Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/mkwCWTxmc30gqkOebhkEdIG_cF0.roa
File: mkwCWTxmc30gqkOebhkEdIG_cF0.roa (raw, json)
Hash identifier: 4rCdfiogFwUs2SpdCyxEcJMMRqRddcLgQufEvr3KNGo=
Subject key identifier: 9A:4C:02:59:3C:66:73:7D:20:AA:43:9E:6E:19:04:74:81:BF:70:5D
Certificate issuer: /CN=0b23ac20bc1e4585c4fd4cc8e7bc976331b85c6e
Certificate serial: 019426D91A459D0EA681418E39F068DD88ED
Authority key identifier: 0B:23:AC:20:BC:1E:45:85:C4:FD:4C:C8:E7:BC:97:63:31:B8:5C:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyOsILweRYXE_UzI57yXYzG4XG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/mkwCWTxmc30gqkOebhkEdIG_cF0.roa
Signing time: Thu 02 Jan 2025 11:49:09 +0000
ROA not before: Thu 02 Jan 2025 11:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49646
IP address blocks: 193.169.156.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/CyOsILweRYXE_UzI57yXYzG4XG4.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/CyOsILweRYXE_UzI57yXYzG4XG4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyOsILweRYXE_UzI57yXYzG4XG4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:1a:45:9d:0e:a6:81:41:8e:39:f0:68:dd:88:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b23ac20bc1e4585c4fd4cc8e7bc976331b85c6e
Validity
Not Before: Jan 2 11:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a4c02593c66737d20aa439e6e19047481bf705d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:74:24:52:99:b0:69:fc:82:9b:fb:53:dc:df:
06:8b:5b:7f:02:5f:6b:7a:9b:02:9d:63:d3:5f:4a:
d4:23:9a:ed:91:d9:52:f6:d1:be:83:41:91:c1:a9:
f1:29:93:9a:13:1b:49:c6:5a:eb:d8:cf:2d:b0:6d:
a4:57:9e:10:d8:98:62:b8:2f:19:27:7f:53:05:b1:
c2:9b:86:6e:1f:1a:d6:fd:e4:d6:04:c0:0e:4e:f7:
20:70:16:97:68:46:fd:86:63:02:11:76:af:ff:26:
45:4e:e1:b8:3e:24:d9:ff:d4:37:4d:87:5b:74:a0:
fe:a1:2e:65:00:38:14:c6:f9:34:6f:e9:9d:8a:55:
60:c3:af:38:25:4e:9c:19:a5:01:96:c7:14:dd:54:
76:37:a1:52:81:05:c5:9f:7a:f3:eb:a6:58:53:0f:
17:36:22:d5:5b:5d:7e:d0:aa:bc:e0:2a:b7:8f:14:
94:72:52:a2:81:09:27:22:68:34:1c:a0:57:04:14:
d5:70:b6:6b:a9:85:01:9f:68:55:c0:2a:86:1a:a8:
70:83:d3:60:ef:78:c4:22:93:12:9e:21:c3:e7:60:
9e:34:e6:d5:40:62:e6:b7:55:c6:44:21:d9:e1:cc:
d0:03:c1:a0:2a:50:53:e3:75:3a:b8:fe:2d:a2:0b:
6c:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:4C:02:59:3C:66:73:7D:20:AA:43:9E:6E:19:04:74:81:BF:70:5D
X509v3 Authority Key Identifier:
keyid:0B:23:AC:20:BC:1E:45:85:C4:FD:4C:C8:E7:BC:97:63:31:B8:5C:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyOsILweRYXE_UzI57yXYzG4XG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/mkwCWTxmc30gqkOebhkEdIG_cF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c2720f-106d-476f-80af-06188cf7a3c2/1/CyOsILweRYXE_UzI57yXYzG4XG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.169.156.0/23
