Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mfM_rJzd2zCUeH0kSk5zP-cEOwg.roa
File: mfM_rJzd2zCUeH0kSk5zP-cEOwg.roa (raw, json)
Hash identifier: nt8FvD5mL2Q1TgkJaLdIGBoxIrXhALKwq/zaaQu+/X8=
Subject key identifier: 99:F3:3F:AC:9C:DD:DB:30:94:78:7D:24:4A:4E:73:3F:E7:04:3B:08
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 01954330BEC62B549BD3AAF458070FBC0185
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mfM_rJzd2zCUeH0kSk5zP-cEOwg.roa
Signing time: Wed 26 Feb 2025 16:57:02 +0000
ROA not before: Wed 26 Feb 2025 16:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62300
IP address blocks: 37.221.81.0/24 maxlen: 24
62.192.136.0/22 maxlen: 22
194.32.241.0/24 maxlen: 24
194.61.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:43:30:be:c6:2b:54:9b:d3:aa:f4:58:07:0f:bc:01:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 26 16:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99f33fac9cdddb3094787d244a4e733fe7043b08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:25:c6:d2:6f:ce:b2:03:90:85:ec:65:f6:93:
12:8d:d7:b4:ee:78:43:29:d0:19:86:69:5b:1e:70:
93:70:d7:13:a7:11:aa:c8:c1:99:f8:55:bc:09:31:
95:f5:2d:a0:e8:6a:d9:f9:60:11:fc:50:02:dd:f9:
17:21:eb:f9:c0:d4:fa:ef:b7:e7:da:28:95:da:1a:
f4:f8:a5:0a:5b:6a:6d:bc:99:d4:12:0e:a9:17:8b:
d5:5e:e6:25:fd:81:a3:a1:9e:38:99:69:ad:3e:57:
0e:85:54:22:bd:07:62:ad:93:d7:fd:01:75:9c:db:
85:da:38:2a:29:0d:3a:a1:c2:e7:51:41:d0:72:8a:
08:01:e5:1f:cc:f7:c2:89:04:99:4e:b3:19:6d:42:
00:69:d3:f7:d3:ff:92:9b:6e:17:a5:52:85:e9:7a:
72:30:50:18:e7:a7:03:75:18:90:11:73:01:ae:ba:
60:cb:67:d3:05:b6:5b:36:5c:d8:67:a4:de:8a:95:
56:fb:69:3b:96:41:5f:bf:26:64:53:7c:6d:30:85:
51:e4:e9:4a:c8:02:c2:21:9b:75:84:a5:e5:b6:c6:
eb:17:83:b0:09:47:02:fb:30:31:9f:2f:c7:67:70:
7d:09:1e:a3:dd:e2:21:04:e6:4a:dc:ac:bc:0b:c3:
13:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F3:3F:AC:9C:DD:DB:30:94:78:7D:24:4A:4E:73:3F:E7:04:3B:08
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/mfM_rJzd2zCUeH0kSk5zP-cEOwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.81.0/24
62.192.136.0/22
194.32.241.0/24
194.61.8.0/24
Signature Algorithm: sha256WithRSAEncryption
81:b2:4f:a9:de:ad:4d:45:1d:1a:f8:c3:03:f7:9b:4d:15:98:
cf:36:29:9d:f7:2e:9d:f8:63:1f:27:80:30:12:75:6f:e7:97:
eb:fc:ec:2c:49:17:c9:f8:c5:c1:97:7b:59:d5:a4:a8:80:1e:
3e:8d:b4:38:83:9a:47:fc:6d:06:98:f0:64:27:16:54:36:fe:
80:4d:71:9f:50:e1:1f:a6:58:f9:b4:5e:8a:51:1b:ad:0e:97:
dd:45:c1:ac:28:11:52:75:e2:4d:03:4f:b0:03:35:91:5b:81:
7b:55:d8:76:cc:87:c5:38:00:bb:ea:81:84:e9:fa:5b:f1:5e:
ae:8d:76:54:ac:40:da:f7:c4:1b:8e:b9:bb:39:04:cd:b3:21:
99:2c:57:12:d3:0a:3e:33:ec:d6:d8:79:9b:21:3d:8b:3a:bd:
d4:c2:e0:87:97:57:2a:db:a5:0d:15:fe:53:5e:43:15:bc:91:
20:35:9d:bd:b4:50:82:db:7a:1e:9a:c0:43:06:9c:2f:2b:cc:
40:0b:7c:08:8f:4c:45:b3:2e:5c:ac:05:54:ce:1b:5a:36:34:
fd:a9:04:2a:6f:ef:89:65:d2:ea:5b:97:84:10:0c:08:43:78:
82:0f:95:4c:aa:89:7a:0b:aa:7a:c4:0f:42:8b:7d:ea:78:78:
ba:f4:60:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVDML7GK1Sb06r0WAcPvAGFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwMjI2MTY1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYzM2ZhYzljZGRkYjMwOTQ3ODdkMjQ0YTRlNzMzZmU3MDQzYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiXG0m/OsgOQhexl9pMSjde07nhD
KdAZhmlbHnCTcNcTpxGqyMGZ+FW8CTGV9S2g6GrZ+WAR/FAC3fkXIev5wNT677fn
2iiV2hr0+KUKW2ptvJnUEg6pF4vVXuYl/YGjoZ44mWmtPlcOhVQivQdirZPX/QF1
nNuF2jgqKQ06ocLnUUHQcooIAeUfzPfCiQSZTrMZbUIAadP30/+Sm24XpVKF6Xpy
MFAY56cDdRiQEXMBrrpgy2fTBbZbNlzYZ6TeipVW+2k7lkFfvyZkU3xtMIVR5OlK
yALCIZt1hKXltsbrF4OwCUcC+zAxny/HZ3B9CR6j3eIhBOZK3Ky8C8MTbQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJnzP6yc3dswlHh9JEpOcz/nBDsIMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbWZNX3JKemQyekNVZUgwa1NrNXpQLWNFT3dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJd1RAwQC
PsCIAwQAwiDxAwQAwj0IMA0GCSqGSIb3DQEBCwUAA4IBAQCBsk+p3q1NRR0a+MMD
95tNFZjPNimd9y6d+GMfJ4AwEnVv55fr/OwsSRfJ+MXBl3tZ1aSogB4+jbQ4g5pH
/G0GmPBkJxZUNv6ATXGfUOEfplj5tF6KURutDpfdRcGsKBFSdeJNA0+wAzWRW4F7
Vdh2zIfFOAC76oGE6fpb8V6ujXZUrEDa98Qbjrm7OQTNsyGZLFcS0wo+M+zW2Hmb
IT2LOr3UwuCHl1cq26UNFf5TXkMVvJEgNZ29tFCC23oemsBDBpwvK8xAC3wIj0xF
sy5crAVUzhtaNjT9qQQqb++JZdLqW5eEEAwIQ3iCD5VMqol6C6p6xA9Ci33qeHi6
9GAW
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:35:23 2025 by rpki-client