Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/mgkhzfFw4ufuprRiBTlmBaPgwFM.roa
File: mgkhzfFw4ufuprRiBTlmBaPgwFM.roa (raw, json)
Hash identifier: dz3CImHP1M7gcq3PLY9DQc36du2KECW9tVbHZAcIciw=
Subject key identifier: 9A:09:21:CD:F1:70:E2:E7:EE:A6:B4:62:05:39:66:05:A3:E0:C0:53
Certificate issuer: /CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Certificate serial: 01942444FC4CE21668AA2E13E6CB5A2065E1
Authority key identifier: C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/mgkhzfFw4ufuprRiBTlmBaPgwFM.roa
Signing time: Wed 01 Jan 2025 23:48:08 +0000
ROA not before: Wed 01 Jan 2025 23:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203724
IP address blocks: 185.125.224.0/24 maxlen: 24
185.125.225.0/24 maxlen: 24
185.125.226.0/24 maxlen: 24
185.125.227.0/24 maxlen: 24
185.212.105.0/24 maxlen: 24
185.212.106.0/24 maxlen: 24
185.212.107.0/24 maxlen: 24
185.221.68.0/24 maxlen: 24
185.221.69.0/24 maxlen: 24
185.221.70.0/24 maxlen: 24
185.221.71.0/24 maxlen: 24
2a06:bcc0:1::/48 maxlen: 48
2a06:bcc0:2::/48 maxlen: 48
2a06:bcc0:3::/48 maxlen: 48
2a06:bcc0:4::/48 maxlen: 48
2a06:bcc0:5::/48 maxlen: 48
2a06:bcc0:9::/48 maxlen: 48
2a06:bcc0:11::/48 maxlen: 48
2a06:bcc7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:fc:4c:e2:16:68:aa:2e:13:e6:cb:5a:20:65:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Validity
Not Before: Jan 1 23:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a0921cdf170e2e7eea6b46205396605a3e0c053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:44:5b:9e:4f:ee:f3:5e:82:83:30:00:a2:3e:
7d:f0:45:fc:28:a8:d9:9e:ac:5c:73:43:27:b5:2f:
55:c2:6d:7b:65:1f:f6:b8:72:f8:67:cb:7b:1f:3b:
ed:96:70:4f:70:9b:64:32:99:e7:87:0b:d6:f9:53:
e3:e9:27:60:53:57:57:b2:3b:b4:81:cc:8e:9f:d4:
a6:6d:c2:11:63:f7:28:4e:c1:bd:25:3c:fc:18:cc:
25:56:01:0d:75:c3:2b:1a:b0:e4:f0:d9:db:47:39:
27:0f:73:4e:3a:78:1b:6a:02:5a:bc:1f:aa:38:fb:
58:63:4f:10:26:e0:13:a4:d9:1d:80:9d:89:43:db:
5e:03:ad:44:ff:25:6e:fd:e9:b4:da:de:ba:c8:23:
03:c7:13:b1:40:26:a2:80:48:50:81:78:b4:5a:f0:
b1:20:9e:af:96:08:22:40:9f:ea:d7:6f:63:0e:57:
ef:3a:3a:b0:f3:68:2b:18:d4:fd:7a:c6:69:8e:84:
c5:25:9c:51:ba:29:f5:bc:ca:84:a8:cf:b5:c0:1a:
59:d5:d4:e8:13:28:51:0f:fe:22:01:d0:4c:ca:c4:
63:46:65:0e:f1:b2:21:da:c2:a2:b6:a4:68:5e:a2:
c1:12:f9:45:9e:e1:3a:92:88:72:42:86:b7:87:bc:
e3:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:09:21:CD:F1:70:E2:E7:EE:A6:B4:62:05:39:66:05:A3:E0:C0:53
X509v3 Authority Key Identifier:
keyid:C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/mgkhzfFw4ufuprRiBTlmBaPgwFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.224.0/22
185.212.105.0-185.212.107.255
