Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/7MLQXQoB7nGQ9BAPNdo9KSMuY8Q.roa
File: 7MLQXQoB7nGQ9BAPNdo9KSMuY8Q.roa (raw, json)
Hash identifier: qybqPEfeMgg3CNavO5wY4/V9s/QfeIPfINjmuYmoUy0=
Subject key identifier: EC:C2:D0:5D:0A:01:EE:71:90:F4:10:0F:35:DA:3D:29:23:2E:63:C4
Certificate issuer: /CN=d5de43cd1f8af45c689867d9f5a881a2aec34b31
Certificate serial: 019425FDB08B9F110C6AB9C6907C7E379275
Authority key identifier: D5:DE:43:CD:1F:8A:F4:5C:68:98:67:D9:F5:A8:81:A2:AE:C3:4B:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/7MLQXQoB7nGQ9BAPNdo9KSMuY8Q.roa
Signing time: Thu 02 Jan 2025 07:49:30 +0000
ROA not before: Thu 02 Jan 2025 07:49:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49981
IP address blocks: 86.105.18.0/24 maxlen: 24
89.42.212.0/24 maxlen: 24
93.119.123.0/24 maxlen: 24
94.177.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b0:8b:9f:11:0c:6a:b9:c6:90:7c:7e:37:92:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5de43cd1f8af45c689867d9f5a881a2aec34b31
Validity
Not Before: Jan 2 07:49:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecc2d05d0a01ee7190f4100f35da3d29232e63c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6c:7e:ab:d5:c2:6d:eb:2d:98:74:ea:29:38:
c3:23:66:ac:55:16:af:37:ba:df:e3:17:6c:a5:4c:
b4:9b:e6:cf:77:0c:d8:12:e6:16:35:e9:43:6f:03:
db:2e:e7:aa:20:50:a3:ce:0c:8c:c0:ef:a9:d2:90:
b0:e1:0e:99:cc:ed:cd:19:57:0b:83:e1:72:0c:e5:
b3:6a:41:75:32:e6:0b:3f:95:d3:ef:86:1c:2b:52:
74:f3:e4:dd:28:fa:00:ab:8a:b0:59:0a:14:e6:ee:
c9:80:d0:3e:66:7a:d0:3f:e8:40:d0:06:c0:21:60:
02:bf:97:41:79:ab:b7:c1:30:ba:25:99:23:76:b2:
58:60:17:a5:4e:8c:39:67:ba:49:a1:39:2d:df:9d:
ca:01:0a:84:71:e3:77:58:1c:64:cf:e0:87:f6:58:
a9:6d:89:25:c9:ad:d1:65:3c:4d:af:05:fc:3b:b0:
91:1f:c4:43:da:0b:45:19:1d:f7:06:be:3e:03:d4:
89:f3:07:ed:cf:9b:6a:86:b7:78:18:8d:28:97:f6:
b8:24:fe:3b:4a:f3:6e:75:9c:9f:14:d3:03:2d:36:
16:7f:4d:1a:98:a1:6e:9a:89:50:cc:fa:b5:0a:ed:
d7:6a:87:51:a8:b6:6a:09:98:9b:ed:7b:e7:49:0d:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:C2:D0:5D:0A:01:EE:71:90:F4:10:0F:35:DA:3D:29:23:2E:63:C4
X509v3 Authority Key Identifier:
keyid:D5:DE:43:CD:1F:8A:F4:5C:68:98:67:D9:F5:A8:81:A2:AE:C3:4B:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d5DzR-K9FxomGfZ9aiBoq7DSzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/7MLQXQoB7nGQ9BAPNdo9KSMuY8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1608b0-e7ca-4b3b-902f-4d0a7ec07786/1/1d5DzR-K9FxomGfZ9aiBoq7DSzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.18.0/24
89.42.212.0/24
93.119.123.0/24
