Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mUZj0w-uWUstpfqo5cH06vK19uA.roa
File: mUZj0w-uWUstpfqo5cH06vK19uA.roa (raw, json)
Hash identifier: MzyNzzDoUFyK/QZw2a/+HQPhRLTClRfb/mdHjVRhByQ=
Subject key identifier: 99:46:63:D3:0F:AE:59:4B:2D:A5:FA:A8:E5:C1:F4:EA:F2:B5:F6:E0
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0194221F41D7C5E2B79B0B749EFC1A19BA44
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mUZj0w-uWUstpfqo5cH06vK19uA.roa
Signing time: Wed 01 Jan 2025 13:47:41 +0000
ROA not before: Wed 01 Jan 2025 13:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41256
IP address blocks: 213.92.128.0/17 maxlen: 17
213.92.128.0/18 maxlen: 18
213.92.190.0/23 maxlen: 23
213.92.192.0/18 maxlen: 18
213.92.192.0/22 maxlen: 22
213.92.196.0/22 maxlen: 22
213.92.200.0/21 maxlen: 21
213.92.216.0/21 maxlen: 21
213.92.240.0/21 maxlen: 21
213.92.248.0/22 maxlen: 22
213.92.252.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:41:d7:c5:e2:b7:9b:0b:74:9e:fc:1a:19:ba:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jan 1 13:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=994663d30fae594b2da5faa8e5c1f4eaf2b5f6e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:b4:22:3d:49:a1:c2:08:98:f3:5b:5c:14:
f1:35:57:74:39:67:ed:ab:07:54:b0:51:25:92:98:
dd:49:2c:bb:de:b7:93:e7:3e:5f:3f:64:9d:44:12:
2e:f6:62:f5:44:ed:d1:53:f5:0b:3b:43:01:2b:71:
53:f9:a4:3c:9d:70:ca:6c:ad:45:c6:bb:bd:f5:58:
7c:05:b7:c1:0e:b6:96:3f:89:73:6a:99:36:e3:1e:
b4:4e:cc:36:ce:6b:e6:1d:7b:74:08:e6:5d:25:5e:
80:54:ad:b7:e4:60:0a:b6:57:5d:3c:85:db:56:3d:
5f:1d:33:a8:d9:09:c8:a8:a5:12:80:6e:3d:a0:4b:
88:91:b0:9c:6d:47:e7:33:d4:7f:c1:a8:b5:77:4c:
18:68:cc:4c:bd:71:a2:c1:2c:95:f6:9a:e4:ad:9d:
17:f4:0f:e7:21:29:cc:8e:0d:de:4f:1c:25:56:04:
3d:3d:03:1b:56:09:80:79:66:f4:09:39:80:66:d2:
b5:ac:84:41:fb:84:4c:76:60:11:e5:bd:26:75:98:
3c:ca:f1:58:e0:15:42:e2:77:1c:c6:4f:32:48:4f:
a2:b9:b1:2a:4c:32:b3:2b:1f:d0:22:79:7f:f4:86:
03:ef:03:9f:d7:ae:3d:68:59:13:99:68:13:4b:10:
9c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:46:63:D3:0F:AE:59:4B:2D:A5:FA:A8:E5:C1:F4:EA:F2:B5:F6:E0
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/mUZj0w-uWUstpfqo5cH06vK19uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.92.128.0/17
Signature Algorithm: sha256WithRSAEncryption
0a:4f:57:a5:8b:1d:ea:f1:05:e2:fb:14:e9:c7:7c:95:d6:4e:
1c:0d:0e:e2:82:b2:a3:62:37:da:22:f6:ab:99:08:39:fe:55:
10:67:13:b2:48:c1:45:1b:c0:2f:5a:ab:a0:f5:4c:6f:47:8d:
a4:d5:ac:da:85:1b:7d:e9:42:36:2c:a5:1f:30:d9:0e:2e:3d:
ba:0e:5e:e1:18:b7:f9:a5:df:a2:28:82:16:76:01:5d:4d:7f:
ff:67:95:4a:ff:9c:30:06:d8:ff:14:e9:bc:6e:95:0b:c0:c8:
d1:0d:58:8f:e1:18:4b:05:15:e3:20:6d:4d:1c:39:e2:79:70:
00:17:2b:2e:46:fb:83:22:af:24:b7:2d:59:e5:e2:4f:9a:65:
ae:0a:e8:4f:27:e5:c8:ff:47:c0:c6:6c:88:9f:e2:73:95:ee:
ba:0e:27:d1:cb:f0:b4:86:e9:ce:1f:14:67:95:f8:71:57:44:
28:db:c3:f0:fa:b9:cf:62:b0:ed:14:bf:aa:77:65:47:92:9b:
ab:31:e4:63:63:e3:7a:c3:43:ae:9e:3c:94:f8:52:08:37:12:
30:a0:5e:bb:fb:27:21:4e:f4:68:75:8d:5a:32:1f:f1:e6:23:
6d:92:d4:42:ef:3f:2d:dc:46:df:9e:fc:98:0e:c0:4e:e6:9c:
05:3c:c9:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH0HXxeK3mwt0nvwaGbpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjUwMTAxMTM0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ2NjNkMzBmYWU1OTRiMmRhNWZhYThlNWMxZjRlYWYyYjVmNmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2q0Ij1JocIImPNbXBTxNVd0OWft
qwdUsFElkpjdSSy73reT5z5fP2SdRBIu9mL1RO3RU/ULO0MBK3FT+aQ8nXDKbK1F
xru99Vh8BbfBDraWP4lzapk24x60Tsw2zmvmHXt0COZdJV6AVK235GAKtlddPIXb
Vj1fHTOo2QnIqKUSgG49oEuIkbCcbUfnM9R/wai1d0wYaMxMvXGiwSyV9prkrZ0X
9A/nISnMjg3eTxwlVgQ9PQMbVgmAeWb0CTmAZtK1rIRB+4RMdmAR5b0mdZg8yvFY
4BVC4nccxk8ySE+iubEqTDKzKx/QInl/9IYD7wOf1649aFkTmWgTSxCc/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlGY9MPrllLLaX6qOXB9OrytfbgMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvbVVaajB3LXVXVXN0cGZxbzVjSDA2dksxOXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH1VyAMA0G
CSqGSIb3DQEBCwUAA4IBAQAKT1elix3q8QXi+xTpx3yV1k4cDQ7igrKjYjfaIvar
mQg5/lUQZxOySMFFG8AvWqug9UxvR42k1azahRt96UI2LKUfMNkOLj26Dl7hGLf5
pd+iKIIWdgFdTX//Z5VK/5wwBtj/FOm8bpULwMjRDViP4RhLBRXjIG1NHDnieXAA
FysuRvuDIq8kty1Z5eJPmmWuCuhPJ+XI/0fAxmyIn+Jzle66DifRy/C0hunOHxRn
lfhxV0Qo28Pw+rnPYrDtFL+qd2VHkpurMeRjY+N6w0OunjyU+FIINxIwoF67+ych
TvRodY1aMh/x5iNtktRC7z8t3EbfnvyYDsBO5pwFPMkk
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:36:48 2025 by rpki-client