Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/MP9C5tlE4sTN1JTDz4jlrkAW_YU.roa
File: MP9C5tlE4sTN1JTDz4jlrkAW_YU.roa (raw, json)
Hash identifier: 2Qb7MzrDpByF3hW1GYmCH1FHWyuhYVmQ2YbJ0M55AAU=
Subject key identifier: 30:FF:42:E6:D9:44:E2:C4:CD:D4:94:C3:CF:88:E5:AE:40:16:FD:85
Certificate issuer: /CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Certificate serial: 0194258E7535497ED3FA956F9FD55409906C
Authority key identifier: F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/MP9C5tlE4sTN1JTDz4jlrkAW_YU.roa
Signing time: Thu 02 Jan 2025 05:48:00 +0000
ROA not before: Thu 02 Jan 2025 05:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35242
IP address blocks: 193.29.130.0/23 maxlen: 23
193.29.132.0/22 maxlen: 22
193.29.132.0/24 maxlen: 24
194.45.208.0/21 maxlen: 21
194.113.148.0/23 maxlen: 23
195.80.239.0/24 maxlen: 24
2a00:7cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:75:35:49:7e:d3:fa:95:6f:9f:d5:54:09:90:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57c1aaadb8320dd843235458cf2c5cbf4704ad6
Validity
Not Before: Jan 2 05:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30ff42e6d944e2c4cdd494c3cf88e5ae4016fd85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:e4:ec:a7:21:ca:d3:a7:ff:8a:9a:e2:0e:25:
a5:9e:3e:56:9b:05:4f:f4:a2:d1:8a:67:eb:24:fd:
3f:0b:b7:3c:af:59:e4:4e:26:4e:96:58:27:bf:76:
07:ad:65:2c:d3:12:74:38:89:7b:5b:9c:0f:ed:a4:
33:85:b7:8c:86:f6:28:31:8a:b3:b7:57:7d:5f:cb:
a2:82:d6:dd:33:e5:81:1e:3d:a6:47:88:cd:b7:ad:
ea:bc:57:41:79:25:c4:2f:96:0e:2e:0b:2a:93:4e:
34:68:86:01:e0:00:96:ba:bb:6e:5a:70:44:4b:8f:
1f:8d:0f:d8:bc:c9:39:00:04:c7:aa:91:15:8b:b6:
b6:56:53:de:f8:7c:70:88:0d:f8:d0:90:c3:3c:7d:
be:ed:f9:20:78:fb:b7:c8:34:89:79:56:2b:f8:b4:
eb:1c:66:5d:7d:3d:4a:ab:d5:81:d5:d8:a9:dc:ed:
3a:77:9e:a0:60:d8:60:c1:53:1e:a5:f8:28:fa:ed:
ff:b8:42:fb:78:bf:d5:60:d4:40:9a:77:c9:39:a5:
72:aa:3f:54:e8:bf:ef:af:6c:e5:f3:8a:2e:4f:37:
36:cd:a4:67:ad:4a:c7:73:4b:69:95:56:29:0d:32:
49:77:3b:e3:3a:c3:37:25:b4:e8:73:61:08:3a:56:
fe:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FF:42:E6:D9:44:E2:C4:CD:D4:94:C3:CF:88:E5:AE:40:16:FD:85
X509v3 Authority Key Identifier:
keyid:F5:7C:1A:AA:DB:83:20:DD:84:32:35:45:8C:F2:C5:CB:F4:70:4A:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XwaqtuDIN2EMjVFjPLFy_RwStY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/MP9C5tlE4sTN1JTDz4jlrkAW_YU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/c3e871-20cc-44f4-bfa0-a1856dd7b5d8/1/9XwaqtuDIN2EMjVFjPLFy_RwStY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.29.130.0-193.29.135.255
