Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/mGSm6WnPN8htR3E3SqRmvrkDAW0.roa
File: mGSm6WnPN8htR3E3SqRmvrkDAW0.roa (raw, json)
Hash identifier: ma8SoOibhRfVHVvLv4aSGOKoznJfyTFPs8hixxk0hN8=
Subject key identifier: 98:64:A6:E9:69:CF:37:C8:6D:47:71:37:4A:A4:66:BE:B9:03:01:6D
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 0194228DD45ECC44798800B2D98BB6291DCC
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/mGSm6WnPN8htR3E3SqRmvrkDAW0.roa
Signing time: Wed 01 Jan 2025 15:48:27 +0000
ROA not before: Wed 01 Jan 2025 15:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50424
IP address blocks: 89.37.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d4:5e:cc:44:79:88:00:b2:d9:8b:b6:29:1d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Jan 1 15:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9864a6e969cf37c86d4771374aa466beb903016d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:d6:1d:4d:18:ed:24:07:a3:03:3a:8a:ad:f0:
82:a7:68:bc:e8:02:16:c3:c8:2b:2b:ff:54:40:58:
09:0e:c1:a9:56:af:07:76:30:46:1c:16:b6:ff:d5:
67:92:e8:07:e1:ea:70:4c:6b:86:53:f1:74:36:05:
1a:0b:44:69:a9:87:0d:13:73:3b:f0:52:0a:b5:01:
a1:c6:d4:ed:d5:ff:e8:79:c7:5e:d3:db:51:7b:24:
aa:25:6b:52:02:db:4f:ae:6c:b2:84:44:2c:37:6a:
c6:08:a4:e6:28:a4:cb:24:74:cc:80:6b:93:75:75:
d4:39:4a:8a:3f:6c:e2:32:b9:33:f2:8f:fe:93:0e:
75:90:1b:92:b5:42:ce:95:9d:70:24:00:45:1d:ad:
3a:36:f2:9e:aa:12:0b:03:b1:14:e2:35:92:90:c4:
5c:f2:9e:28:fe:ab:89:45:e3:32:f0:34:4e:ac:88:
fd:32:d4:0b:6a:b6:1b:a0:01:d5:b1:3a:ab:f3:ef:
00:2e:c1:19:3b:69:9a:f9:1c:c1:25:11:58:9f:16:
e1:f2:4a:ec:ba:88:25:49:95:c7:d4:ff:71:f3:be:
24:e7:9c:07:40:70:da:d9:9e:f4:b7:33:da:f8:8f:
e7:66:9d:48:3d:af:b7:43:1e:e8:f7:e4:5b:16:d8:
5f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:64:A6:E9:69:CF:37:C8:6D:47:71:37:4A:A4:66:BE:B9:03:01:6D
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/mGSm6WnPN8htR3E3SqRmvrkDAW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.141.0/24
Signature Algorithm: sha256WithRSAEncryption
35:c6:af:35:56:64:5f:54:2a:5d:76:c5:7b:82:7c:7b:54:73:
ad:67:34:c1:15:8a:2c:ed:f1:bb:dd:ff:40:50:57:a0:fa:0e:
04:c4:5b:96:f3:77:c7:17:d0:3e:9d:14:fb:64:b5:93:a8:4c:
ad:a2:b9:34:fa:e1:14:fd:e6:78:4d:eb:4e:5d:14:fc:df:dc:
cf:64:c3:c1:0d:bd:3e:34:a0:64:16:df:e2:64:d9:85:c1:73:
5f:bd:25:af:fd:f0:2d:db:ea:da:71:2b:31:4a:cc:ce:19:6b:
d0:2c:12:db:b3:50:93:9a:4a:10:24:fd:be:56:fd:07:00:0d:
0f:1c:c9:1e:23:c1:b9:79:2f:7d:11:d0:d9:b9:e4:37:c6:36:
04:cc:d6:39:bf:7c:8a:48:3f:1d:ed:18:02:d8:37:40:38:bb:
0c:d0:25:57:a3:c4:ce:c8:e5:f0:a4:18:7b:cc:b6:74:48:7c:
7e:ab:58:19:c1:92:61:02:00:01:d7:15:12:33:fd:bd:90:3c:
ff:e8:63:91:77:e2:8a:c9:81:e5:39:5c:75:40:96:e5:48:3f:
51:3d:0b:6a:46:bd:c1:b7:33:4b:73:2b:28:15:54:a2:1d:df:
14:eb:55:58:f4:16:63:a1:d2:15:f2:b9:4f:7d:d5:b0:7d:3b:
c0:db:35:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdRezER5iACy2Yu2KR3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjUwMTAxMTU0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODY0YTZlOTY5Y2YzN2M4NmQ0NzcxMzc0YWE0NjZiZWI5MDMwMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/NYdTRjtJAejAzqKrfCCp2i86AIW
w8grK/9UQFgJDsGpVq8HdjBGHBa2/9VnkugH4epwTGuGU/F0NgUaC0RpqYcNE3M7
8FIKtQGhxtTt1f/oecde09tReySqJWtSAttPrmyyhEQsN2rGCKTmKKTLJHTMgGuT
dXXUOUqKP2ziMrkz8o/+kw51kBuStULOlZ1wJABFHa06NvKeqhILA7EU4jWSkMRc
8p4o/quJReMy8DROrIj9MtQLarYboAHVsTqr8+8ALsEZO2ma+RzBJRFYnxbh8krs
uoglSZXH1P9x874k55wHQHDa2Z70tzPa+I/nZp1IPa+3Qx7o9+RbFthfrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJhkpulpzzfIbUdxN0qkZr65AwFtMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvbUdTbTZXblBOOGh0UjNFM1NxUm12cmtEQVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSWNMA0G
CSqGSIb3DQEBCwUAA4IBAQA1xq81VmRfVCpddsV7gnx7VHOtZzTBFYos7fG73f9A
UFeg+g4ExFuW83fHF9A+nRT7ZLWTqEytork0+uEU/eZ4TetOXRT839zPZMPBDb0+
NKBkFt/iZNmFwXNfvSWv/fAt2+racSsxSszOGWvQLBLbs1CTmkoQJP2+Vv0HAA0P
HMkeI8G5eS99EdDZueQ3xjYEzNY5v3yKSD8d7RgC2DdAOLsM0CVXo8TOyOXwpBh7
zLZ0SHx+q1gZwZJhAgAB1xUSM/29kDz/6GORd+KKyYHlOVx1QJblSD9RPQtqRr3B
tzNLcysoFVSiHd8U61VY9BZjodIV8rlPfdWwfTvA2zUt
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:01:23 2025 by rpki-client