Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/McQBWIkKTuiBTTZqAfwfimGiJv8.roa
File: McQBWIkKTuiBTTZqAfwfimGiJv8.roa (raw, json)
Hash identifier: kezXGJ7slA/edYCjH/7MkGlnqiO9ieoRDACp9a7xuJg=
Subject key identifier: 31:C4:01:58:89:0A:4E:E8:81:4D:36:6A:01:FC:1F:8A:61:A2:26:FF
Certificate issuer: /CN=ed30a131718560a34ab3493884e858ec431f6ad1
Certificate serial: 019421B24881A6F255A08320B83DC79AC535
Authority key identifier: ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/McQBWIkKTuiBTTZqAfwfimGiJv8.roa
Signing time: Wed 01 Jan 2025 11:48:39 +0000
ROA not before: Wed 01 Jan 2025 11:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60631
IP address blocks: 45.139.10.0/24 maxlen: 24
45.139.11.0/24 maxlen: 24
185.105.239.0/24 maxlen: 24
185.231.112.0/24 maxlen: 24
185.231.115.0/24 maxlen: 24
194.147.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:48:81:a6:f2:55:a0:83:20:b8:3d:c7:9a:c5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed30a131718560a34ab3493884e858ec431f6ad1
Validity
Not Before: Jan 1 11:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31c40158890a4ee8814d366a01fc1f8a61a226ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a9:87:66:58:a8:02:a9:0f:f1:91:d5:54:4c:
41:22:4e:9b:c9:45:52:a5:e4:4f:58:6d:99:6f:39:
ec:4a:af:a1:f5:02:23:ab:7b:ae:09:31:d0:11:30:
36:80:65:67:04:43:82:f4:3c:cc:85:51:c2:a8:a2:
2c:ca:72:ac:3a:a2:c7:83:39:b1:6d:2b:c1:ef:f9:
be:c5:81:b0:4f:0c:2d:53:f5:b9:d3:65:a5:d2:fa:
0e:70:c8:12:f2:8a:5e:61:bf:54:36:ae:5b:a6:9a:
b0:b0:20:8c:eb:48:76:d2:99:31:e3:d7:a6:02:de:
a5:73:71:8f:54:61:5b:67:1d:5a:75:96:23:b1:c5:
1e:26:07:48:4a:82:08:4b:15:55:e2:18:fe:7d:79:
e5:8b:55:03:45:3a:86:c5:23:0e:7f:5f:53:90:82:
64:61:31:b6:e0:c7:56:28:03:99:ad:a2:fa:09:f4:
20:e8:7f:0d:38:dd:c8:e6:73:40:2b:84:06:22:b5:
55:17:74:6a:92:4f:a4:54:81:11:9d:12:e5:eb:a7:
97:00:2a:65:3d:a9:f6:2e:57:ea:7c:6a:6c:35:24:
02:35:0b:ce:f7:4b:09:d8:11:f4:ea:7c:df:ae:3b:
2b:86:23:17:69:16:2f:8b:74:25:9f:88:e8:68:ea:
16:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C4:01:58:89:0A:4E:E8:81:4D:36:6A:01:FC:1F:8A:61:A2:26:FF
X509v3 Authority Key Identifier:
keyid:ED:30:A1:31:71:85:60:A3:4A:B3:49:38:84:E8:58:EC:43:1F:6A:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TChMXGFYKNKs0k4hOhY7EMfatE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/McQBWIkKTuiBTTZqAfwfimGiJv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5b0702-16e7-4627-ae19-4b3b1b63b6ab/1/7TChMXGFYKNKs0k4hOhY7EMfatE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.10.0/23