Signature Algorithm: sha256WithRSAEncryption
87:7b:88:5d:dc:df:fd:bd:f5:68:53:00:ec:73:cf:0e:a8:ef:
24:40:25:ea:e6:c1:56:8f:1c:3a:05:b7:9d:b7:9e:85:4a:8e:
bb:70:a8:fd:15:59:a8:b7:d3:3e:32:03:2c:f5:40:20:6b:73:
18:b6:36:86:81:fc:13:55:bc:98:d5:cb:94:a5:da:57:5f:9d:
13:e9:bc:87:34:dc:c2:7a:3a:0a:5d:ca:b6:76:98:0b:ec:01:
11:65:2a:c0:74:89:a3:c6:4d:35:79:30:bc:93:3e:9b:c6:e2:
e8:96:78:94:40:1c:57:db:d0:0c:31:9f:92:07:3e:f4:e5:fb:
dd:85:bc:00:51:07:14:a1:f1:e3:cc:d7:81:29:0a:34:85:66:
60:7f:7b:43:9f:fc:a8:6c:6b:b9:78:57:63:dd:83:24:a6:23:
d4:46:f2:23:9d:3c:6f:6d:b8:74:36:14:f7:90:3c:27:af:a0:
02:8a:79:33:53:69:74:58:93:01:4d:09:dc:58:6f:cc:16:f1:
e3:31:29:cd:19:ff:80:9a:23:b6:ef:f0:4d:93:8f:f9:b0:0f:
b2:ea:54:66:b0:4a:66:f1:c5:2b:6d:90:c4:4e:7a:da:65:76:
ec:07:c3:de:f2:50:10:9f:08:7c:36:ca:88:94:cc:68:d7:fc:
94:d0:16:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2RpFnQ6mgUGOOfBo3YjtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjNhYzIwYmMxZTQ1ODVjNGZkNGNjOGU3YmM5NzYzMzFi
ODVjNmUwHhcNMjUwMTAyMTE0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTRjMDI1OTNjNjY3MzdkMjBhYTQzOWU2ZTE5MDQ3NDgxYmY3MDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXQkUpmwafyCm/tT3N8Gi1t/Al9r
epsCnWPTX0rUI5rtkdlS9tG+g0GRwanxKZOaExtJxlrr2M8tsG2kV54Q2JhiuC8Z
J39TBbHCm4ZuHxrW/eTWBMAOTvcgcBaXaEb9hmMCEXav/yZFTuG4PiTZ/9Q3TYdb
dKD+oS5lADgUxvk0b+mdilVgw684JU6cGaUBlscU3VR2N6FSgQXFn3rz66ZYUw8X
NiLVW11+0Kq84Cq3jxSUclKigQknImg0HKBXBBTVcLZrqYUBn2hVwCqGGqhwg9Ng
73jEIpMSniHD52CeNObVQGLmt1XGRCHZ4czQA8GgKlBT43U6uP4togtsFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJpMAlk8ZnN9IKpDnm4ZBHSBv3BdMB8GA1UdIwQY
MBaAFAsjrCC8HkWFxP1MyOe8l2MxuFxuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lPc0lMd2VSWVhFX1V6STU3eVhZekc0WEc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjcyMGYtMTA2ZC00NzZmLTgwYWYt
MDYxODhjZjdhM2MyLzEvbWt3Q1dUeG1jMzBncWtPZWJoa0VkSUdfY0YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jMjcyMGYtMTA2ZC00NzZmLTgwYWYtMDYxODhjZjdhM2My
LzEvQ3lPc0lMd2VSWVhFX1V6STU3eVhZekc0WEc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwamcMA0G
CSqGSIb3DQEBCwUAA4IBAQCHe4hd3N/9vfVoUwDsc88OqO8kQCXq5sFWjxw6Bbed
t56FSo67cKj9FVmot9M+MgMs9UAga3MYtjaGgfwTVbyY1cuUpdpXX50T6byHNNzC
ejoKXcq2dpgL7AERZSrAdImjxk01eTC8kz6bxuLolniUQBxX29AMMZ+SBz705fvd
hbwAUQcUofHjzNeBKQo0hWZgf3tDn/yobGu5eFdj3YMkpiPURvIjnTxvbbh0NhT3
kDwnr6ACinkzU2l0WJMBTQncWG/MFvHjMSnNGf+AmiO27/BNk4/5sA+y6lRmsEpm
8cUrbZDETnraZXbsB8Pe8lAQnwh8NsqIlMxo1/yU0BYM
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:13:14 2025 by rpki-client