Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/MewT8wuMGfdVhTwmRM4TncORW08.roa
File: MewT8wuMGfdVhTwmRM4TncORW08.roa (raw, json)
Hash identifier: 6kSDhYAugYSl0WrTiw8QRQya1ahduQViXnb9qN2HSOY=
Subject key identifier: 31:EC:13:F3:0B:8C:19:F7:55:85:3C:26:44:CE:13:9D:C3:91:5B:4F
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 0194258F7ABA2CEA61E37C66F9C96635E7F9
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/MewT8wuMGfdVhTwmRM4TncORW08.roa
Signing time: Thu 02 Jan 2025 05:49:07 +0000
ROA not before: Thu 02 Jan 2025 05:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.194.218.0/24 maxlen: 24
185.1.122.0/24 maxlen: 24
193.239.116.0/22 maxlen: 24
2001:7f8:13::/48 maxlen: 48
2001:7f8:61::/48 maxlen: 48
2001:7f8:cd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 02:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:7a:ba:2c:ea:61:e3:7c:66:f9:c9:66:35:e7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 2 05:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31ec13f30b8c19f755853c2644ce139dc3915b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:5d:8b:78:1b:b3:4a:a1:0f:f2:a0:af:5d:
ee:88:46:ec:a0:12:82:72:7d:49:8f:59:bc:78:c6:
ba:9e:f7:7f:56:ec:bf:ba:ef:df:cc:f3:80:4b:cb:
75:d5:a3:70:3f:f8:6f:32:98:d2:7d:b5:17:9f:1a:
8d:f9:0d:c8:56:23:a5:90:3d:18:b0:f8:7f:ac:35:
c0:4a:bc:04:d0:ee:0b:1a:63:4c:96:7e:4e:ba:aa:
c1:9a:56:da:df:71:d1:19:e2:26:b4:a3:e4:24:e1:
39:e2:ff:ca:61:0f:11:3d:c3:ac:b3:bb:1a:8f:b5:
5d:61:1c:22:c3:92:a7:3f:91:a2:36:fd:f8:57:ba:
92:4a:3f:71:84:f2:0f:1e:0c:5e:03:80:fa:f4:b7:
10:c7:46:a8:72:fc:0e:1d:6d:b1:2f:ea:9b:88:32:
83:f1:aa:88:6f:69:88:09:3b:e5:22:16:ba:e5:d5:
64:d7:6e:1e:63:1c:1c:f9:51:9c:05:a8:89:cf:ff:
d0:58:e0:95:57:38:54:eb:09:07:7d:0e:d0:16:85:
c2:30:48:8f:41:c4:be:83:11:6f:0b:ea:3b:a5:61:
ba:b8:2d:dd:b7:02:3f:3f:10:e0:ee:a1:43:eb:3e:
fa:b0:9c:ec:bb:95:e9:23:6a:77:12:35:2b:6c:50:
d7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EC:13:F3:0B:8C:19:F7:55:85:3C:26:44:CE:13:9D:C3:91:5B:4F
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/MewT8wuMGfdVhTwmRM4TncORW08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.218.0/24
185.1.122.0/24
193.239.116.0/22
IPv6:
2001:7f8:13::/48
2001:7f8:61::/48
2001:7f8:cd::/48
Signature Algorithm: sha256WithRSAEncryption
69:13:a7:93:1d:84:c9:d1:1b:02:a9:d2:a6:b3:53:9a:bd:dd:
6d:65:46:d6:04:cd:79:b1:03:bd:a8:4d:57:cc:22:bf:67:1d:
1e:cb:ad:87:08:9c:0a:ec:8b:1b:2b:fd:ab:65:92:6b:3e:98:
bd:95:1d:41:83:92:77:01:ab:14:a1:78:54:67:f2:0c:9e:82:
2a:70:1e:2d:00:7b:48:4c:79:18:ec:48:b4:fa:64:b4:ca:de:
28:b1:a2:ae:6b:9b:88:d3:02:d9:3c:06:ca:0e:fa:57:95:46:
db:58:fe:8d:bf:b8:83:1d:cf:fd:80:b2:e1:0d:9a:a4:03:98:
3d:db:62:ba:02:4d:8c:b4:4b:05:7b:92:18:16:89:cd:de:3f:
57:ce:cb:a9:0a:94:38:fc:d3:ca:b9:47:4e:a4:af:57:4e:54:
d6:58:b2:e2:f6:af:22:ff:e7:ca:33:83:c9:ee:ae:53:13:51:
9f:c1:bc:39:9a:0d:ef:8e:49:f3:ca:cc:7c:06:7c:67:2c:cb:
06:31:92:f5:31:48:5c:3d:a3:b3:5d:9a:26:a0:d5:b9:87:1f:
7d:66:a2:9c:c6:2f:78:d7:db:c6:c3:2d:1f:3e:6d:57:4d:cd:
f2:03:8d:3e:d6:8a:e0:13:fb:99:f0:a5:1c:22:b9:8d:56:c8:
b1:b1:74:14
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQlj3q6LOph43xm+clmNef5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjUwMTAyMDU0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWVjMTNmMzBiOGMxOWY3NTU4NTNjMjY0NGNlMTM5ZGMzOTE1YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq5di3gbs0qhD/Kgr13uiEbsoBKC
cn1Jj1m8eMa6nvd/Vuy/uu/fzPOAS8t11aNwP/hvMpjSfbUXnxqN+Q3IViOlkD0Y
sPh/rDXASrwE0O4LGmNMln5OuqrBmlba33HRGeImtKPkJOE54v/KYQ8RPcOss7sa
j7VdYRwiw5KnP5GiNv34V7qSSj9xhPIPHgxeA4D69LcQx0aocvwOHW2xL+qbiDKD
8aqIb2mICTvlIha65dVk124eYxwc+VGcBaiJz//QWOCVVzhU6wkHfQ7QFoXCMEiP
QcS+gxFvC+o7pWG6uC3dtwI/PxDg7qFD6z76sJzsu5XpI2p3EjUrbFDX3QIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFDHsE/MLjBn3VYU8JkTOE53DkVtPMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvTWV3VDh3dU1HZmRWaFR3bVJNNFRuY09SVzA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAW8LaAwQA
uQF6AwQCwe90MCEEAgACMBsDBwAgAQf4ABMDBwAgAQf4AGEDBwAgAQf4AM0wDQYJ
KoZIhvcNAQELBQADggEBAGkTp5MdhMnRGwKp0qazU5q93W1lRtYEzXmxA72oTVfM
Ir9nHR7LrYcInArsixsr/atlkms+mL2VHUGDkncBqxSheFRn8gyegipwHi0Ae0hM
eRjsSLT6ZLTK3iixoq5rm4jTAtk8BsoO+leVRttY/o2/uIMdz/2AsuENmqQDmD3b
YroCTYy0SwV7khgWic3eP1fOy6kKlDj808q5R06kr1dOVNZYsuL2ryL/58ozg8nu
rlMTUZ/BvDmaDe+OSfPKzHwGfGcsywYxkvUxSFw9o7Ndmiag1bmHH31mopzGL3jX
28bDLR8+bVdNzfIDjT7WiuAT+5nwpRwiuY1WyLGxdBQ=
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:19:59 2025 by rpki-client