Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/MpJGW61wsAY2na2GoCEJeo5HvXk.roa
File: MpJGW61wsAY2na2GoCEJeo5HvXk.roa (raw, json)
Hash identifier: vRlmBz0iiqrk+J7PazbAwX0O6F7JU+iRJTTbiLqVjxU=
Subject key identifier: 32:92:46:5B:AD:70:B0:06:36:9D:AD:86:A0:21:09:7A:8E:47:BD:79
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 019420D63D0F09548B305D3C377E5B322097
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/MpJGW61wsAY2na2GoCEJeo5HvXk.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 5.63.24.0/24 maxlen: 24
5.63.25.0/24 maxlen: 24
5.63.26.0/24 maxlen: 24
5.63.27.0/24 maxlen: 24
5.63.28.0/24 maxlen: 24
91.190.168.0/24 maxlen: 24
91.190.169.0/24 maxlen: 24
91.190.171.0/24 maxlen: 24
91.190.172.0/24 maxlen: 24
91.190.173.0/24 maxlen: 24
91.190.174.0/24 maxlen: 24
91.190.175.0/24 maxlen: 24
185.85.78.0/24 maxlen: 24
185.85.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3d:0f:09:54:8b:30:5d:3c:37:7e:5b:32:20:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3292465bad70b006369dad86a021097a8e47bd79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:14:08:a8:f8:d5:62:16:ff:ea:12:f4:b5:b1:
fb:3e:72:38:00:87:b5:e9:54:63:c2:59:f3:ff:d3:
cf:0e:32:24:64:6a:5a:c0:e6:ef:7e:28:4d:2d:29:
a2:1d:b2:19:26:e7:45:53:44:6e:25:3a:13:66:20:
97:92:ba:20:db:80:dc:39:61:0d:8d:f9:77:0a:f0:
04:e9:b1:07:15:c1:34:ca:22:ee:6f:99:8d:34:cb:
f1:81:1b:ed:55:21:6b:bc:f5:b7:46:ac:13:13:a3:
c0:d3:19:f0:4d:72:29:6a:ca:32:cd:1a:b1:59:16:
2b:4b:af:6b:d9:6d:24:1a:c9:5b:d7:fe:b1:1f:13:
62:11:20:59:06:c9:23:0f:8c:90:98:e4:b8:0d:84:
6f:c3:16:60:13:fc:27:78:be:6b:82:cf:4b:2d:62:
da:cc:7f:ef:32:3e:db:d7:e2:99:66:c8:8f:5b:f0:
32:95:72:f4:64:98:ad:71:70:c7:8e:1c:1f:bf:d9:
53:e9:0b:7f:f6:dc:18:b2:b9:db:17:59:fb:24:6b:
7f:42:c5:65:40:14:94:69:47:86:a8:4b:6c:19:e7:
09:58:2d:a9:c5:a2:84:89:59:25:37:5b:05:91:16:
77:44:7a:52:35:74:60:30:08:0d:3e:15:12:8e:f9:
e0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:92:46:5B:AD:70:B0:06:36:9D:AD:86:A0:21:09:7A:8E:47:BD:79
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/MpJGW61wsAY2na2GoCEJeo5HvXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0-5.63.28.255
91.190.168.0/23
91.190.171.0-91.190.175.255
185.85.78.0/23
Signature Algorithm: sha256WithRSAEncryption
98:0b:00:0b:fa:6b:05:c6:79:41:72:25:ef:91:5c:f7:08:eb:
