Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/mhy_PjfAH7Am8DYx1tO3WTSt-G0.roa
File: mhy_PjfAH7Am8DYx1tO3WTSt-G0.roa (raw, json)
Hash identifier: I3P915hVSsXgQ5UO/istQ1xrxwtkn+jwbAOJufOB6ts=
Subject key identifier: 9A:1C:BF:3E:37:C0:1F:B0:26:F0:36:31:D6:D3:B7:59:34:AD:F8:6D
Certificate issuer: /CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Certificate serial: 019427B3CC4A934308DF298E9D9F1F630143
Authority key identifier: 94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/mhy_PjfAH7Am8DYx1tO3WTSt-G0.roa
Signing time: Thu 02 Jan 2025 15:48:02 +0000
ROA not before: Thu 02 Jan 2025 15:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29152
IP address blocks: 195.80.152.0/24 maxlen: 24
195.80.153.0/24 maxlen: 24
195.80.154.0/24 maxlen: 24
195.80.155.0/24 maxlen: 24
195.80.156.0/24 maxlen: 24
195.80.157.0/24 maxlen: 24
195.80.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.mft
rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 20:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:cc:4a:93:43:08:df:29:8e:9d:9f:1f:63:01:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94f519c4ecf15f5fc1e06eaa6e03f9cb03956caa
Validity
Not Before: Jan 2 15:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a1cbf3e37c01fb026f03631d6d3b75934adf86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:bb:e2:93:12:03:ad:a5:5e:5d:7b:3a:70:
4d:2b:6c:be:94:49:86:e7:37:1d:bc:d9:5c:13:27:
f3:a4:ab:89:2f:0a:61:17:e1:ca:aa:e5:4b:93:00:
1a:58:48:93:eb:60:b0:f8:7e:7e:b0:cf:ba:7d:2c:
ef:2e:12:f1:d1:c1:8f:d6:80:4d:28:33:c5:19:8e:
5d:84:d3:62:44:48:c7:2d:ba:0b:15:b3:9e:29:d1:
dc:fc:e9:80:59:48:f0:ed:e2:38:10:22:dc:b7:e0:
d7:75:1a:e6:40:39:70:39:e1:7e:18:98:43:00:2c:
0b:3e:72:53:74:b5:c3:76:d7:69:6c:a1:5e:90:6c:
4d:69:46:43:e4:5c:6e:bd:01:0a:e8:07:ca:5e:eb:
d5:fe:5f:56:17:57:64:46:f7:91:35:ef:d0:4d:1d:
09:8f:26:c7:cd:03:79:81:64:0b:8d:cf:31:39:92:
eb:49:8c:09:aa:41:81:f5:5a:a6:61:82:33:ec:a6:
7c:56:f9:aa:79:2b:b3:76:81:da:2c:74:21:43:7a:
53:95:6c:ce:a9:c6:54:6d:61:2c:a5:03:5f:0a:40:
64:84:aa:b3:ca:d8:20:ea:4b:c9:45:30:e8:ee:91:
28:eb:6f:15:69:3e:61:d5:3f:05:fc:59:7c:31:0c:
32:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1C:BF:3E:37:C0:1F:B0:26:F0:36:31:D6:D3:B7:59:34:AD:F8:6D
X509v3 Authority Key Identifier:
keyid:94:F5:19:C4:EC:F1:5F:5F:C1:E0:6E:AA:6E:03:F9:CB:03:95:6C:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lPUZxOzxX1_B4G6qbgP5ywOVbKo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/mhy_PjfAH7Am8DYx1tO3WTSt-G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/108967-686a-4322-85b3-516eac469053/1/lPUZxOzxX1_B4G6qbgP5ywOVbKo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.80.152.0-195.80.157.255
