Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MJHzVsg_CJVSXfOOjCBQwayhwak.roa
File: MJHzVsg_CJVSXfOOjCBQwayhwak.roa (raw, json)
Hash identifier: BJpYFXc3Im46ARciyN5r9fJDfEcBRee/lHnVgG/PmkA=
Subject key identifier: 30:91:F3:56:C8:3F:08:95:52:5D:F3:8E:8C:20:50:C1:AC:A1:C1:A9
Certificate issuer: /CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Certificate serial: 0196441330F5BC6287226586FDA5E245080F
Authority key identifier: 6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MJHzVsg_CJVSXfOOjCBQwayhwak.roa
Signing time: Thu 17 Apr 2025 14:07:10 +0000
ROA not before: Thu 17 Apr 2025 14:07:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 31.169.64.0/24 maxlen: 24
31.169.65.0/24 maxlen: 24
31.169.66.0/24 maxlen: 24
31.169.67.0/24 maxlen: 24
31.169.69.0/24 maxlen: 24
31.169.70.0/24 maxlen: 24
31.169.71.0/24 maxlen: 24
31.169.72.0/24 maxlen: 24
31.169.74.0/24 maxlen: 24
31.169.76.0/24 maxlen: 24
31.169.77.0/24 maxlen: 24
31.169.78.0/24 maxlen: 24
31.169.79.0/24 maxlen: 24
31.169.81.0/24 maxlen: 24
31.169.82.0/24 maxlen: 24
31.169.84.0/24 maxlen: 24
31.169.92.0/24 maxlen: 24
31.169.93.0/24 maxlen: 24
31.169.94.0/24 maxlen: 24
185.33.63.0/24 maxlen: 24
2a00:5740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.mft
rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:44:13:30:f5:bc:62:87:22:65:86:fd:a5:e2:45:08:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d69da44ae067fc1a98a5f6f05f12e545d0fc62a
Validity
Not Before: Apr 17 14:07:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3091f356c83f0895525df38e8c2050c1aca1c1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e9:3c:fb:39:b8:b0:b1:04:49:39:ca:fe:09:
98:a5:a9:cf:69:e2:3d:bf:62:9c:e0:c1:dd:fd:ef:
15:8f:8e:f7:8f:b6:e2:76:f1:98:47:5a:c0:b0:14:
26:df:c8:48:85:3d:b0:6f:3c:39:33:fb:46:ad:2d:
f0:03:a2:47:8d:f6:17:80:ce:2a:00:32:af:f8:0b:
ab:91:fb:33:70:53:09:5d:90:e3:40:8b:ad:6e:88:
3d:60:7c:7a:f3:14:cf:aa:2c:0f:ce:78:2c:47:c5:
4e:02:02:fa:90:1d:5e:99:d8:47:54:e1:f4:76:8e:
c7:fb:62:fc:6b:a2:97:e4:b4:ef:6b:2e:7c:bb:5b:
da:ae:1b:3c:e3:83:5b:7f:0e:08:03:71:44:bd:14:
75:57:b7:b0:19:9a:f5:24:55:3f:36:80:a9:12:86:
63:45:6b:56:1d:a2:9e:f4:4e:5e:6b:ed:47:37:b5:
8d:a9:f7:88:28:86:22:64:e4:04:62:10:46:86:e8:
45:9a:44:7d:cd:17:9d:da:3a:31:da:d1:a3:c9:1f:
71:b0:22:3d:6d:88:08:eb:46:ca:4d:37:67:6e:f9:
58:40:d3:c6:f3:cd:15:b9:1a:ad:f4:30:4a:46:e7:
1b:6c:f2:de:7a:24:58:23:32:36:dc:6f:35:3d:eb:
e3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:91:F3:56:C8:3F:08:95:52:5D:F3:8E:8C:20:50:C1:AC:A1:C1:A9
X509v3 Authority Key Identifier:
keyid:6D:69:DA:44:AE:06:7F:C1:A9:8A:5F:6F:05:F1:2E:54:5D:0F:C6:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/MJHzVsg_CJVSXfOOjCBQwayhwak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/b1a82a-490f-43fb-986e-26170da4a0b1/1/bWnaRK4Gf8Gpil9vBfEuVF0Pxio.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.64.0/22