194.45.208.0/21
194.113.148.0/23
195.80.239.0/24
IPv6:
2a00:7cc0::/32
Signature Algorithm: sha256WithRSAEncryption
db:d3:eb:ca:a8:56:47:a6:3f:b9:5e:5c:6d:0a:27:51:e1:79:
69:15:b7:93:26:3e:50:37:79:a9:b4:2b:4f:0f:f5:a3:99:ca:
7c:80:85:01:65:cc:5a:b8:dc:61:4a:7a:42:bb:cd:bd:34:46:
dd:a4:b0:a1:dc:91:e1:0d:2d:5d:47:cf:40:36:23:3b:fd:53:
d2:59:e4:4d:34:3b:61:42:4a:fe:7c:7d:3d:2a:8c:e8:ba:06:
49:03:39:40:45:6a:cf:5d:22:03:f2:22:04:e3:eb:00:68:bf:
ca:7a:8f:5a:2e:88:9d:4c:aa:fa:c2:c1:97:d4:5d:5a:f2:be:
cf:99:ca:ef:2a:7c:1a:af:b8:fd:cd:01:43:57:e8:46:ab:8f:
7d:60:32:c4:3e:f1:3e:d5:33:f6:7f:f3:a2:52:27:a3:f9:ce:
93:f9:26:0b:93:58:0e:75:c9:aa:b0:4f:48:06:91:17:e9:99:
68:df:83:de:2f:0e:e1:a3:81:4e:dc:f9:d1:47:c4:a0:ec:ec:
18:cf:e6:56:ca:83:dd:49:8d:f3:be:98:24:1b:aa:7c:85:bb:
43:b3:0a:1e:62:6a:75:9f:47:45:fd:76:e2:d8:fb:7b:ef:6d:
cc:0c:1d:1a:cd:24:cf:cc:3e:9b:c2:cd:79:b4:e4:1e:4c:07:
98:9c:6c:0b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQljnU1SX7T+pVvn9VUCZBsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2MxYWFhZGI4MzIwZGQ4NDMyMzU0NThjZjJjNWNiZjQ3
MDRhZDYwHhcNMjUwMTAyMDU0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZmNDJlNmQ5NDRlMmM0Y2RkNDk0YzNjZjg4ZTVhZTQwMTZmZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+TspyHK06f/ipriDiWlnj5WmwVP
9KLRimfrJP0/C7c8r1nkTiZOllgnv3YHrWUs0xJ0OIl7W5wP7aQzhbeMhvYoMYqz
t1d9X8uigtbdM+WBHj2mR4jNt63qvFdBeSXEL5YOLgsqk040aIYB4ACWurtuWnBE
S48fjQ/YvMk5AATHqpEVi7a2VlPe+HxwiA340JDDPH2+7fkgePu3yDSJeVYr+LTr
HGZdfT1Kq9WB1dip3O06d56gYNhgwVMepfgo+u3/uEL7eL/VYNRAmnfJOaVyqj9U
6L/vr2zl84ouTzc2zaRnrUrHc0tplVYpDTJJdzvjOsM3JbToc2EIOlb+WwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDD/QubZROLEzdSUw8+I5a5AFv2FMB8GA1UdIwQY
MBaAFPV8GqrbgyDdhDI1RYzyxcv0cErWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAt
YTE4NTZkZDdiNWQ4LzEvTVA5QzV0bEU0c1ROMUpURHo0amxya0FXX1lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jM2U4NzEtMjBjYy00NGY0LWJmYTAtYTE4NTZkZDdiNWQ4
LzEvOVh3YXF0dURJTjJFTWpWRmpQTEZ5X1J3U3RZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAHBHYID
BAPBHYADBAPCLdADBAHCcZQDBADDUO8wDQQCAAIwBwMFACoAfMAwDQYJKoZIhvcN
AQELBQADggEBANvT68qoVkemP7leXG0KJ1HheWkVt5MmPlA3eam0K08P9aOZynyA
hQFlzFq43GFKekK7zb00Rt2ksKHckeENLV1Hz0A2Izv9U9JZ5E00O2FCSv58fT0q
jOi6BkkDOUBFas9dIgPyIgTj6wBov8p6j1ouiJ1MqvrCwZfUXVryvs+Zyu8qfBqv
uP3NAUNX6Earj31gMsQ+8T7VM/Z/86JSJ6P5zpP5JguTWA51yaqwT0gGkRfpmWjf
g94vDuGjgU7c+dFHxKDs7BjP5lbKg91JjfO+mCQbqnyFu0OzCh5ianWfR0X9duLY
+3vvbcwMHRrNJM/MPpvCzXm05B5MB5icbAs=
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:33:17 2025 by rpki-client