Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/MtoIhFzzjtMtI4g5kxOun27y3IM.roa
File: MtoIhFzzjtMtI4g5kxOun27y3IM.roa (raw, json)
Hash identifier: DlZC6F8VIFuzmjWhSIX/LygNaAgpAHPicElZhEshqgM=
Subject key identifier: 32:DA:08:84:5C:F3:8E:D3:2D:23:88:39:93:13:AE:9F:6E:F2:DC:83
Certificate issuer: /CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Certificate serial: 019423D7DD6594A88046597F499903E2532C
Authority key identifier: 9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/MtoIhFzzjtMtI4g5kxOun27y3IM.roa
Signing time: Wed 01 Jan 2025 21:48:56 +0000
ROA not before: Wed 01 Jan 2025 21:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30764
IP address blocks: 46.47.128.0/18 maxlen: 18
62.129.32.0/19 maxlen: 19
78.157.128.0/19 maxlen: 19
82.209.0.0/18 maxlen: 18
85.135.0.0/17 maxlen: 17
89.29.0.0/17 maxlen: 17
91.106.240.0/20 maxlen: 20
94.242.64.0/18 maxlen: 18
128.0.176.0/20 maxlen: 20
164.215.112.0/20 maxlen: 20
185.5.68.0/22 maxlen: 22
193.165.0.0/16 maxlen: 16
193.165.0.0/24 maxlen: 24
193.165.57.0/24 maxlen: 24
193.165.58.0/23 maxlen: 23
193.165.61.0/24 maxlen: 24
193.165.96.0/23 maxlen: 23
193.165.236.0/23 maxlen: 23
212.109.176.0/20 maxlen: 20
213.216.32.0/19 maxlen: 19
2a00:ca8::/32 maxlen: 32
2a02:c38::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 18:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:dd:65:94:a8:80:46:59:7f:49:99:03:e2:53:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a717ed1dc488044e5e2ab0075433558cfde8c85
Validity
Not Before: Jan 1 21:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32da08845cf38ed32d2388399313ae9f6ef2dc83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3c:09:9e:cc:83:01:86:9f:78:53:25:4c:c7:
22:27:95:e5:4a:3f:34:e3:e4:01:0f:a0:fe:4a:b3:
a9:10:32:0f:9b:46:05:33:04:f9:4d:44:83:99:0e:
3a:b8:90:5a:8e:fb:6a:16:e9:8c:d0:70:f1:49:af:
52:dc:82:42:f1:6b:9b:7f:82:d9:4c:b8:1f:cc:f5:
ac:72:3b:9a:46:75:d1:e5:b7:20:67:ee:44:aa:9a:
41:95:34:25:2e:31:bb:1a:57:40:79:bf:51:26:b9:
8c:97:0e:90:4f:a2:36:9e:85:78:3c:17:c5:34:84:
e7:3d:fb:05:2a:96:04:f1:eb:6f:bd:cb:73:39:1e:
cb:c4:68:51:f8:4f:1f:a6:d2:b6:a9:f9:d5:98:64:
c4:44:df:c3:36:50:10:49:0e:a2:7a:e2:8d:84:5a:
fd:b4:db:53:5d:3a:3c:95:bc:d9:95:df:05:81:fd:
61:9c:6e:b9:d6:e8:12:2b:01:5e:79:a7:4b:dd:2f:
2c:a0:99:29:17:f1:6f:88:1c:cb:87:a7:71:04:f9:
4d:c4:e4:74:98:1e:08:b1:03:83:2a:1b:e3:7c:b1:
f5:25:d0:bd:fd:e1:eb:0d:82:7e:a3:a4:78:11:e1:
6a:f2:a2:b9:ee:ae:58:9d:df:4d:4a:58:95:2b:af:
c9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:DA:08:84:5C:F3:8E:D3:2D:23:88:39:93:13:AE:9F:6E:F2:DC:83
X509v3 Authority Key Identifier:
keyid:9A:71:7E:D1:DC:48:80:44:E5:E2:AB:00:75:43:35:58:CF:DE:8C:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnF-0dxIgETl4qsAdUM1WM_ejIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/MtoIhFzzjtMtI4g5kxOun27y3IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d261c1-d7f3-4fe8-abc6-1094391669ef/1/mnF-0dxIgETl4qsAdUM1WM_ejIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.47.128.0/18