94.177.12.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:44:cc:e9:7b:32:25:aa:2b:9b:cf:65:8c:05:4e:b1:32:ea:
3c:94:15:c8:3d:02:25:a7:74:03:a2:42:8d:a4:d8:ee:8f:85:
01:db:15:ef:6c:10:41:0b:1f:d1:6b:14:b7:db:f8:61:74:d0:
fb:f6:45:44:0b:f3:d2:63:ac:ed:09:ee:30:e9:7d:52:75:c6:
fd:a8:10:3a:d5:dd:f5:35:fe:ac:43:b3:d6:21:ad:26:f8:89:
4f:6d:be:03:39:a3:ec:23:a5:78:e3:93:65:aa:90:df:3a:4b:
30:e2:31:fd:a1:b8:f3:71:d8:c8:ef:67:2e:a2:03:72:16:a4:
98:a5:c3:62:a1:e1:60:b5:7b:85:9a:d0:61:50:99:d1:ad:bb:
9e:39:d6:bc:69:ae:01:9f:6b:96:7c:58:83:a8:5d:26:6b:27:
8b:35:a3:61:d2:e7:02:f4:5d:4e:ad:03:39:bd:9c:ac:e7:f1:
35:22:c4:b2:7d:4f:aa:03:a7:35:59:b2:f9:43:83:31:c6:58:
b2:47:76:2a:fe:e4:4d:0c:8f:c1:3f:c0:4e:ee:e0:76:d2:bc:
e4:db:67:ab:ea:b4:bb:e9:48:fa:4d:23:c4:5a:9c:25:e4:f8:
b9:73:9c:f5:49:34:f4:76:cb:34:b8:a1:81:e1:e2:1a:64:f2:
d8:f8:30:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/bCLnxEMarnGkHx+N5J1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZGU0M2NkMWY4YWY0NWM2ODk4NjdkOWY1YTg4MWEyYWVj
MzRiMzEwHhcNMjUwMTAyMDc0OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2MyZDA1ZDBhMDFlZTcxOTBmNDEwMGYzNWRhM2QyOTIzMmU2M2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGx+q9XCbestmHTqKTjDI2asVRav
N7rf4xdspUy0m+bPdwzYEuYWNelDbwPbLueqIFCjzgyMwO+p0pCw4Q6ZzO3NGVcL
g+FyDOWzakF1MuYLP5XT74YcK1J08+TdKPoAq4qwWQoU5u7JgNA+ZnrQP+hA0AbA
IWACv5dBeau3wTC6JZkjdrJYYBelTow5Z7pJoTkt353KAQqEceN3WBxkz+CH9lip
bYklya3RZTxNrwX8O7CRH8RD2gtFGR33Br4+A9SJ8wftz5tqhrd4GI0ol/a4JP47
SvNudZyfFNMDLTYWf00amKFumolQzPq1Cu3XaodRqLZqCZib7XvnSQ2XDQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOzC0F0KAe5xkPQQDzXaPSkjLmPEMB8GA1UdIwQY
MBaAFNXeQ80fivRcaJhn2fWogaKuw0sxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWQ1RHpSLUs5RnhvbUdmWjlhaUJvcTdEU3pFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNjA4YjAtZTdjYS00YjNiLTkwMmYt
NGQwYTdlYzA3Nzg2LzEvN01MUVhRb0I3bkdROUJBUE5kbzlLU011WThRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNjA4YjAtZTdjYS00YjNiLTkwMmYtNGQwYTdlYzA3Nzg2
LzEvMWQ1RHpSLUs5RnhvbUdmWjlhaUJvcTdEU3pFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVmkSAwQA
WSrUAwQAXXd7AwQAXrEMMA0GCSqGSIb3DQEBCwUAA4IBAQArRMzpezIlqiubz2WM
BU6xMuo8lBXIPQIlp3QDokKNpNjuj4UB2xXvbBBBCx/RaxS32/hhdND79kVEC/PS
Y6ztCe4w6X1Sdcb9qBA61d31Nf6sQ7PWIa0m+IlPbb4DOaPsI6V445NlqpDfOksw
4jH9objzcdjI72cuogNyFqSYpcNioeFgtXuFmtBhUJnRrbueOda8aa4Bn2uWfFiD
qF0mayeLNaNh0ucC9F1OrQM5vZys5/E1IsSyfU+qA6c1WbL5Q4MxxliyR3Yq/uRN
DI/BP8BO7uB20rzk22er6rS76Uj6TSPEWpwl5Pi5c5z1STT0dss0uKGB4eIaZPLY
+DBF
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:50:14 2025 by rpki-client