31.169.69.0-31.169.72.255
31.169.74.0/24
31.169.76.0/22
31.169.81.0-31.169.82.255
31.169.84.0/24
31.169.92.0-31.169.94.255
185.33.63.0/24
IPv6:
2a00:5740::/29
Signature Algorithm: sha256WithRSAEncryption
8d:fe:90:81:fb:a1:39:64:90:cc:de:e4:ef:5c:77:64:cd:5f:
51:89:fd:9c:a5:8b:30:37:45:79:7b:55:8d:a6:ed:04:6b:a2:
6f:4a:ba:b4:6f:e6:d8:6d:22:3d:4d:f4:40:51:11:e8:b0:39:
31:e4:d0:f9:54:f9:67:8f:52:6e:3a:cd:96:24:d8:2b:fb:fe:
57:44:1a:9d:3a:16:ff:34:1d:2c:28:dd:77:a7:c0:d7:4d:70:
54:e7:e6:0e:1e:e0:cf:93:ef:bd:b4:d4:91:7d:13:5c:f1:57:
e8:c1:1e:fe:69:a6:63:e6:d3:80:0a:a8:1f:fa:bf:79:0b:b6:
ba:d5:94:8a:73:5d:75:3a:26:e9:df:b2:c5:72:50:cf:72:bf:
d8:15:03:1b:88:2c:4d:c4:6c:f4:f3:62:35:61:56:c3:00:0b:
ae:94:f3:13:42:df:57:25:fb:4e:cb:19:93:9f:38:99:c9:27:
75:32:89:f8:fe:ac:77:64:22:58:51:c4:c9:0a:95:16:99:97:
21:c0:29:29:8a:c3:0d:eb:af:c4:26:20:c9:94:7a:eb:45:7d:
4b:ce:1a:42:15:00:0e:28:d8:2a:c3:5c:32:99:79:62:32:18:
fa:3b:26:a5:58:cd:79:d8:d3:4d:f0:23:a0:98:80:2a:4d:0d:
93:0d:98:73
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZZEEzD1vGKHImWG/aXiRQgPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNjlkYTQ0YWUwNjdmYzFhOThhNWY2ZjA1ZjEyZTU0NWQw
ZmM2MmEwHhcNMjUwNDE3MTQwNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDkxZjM1NmM4M2YwODk1NTI1ZGYzOGU4YzIwNTBjMWFjYTFjMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOk8+zm4sLEESTnK/gmYpanPaeI9
v2Kc4MHd/e8Vj473j7bidvGYR1rAsBQm38hIhT2wbzw5M/tGrS3wA6JHjfYXgM4q
ADKv+AurkfszcFMJXZDjQIutbog9YHx68xTPqiwPzngsR8VOAgL6kB1emdhHVOH0
do7H+2L8a6KX5LTvay58u1varhs844Nbfw4IA3FEvRR1V7ewGZr1JFU/NoCpEoZj
RWtWHaKe9E5ea+1HN7WNqfeIKIYiZOQEYhBGhuhFmkR9zRed2jox2tGjyR9xsCI9
bYgI60bKTTdnbvlYQNPG880VuRqt9DBKRucbbPLeeiRYIzI23G81PevjfwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFDCR81bIPwiVUl3zjowgUMGsocGpMB8GA1UdIwQY
MBaAFG1p2kSuBn/BqYpfbwXxLlRdD8YqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUt
MjYxNzBkYTRhMGIxLzEvTUpIelZzZ19DSlZTWGZPT2pDQlF3YXlod2FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9iMWE4MmEtNDkwZi00M2ZiLTk4NmUtMjYxNzBkYTRhMGIx
LzEvYlduYVJLNEdmOEdwaWw5dkJmRXVWRjBQeGlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQCH6lAMAwD
BAAfqUUDBAAfqUgDBAAfqUoDBAIfqUwwDAMEAB+pUQMEAB+pUgMEAB+pVDAMAwQC
H6lcAwQAH6leAwQAuSE/MA0EAgACMAcDBQMqAFdAMA0GCSqGSIb3DQEBCwUAA4IB
AQCN/pCB+6E5ZJDM3uTvXHdkzV9Rif2cpYswN0V5e1WNpu0Ea6JvSrq0b+bYbSI9
TfRAURHosDkx5ND5VPlnj1JuOs2WJNgr+/5XRBqdOhb/NB0sKN13p8DXTXBU5+YO
HuDPk++9tNSRfRNc8VfowR7+aaZj5tOACqgf+r95C7a61ZSKc111Oibp37LFclDP
cr/YFQMbiCxNxGz082I1YVbDAAuulPMTQt9XJftOyxmTnziZySd1Mon4/qx3ZCJY
UcTJCpUWmZchwCkpisMN66/EJiDJlHrrRX1LzhpCFQAOKNgqw1wymXliMhj6Oyal
WM152NNN8COgmIAqTQ2TDZhz
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:13:45 2025 by rpki-client