185.221.68.0/22
IPv6:
2a06:bcc0:1::-2a06:bcc0:5:ffff:ffff:ffff:ffff:ffff
2a06:bcc0:9::/48
2a06:bcc0:11::/48
2a06:bcc7::/48
Signature Algorithm: sha256WithRSAEncryption
60:3e:d4:b4:9d:26:ae:27:54:66:dd:c9:4e:35:b1:0a:fc:63:
2d:60:47:77:15:24:63:72:ee:d2:91:06:61:54:2f:9e:2f:69:
8f:10:be:cd:53:e1:f0:33:26:ae:e0:73:6d:2f:05:9e:68:06:
cf:a5:e1:77:85:19:56:7c:b6:8f:e5:4f:43:f4:db:09:e7:f7:
61:71:88:7e:bc:1f:cb:1e:21:5a:03:64:f1:75:80:ca:30:7d:
99:20:45:61:94:73:84:6c:9c:4d:1c:e4:4c:2d:ba:35:08:1f:
02:b7:23:08:1e:f0:81:8c:5a:4d:f2:ed:70:51:1b:a6:26:13:
c9:5d:f4:29:1f:d0:1f:26:42:f4:c7:c1:c2:bf:77:6a:86:00:
02:02:43:85:98:b7:50:d1:b1:5f:e0:d9:08:7d:6f:68:4e:73:
eb:b5:7f:0c:21:16:f3:37:8a:8d:7e:3e:61:5d:cb:d3:83:56:
ee:73:80:a1:41:63:9e:0e:06:1c:ad:e1:81:78:1e:bd:94:9d:
1f:5e:ab:be:7d:40:c2:69:6a:68:f5:be:cc:db:90:c9:2e:0f:
81:7a:bf:cd:ac:ae:7b:fd:30:b9:f5:16:50:77:65:c1:66:e3:
4c:93:94:9c:6f:f2:14:50:2e:96:aa:bb:e1:30:57:21:24:e9:
54:d5:8b:e8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQkRPxM4hZoqi4T5staIGXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZmJkNTg3NjYxM2VkYzU2ZTBmNWRlNDY4Y2NlNWViMjg4
NWZmMjkwHhcNMjUwMTAxMjM0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTA5MjFjZGYxNzBlMmU3ZWVhNmI0NjIwNTM5NjYwNWEzZTBjMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzURbnk/u816CgzAAoj598EX8KKjZ
nqxcc0MntS9Vwm17ZR/2uHL4Z8t7HzvtlnBPcJtkMpnnhwvW+VPj6SdgU1dXsju0
gcyOn9SmbcIRY/coTsG9JTz8GMwlVgENdcMrGrDk8NnbRzknD3NOOngbagJavB+q
OPtYY08QJuATpNkdgJ2JQ9teA61E/yVu/em02t66yCMDxxOxQCaigEhQgXi0WvCx
IJ6vlggiQJ/q129jDlfvOjqw82grGNT9esZpjoTFJZxRuin1vMqEqM+1wBpZ1dTo
EyhRD/4iAdBMysRjRmUO8bIh2sKitqRoXqLBEvlFnuE6kohyQoa3h7zj0wIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFJoJIc3xcOLn7qa0YgU5ZgWj4MBTMB8GA1UdIwQY
MBaAFMD71YdmE+3Fbg9d5GjM5esohf8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzIt
YTNiNmJlNGE5ZTliLzEvbWdraHpmRnc0dWZ1cHJSaUJUbG1CYVBnd0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzItYTNiNmJlNGE5ZTli
LzEvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAgBAIAATAaAwQCuX3gMAwD
BAC51GkDBAK51GgDBAK53UQwNQQCAAIwLzASAwcAKga8wAABAwcBKga8wAAEAwcA
Kga8wAAJAwcAKga8wAARAwcAKga8xwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBgPtS0
nSauJ1Rm3clONbEK/GMtYEd3FSRjcu7SkQZhVC+eL2mPEL7NU+HwMyau4HNtLwWe
aAbPpeF3hRlWfLaP5U9D9NsJ5/dhcYh+vB/LHiFaA2TxdYDKMH2ZIEVhlHOEbJxN
HORMLbo1CB8CtyMIHvCBjFpN8u1wURumJhPJXfQpH9AfJkL0x8HCv3dqhgACAkOF
mLdQ0bFf4NkIfW9oTnPrtX8MIRbzN4qNfj5hXcvTg1buc4ChQWOeDgYcreGBeB69
lJ0fXqu+fUDCaWpo9b7M25DJLg+Ber/NrK57/TC59RZQd2XBZuNMk5Scb/IUUC6W
qrvhMFchJOlU1Yvo
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:13:20 2025 by rpki-client