Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MFaoBuMp_n8GYQy16F9yYPCDvlw.roa
File: MFaoBuMp_n8GYQy16F9yYPCDvlw.roa (raw, json)
Hash identifier: pzLjXNVOb/tu8XBFljfZTE6/DnQ8ZMtfBy9pSDaK+d0=
Subject key identifier: 30:56:A8:06:E3:29:FE:7F:06:61:0C:B5:E8:5F:72:60:F0:83:BE:5C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01977501BE7CFE12D87B0EF8DA570E51F9B3
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MFaoBuMp_n8GYQy16F9yYPCDvlw.roa
Signing time: Sun 15 Jun 2025 19:12:17 +0000
ROA not before: Sun 15 Jun 2025 19:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 88.209.198.0/24 maxlen: 24
88.209.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:75:01:be:7c:fe:12:d8:7b:0e:f8:da:57:0e:51:f9:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 15 19:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3056a806e329fe7f06610cb5e85f7260f083be5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3c:54:da:31:bf:a6:aa:f2:51:fe:93:20:18:
c2:be:63:bf:b4:cf:7d:d0:f9:9e:75:74:0c:f9:07:
58:c9:f8:a7:21:f0:31:f6:a3:7d:d7:18:46:40:6b:
4a:a5:69:5e:10:03:1c:98:ed:e1:32:d3:f4:5d:41:
dc:4f:c3:73:6d:0e:69:5f:81:07:af:8b:2a:43:1b:
bd:c6:75:52:1c:74:ab:0b:db:99:13:4e:fa:54:0d:
c3:24:90:c4:60:b4:78:55:35:28:39:13:68:5a:f8:
3e:58:2e:9a:d0:67:c8:b3:71:6b:9a:c6:e9:2f:b3:
8b:75:59:b9:98:77:a3:74:84:e7:ca:20:da:e4:39:
99:8a:36:f2:f6:c5:99:e3:7a:51:e7:00:c3:5e:c6:
c5:eb:82:71:a1:51:68:d9:8a:0e:27:70:cc:b8:61:
b6:ef:d8:e1:c0:f2:42:d7:4b:5c:57:c2:8e:ed:a6:
7b:4e:44:32:cd:f3:5d:e8:90:8b:ab:79:e2:68:9f:
6d:15:c9:aa:cd:c6:e5:22:ce:53:f7:74:ad:d9:2c:
cb:4d:07:74:c9:7b:cd:7b:aa:5c:3b:96:ed:f2:41:
72:f4:59:54:1c:a2:f7:31:34:09:96:c5:11:90:80:
7d:2c:c8:7a:e7:ed:9a:88:c7:d4:35:f5:c9:42:ee:
60:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:56:A8:06:E3:29:FE:7F:06:61:0C:B5:E8:5F:72:60:F0:83:BE:5C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/MFaoBuMp_n8GYQy16F9yYPCDvlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.198.0/24
88.209.209.0/24
Signature Algorithm: sha256WithRSAEncryption
09:1e:c5:69:d0:77:44:61:c3:1c:17:0e:ae:4f:4f:ad:fc:cb:
cb:20:e3:79:0a:25:ad:f6:61:32:a2:b6:d5:73:f0:2b:59:b8:
7d:c3:1e:ac:73:25:ab:dd:97:80:05:a2:96:7f:28:9b:d9:82:
8a:fc:cd:0f:15:9f:d8:d4:22:18:28:9a:36:33:cd:a4:12:d2:
45:26:e4:fb:d4:d8:40:f3:49:68:d0:f2:af:fa:fb:bd:bb:70:
c7:6c:06:be:e9:d8:d6:68:2b:6d:38:e5:f7:c9:34:23:2c:6a:
e2:1b:d9:cd:6f:95:02:bb:2d:3b:e8:ec:9b:15:06:18:5a:7f:
ff:cb:be:02:3d:26:78:29:c4:a5:e3:7e:e6:13:72:f1:4d:cf:
b1:df:3f:3f:8e:c9:39:c2:1d:d3:c9:a5:3b:76:d7:f4:28:53:
b3:fc:f8:3c:aa:df:52:3a:e5:4f:a6:cd:fa:c1:7c:eb:82:af:
50:58:05:c9:94:5d:31:76:8f:33:ba:fd:53:14:27:92:54:22:
57:f7:06:15:c4:70:13:5a:b5:c8:58:e9:b1:6a:d2:31:bf:80:
5c:60:49:c5:f9:40:0f:47:d5:a6:3d:f2:8b:f4:70:3b:4d:af:
95:bd:fc:3b:52:a9:5b:58:a5:f6:ea:7d:b1:84:3e:07:6b:f1:
7e:86:13:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd1Ab58/hLYew742lcOUfmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjE1MTkxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDU2YTgwNmUzMjlmZTdmMDY2MTBjYjVlODVmNzI2MGYwODNiZTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzxU2jG/pqryUf6TIBjCvmO/tM99
0PmedXQM+QdYyfinIfAx9qN91xhGQGtKpWleEAMcmO3hMtP0XUHcT8NzbQ5pX4EH
r4sqQxu9xnVSHHSrC9uZE076VA3DJJDEYLR4VTUoORNoWvg+WC6a0GfIs3Frmsbp
L7OLdVm5mHejdITnyiDa5DmZijby9sWZ43pR5wDDXsbF64JxoVFo2YoOJ3DMuGG2
79jhwPJC10tcV8KO7aZ7TkQyzfNd6JCLq3niaJ9tFcmqzcblIs5T93St2SzLTQd0
yXvNe6pcO5bt8kFy9FlUHKL3MTQJlsURkIB9LMh65+2aiMfUNfXJQu5gyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDBWqAbjKf5/BmEMtehfcmDwg75cMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvTUZhb0J1TXBfbjhHWVF5MTZGOXlZUENEdmx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHGAwQA
WNHRMA0GCSqGSIb3DQEBCwUAA4IBAQAJHsVp0HdEYcMcFw6uT0+t/MvLION5CiWt
9mEyorbVc/ArWbh9wx6scyWr3ZeABaKWfyib2YKK/M0PFZ/Y1CIYKJo2M82kEtJF
JuT71NhA80lo0PKv+vu9u3DHbAa+6djWaCttOOX3yTQjLGriG9nNb5UCuy076Oyb
FQYYWn//y74CPSZ4KcSl437mE3LxTc+x3z8/jsk5wh3TyaU7dtf0KFOz/Pg8qt9S
OuVPps36wXzrgq9QWAXJlF0xdo8zuv1TFCeSVCJX9wYVxHATWrXIWOmxatIxv4Bc
YEnF+UAPR9WmPfKL9HA7Ta+Vvfw7UqlbWKX26n2xhD4Ha/F+hhO3
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:24:33 2025 by rpki-client