Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MR6yCa9ahiYB6kt7eFUEnhRZgj0.roa
File: MR6yCa9ahiYB6kt7eFUEnhRZgj0.roa (raw, json)
Hash identifier: Q5fLGdiN5URjuSRi8W7fkSayIUiVGY1nf+0ovyfMZAw=
Subject key identifier: 31:1E:B2:09:AF:5A:86:26:01:EA:4B:7B:78:55:04:9E:14:59:82:3D
Certificate issuer: /CN=3cde2470c8563949487a3e78743c544c99ec8a64
Certificate serial: 0194266C1E173E327E95A587E8CA72DB2571
Authority key identifier: 3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MR6yCa9ahiYB6kt7eFUEnhRZgj0.roa
Signing time: Thu 02 Jan 2025 09:50:07 +0000
ROA not before: Thu 02 Jan 2025 09:50:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 86.111.192.0/22 maxlen: 22
86.111.192.0/24 maxlen: 24
86.111.193.0/24 maxlen: 24
86.111.194.0/24 maxlen: 24
86.111.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:1e:17:3e:32:7e:95:a5:87:e8:ca:72:db:25:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cde2470c8563949487a3e78743c544c99ec8a64
Validity
Not Before: Jan 2 09:50:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=311eb209af5a862601ea4b7b7855049e1459823d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:23:1e:36:e6:76:4f:db:ba:02:03:3f:eb:
d3:7b:70:95:14:e8:24:52:4e:89:bc:41:bb:28:fd:
39:98:de:27:fc:84:c7:5d:18:8d:31:ba:d7:ab:fd:
9e:73:b7:4d:df:f5:cb:4f:48:aa:e9:72:57:de:57:
f4:11:a0:00:c2:22:b4:9d:81:06:12:ab:9c:69:f7:
94:37:f3:78:6e:26:57:68:5e:ea:d4:33:f3:63:55:
2c:cd:e6:6f:22:d7:90:03:ea:69:13:ef:4b:b8:b9:
c3:20:ed:1a:cb:0c:ba:d6:86:be:07:d5:73:21:8d:
a4:04:d7:3b:57:42:d7:be:6d:f3:6d:4a:f6:d8:0a:
3d:01:70:8c:84:5e:42:cd:1b:ff:f8:71:a8:8d:41:
80:38:87:71:f5:8d:f3:f2:4c:1b:a0:4a:28:c8:25:
dd:52:f3:6a:cd:ba:11:15:ac:97:cf:ad:49:85:66:
4b:26:68:4b:dd:ca:aa:ef:9b:05:94:97:30:b4:6d:
72:5b:ff:dd:75:a3:c1:70:44:a1:e7:13:ff:5d:2f:
1d:5e:3f:bb:07:a4:2e:07:d9:36:8a:67:c0:83:e7:
96:88:1b:4e:a0:30:7f:40:0e:3f:f8:21:d8:28:53:
d6:1a:c6:48:bd:91:d8:c8:a4:dc:b9:3e:4d:af:3e:
96:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:1E:B2:09:AF:5A:86:26:01:EA:4B:7B:78:55:04:9E:14:59:82:3D
X509v3 Authority Key Identifier:
keyid:3C:DE:24:70:C8:56:39:49:48:7A:3E:78:74:3C:54:4C:99:EC:8A:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PN4kcMhWOUlIej54dDxUTJnsimQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/MR6yCa9ahiYB6kt7eFUEnhRZgj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/fa79cf-8c4c-4094-a1f5-44171b2f599e/1/PN4kcMhWOUlIej54dDxUTJnsimQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.192.0/22