195.80.159.0/24
Signature Algorithm: sha256WithRSAEncryption
07:74:84:c5:67:8b:34:4e:09:a9:50:2c:87:71:9e:c4:56:bf:
8a:33:94:12:42:ac:f3:a7:1e:e6:e9:4e:fc:bb:b9:80:30:b8:
bd:96:55:83:10:33:77:77:3a:6d:8c:e1:95:b4:57:2e:ff:6c:
70:49:2e:8d:98:3b:66:f3:84:e0:ea:44:05:ae:c1:23:66:6e:
09:14:2d:21:08:d0:0f:b9:3c:c1:32:94:ac:1b:01:0f:06:11:
b8:10:58:08:58:a7:d6:88:76:4f:3d:a8:52:9f:8c:f9:f6:ab:
70:dd:32:30:1f:be:fc:4f:2f:6f:9f:63:42:22:de:66:6c:9e:
5d:54:91:c3:fc:72:d3:fe:c0:46:65:3c:ab:1d:32:d4:e7:83:
60:11:c8:71:5b:e2:4d:ad:45:c3:88:e4:77:e1:6e:80:9e:26:
6c:28:6f:bb:3c:52:f3:c3:16:72:d5:9f:ff:4c:54:dd:a6:a2:
2c:ea:6b:15:ab:af:0d:34:9e:d3:a9:ea:f2:c8:d9:d3:f7:9f:
e8:99:62:42:76:fc:0c:da:87:fb:a0:31:3d:56:af:3b:37:68:
5c:66:81:2e:9d:1c:d1:43:9b:71:47:f5:0d:b6:ef:73:ef:50:
ed:02:84:e8:38:8e:f1:ca:0f:ed:51:1a:9b:fa:8f:b5:a1:a1:
ff:91:18:6b
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQns8xKk0MI3ymOnZ8fYwFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZjUxOWM0ZWNmMTVmNWZjMWUwNmVhYTZlMDNmOWNiMDM5
NTZjYWEwHhcNMjUwMTAyMTU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFjYmYzZTM3YzAxZmIwMjZmMDM2MzFkNmQzYjc1OTM0YWRmODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKi74pMSA62lXl17OnBNK2y+lEmG
5zcdvNlcEyfzpKuJLwphF+HKquVLkwAaWEiT62Cw+H5+sM+6fSzvLhLx0cGP1oBN
KDPFGY5dhNNiREjHLboLFbOeKdHc/OmAWUjw7eI4ECLct+DXdRrmQDlwOeF+GJhD
ACwLPnJTdLXDdtdpbKFekGxNaUZD5FxuvQEK6AfKXuvV/l9WF1dkRveRNe/QTR0J
jybHzQN5gWQLjc8xOZLrSYwJqkGB9VqmYYIz7KZ8VvmqeSuzdoHaLHQhQ3pTlWzO
qcZUbWEspQNfCkBkhKqzytgg6kvJRTDo7pEo628VaT5h1T8F/Fl8MQwyWQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJocvz43wB+wJvA2MdbTt1k0rfhtMB8GA1UdIwQY
MBaAFJT1GcTs8V9fweBuqm4D+csDlWyqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMt
NTE2ZWFjNDY5MDUzLzEvbWh5X1BqZkFIN0FtOERZeDF0TzNXVFN0LUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xMDg5NjctNjg2YS00MzIyLTg1YjMtNTE2ZWFjNDY5MDUz
LzEvbFBVWnhPenhYMV9CNEc2cWJnUDV5d09WYktvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAPDUJgD
BAHDUJwDBADDUJ8wDQYJKoZIhvcNAQELBQADggEBAAd0hMVnizROCalQLIdxnsRW
v4ozlBJCrPOnHubpTvy7uYAwuL2WVYMQM3d3Om2M4ZW0Vy7/bHBJLo2YO2bzhODq
RAWuwSNmbgkULSEI0A+5PMEylKwbAQ8GEbgQWAhYp9aIdk89qFKfjPn2q3DdMjAf
vvxPL2+fY0Ii3mZsnl1UkcP8ctP+wEZlPKsdMtTng2ARyHFb4k2tRcOI5HfhboCe
Jmwob7s8UvPDFnLVn/9MVN2moizqaxWrrw00ntOp6vLI2dP3n+iZYkJ2/Azah/ug
MT1Wrzs3aFxmgS6dHNFDm3FH9Q2273PvUO0ChOg4jvHKD+1RGpv6j7Whof+RGGs=
-----END CERTIFICATE-----
Generated at Wed Apr 23 02:31:30 2025 by rpki-client