Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MG8qxofm6sprGoo3pg2W2uS6nP0.roa
File: MG8qxofm6sprGoo3pg2W2uS6nP0.roa (raw, json)
Hash identifier: 3jnaDmSAZ0hSDFvLhpqI+24V0FGhfiyi2bRTiEuSPjo=
Subject key identifier: 30:6F:2A:C6:87:E6:EA:CA:6B:1A:8A:37:A6:0D:96:DA:E4:BA:9C:FD
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0194244523CB04C5B1FA8468FC221EDD4ABE
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MG8qxofm6sprGoo3pg2W2uS6nP0.roa
Signing time: Wed 01 Jan 2025 23:48:18 +0000
ROA not before: Wed 01 Jan 2025 23:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48080
IP address blocks: 87.251.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:23:cb:04:c5:b1:fa:84:68:fc:22:1e:dd:4a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jan 1 23:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=306f2ac687e6eaca6b1a8a37a60d96dae4ba9cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:25:26:59:ff:13:81:54:22:ef:47:16:8b:8a:
5d:cb:ea:d6:93:8e:41:6b:8a:63:3c:64:0d:58:13:
46:fa:a4:b1:60:e5:6b:0b:de:0f:70:79:65:79:77:
fa:9b:4e:9b:16:7c:32:2e:b1:ba:7e:f8:20:f9:15:
f9:f4:2f:bc:af:2e:3d:cc:a9:9a:2a:cb:00:f8:d0:
3b:f0:6f:c6:13:e6:24:69:a5:08:19:c2:96:ce:00:
98:14:4a:70:1c:82:e9:fa:4c:e5:80:64:40:c8:de:
4a:bb:8c:39:cb:b3:7d:42:b9:a3:6a:3e:82:3a:d3:
6a:8c:04:9b:be:91:cc:cd:ab:95:b6:aa:0a:4c:34:
94:af:47:46:68:b6:d1:3f:ac:ff:27:74:90:b6:8e:
d1:09:20:62:21:9c:0b:f8:8c:ff:ea:82:11:21:79:
1c:a1:93:99:a0:13:c4:31:99:19:ab:53:7a:06:78:
4c:29:b8:f1:45:54:8c:d1:b7:cf:57:c1:85:78:6e:
db:13:27:6c:76:24:27:6d:fc:0e:79:b9:84:f2:26:
64:8b:a9:10:fb:6b:03:13:d4:a1:16:79:bf:1a:f9:
44:05:2e:b5:78:6e:49:cb:1f:8b:0e:77:18:6c:1d:
b2:7b:47:d7:e7:37:6c:37:43:b6:7f:2c:94:e5:c4:
53:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6F:2A:C6:87:E6:EA:CA:6B:1A:8A:37:A6:0D:96:DA:E4:BA:9C:FD
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/MG8qxofm6sprGoo3pg2W2uS6nP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.64.0/24
Signature Algorithm: sha256WithRSAEncryption
19:48:5d:8e:6c:78:d1:47:01:46:f7:e4:1d:e0:65:85:88:c1:
f5:99:2b:58:d4:18:4f:e8:c8:aa:f9:b1:67:2c:07:4f:04:00:
5d:46:c0:78:cf:39:85:27:79:02:c0:91:4e:b0:f7:e2:5d:33:
3b:cf:83:48:61:fc:b3:86:6f:e5:f7:5e:a5:03:03:6f:ed:a7:
4f:ce:87:a4:ad:2b:ac:24:39:49:05:6b:b0:25:a4:07:9c:d5:
67:01:a9:e2:d4:bf:86:b2:4b:1b:95:79:21:2f:ac:98:a6:90:
e1:0d:1c:35:79:20:ce:72:21:6f:fc:60:f5:ae:0b:8a:8d:8b:
8b:54:24:15:26:9b:e0:14:f4:2c:7a:0a:02:8b:17:85:30:98:
56:95:88:b3:9d:6f:51:bd:a4:b6:b0:61:cf:24:75:b2:f8:d7:
67:e5:9c:3d:fd:8e:b5:68:34:5e:02:b6:a0:fb:22:21:86:56:
cf:74:af:43:3e:07:1f:2c:56:2a:ea:d6:40:8e:4a:3f:b8:30:
56:6b:5a:4f:73:9c:2a:6b:63:f8:30:46:67:58:1b:a1:de:1a:
3a:99:4f:18:ee:b0:c0:58:a3:84:ba:3a:da:3d:c4:62:c1:d6:
6c:4e:d3:6a:2c:59:33:29:d7:4d:26:db:b8:29:2f:9b:eb:d4:
c8:d2:a8:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRSPLBMWx+oRo/CIe3Uq+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjUwMTAxMjM0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDZmMmFjNjg3ZTZlYWNhNmIxYThhMzdhNjBkOTZkYWU0YmE5Y2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SUmWf8TgVQi70cWi4pdy+rWk45B
a4pjPGQNWBNG+qSxYOVrC94PcHlleXf6m06bFnwyLrG6fvgg+RX59C+8ry49zKma
KssA+NA78G/GE+YkaaUIGcKWzgCYFEpwHILp+kzlgGRAyN5Ku4w5y7N9Qrmjaj6C
OtNqjASbvpHMzauVtqoKTDSUr0dGaLbRP6z/J3SQto7RCSBiIZwL+Iz/6oIRIXkc
oZOZoBPEMZkZq1N6BnhMKbjxRVSM0bfPV8GFeG7bEydsdiQnbfwOebmE8iZki6kQ
+2sDE9ShFnm/GvlEBS61eG5Jyx+LDncYbB2ye0fX5zdsN0O2fyyU5cRTewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDBvKsaH5urKaxqKN6YNltrkupz9MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvTUc4cXhvZm02c3ByR29vM3BnMlcydVM2blAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/tAMA0G
CSqGSIb3DQEBCwUAA4IBAQAZSF2ObHjRRwFG9+Qd4GWFiMH1mStY1BhP6Miq+bFn
LAdPBABdRsB4zzmFJ3kCwJFOsPfiXTM7z4NIYfyzhm/l916lAwNv7adPzoekrSus
JDlJBWuwJaQHnNVnAani1L+GsksblXkhL6yYppDhDRw1eSDOciFv/GD1rguKjYuL
VCQVJpvgFPQsegoCixeFMJhWlYiznW9RvaS2sGHPJHWy+Ndn5Zw9/Y61aDReArag
+yIhhlbPdK9DPgcfLFYq6tZAjko/uDBWa1pPc5wqa2P4MEZnWBuh3ho6mU8Y7rDA
WKOEujraPcRiwdZsTtNqLFkzKddNJtu4KS+b69TI0qji
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:03:40 2025 by rpki-client