Signature Algorithm: sha256WithRSAEncryption
30:de:49:35:80:8c:85:17:3f:d5:bf:44:e2:d4:10:3e:c7:40:
f1:5b:72:ec:85:2b:a4:e2:ea:50:1b:56:70:4b:a2:73:56:3d:
b9:85:03:59:0b:32:cd:a2:2f:be:c9:2a:13:d6:43:aa:c0:8d:
29:ec:94:30:88:1d:5c:96:34:1d:86:0c:74:40:fe:67:ce:4f:
b5:45:d7:e5:8c:a8:6f:07:29:ba:e5:16:54:58:a5:45:97:41:
36:fb:b9:4d:bb:1a:5b:80:41:21:59:e6:ff:1e:2a:10:5d:71:
3f:dd:0e:c8:f6:ab:48:76:56:ea:ac:5f:7e:29:14:0b:21:df:
0c:4a:1e:10:db:ab:b8:50:03:50:82:f4:01:69:42:8f:51:1f:
ee:36:a5:2f:a6:a2:fc:f2:63:53:ee:a0:9f:ba:ef:93:2b:81:
6e:55:e9:77:d7:fa:55:6e:94:a7:9e:89:a6:ca:66:c4:26:18:
1c:ff:42:f8:f2:a5:9c:58:08:9c:b1:be:79:07:22:dc:2c:e8:
d7:6d:76:1a:55:de:ae:0b:1c:e2:f3:7f:4a:b9:2a:62:1b:fb:
46:58:1a:24:c1:2f:d9:c3:79:76:03:b6:e8:95:4a:a6:f7:95:
10:20:dc:f1:a4:24:d0:68:32:f7:c3:2b:46:66:87:51:08:06:
04:89:24:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQmbB4XPjJ+laWH6Mpy2yVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZGUyNDcwYzg1NjM5NDk0ODdhM2U3ODc0M2M1NDRjOTll
YzhhNjQwHhcNMjUwMTAyMDk1MDA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTFlYjIwOWFmNWE4NjI2MDFlYTRiN2I3ODU1MDQ5ZTE0NTk4MjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF8jHjbmdk/bugIDP+vTe3CVFOgk
Uk6JvEG7KP05mN4n/ITHXRiNMbrXq/2ec7dN3/XLT0iq6XJX3lf0EaAAwiK0nYEG
EqucafeUN/N4biZXaF7q1DPzY1UszeZvIteQA+ppE+9LuLnDIO0aywy61oa+B9Vz
IY2kBNc7V0LXvm3zbUr22Ao9AXCMhF5CzRv/+HGojUGAOIdx9Y3z8kwboEooyCXd
UvNqzboRFayXz61JhWZLJmhL3cqq75sFlJcwtG1yW//ddaPBcESh5xP/XS8dXj+7
B6QuB9k2imfAg+eWiBtOoDB/QA4/+CHYKFPWGsZIvZHYyKTcuT5Nrz6WVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEesgmvWoYmAepLe3hVBJ4UWYI9MB8GA1UdIwQY
MBaAFDzeJHDIVjlJSHo+eHQ8VEyZ7IpkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUt
NDQxNzFiMmY1OTllLzEvTVI2eUNhOWFoaVlCNmt0N2VGVUVuaFJaZ2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9mYTc5Y2YtOGM0Yy00MDk0LWExZjUtNDQxNzFiMmY1OTll
LzEvUE40a2NNaFdPVWxJZWo1NGREeFVUSm5zaW1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVm/AMA0G
CSqGSIb3DQEBCwUAA4IBAQAw3kk1gIyFFz/Vv0Ti1BA+x0DxW3LshSuk4upQG1Zw
S6JzVj25hQNZCzLNoi++ySoT1kOqwI0p7JQwiB1cljQdhgx0QP5nzk+1RdfljKhv
Bym65RZUWKVFl0E2+7lNuxpbgEEhWeb/HioQXXE/3Q7I9qtIdlbqrF9+KRQLId8M
Sh4Q26u4UANQgvQBaUKPUR/uNqUvpqL88mNT7qCfuu+TK4FuVel31/pVbpSnnomm
ymbEJhgc/0L48qWcWAicsb55ByLcLOjXbXYaVd6uCxzi839KuSpiG/tGWBokwS/Z
w3l2A7bolUqm95UQINzxpCTQaDL3wytGZodRCAYEiSTR
-----END CERTIFICATE-----
Generated at Sat Apr 12 16:01:01 2025 by rpki-client