Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/MBByOIj39pYIect2LdRi3wnM4oc.roa
File: MBByOIj39pYIect2LdRi3wnM4oc.roa (raw, json)
Hash identifier: tdzNEKUZ3mXK0KXsFeqcPam83cZmJKXuHjjqHDm2aqU=
Subject key identifier: 30:10:72:38:88:F7:F6:96:08:79:CB:76:2D:D4:62:DF:09:CC:E2:87
Certificate issuer: /CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Certificate serial: 019423D766CA74C308CA8FCC29218627834F
Authority key identifier: 1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/MBByOIj39pYIect2LdRi3wnM4oc.roa
Signing time: Wed 01 Jan 2025 21:48:26 +0000
ROA not before: Wed 01 Jan 2025 21:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207369
IP address blocks: 185.39.79.0/24 maxlen: 24
185.138.184.0/22 maxlen: 22
185.138.184.0/23 maxlen: 23
185.138.184.0/24 maxlen: 24
185.138.186.0/23 maxlen: 23
185.138.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:66:ca:74:c3:08:ca:8f:cc:29:21:86:27:83:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Validity
Not Before: Jan 1 21:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3010723888f7f6960879cb762dd462df09cce287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ee:eb:22:34:45:e4:c6:10:67:29:9e:38:ac:
34:8c:b2:1c:f8:81:c8:22:1d:93:91:5e:5b:0b:06:
74:86:e8:c8:ae:43:e8:6b:a6:38:8a:1d:36:ac:17:
3a:b5:09:d5:d8:cd:d7:6a:3d:25:20:d7:63:d3:fb:
79:2f:6f:2d:d3:07:cb:be:0f:e9:1a:e8:bc:5e:08:
06:31:20:06:9b:ee:55:d5:56:9f:af:3f:ff:8f:ee:
63:f6:49:d5:b4:28:59:3b:05:cc:e9:ac:42:f9:3e:
7c:0f:19:8b:ca:39:b2:32:a5:9f:b1:85:e8:8b:00:
41:16:6a:6d:dd:99:91:0f:ca:0d:f5:02:e8:e5:de:
52:02:1a:b6:42:c4:9a:c4:df:ed:c2:e8:05:f0:e8:
08:10:16:80:c5:d7:3b:67:b0:54:86:4a:19:e8:60:
85:7c:67:69:ca:47:f1:44:32:43:5e:e4:f2:9e:ee:
4f:32:cf:bb:29:ea:f6:03:2f:4c:48:ff:9b:10:96:
04:73:11:69:f0:2a:6e:ab:e9:73:43:66:e2:d1:49:
d6:db:9e:46:06:e6:1f:29:18:71:60:7c:3f:d7:d8:
db:be:41:b3:31:ad:cb:f0:f6:5f:0a:85:25:0b:fd:
18:4b:f2:a8:6d:cd:5a:31:28:d7:07:aa:88:1b:44:
b5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:10:72:38:88:F7:F6:96:08:79:CB:76:2D:D4:62:DF:09:CC:E2:87
X509v3 Authority Key Identifier:
keyid:1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/MBByOIj39pYIect2LdRi3wnM4oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.79.0/24
185.138.184.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:f0:17:04:8e:90:94:b3:56:f2:5c:5d:ac:25:4d:ff:f7:ef:
43:6b:3b:cd:8e:08:cf:15:b5:b0:a3:41:30:00:7f:e1:51:7d:
fd:ed:02:7c:e7:dc:91:86:de:c9:ad:ac:27:26:97:52:2d:c8:
82:8b:fa:76:3b:de:0d:c4:9a:6c:5d:c3:4f:13:e8:03:8b:c2:
85:07:2b:04:f7:f2:c6:17:ea:70:0d:1f:23:03:cf:91:05:16:
40:f9:0b:f2:96:1e:8d:9a:8f:db:3b:00:88:72:a7:de:6a:28:
08:1d:10:d5:a4:bc:5e:9a:08:a1:e2:00:87:a7:85:73:32:bd:
be:16:7e:af:cb:3a:bf:be:d2:7f:10:10:cd:c5:4d:39:9c:dc:
08:69:8d:7c:6c:16:84:42:8c:36:3a:0f:88:f9:d5:d3:59:6b:
fb:dc:d9:cc:0f:11:e5:c8:85:72:6b:70:c7:73:25:4d:ec:e1:
7c:da:43:ac:7a:39:53:ca:10:c6:1f:14:35:84:48:d7:a1:17:
c1:70:98:02:20:66:4b:cb:23:18:ce:73:92:43:13:1a:46:a4:
ac:a0:5e:d6:88:56:e8:85:bb:bf:f0:0f:0f:30:39:7f:40:a7:
4a:85:7e:1d:95:56:85:ce:3e:df:ea:9c:94:70:9a:6c:3f:b1:
c9:27:da:4f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj12bKdMMIyo/MKSGGJ4NPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJhMzhhODcwN2ZkMjMxYzM4ODdlNGE1MmJkY2RlZGFi
MjAzMjMwHhcNMjUwMTAxMjE0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDEwNzIzODg4ZjdmNjk2MDg3OWNiNzYyZGQ0NjJkZjA5Y2NlMjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+7rIjRF5MYQZymeOKw0jLIc+IHI
Ih2TkV5bCwZ0hujIrkPoa6Y4ih02rBc6tQnV2M3Xaj0lINdj0/t5L28t0wfLvg/p
Gui8XggGMSAGm+5V1Vafrz//j+5j9knVtChZOwXM6axC+T58DxmLyjmyMqWfsYXo
iwBBFmpt3ZmRD8oN9QLo5d5SAhq2QsSaxN/twugF8OgIEBaAxdc7Z7BUhkoZ6GCF
fGdpykfxRDJDXuTynu5PMs+7Ker2Ay9MSP+bEJYEcxFp8Cpuq+lzQ2bi0UnW255G
BuYfKRhxYHw/19jbvkGzMa3L8PZfCoUlC/0YS/Kobc1aMSjXB6qIG0S1uQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDAQcjiI9/aWCHnLdi3UYt8JzOKHMB8GA1UdIwQY
MBaAFBr7o4qHB/0jHDiH5KUr3N7asgMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEt
MDk5NmFlZDMyZjNiLzEvTUJCeU9JajM5cFlJZWN0MkxkUmkzd25NNG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEtMDk5NmFlZDMyZjNi
LzEvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSdPAwQC
uYq4MA0GCSqGSIb3DQEBCwUAA4IBAQCi8BcEjpCUs1byXF2sJU3/9+9DazvNjgjP
FbWwo0EwAH/hUX397QJ859yRht7JrawnJpdSLciCi/p2O94NxJpsXcNPE+gDi8KF
BysE9/LGF+pwDR8jA8+RBRZA+Qvylh6Nmo/bOwCIcqfeaigIHRDVpLxemgih4gCH
p4VzMr2+Fn6vyzq/vtJ/EBDNxU05nNwIaY18bBaEQow2Og+I+dXTWWv73NnMDxHl
yIVya3DHcyVN7OF82kOsejlTyhDGHxQ1hEjXoRfBcJgCIGZLyyMYznOSQxMaRqSs
oF7WiFbohbu/8A8PMDl/QKdKhX4dlVaFzj7f6pyUcJpsP7HJJ9pP
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:59:13 2025 by rpki-client