Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3mt8vtichBpF3cYPyL2vpps3mgE.roa
File: 3mt8vtichBpF3cYPyL2vpps3mgE.roa (raw, json)
Hash identifier: n/MepBA41uFLhrrjzI3i83vN1wFVsIs5mHdFrK6nh4g=
Subject key identifier: DE:6B:7C:BE:D8:9C:84:1A:45:DD:C6:0F:C8:BD:AF:A6:9B:37:9A:01
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01973116492F62711BCC264ACF1B60EBA9FC
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3mt8vtichBpF3cYPyL2vpps3mgE.roa
Signing time: Mon 02 Jun 2025 14:40:33 +0000
ROA not before: Mon 02 Jun 2025 14:40:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 80.97.54.0/24 maxlen: 24
81.180.36.0/23 maxlen: 23
81.180.172.0/23 maxlen: 23
81.180.204.0/23 maxlen: 23
81.181.175.0/24 maxlen: 24
81.181.236.0/22 maxlen: 22
194.102.120.0/22 maxlen: 22
194.102.217.0/24 maxlen: 24
217.156.29.0/24 maxlen: 24
217.156.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:31:16:49:2f:62:71:1b:cc:26:4a:cf:1b:60:eb:a9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 2 14:40:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de6b7cbed89c841a45ddc60fc8bdafa69b379a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e3:ac:73:e3:e0:7a:a8:2d:c0:07:64:e2:ba:
9b:06:ea:76:28:49:57:7d:d3:b8:f6:26:1e:33:df:
8b:69:0e:a2:d1:34:d0:c0:2c:62:a5:45:09:2d:1e:
32:e3:bd:0f:46:d5:f4:75:c8:e6:6d:25:87:22:79:
2d:f9:c2:15:dd:f0:5f:b3:5c:19:96:3f:5c:21:24:
51:ec:cc:be:ae:e1:f8:11:0e:ee:89:32:69:72:52:
71:d3:dc:5a:d5:90:76:ba:a7:c1:ea:79:17:06:e4:
0c:14:cd:61:a6:12:4b:1a:9f:c2:e6:5a:a8:ed:f8:
52:02:c7:bd:8f:ee:83:12:a1:a8:23:1d:a4:62:12:
a3:a7:06:37:d3:8c:0d:94:89:81:50:ad:86:76:81:
45:f4:56:37:9f:ac:67:46:d0:5a:54:8d:97:ae:9e:
90:a1:87:75:f7:c6:6e:cf:ac:b3:46:46:37:13:36:
23:3a:07:b0:01:78:a0:df:b8:29:dd:71:dc:13:7b:
19:2a:06:0a:36:19:e4:5e:42:52:21:a8:32:17:38:
e7:34:5b:a0:31:2b:ae:cc:84:d8:3d:12:94:af:06:
5d:93:78:13:d6:e8:0b:26:9d:d9:5e:d8:38:62:fe:
35:30:5e:e5:79:21:93:91:6a:5a:48:77:2a:e8:2a:
e0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6B:7C:BE:D8:9C:84:1A:45:DD:C6:0F:C8:BD:AF:A6:9B:37:9A:01
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/3mt8vtichBpF3cYPyL2vpps3mgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.54.0/24
81.180.36.0/23
81.180.172.0/23
81.180.204.0/23
81.181.175.0/24
81.181.236.0/22
194.102.120.0/22
194.102.217.0/24
217.156.29.0/24
217.156.57.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:54:1a:7f:06:89:fa:c8:c3:be:58:55:c8:46:ae:b3:15:73:
a4:00:20:35:2b:60:c3:83:23:55:ce:c7:9a:26:21:d2:49:a3:
08:4d:63:60:53:ae:85:0d:f7:47:44:01:45:e8:17:d7:7c:14:
d4:8a:71:f0:39:8a:3d:29:7d:c0:b5:25:63:5c:5f:fa:57:42:
5d:ef:d2:62:31:62:88:52:6a:bf:23:03:e9:f6:b3:58:c1:c2:
f1:79:24:fd:17:3d:02:49:1a:90:dd:14:02:5d:d4:46:09:71:
f8:aa:8c:12:67:58:5b:bb:51:17:d4:3b:21:5b:82:3a:f8:3a:
ca:8a:56:d0:93:85:64:9e:ac:b8:89:00:fc:0e:74:1f:d4:21:
3a:88:b1:ab:1f:12:83:a1:45:95:4b:56:98:06:d0:4f:59:9f:
2d:c9:18:55:49:ab:65:01:29:41:ab:8c:54:93:16:dc:42:4a:
3f:4c:d7:d9:70:77:a3:c8:0e:95:7c:88:39:21:7a:bf:e9:dc:
8f:e4:d9:5e:e7:33:17:c8:e2:4a:82:88:c1:0e:4b:d3:f8:11:
6c:9a:43:20:ee:fa:65:e6:4b:33:9d:d5:d7:4f:db:62:91:29:
79:07:84:14:65:11:a3:71:fd:ab:a6:c4:a4:02:87:64:92:5f:
5f:d4:a4:40
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZcxFkkvYnEbzCZKzxtg66n8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNjAyMTQ0MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTZiN2NiZWQ4OWM4NDFhNDVkZGM2MGZjOGJkYWZhNjliMzc5YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeOsc+PgeqgtwAdk4rqbBup2KElX
fdO49iYeM9+LaQ6i0TTQwCxipUUJLR4y470PRtX0dcjmbSWHInkt+cIV3fBfs1wZ
lj9cISRR7My+ruH4EQ7uiTJpclJx09xa1ZB2uqfB6nkXBuQMFM1hphJLGp/C5lqo
7fhSAse9j+6DEqGoIx2kYhKjpwY304wNlImBUK2GdoFF9FY3n6xnRtBaVI2Xrp6Q
oYd198Zuz6yzRkY3EzYjOgewAXig37gp3XHcE3sZKgYKNhnkXkJSIagyFzjnNFug
MSuuzITYPRKUrwZdk3gT1ugLJp3ZXtg4Yv41MF7leSGTkWpaSHcq6CrgDwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFN5rfL7YnIQaRd3GD8i9r6abN5oBMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvM210OHZ0aWNoQnBGM2NZUHlMMnZwcHMzbWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUGE2AwQB
UbQkAwQBUbSsAwQBUbTMAwQAUbWvAwQCUbXsAwQCwmZ4AwQAwmbZAwQA2ZwdAwQA
2Zw5MA0GCSqGSIb3DQEBCwUAA4IBAQC2VBp/Bon6yMO+WFXIRq6zFXOkACA1K2DD
gyNVzseaJiHSSaMITWNgU66FDfdHRAFF6BfXfBTUinHwOYo9KX3AtSVjXF/6V0Jd
79JiMWKIUmq/IwPp9rNYwcLxeST9Fz0CSRqQ3RQCXdRGCXH4qowSZ1hbu1EX1Dsh
W4I6+DrKilbQk4Vknqy4iQD8DnQf1CE6iLGrHxKDoUWVS1aYBtBPWZ8tyRhVSatl
ASlBq4xUkxbcQko/TNfZcHejyA6VfIg5IXq/6dyP5Nle5zMXyOJKgojBDkvT+BFs
mkMg7vpl5kszndXXT9tikSl5B4QUZRGjcf2rpsSkAodkkl9f1KRA
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:11:14 2025 by rpki-client