Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MAtFsiCs-1F-523L9frydALwyy4.roa
File: MAtFsiCs-1F-523L9frydALwyy4.roa (raw, json)
Hash identifier: 2oSZs+/2GJf0TVw2qN8JKhmCjL7EV9WGTizvjqbOhwQ=
Subject key identifier: 30:0B:45:B2:20:AC:FB:51:7E:E7:6D:CB:F5:FA:F2:74:02:F0:CB:2E
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01951D33198F274A17CFD1B1F6530EBDE864
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MAtFsiCs-1F-523L9frydALwyy4.roa
Signing time: Wed 19 Feb 2025 07:54:02 +0000
ROA not before: Wed 19 Feb 2025 07:54:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
178.219.14.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 10:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:1d:33:19:8f:27:4a:17:cf:d1:b1:f6:53:0e:bd:e8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Feb 19 07:54:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=300b45b220acfb517ee76dcbf5faf27402f0cb2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:a9:74:de:c1:d0:1c:bc:72:2a:9d:42:1c:
91:fe:94:32:6d:1b:73:33:3f:3f:e4:82:a5:87:2c:
d9:b3:2a:d8:69:6c:9e:13:22:31:c7:23:84:71:cf:
92:d5:2e:fb:3d:7b:1a:ae:99:64:7f:40:17:ae:14:
d7:f9:76:84:31:21:54:d3:51:ef:0a:49:07:c2:fa:
33:8a:df:78:d9:9b:03:e6:b8:63:2c:ea:e9:a1:31:
62:8d:df:ee:64:c4:6d:d0:cd:ad:09:72:97:7e:b3:
67:cf:34:56:58:e2:f6:d7:40:72:5e:e2:b9:5e:43:
6a:6f:c0:e4:a3:29:0b:19:7b:c1:60:23:37:71:a2:
5c:ae:df:b0:e1:68:a5:2e:28:79:28:db:d9:34:9c:
b6:45:e3:8f:90:bf:de:8b:fe:cb:d2:d8:61:14:b8:
d0:99:a4:58:e3:a5:30:cf:31:1d:53:1c:a4:4d:07:
f0:7d:44:49:b7:64:89:c5:5a:2b:67:30:ee:23:04:
88:b7:d3:70:43:d3:bb:88:44:3c:c1:6b:d5:5a:cd:
fd:fe:ab:43:df:01:7e:1b:94:a7:26:1e:71:af:d5:
20:c1:bd:0f:c1:80:88:2b:bc:25:98:3b:ae:a9:9d:
7e:46:48:90:13:11:b6:af:69:40:e7:2d:ec:2b:4c:
1d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0B:45:B2:20:AC:FB:51:7E:E7:6D:CB:F5:FA:F2:74:02:F0:CB:2E
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/MAtFsiCs-1F-523L9frydALwyy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.0.0/19
178.219.14.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:82:22:21:d2:ab:0d:bf:01:1c:2a:82:e2:99:36:8f:c3:a7:
2f:33:a5:c4:61:3a:dd:6b:f1:47:c5:f6:3a:00:ef:cb:39:58:
45:6d:0d:16:b8:69:5e:c1:59:d9:0b:69:73:ab:67:bf:f9:08:
96:27:3b:31:ee:88:05:2e:cc:26:fb:ca:02:ce:62:03:a2:54:
15:a5:3b:5d:e7:9a:91:81:10:db:f8:c9:22:cb:d0:5b:d0:ff:
2a:19:d5:f8:5c:3a:7d:b1:fb:2f:db:bd:f5:c7:9d:84:fb:ce:
a4:95:e3:b8:ba:aa:f1:2f:ed:c4:04:29:31:85:c2:b0:86:b9:
53:c2:e9:1e:6a:e8:b8:34:d0:0d:20:b9:91:a7:73:30:39:8a:
c7:b9:43:fe:72:24:cb:d9:d1:16:a3:4a:e4:d6:f5:ac:c0:83:
0f:76:61:b6:20:ac:7d:f3:1f:d1:12:f1:c9:ac:79:21:75:7c:
3a:7e:15:e0:73:18:8d:e9:80:44:98:0f:2c:2f:bc:9e:20:f8:
ef:9e:7b:b0:d0:b3:03:26:55:70:d6:ee:b6:5d:75:26:46:19:
d7:4e:23:d0:53:36:28:c9:67:f6:5a:42:02:c5:48:5f:e5:00:
da:77:64:bc:95:0e:5e:3a:fc:28:a0:17:e2:33:f4:bf:58:57:
5c:67:56:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUdMxmPJ0oXz9Gx9lMOvehkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwMjE5MDc1NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBiNDViMjIwYWNmYjUxN2VlNzZkY2JmNWZhZjI3NDAyZjBjYjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss+pdN7B0By8ciqdQhyR/pQybRtz
Mz8/5IKlhyzZsyrYaWyeEyIxxyOEcc+S1S77PXsarplkf0AXrhTX+XaEMSFU01Hv
CkkHwvozit942ZsD5rhjLOrpoTFijd/uZMRt0M2tCXKXfrNnzzRWWOL210ByXuK5
XkNqb8DkoykLGXvBYCM3caJcrt+w4WilLih5KNvZNJy2ReOPkL/ei/7L0thhFLjQ
maRY46UwzzEdUxykTQfwfURJt2SJxVorZzDuIwSIt9NwQ9O7iEQ8wWvVWs39/qtD
3wF+G5SnJh5xr9Ugwb0PwYCIK7wlmDuuqZ1+RkiQExG2r2lA5y3sK0wdEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDALRbIgrPtRfudty/X68nQC8MsuMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvTUF0RnNpQ3MtMUYtNTIzTDlmcnlkQUx3eXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATWkWAwQF
bXkAAwQAstsOAwQA1EUAMA0GCSqGSIb3DQEBCwUAA4IBAQB/giIh0qsNvwEcKoLi
mTaPw6cvM6XEYTrda/FHxfY6AO/LOVhFbQ0WuGlewVnZC2lzq2e/+QiWJzsx7ogF
Lswm+8oCzmIDolQVpTtd55qRgRDb+Mkiy9Bb0P8qGdX4XDp9sfsv2731x52E+86k
leO4uqrxL+3EBCkxhcKwhrlTwukeaui4NNANILmRp3MwOYrHuUP+ciTL2dEWo0rk
1vWswIMPdmG2IKx98x/REvHJrHkhdXw6fhXgcxiN6YBEmA8sL7yeIPjvnnuw0LMD
JlVw1u62XXUmRhnXTiPQUzYoyWf2WkICxUhf5QDad2S8lQ5eOvwooBfiM/S/WFdc
Z1Z9
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:36 2025 by rpki-client