Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/MkrzUPp2fw2MTxDAyX7xHZLlYbk.roa
File: MkrzUPp2fw2MTxDAyX7xHZLlYbk.roa (raw, json)
Hash identifier: slTzkCKMJrVrVLZuZQUzVX464caMJ5HD4oz3QsYxNQY=
Subject key identifier: 32:4A:F3:50:FA:76:7F:0D:8C:4F:10:C0:C9:7E:F1:1D:92:E5:61:B9
Certificate issuer: /CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Certificate serial: 019662C9F4E3331C5F563A49DC2A20E7F2EB
Authority key identifier: CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/MkrzUPp2fw2MTxDAyX7xHZLlYbk.roa
Signing time: Wed 23 Apr 2025 13:15:24 +0000
ROA not before: Wed 23 Apr 2025 13:15:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 176.124.200.0/24 maxlen: 24
176.124.201.0/24 maxlen: 24
176.124.208.0/24 maxlen: 24
176.124.209.0/24 maxlen: 24
176.124.210.0/24 maxlen: 24
176.124.211.0/24 maxlen: 24
176.124.212.0/24 maxlen: 24
176.124.213.0/24 maxlen: 24
176.124.214.0/24 maxlen: 24
176.124.215.0/24 maxlen: 24
176.124.216.0/24 maxlen: 24
176.124.217.0/24 maxlen: 24
176.124.218.0/24 maxlen: 24
176.124.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:62:c9:f4:e3:33:1c:5f:56:3a:49:dc:2a:20:e7:f2:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cccd583c8d71a2427e0060e3cc924f32dc1a820b
Validity
Not Before: Apr 23 13:15:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=324af350fa767f0d8c4f10c0c97ef11d92e561b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b1:d2:b5:f9:7f:cb:bb:1e:c6:32:0c:a9:4d:
88:19:75:d0:23:f6:fd:a8:a1:5c:1e:24:03:24:63:
22:19:3a:58:12:3f:c9:68:40:e0:9f:20:cb:d9:07:
72:1e:3a:a1:1f:90:c3:4c:75:2d:70:a9:ed:cb:bf:
e4:4b:19:df:bb:2f:93:9b:11:82:68:27:59:30:27:
35:5f:97:5d:b8:df:20:9e:74:3c:91:71:9c:97:49:
04:eb:39:4d:c5:d5:b0:45:5b:e6:4b:75:30:26:7c:
bd:ce:a1:a7:3f:b7:9a:ca:06:d8:35:2f:76:85:37:
ff:6e:c9:71:30:fe:13:31:e0:de:9b:25:b0:8c:77:
91:55:7c:eb:9b:ac:83:7c:53:6f:34:21:df:0c:d1:
f0:2b:dd:62:cc:db:c0:8e:b8:15:00:ff:dc:7b:7e:
57:97:6e:8b:bf:5d:41:26:18:bf:67:86:b5:69:d8:
ca:e7:bb:77:3b:22:11:93:d7:6d:0a:dd:b8:f5:d4:
52:c7:80:06:6b:83:fb:8d:3d:78:08:ef:50:3e:e9:
f3:10:9d:ad:d6:b2:89:67:b2:bd:1f:7d:aa:2b:7a:
61:b8:3f:c3:22:d8:23:05:ce:2c:18:79:c6:5b:aa:
40:dd:87:f5:36:30:45:a8:9b:76:9f:da:5a:63:f4:
15:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:4A:F3:50:FA:76:7F:0D:8C:4F:10:C0:C9:7E:F1:1D:92:E5:61:B9
X509v3 Authority Key Identifier:
keyid:CC:CD:58:3C:8D:71:A2:42:7E:00:60:E3:CC:92:4F:32:DC:1A:82:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zM1YPI1xokJ-AGDjzJJPMtwaggs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/MkrzUPp2fw2MTxDAyX7xHZLlYbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/56a02a-c5fd-4119-8c5f-f48502d13948/1/zM1YPI1xokJ-AGDjzJJPMtwaggs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.200.0/23
