Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/MK8eqrMP3j5ymuZ4qk999b-iSkQ.roa
File: MK8eqrMP3j5ymuZ4qk999b-iSkQ.roa (raw, json)
Hash identifier: nNhLpGCxsknDRkcaORpA6GPvezr0Frk5rCO7fQ7CtRw=
Subject key identifier: 30:AF:1E:AA:B3:0F:DE:3E:72:9A:E6:78:AA:4F:7D:F5:BF:A2:4A:44
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 019423697C08C6479CB2D6668C5E956A2FA0
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/MK8eqrMP3j5ymuZ4qk999b-iSkQ.roa
Signing time: Wed 01 Jan 2025 19:48:22 +0000
ROA not before: Wed 01 Jan 2025 19:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20877
IP address blocks: 109.205.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.mft
rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:7c:08:c6:47:9c:b2:d6:66:8c:5e:95:6a:2f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: Jan 1 19:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30af1eaab30fde3e729ae678aa4f7df5bfa24a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a1:00:ac:77:aa:fc:f9:cc:34:91:fc:8f:3b:
16:26:0f:0b:f8:5e:27:3a:19:b9:7f:f6:ff:61:bb:
4d:0a:e2:c3:3a:aa:d2:2b:07:8c:ca:47:fc:e5:52:
e0:2d:26:57:7d:36:73:5f:13:5f:ea:58:7a:a4:85:
68:4b:2e:3b:04:10:5e:56:24:fc:eb:92:e7:e5:cd:
a7:9e:4f:4e:37:5e:02:29:be:d8:17:4c:c6:86:54:
ef:db:4b:e9:84:9e:96:f6:e4:cc:a1:81:c1:8d:66:
67:cc:f7:0d:01:4c:26:2d:60:9b:15:b2:04:cb:d9:
99:c9:01:06:91:fd:f6:0e:f6:b9:95:1c:68:eb:42:
69:a2:b3:a8:8e:58:d8:9b:8f:c7:27:ea:15:02:ec:
f4:7c:a1:32:a9:94:67:d6:6a:c2:42:f8:af:b5:30:
b0:47:3f:19:5e:6d:27:13:4b:d7:e5:0d:3c:ca:9f:
52:7a:18:42:a1:a3:b4:7f:95:8e:4f:78:1e:9b:9d:
8c:e2:d0:ae:05:9d:82:14:c0:e2:ef:f6:0c:4b:07:
2b:37:4a:e6:9b:52:23:ce:63:33:37:33:3f:db:3f:
79:80:08:f1:71:ac:c3:f5:50:02:ab:b7:a6:ba:ab:
e3:fc:5d:2f:dc:90:11:7e:fb:20:d0:8a:15:86:d0:
e6:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AF:1E:AA:B3:0F:DE:3E:72:9A:E6:78:AA:4F:7D:F5:BF:A2:4A:44
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/MK8eqrMP3j5ymuZ4qk999b-iSkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.91.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:3c:33:de:89:a4:bf:e4:7f:10:79:96:44:08:59:27:52:1c:
6f:c7:e6:1e:95:84:4b:6c:ee:23:67:69:41:b3:05:59:d0:3d:
50:cc:25:89:bf:56:c7:3c:c0:b2:33:61:5b:58:df:0c:bf:6d:
d6:c8:03:93:a7:86:0f:e0:63:da:2e:ca:9d:e9:02:08:75:19:
2e:ca:80:96:37:f4:d2:61:87:c3:18:1c:1a:88:37:9a:d4:5a:
bf:27:6a:87:fb:3a:18:38:8e:c2:9d:8b:c6:6c:70:f6:53:d2:
58:21:97:10:bc:94:29:ce:15:21:30:a6:93:7e:ba:f9:41:40:
a9:d6:60:10:8d:7d:92:00:22:4e:5b:f1:3e:e8:34:d3:18:f2:
ba:f9:0e:a2:af:ef:0d:1f:23:a1:1d:49:98:ff:6d:17:2a:d0:
39:e0:d2:ff:62:1b:c6:26:66:e4:1f:06:f3:a8:91:02:7a:6c:
36:f0:f9:dd:a8:cf:9c:3c:33:93:02:a8:83:0d:3d:cc:84:cc:
cb:59:85:a8:4d:6f:2b:73:f8:68:37:5d:71:cd:05:67:b5:91:
5d:fa:da:b4:9c:89:05:a2:13:a7:47:c5:d2:c4:0f:9c:79:0a:
2a:1f:65:ce:29:d5:24:69:d5:10:fb:24:ff:e2:b4:93:8e:5c:
e0:05:de:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaXwIxkecstZmjF6Vai+gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZjYxNzk4ZGQxODk2NWMwMjdhZmE3ZjkzYWUwMzBmZjVl
MWQ3NmUwHhcNMjUwMTAxMTk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFmMWVhYWIzMGZkZTNlNzI5YWU2NzhhYTRmN2RmNWJmYTI0YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKEArHeq/PnMNJH8jzsWJg8L+F4n
Ohm5f/b/YbtNCuLDOqrSKweMykf85VLgLSZXfTZzXxNf6lh6pIVoSy47BBBeViT8
65Ln5c2nnk9ON14CKb7YF0zGhlTv20vphJ6W9uTMoYHBjWZnzPcNAUwmLWCbFbIE
y9mZyQEGkf32Dva5lRxo60JporOojljYm4/HJ+oVAuz0fKEyqZRn1mrCQvivtTCw
Rz8ZXm0nE0vX5Q08yp9SehhCoaO0f5WOT3gem52M4tCuBZ2CFMDi7/YMSwcrN0rm
m1IjzmMzNzM/2z95gAjxcazD9VACq7emuqvj/F0v3JARfvsg0IoVhtDmMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCvHqqzD94+cprmeKpPffW/okpEMB8GA1UdIwQY
MBaAFAr2F5jdGJZcAnr6f5OuAw/14dduMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEt
ZDZlMWUzNDdmOWM3LzEvTUs4ZXFyTVAzajV5bXVaNHFrOTk5Yi1pU2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82MTUxNjQtNmQ5Ni00ODhhLTk2YmEtZDZlMWUzNDdmOWM3
LzEvQ3ZZWG1OMFlsbHdDZXZwX2s2NEREX1hoMTI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbc1bMA0G
CSqGSIb3DQEBCwUAA4IBAQAMPDPeiaS/5H8QeZZECFknUhxvx+YelYRLbO4jZ2lB
swVZ0D1QzCWJv1bHPMCyM2FbWN8Mv23WyAOTp4YP4GPaLsqd6QIIdRkuyoCWN/TS
YYfDGBwaiDea1Fq/J2qH+zoYOI7CnYvGbHD2U9JYIZcQvJQpzhUhMKaTfrr5QUCp
1mAQjX2SACJOW/E+6DTTGPK6+Q6ir+8NHyOhHUmY/20XKtA54NL/YhvGJmbkHwbz
qJECemw28PndqM+cPDOTAqiDDT3MhMzLWYWoTW8rc/hoN11xzQVntZFd+tq0nIkF
ohOnR8XSxA+ceQoqH2XOKdUkadUQ+yT/4rSTjlzgBd7a
-----END CERTIFICATE-----
Generated at Thu Apr 17 15:03:52 2025 by rpki-client