62.129.32.0/19
78.157.128.0/19
82.209.0.0/18
85.135.0.0/17
89.29.0.0/17
91.106.240.0/20
94.242.64.0/18
128.0.176.0/20
164.215.112.0/20
185.5.68.0/22
193.165.0.0/16
212.109.176.0/20
213.216.32.0/19
IPv6:
2a00:ca8::/32
2a02:c38::/32
Signature Algorithm: sha256WithRSAEncryption
47:7b:8f:d8:13:1f:86:88:85:60:88:ed:ea:9c:ee:88:3b:df:
7e:09:60:cc:bd:88:ac:1a:ec:d2:7b:b3:46:2c:6f:9c:a4:86:
fc:82:7d:f1:4b:d7:dd:aa:be:56:19:63:3b:26:f0:31:57:79:
1f:00:78:e7:a6:d8:d5:4d:e8:5a:6c:fe:9a:fd:3c:ee:b1:bc:
f0:f6:3e:b1:1e:8f:47:8e:14:a8:85:73:0d:87:10:f7:ae:f7:
21:7e:39:a0:20:1d:22:7c:13:82:eb:4e:12:ce:f8:b2:12:6c:
9d:4d:da:17:56:3e:d1:5f:5f:00:cc:9a:97:ff:b3:03:94:27:
a2:0c:1a:75:75:26:99:27:47:52:cb:83:2d:4a:96:9b:75:fe:
6b:2a:72:77:95:d6:c6:3b:ba:67:ae:fe:e1:a2:c2:6b:b0:38:
88:3b:4a:f7:e2:88:b6:80:2c:0c:fe:45:b6:02:73:e9:03:9a:
39:fb:d5:98:71:5e:5e:ec:ad:20:34:60:20:36:6c:24:b1:ad:
13:56:39:29:71:fc:db:3b:da:c5:92:d8:eb:3c:5d:8e:f9:ac:
cd:a4:b3:3e:9c:d0:da:55:7c:5d:c5:86:5d:f0:7b:97:44:52:
94:82:ca:e4:cf:84:fa:31:8c:eb:07:83:58:4c:60:81:c7:f6:
63:ad:77:b0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZQj191llKiARll/SZkD4lMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzE3ZWQxZGM0ODgwNDRlNWUyYWIwMDc1NDMzNTU4Y2Zk
ZThjODUwHhcNMjUwMTAxMjE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmRhMDg4NDVjZjM4ZWQzMmQyMzg4Mzk5MzEzYWU5ZjZlZjJkYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzwJnsyDAYafeFMlTMciJ5XlSj80
4+QBD6D+SrOpEDIPm0YFMwT5TUSDmQ46uJBajvtqFumM0HDxSa9S3IJC8Wubf4LZ
TLgfzPWscjuaRnXR5bcgZ+5EqppBlTQlLjG7GldAeb9RJrmMlw6QT6I2noV4PBfF
NITnPfsFKpYE8etvvctzOR7LxGhR+E8fptK2qfnVmGTERN/DNlAQSQ6ieuKNhFr9
tNtTXTo8lbzZld8Fgf1hnG651ugSKwFeeadL3S8soJkpF/FviBzLh6dxBPlNxOR0
mB4IsQODKhvjfLH1JdC9/eHrDYJ+o6R4EeFq8qK57q5Ynd9NSliVK6/JvQIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDLaCIRc847TLSOIOZMTrp9u8tyDMB8GA1UdIwQY
MBaAFJpxftHcSIBE5eKrAHVDNVjP3oyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYt
MTA5NDM5MTY2OWVmLzEvTXRvSWhGenpqdE10STRnNWt4T3VuMjd5M0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kMjYxYzEtZDdmMy00ZmU4LWFiYzYtMTA5NDM5MTY2OWVm
LzEvbW5GLTBkeElnRVRsNHFzQWRVTTFXTV9laklVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwWQQCAAEwUwMEBi4vgAME
BT6BIAMEBU6dgAMEBlLRAAMEB1WHAAMEB1kdAAMEBFtq8AMEBl7yQAMEBIAAsAME
BKTXcAMEArkFRAMDAMGlAwQE1G2wAwQF1dggMBQEAgACMA4DBQAqAAyoAwUAKgIM
ODANBgkqhkiG9w0BAQsFAAOCAQEAR3uP2BMfhoiFYIjt6pzuiDvffglgzL2IrBrs
0nuzRixvnKSG/IJ98UvX3aq+VhljOybwMVd5HwB456bY1U3oWmz+mv087rG88PY+
sR6PR44UqIVzDYcQ9673IX45oCAdInwTgutOEs74shJsnU3aF1Y+0V9fAMyal/+z
A5QnogwadXUmmSdHUsuDLUqWm3X+aypyd5XWxju6Z67+4aLCa7A4iDtK9+KItoAs
DP5FtgJz6QOaOfvVmHFeXuytIDRgIDZsJLGtE1Y5KXH82zvaxZLY6zxdjvmszaSz
PpzQ2lV8XcWGXfB7l0RSlILK5M+E+jGM6weDWExggcf2Y613sA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:15:33 2025 by rpki-client