Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MmdvBM-Wp3G4be1zoycds2JV6Ts.roa
File: MmdvBM-Wp3G4be1zoycds2JV6Ts.roa (raw, json)
Hash identifier: bzdvvjhj7fDzYlVlNMdGevncSpIHT+t8IDzOX0tbME4=
Subject key identifier: 32:67:6F:04:CF:96:A7:71:B8:6D:ED:73:A3:27:1D:B3:62:55:E9:3B
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0197F5190C997C4F7EF9BC9C6F2322BBB1EC
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MmdvBM-Wp3G4be1zoycds2JV6Ts.roa
Signing time: Thu 10 Jul 2025 16:09:08 +0000
ROA not before: Thu 10 Jul 2025 16:09:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 14.102.234.0/24 maxlen: 24
45.151.140.0/24 maxlen: 24
74.112.152.0/22 maxlen: 24
205.237.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:19:0c:99:7c:4f:7e:f9:bc:9c:6f:23:22:bb:b1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jul 10 16:09:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32676f04cf96a771b86ded73a3271db36255e93b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:94:70:60:ff:96:be:7a:e4:1a:84:22:97:d1:
d2:4f:52:0a:5e:a9:56:e5:d3:ec:b1:47:33:cd:2c:
bc:c1:65:77:e9:60:34:0f:71:28:d9:27:22:68:ef:
ba:2f:51:c1:4b:c7:b4:09:c1:05:57:0d:66:a8:65:
cf:f9:6d:b6:ea:a5:ab:99:5c:5f:d2:7d:4f:43:06:
46:3b:16:db:5f:2c:02:33:db:1a:d8:2f:cf:c2:1d:
fb:91:ad:11:82:17:f7:01:83:ad:58:57:eb:ff:a2:
6d:e4:67:c5:ee:13:4e:d5:dc:80:35:b6:43:e3:ed:
2d:e1:ee:f1:28:1b:65:13:a5:44:46:17:f7:88:a7:
41:04:e6:90:73:b1:3e:ba:bb:67:64:15:e8:56:70:
56:44:a7:c0:8b:6e:b6:59:3f:64:da:e3:82:b0:52:
8a:bf:28:0c:ba:8e:66:81:93:dc:30:63:34:c5:5a:
88:62:16:dc:a8:5d:8a:be:f3:5e:37:f2:9e:2a:57:
b9:31:21:d1:8b:11:9e:8a:ef:30:33:f6:58:cf:62:
53:16:ab:d0:c3:01:77:12:8f:c1:09:d6:23:6a:2a:
58:f3:35:64:77:4c:23:03:6f:88:81:6c:d4:7e:73:
06:ca:20:a2:32:63:4a:ce:78:c9:34:2b:13:ed:2e:
4f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:67:6F:04:CF:96:A7:71:B8:6D:ED:73:A3:27:1D:B3:62:55:E9:3B
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/MmdvBM-Wp3G4be1zoycds2JV6Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
45.151.140.0/24
74.112.152.0/22
205.237.88.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:3c:d2:aa:3a:b4:bc:cc:45:48:eb:07:1b:a8:b3:ee:24:aa:
c4:2e:58:05:11:aa:d7:12:02:95:e1:58:02:36:12:09:c3:d7:
5c:6c:57:da:ec:02:9a:c7:1a:5e:b2:f1:5f:d4:50:2e:c5:96:
90:54:8c:c3:3b:59:5f:25:be:30:ac:67:2d:04:1c:96:bb:e1:
3c:1b:fd:6a:86:f4:d4:d3:bd:8d:84:96:6c:c7:45:14:9f:0b:
71:3a:66:f4:f7:5a:71:e0:a5:32:15:d5:d4:48:39:9a:d5:f3:
04:c0:bd:d0:73:08:7e:ff:08:2c:ff:7b:b3:82:5f:39:19:c0:
d1:d2:24:27:5a:a1:44:02:44:0a:82:03:71:66:41:a5:fe:15:
e3:3b:81:78:ff:6f:08:c5:47:01:b9:e3:81:2c:be:1c:2a:81:
5c:45:fe:98:0d:ac:6d:d4:66:76:72:97:bc:ef:83:4b:e3:ec:
e7:cf:56:f0:f0:17:c4:6b:15:d8:45:41:85:a4:45:21:de:71:
f1:88:02:49:a9:26:9b:1c:b4:4d:d0:e0:23:8e:dd:0e:68:27:
b6:4c:75:1e:2a:b3:01:61:cc:7d:51:68:e5:59:ee:08:04:fa:
2b:00:05:87:69:91:5e:74:87:ff:3d:29:4a:25:a8:8e:e5:ac:
8c:bf:0d:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZf1GQyZfE9++bycbyMiu7HsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNzEwMTYwOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY3NmYwNGNmOTZhNzcxYjg2ZGVkNzNhMzI3MWRiMzYyNTVlOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5RwYP+WvnrkGoQil9HST1IKXqlW
5dPssUczzSy8wWV36WA0D3Eo2SciaO+6L1HBS8e0CcEFVw1mqGXP+W226qWrmVxf
0n1PQwZGOxbbXywCM9sa2C/Pwh37ka0Rghf3AYOtWFfr/6Jt5GfF7hNO1dyANbZD
4+0t4e7xKBtlE6VERhf3iKdBBOaQc7E+urtnZBXoVnBWRKfAi262WT9k2uOCsFKK
vygMuo5mgZPcMGM0xVqIYhbcqF2KvvNeN/KeKle5MSHRixGeiu8wM/ZYz2JTFqvQ
wwF3Eo/BCdYjaipY8zVkd0wjA2+IgWzUfnMGyiCiMmNKznjJNCsT7S5PyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDJnbwTPlqdxuG3tc6MnHbNiVek7MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvTW1kdkJNLVdwM0c0YmUxem95Y2RzMkpWNlRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQADmbqAwQA
LZeMAwQCSnCYAwQCze1YMA0GCSqGSIb3DQEBCwUAA4IBAQDgPNKqOrS8zEVI6wcb
qLPuJKrELlgFEarXEgKV4VgCNhIJw9dcbFfa7AKaxxpesvFf1FAuxZaQVIzDO1lf
Jb4wrGctBByWu+E8G/1qhvTU072NhJZsx0UUnwtxOmb091px4KUyFdXUSDma1fME
wL3Qcwh+/wgs/3uzgl85GcDR0iQnWqFEAkQKggNxZkGl/hXjO4F4/28IxUcBueOB
LL4cKoFcRf6YDaxt1GZ2cpe874NL4+znz1bw8BfEaxXYRUGFpEUh3nHxiAJJqSab
HLRN0OAjjt0OaCe2THUeKrMBYcx9UWjlWe4IBPorAAWHaZFedIf/PSlKJaiO5ayM
vw26
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:16:52 2025 by rpki-client