ac:18:1d:8f:52:f1:1b:2c:bb:08:22:21:1d:c2:fb:4f:cf:43:
7a:85:32:b3:97:e5:d1:32:3e:95:3c:66:6e:d9:5e:12:5c:ae:
31:1f:f2:90:9d:92:3c:e5:9d:51:7d:13:dd:de:0d:15:8d:2a:
73:52:29:e3:23:d8:82:6a:d0:fc:f3:ba:49:cf:70:25:76:b5:
42:e6:93:54:ba:26:0f:e2:7d:fd:a3:ba:02:60:2d:4a:49:57:
78:8b:5a:e8:07:c0:2d:36:7d:02:89:c8:f3:0e:c4:af:54:36:
f8:63:e4:40:7d:12:f8:16:e9:55:d9:96:63:9c:25:48:4e:e0:
a1:4b:c4:cc:3f:46:49:d1:67:70:52:4f:06:06:fa:87:1f:ae:
f3:fd:7d:45:85:98:bd:72:dd:b5:2b:cd:0d:c1:c0:73:f7:2b:
ab:7e:78:65:24:aa:c2:48:39:1b:54:c3:f6:4b:70:f2:b6:86:
6d:32:6b:48:0d:68:15:2d:e8:31:fc:25:68:a6:67:43:35:ce:
9e:93:5c:1f:4b:27:b4:c7:37:80:13:79:0b:98:a9:59:97:99:
ab:c2:84:58:0c:88:c9:9c:8b:59:34:5e:b9:32:af:41:1e:ae:
7c:0c:2f:b2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQg1j0PCVSLMF08N35bMiCXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMTQxYzUwOTA4MjRkMGExN2MyOWVjNDA1MGUyMTAwNzEx
M2ZiZGEwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjkyNDY1YmFkNzBiMDA2MzY5ZGFkODZhMDIxMDk3YThlNDdiZDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphQIqPjVYhb/6hL0tbH7PnI4AIe1
6VRjwlnz/9PPDjIkZGpawObvfihNLSmiHbIZJudFU0RuJToTZiCXkrog24DcOWEN
jfl3CvAE6bEHFcE0yiLub5mNNMvxgRvtVSFrvPW3RqwTE6PA0xnwTXIpasoyzRqx
WRYrS69r2W0kGslb1/6xHxNiESBZBskjD4yQmOS4DYRvwxZgE/wneL5rgs9LLWLa
zH/vMj7b1+KZZsiPW/AylXL0ZJitcXDHjhwfv9lT6Qt/9twYsrnbF1n7JGt/QsVl
QBSUaUeGqEtsGecJWC2pxaKEiVklN1sFkRZ3RHpSNXRgMAgNPhUSjvngOwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDKSRlutcLAGNp2thqAhCXqOR715MB8GA1UdIwQY
MBaAFFoUHFCQgk0KF8KexAUOIQBxE/vaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUt
ZWNlZWZmOGU4NGUwLzEvTXBKR1c2MXdzQVkybmEyR29DRUplbzVIdlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9iMjBlOTAtYmY2ZS00ZTI1LTg3ZDUtZWNlZWZmOGU4NGUw
LzEvV2hRY1VKQ0NUUW9Yd3A3RUJRNGhBSEVULTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAMFPxgD
BAAFPxwDBAFbvqgwDAMEAFu+qwMEBFu+oAMEAblVTjANBgkqhkiG9w0BAQsFAAOC
AQEAmAsAC/prBcZ5QXIl75Fc9wjrrBgdj1LxGyy7CCIhHcL7T89DeoUys5fl0TI+
lTxmbtleElyuMR/ykJ2SPOWdUX0T3d4NFY0qc1Ip4yPYgmrQ/PO6Sc9wJXa1QuaT
VLomD+J9/aO6AmAtSklXeIta6AfALTZ9AonI8w7Er1Q2+GPkQH0S+BbpVdmWY5wl
SE7goUvEzD9GSdFncFJPBgb6hx+u8/19RYWYvXLdtSvNDcHAc/crq354ZSSqwkg5
G1TD9ktw8raGbTJrSA1oFS3oMfwlaKZnQzXOnpNcH0sntMc3gBN5C5ipWZeZq8KE
WAyIyZyLWTReuTKvQR6ufAwvsg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:02:23 2025 by rpki-client