Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/kMQGr9JvSdf0YWyn95oAWrgW1pM.roa
File: kMQGr9JvSdf0YWyn95oAWrgW1pM.roa (raw, json)
Hash identifier: MFKvDOkMYqx88W0zwkPF8EbtQvbV0tupci16xZ+ClUg=
Subject key identifier: 90:C4:06:AF:D2:6F:49:D7:F4:61:6C:A7:F7:9A:00:5A:B8:16:D6:93
Certificate issuer: /CN=bd19d4535c7e62b921e859e6557b821f278e716a
Certificate serial: 0194258F7F55AE9CFDF6971BB1F18650EE33
Authority key identifier: BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/kMQGr9JvSdf0YWyn95oAWrgW1pM.roa
Signing time: Thu 02 Jan 2025 05:49:08 +0000
ROA not before: Thu 02 Jan 2025 05:49:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 45.134.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7f:55:ae:9c:fd:f6:97:1b:b1:f1:86:50:ee:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd19d4535c7e62b921e859e6557b821f278e716a
Validity
Not Before: Jan 2 05:49:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90c406afd26f49d7f4616ca7f79a005ab816d693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f5:42:41:b0:58:1e:cb:16:1a:ce:de:0e:c0:
50:99:0b:4d:f7:f4:7c:8a:b9:5f:63:0d:d1:1f:c7:
ad:0e:79:77:95:a3:ea:58:ac:7a:cd:d1:90:8e:98:
68:e7:7a:8d:28:48:8a:d6:4f:7b:3f:4b:e1:80:d9:
83:b6:5c:4f:2c:1b:de:d4:fc:82:65:d4:11:f6:a2:
48:ab:84:2e:02:d6:8e:a9:dc:f0:0c:3c:e2:9b:f9:
3d:a2:38:81:d8:66:ea:36:6b:6d:6a:21:dd:b3:12:
fd:d3:9b:eb:6f:e5:f7:8c:36:66:93:b2:a3:fa:0c:
82:87:44:27:a7:58:b8:31:cc:9e:31:1b:d9:32:b1:
f3:5f:9d:74:f5:a4:a2:fe:c5:5a:97:3a:db:47:69:
3b:50:8b:bd:22:b0:94:7e:0a:21:d8:33:83:41:af:
38:c5:98:d9:39:0d:29:63:29:e4:29:85:95:90:c6:
5c:49:a0:d0:ab:c8:d4:90:19:7c:58:21:8f:7e:2c:
59:c4:b4:ac:f5:0d:12:94:ed:74:19:26:06:0e:74:
8b:40:4e:15:53:97:32:41:50:16:2d:6e:09:9a:fc:
0f:3e:6f:ec:f1:4a:6d:1a:9b:e7:05:ae:2c:a7:57:
b9:30:69:09:79:83:5b:1d:a6:ef:b9:83:ae:3f:40:
1b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:C4:06:AF:D2:6F:49:D7:F4:61:6C:A7:F7:9A:00:5A:B8:16:D6:93
X509v3 Authority Key Identifier:
keyid:BD:19:D4:53:5C:7E:62:B9:21:E8:59:E6:55:7B:82:1F:27:8E:71:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/kMQGr9JvSdf0YWyn95oAWrgW1pM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/2599f9-6f76-4db6-bca7-c1331f49fc09/1/vRnUU1x-Yrkh6FnmVXuCHyeOcWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.9.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4e:b5:99:fe:44:9d:c5:8c:f1:27:72:0c:aa:d6:fb:81:52:
01:9a:e9:af:0f:77:61:50:19:e1:73:82:07:ec:dc:0a:34:59:
73:67:44:ae:58:b7:76:b6:c5:b4:9d:ff:f6:ff:20:6f:c4:d1:
dd:37:6c:fa:b6:6d:c1:b3:63:9e:ea:60:06:44:62:bd:8d:f7:
fd:b8:cf:1f:f2:33:93:1e:7d:e8:dc:b1:02:98:16:c6:88:b1:
c6:7e:5c:3d:22:a3:5a:0f:07:57:46:b0:5d:55:b3:7b:31:37:
d0:e3:67:f9:e8:38:42:e8:76:ea:ca:ac:70:54:7e:6d:55:bb:
b3:0a:cc:3c:c8:e5:60:ea:e1:aa:55:f0:50:bc:a2:8a:2f:e6:
6d:80:9e:46:d7:e9:ba:df:4c:00:7d:52:1d:10:64:84:3d:ae:
59:ee:05:e6:80:81:c0:3e:5a:d4:5d:00:e6:ae:14:d4:37:44:
ba:36:49:f4:c4:93:04:2f:a3:5b:24:73:d5:d2:6d:1a:f6:07:
08:0a:55:4d:33:8a:ac:82:cc:60:f5:75:74:f2:f1:ed:26:d7:
93:4a:69:fa:57:e5:ec:7e:ba:c2:af:9c:78:72:38:00:64:d4:
f5:30:8d:79:3b:eb:f8:78:99:a0:e7:ef:d3:e4:cc:cc:f8:cd:
a1:9c:9c:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj39Vrpz99pcbsfGGUO4zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMTlkNDUzNWM3ZTYyYjkyMWU4NTllNjU1N2I4MjFmMjc4
ZTcxNmEwHhcNMjUwMTAyMDU0OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGM0MDZhZmQyNmY0OWQ3ZjQ2MTZjYTdmNzlhMDA1YWI4MTZkNjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfVCQbBYHssWGs7eDsBQmQtN9/R8
irlfYw3RH8etDnl3laPqWKx6zdGQjpho53qNKEiK1k97P0vhgNmDtlxPLBve1PyC
ZdQR9qJIq4QuAtaOqdzwDDzim/k9ojiB2GbqNmttaiHdsxL905vrb+X3jDZmk7Kj
+gyCh0Qnp1i4McyeMRvZMrHzX5109aSi/sValzrbR2k7UIu9IrCUfgoh2DODQa84
xZjZOQ0pYynkKYWVkMZcSaDQq8jUkBl8WCGPfixZxLSs9Q0SlO10GSYGDnSLQE4V
U5cyQVAWLW4JmvwPPm/s8UptGpvnBa4sp1e5MGkJeYNbHabvuYOuP0AbtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDEBq/Sb0nX9GFsp/eaAFq4FtaTMB8GA1UdIwQY
MBaAFL0Z1FNcfmK5IehZ5lV7gh8njnFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTct
YzEzMzFmNDlmYzA5LzEva01RR3I5SnZTZGYwWVd5bjk1b0FXcmdXMXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yNTk5ZjktNmY3Ni00ZGI2LWJjYTctYzEzMzFmNDlmYzA5
LzEvdlJuVVUxeC1ZcmtoNkZubVZYdUNIeWVPY1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYYJMA0G
CSqGSIb3DQEBCwUAA4IBAQA0TrWZ/kSdxYzxJ3IMqtb7gVIBmumvD3dhUBnhc4IH
7NwKNFlzZ0SuWLd2tsW0nf/2/yBvxNHdN2z6tm3Bs2Oe6mAGRGK9jff9uM8f8jOT
Hn3o3LECmBbGiLHGflw9IqNaDwdXRrBdVbN7MTfQ42f56DhC6HbqyqxwVH5tVbuz
Csw8yOVg6uGqVfBQvKKKL+ZtgJ5G1+m630wAfVIdEGSEPa5Z7gXmgIHAPlrUXQDm
rhTUN0S6Nkn0xJMEL6NbJHPV0m0a9gcIClVNM4qsgsxg9XV08vHtJteTSmn6V+Xs
frrCr5x4cjgAZNT1MI15O+v4eJmg5+/T5MzM+M2hnJzq
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:21:58 2025 by rpki-client