185.105.239.0/24
185.231.112.0/24
185.231.115.0/24
194.147.142.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:ce:2e:e9:fc:a8:74:26:19:3e:90:95:26:5a:9f:09:d0:07:
b0:24:d1:31:27:20:49:97:97:b5:37:ae:c5:96:df:df:01:21:
13:9b:c2:1c:5b:57:ed:ca:1d:01:14:c4:d7:69:85:9b:69:0e:
d0:c8:85:47:2f:22:29:24:ae:35:71:a3:3b:d1:28:4b:4a:48:
c9:ef:b2:70:82:27:a8:4b:fb:30:97:47:2d:3d:ea:e4:23:0c:
27:59:9d:e0:64:d8:2e:53:0a:c0:07:75:1e:f4:d8:9b:9a:29:
b2:54:02:ab:bb:3d:95:da:a4:ea:5f:ca:1b:30:0f:6e:65:7a:
d6:00:9f:84:9d:e6:39:36:89:f0:3c:6b:7d:c2:4c:d6:be:05:
a2:16:7e:1d:c9:03:ff:1d:19:2e:ca:07:f3:de:ef:4d:c6:69:
00:f2:4e:f7:03:b8:af:bb:b2:e4:57:1b:80:fd:0d:49:4c:b4:
f6:2e:d7:3b:ad:73:1a:59:23:b4:f8:95:10:db:47:d7:6d:5d:
ae:d7:98:9e:b8:7f:d7:87:96:7f:cc:0f:65:17:df:89:44:46:
f0:e9:d9:59:2d:3d:cb:86:70:6a:41:60:da:18:7f:ef:fd:5d:
62:c0:df:64:79:01:d4:62:f4:f3:1d:8d:fa:fa:f3:4d:ba:14:
a0:4c:bd:ab
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQhskiBpvJVoIMguD3HmsU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMzBhMTMxNzE4NTYwYTM0YWIzNDkzODg0ZTg1OGVjNDMx
ZjZhZDEwHhcNMjUwMTAxMTE0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM0MDE1ODg5MGE0ZWU4ODE0ZDM2NmEwMWZjMWY4YTYxYTIyNmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmamHZlioAqkP8ZHVVExBIk6byUVS
peRPWG2ZbznsSq+h9QIjq3uuCTHQETA2gGVnBEOC9DzMhVHCqKIsynKsOqLHgzmx
bSvB7/m+xYGwTwwtU/W502Wl0voOcMgS8opeYb9UNq5bppqwsCCM60h20pkx49em
At6lc3GPVGFbZx1adZYjscUeJgdISoIISxVV4hj+fXnli1UDRTqGxSMOf19TkIJk
YTG24MdWKAOZraL6CfQg6H8NON3I5nNAK4QGIrVVF3Rqkk+kVIERnRLl66eXACpl
Pan2LlfqfGpsNSQCNQvO90sJ2BH06nzfrjsrhiMXaRYvi3Qln4joaOoWCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDHEAViJCk7ogU02agH8H4phoib/MB8GA1UdIwQY
MBaAFO0woTFxhWCjSrNJOIToWOxDH2rRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTkt
NGIzYjFiNjNiNmFiLzEvTWNRQldJa0tUdWlCVFRacUFmd2ZpbUdpSnY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi81YjA3MDItMTZlNy00NjI3LWFlMTktNGIzYjFiNjNiNmFi
LzEvN1RDaE1YR0ZZS05LczBrNGhPaFk3RU1mYXRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLYsKAwQA
uWnvAwQAuedwAwQAuedzAwQAwpOOMA0GCSqGSIb3DQEBCwUAA4IBAQCrzi7p/Kh0
Jhk+kJUmWp8J0AewJNExJyBJl5e1N67Flt/fASETm8IcW1ftyh0BFMTXaYWbaQ7Q
yIVHLyIpJK41caM70ShLSkjJ77JwgieoS/swl0ctPerkIwwnWZ3gZNguUwrAB3Ue
9NibmimyVAKruz2V2qTqX8obMA9uZXrWAJ+EneY5NonwPGt9wkzWvgWiFn4dyQP/
HRkuygfz3u9NxmkA8k73A7ivu7LkVxuA/Q1JTLT2Ltc7rXMaWSO0+JUQ20fXbV2u
15ieuH/Xh5Z/zA9lF9+JREbw6dlZLT3LhnBqQWDaGH/v/V1iwN9keQHUYvTzHY36
+vNNuhSgTL2r
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:49:30 2025 by rpki-client