37:f3:16:cb:88:30:00:e0:ba:88:17:e8:d8:8a:13:2b:cf:
86:a9:9a:e8:ca:18:e1:c8:32:b6:ec:3c:6d:82:1a:a0:6a:63:
f9:66:a4:39:21:0f:86:47:8f:46:1c:8e:e2:8b:32:78:b0:09:
82:56:0d:42:cf:7d:4a:20:5e:8b:f7:7e:d4:42:30:a4:0a:c3:
f1:1c:98:97:2e:08:46:86:43:62:30:ab:f2:3f:5c:f3:96:57:
7a:94:91:9b:83:62:88:33:6c:c5:f8:2a:dd:8b:e9:4d:34:9f:
46:d9:71:32:c4:1b:de:1e:63:24:2b:16:e0:d6:3f:3f:6e:96:
a8:ba:7a:c2:4d:a1:fc:e1:e5:7a:1e:7e:eb:96:fc:b2:be:24:
13:fc:33:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZyGgbZkXs9E/XXiFBsmJmBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNDI2MTIzNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjAyNjA2MGJmNjVlOWUyODlkMGE5YjA5NzhjYjc2MjliNjE0YmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJrXrGLH10nMxtMc71FsZirZG+92
CR8CLSSK/XT8u7bYZvo3o5U5NBzRc+oIi8AuCpCYdB7qa8t89+Korp4lgfFYjDQq
vSnuuOBEf3N4tVZmQl5A5zepCOHzYsIqbG3QPAzXPC6bwQWqq+GStjGziU8IsjkW
bCHXFtn1VAaixceWAIv26AgPffXprc6iHauyClHnb3VOUWX0YFgKP5ruJQ+QYqVI
7QZGI/LlJYdgK73Zek2ckkiuJtWeOhXQbRElF75q7k4pshWUuHnRaSLhbFcS/Gzo
C9oILVW23Z7qvB3a7Tp9bswjV/wfAuuyz7ouA7NxtQqR4oKYu/w77623SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDICYGC/ZeniidCpsJeMt2KbYUvjMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvTWdKZ1lMOWw2ZUtKMEttd2w0eTNZcHRoUy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwilzMA0G
CSqGSIb3DQEBCwUAA4IBAQAtUzMVqHnF1qBHR/BORT33NXgg2VDviNImJF+iaNfc
QnUoAcQiVA0J6AbDJdzwUD6OiNiunWOtVoN+o4O0PQkyEv9JZxw2m/46Di0hj2Gk
eXqWDHVyu+h/1aLm64Pzh6zjNpqPWSF57ryy9X3PN/MWy4gwAOC6iBfo2IoTK8+G
qZroyhjhyDK27DxtghqgamP5ZqQ5IQ+GR49GHI7iizJ4sAmCVg1Cz31KIF6L937U
QjCkCsPxHJiXLghGhkNiMKvyP1zzlld6lJGbg2KIM2zF+Crdi+lNNJ9G2XEyxBve
HmMkKxbg1j8/bpaounrCTaH84eV6Hn7rlvyyviQT/DNf
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:24:45 2025 by rpki-client