176.124.208.0-176.124.219.255
Signature Algorithm: sha256WithRSAEncryption
28:14:74:a2:64:99:1a:3d:03:43:62:c7:7d:b3:9d:f1:3d:20:
a0:43:81:e2:fc:01:f0:18:85:1e:dc:d9:86:a6:e0:03:fd:a2:
7e:74:26:1c:86:61:0c:e6:a3:4f:60:bd:e5:a1:b0:46:cc:30:
04:70:10:10:c9:25:bb:29:25:97:c1:1a:eb:7e:c0:69:83:14:
07:33:4d:e8:36:6e:7c:c7:c5:3d:6c:98:45:ee:6e:3c:d8:4e:
02:91:1c:62:8d:f3:12:11:d0:2d:bd:3c:6c:65:81:6a:d8:2f:
d0:e4:c5:a7:4c:d8:b2:2f:74:c6:06:99:ac:55:25:60:eb:37:
61:4c:12:ca:d5:51:1e:88:be:25:94:7d:e5:ae:2b:bf:2a:e0:
21:d7:b4:9e:5e:4b:3e:ce:f0:4d:be:4b:6a:cc:33:98:ac:2b:
92:c3:8c:4a:c5:29:75:7f:7d:81:24:3a:cb:a4:69:a5:03:b0:
48:22:06:d0:58:71:f1:a0:63:1c:65:6c:84:7f:57:37:79:bf:
20:a9:67:ed:00:6c:01:38:3c:83:4d:b7:3f:24:25:47:53:14:
bf:02:7b:79:08:58:ca:32:b2:66:cb:6d:5c:c7:64:59:f4:c7:
58:19:a5:51:d7:c2:5f:ca:7a:09:fb:65:40:10:fc:dd:73:93:
41:01:e3:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZZiyfTjMxxfVjpJ3Cog5/LrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2Q1ODNjOGQ3MWEyNDI3ZTAwNjBlM2NjOTI0ZjMyZGMx
YTgyMGIwHhcNMjUwNDIzMTMxNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjRhZjM1MGZhNzY3ZjBkOGM0ZjEwYzBjOTdlZjExZDkyZTU2MWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrHStfl/y7sexjIMqU2IGXXQI/b9
qKFcHiQDJGMiGTpYEj/JaEDgnyDL2QdyHjqhH5DDTHUtcKnty7/kSxnfuy+TmxGC
aCdZMCc1X5dduN8gnnQ8kXGcl0kE6zlNxdWwRVvmS3UwJny9zqGnP7eaygbYNS92
hTf/bslxMP4TMeDemyWwjHeRVXzrm6yDfFNvNCHfDNHwK91izNvAjrgVAP/ce35X
l26Lv11BJhi/Z4a1adjK57t3OyIRk9dtCt249dRSx4AGa4P7jT14CO9QPunzEJ2t
1rKJZ7K9H32qK3phuD/DItgjBc4sGHnGW6pA3Yf1NjBFqJt2n9paY/QViwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDJK81D6dn8NjE8QwMl+8R2S5WG5MB8GA1UdIwQY
MBaAFMzNWDyNcaJCfgBg48ySTzLcGoILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYt
ZjQ4NTAyZDEzOTQ4LzEvTWtyelVQcDJmdzJNVHhEQXlYN3hIWkxsWWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi81NmEwMmEtYzVmZC00MTE5LThjNWYtZjQ4NTAyZDEzOTQ4
LzEvek0xWVBJMXhva0otQUdEanpKSlBNdHdhZ2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBsHzIMAwD
BASwfNADBAKwfNgwDQYJKoZIhvcNAQELBQADggEBACgUdKJkmRo9A0Nix32znfE9
IKBDgeL8AfAYhR7c2Yam4AP9on50JhyGYQzmo09gveWhsEbMMARwEBDJJbspJZfB
Gut+wGmDFAczTeg2bnzHxT1smEXubjzYTgKRHGKN8xIR0C29PGxlgWrYL9DkxadM
2LIvdMYGmaxVJWDrN2FMEsrVUR6IviWUfeWuK78q4CHXtJ5eSz7O8E2+S2rMM5is
K5LDjErFKXV/fYEkOsukaaUDsEgiBtBYcfGgYxxlbIR/Vzd5vyCpZ+0AbAE4PINN
tz8kJUdTFL8Ce3kIWMoysmbLbVzHZFn0x1gZpVHXwl/Kegn7ZUAQ/N1zk0EB448=
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:21:01 2025 by rpki-client