Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/M4GvrNf8uqUm8NINVMsgeY-dZpg.roa
File: M4GvrNf8uqUm8NINVMsgeY-dZpg.roa (raw, json)
Hash identifier: JFzR2ZsY7nrJvXYkxcf00jQkDAoE9ASXG53ZH1eILBw=
Subject key identifier: 33:81:AF:AC:D7:FC:BA:A5:26:F0:D2:0D:54:CB:20:79:8F:9D:66:98
Certificate issuer: /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial: 019504F77BFEA2C2AD7FB052B457F410BF53
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/M4GvrNf8uqUm8NINVMsgeY-dZpg.roa
Signing time: Fri 14 Feb 2025 14:58:02 +0000
ROA not before: Fri 14 Feb 2025 14:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44547
IP address blocks: 93.177.100.0/24 maxlen: 24
93.177.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 20:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:f7:7b:fe:a2:c2:ad:7f:b0:52:b4:57:f4:10:bf:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Validity
Not Before: Feb 14 14:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3381afacd7fcbaa526f0d20d54cb20798f9d6698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:fa:3c:05:ca:f0:94:de:a9:85:3e:64:03:74:
45:6e:aa:dd:89:2d:41:0d:72:b8:38:57:f0:ed:8a:
7a:c4:18:14:e1:71:5c:9b:38:5f:85:c2:dd:b7:4c:
ad:bd:40:fe:43:34:bd:8b:9a:ec:92:07:03:32:8d:
2f:3d:78:50:eb:6c:09:09:64:2b:56:cc:c3:ca:08:
6e:c9:96:ee:56:a9:3f:0b:8a:88:7d:8c:d9:ec:ef:
ce:5e:8c:0e:d2:d1:45:2f:b4:dd:ad:73:f7:eb:4a:
92:89:ca:65:6a:8f:d7:2a:c5:a2:f7:b9:47:82:63:
5f:0e:b6:3a:ef:8a:f5:b6:0f:ed:41:fd:4a:5e:eb:
57:85:81:18:45:a0:2a:f7:9c:67:d6:db:3e:02:50:
e6:58:1d:fc:c7:6c:07:75:14:54:f7:eb:4e:80:72:
52:48:8e:13:aa:28:7c:bb:75:fb:31:17:8d:56:92:
53:22:f0:2b:ad:bd:6b:cb:3c:2c:e3:89:bd:5f:27:
9e:81:75:16:08:0a:f1:f3:13:21:ee:fb:92:ae:9d:
cb:60:9a:04:a6:c5:df:5d:c8:06:57:1b:73:95:b4:
bd:ca:18:8e:45:fb:0a:53:31:0d:75:2f:d4:28:13:
b4:b6:21:12:a1:5c:1a:b2:8c:ef:6b:cc:b7:f6:d4:
f0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:81:AF:AC:D7:FC:BA:A5:26:F0:D2:0D:54:CB:20:79:8F:9D:66:98
X509v3 Authority Key Identifier:
keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/M4GvrNf8uqUm8NINVMsgeY-dZpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.100.0/24
93.177.103.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:df:31:57:8e:f2:29:0e:48:02:19:0c:64:cf:32:57:7f:93:
52:37:fc:8f:c3:8f:5a:05:f3:93:ed:5c:da:ad:95:a4:74:ba:
8b:e8:ff:bd:0c:73:31:01:cf:1e:95:b2:03:68:2e:f4:be:4f:
ac:51:c1:de:54:35:b6:f9:4d:91:40:e7:b8:5f:45:b8:98:05:
d3:f6:0c:25:dc:01:e5:9e:e3:a8:a2:e7:3a:ac:b3:6d:52:f7:
a3:f9:8f:da:ee:3b:50:ef:11:66:62:ab:9d:03:e0:d4:fd:66:
1e:ea:0f:e1:7a:fa:bd:7f:c5:7a:cd:6a:2c:96:12:07:f6:04:
25:82:4c:20:65:6b:1a:f2:dc:c6:4a:c3:9c:1a:ca:cb:32:53:
6b:8d:c1:35:3d:25:55:f5:fd:a4:31:9c:cb:27:c3:72:3d:95:
10:59:d5:66:c0:1d:a4:c0:e8:e1:f3:81:4d:aa:16:1c:36:b3:
ae:8c:ce:d1:9e:27:59:19:7d:36:fb:e8:71:cb:b6:eb:04:f8:
b3:74:1d:b0:46:9e:11:d1:41:70:5e:d7:04:97:13:17:f9:58:
2f:65:3e:e9:41:35:67:06:be:0e:96:76:d1:16:56:7c:4e:69:
01:d1:58:bf:a1:fc:65:1d:aa:c5:40:22:65:fa:ee:77:8e:36:
33:db:8f:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUE93v+osKtf7BStFf0EL9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjUwMjE0MTQ1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzgxYWZhY2Q3ZmNiYWE1MjZmMGQyMGQ1NGNiMjA3OThmOWQ2Njk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/o8BcrwlN6phT5kA3RFbqrdiS1B
DXK4OFfw7Yp6xBgU4XFcmzhfhcLdt0ytvUD+QzS9i5rskgcDMo0vPXhQ62wJCWQr
VszDyghuyZbuVqk/C4qIfYzZ7O/OXowO0tFFL7TdrXP360qSicplao/XKsWi97lH
gmNfDrY674r1tg/tQf1KXutXhYEYRaAq95xn1ts+AlDmWB38x2wHdRRU9+tOgHJS
SI4Tqih8u3X7MReNVpJTIvArrb1ryzws44m9XyeegXUWCArx8xMh7vuSrp3LYJoE
psXfXcgGVxtzlbS9yhiORfsKUzENdS/UKBO0tiESoVwasozva8y39tTwGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDOBr6zX/LqlJvDSDVTLIHmPnWaYMB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvTTRHdnJOZjh1cVVtOE5JTlZNc2dlWS1kWnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXbFkAwQA
XbFnMA0GCSqGSIb3DQEBCwUAA4IBAQCy3zFXjvIpDkgCGQxkzzJXf5NSN/yPw49a
BfOT7VzarZWkdLqL6P+9DHMxAc8elbIDaC70vk+sUcHeVDW2+U2RQOe4X0W4mAXT
9gwl3AHlnuOoouc6rLNtUvej+Y/a7jtQ7xFmYqudA+DU/WYe6g/hevq9f8V6zWos
lhIH9gQlgkwgZWsa8tzGSsOcGsrLMlNrjcE1PSVV9f2kMZzLJ8NyPZUQWdVmwB2k
wOjh84FNqhYcNrOujM7RnidZGX02++hxy7brBPizdB2wRp4R0UFwXtcElxMX+Vgv
ZT7pQTVnBr4OlnbRFlZ8TmkB0Vi/ofxlHarFQCJl+u53jjYz24+r
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:08:35 2025 by rpki-client