Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MV-wDd0VMa6vnsKNnOHPdxrVwco.roa
File: MV-wDd0VMa6vnsKNnOHPdxrVwco.roa (raw, json)
Hash identifier: qZJhpZqfZXLa+5ErzhTodO+1UQxzmF0ONShiWOqoCCY=
Subject key identifier: 31:5F:B0:0D:DD:15:31:AE:AF:9E:C2:8D:9C:E1:CF:77:1A:D5:C1:CA
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD13759CC9CE129C0C40145451077D
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MV-wDd0VMa6vnsKNnOHPdxrVwco.roa
Signing time: Thu 02 Jan 2025 07:48:50 +0000
ROA not before: Thu 02 Jan 2025 07:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 104.238.4.0/24 maxlen: 24
104.238.5.0/24 maxlen: 24
104.238.8.0/24 maxlen: 24
104.238.9.0/24 maxlen: 24
104.239.30.0/23 maxlen: 23
104.239.94.0/24 maxlen: 24
138.128.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:53:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:13:75:9c:c9:ce:12:9c:0c:40:14:54:51:07:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=315fb00ddd1531aeaf9ec28d9ce1cf771ad5c1ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:82:2f:1e:18:2a:2d:1f:e9:aa:be:3e:20:82:
3e:37:3b:82:c1:38:54:35:ab:63:71:49:02:df:9e:
05:14:2a:c0:10:09:c3:53:3a:06:27:38:53:ca:9c:
30:a0:cf:05:59:69:d0:27:a0:72:9f:a5:b5:25:16:
8b:4e:df:56:a7:54:48:10:52:95:74:ff:89:88:22:
71:ca:1d:41:df:46:57:28:7c:75:9c:16:82:c1:cc:
bd:37:cd:09:a4:49:a1:f7:af:25:a5:a4:cc:76:f5:
3b:f9:a7:7f:b3:75:f0:a3:20:95:41:e4:ab:43:61:
53:6c:81:c0:00:4e:e5:92:2b:cf:25:e3:27:05:cf:
4a:ea:8e:4e:4d:6f:68:9a:04:9e:bf:8d:32:c9:fc:
a6:28:1b:7e:f4:14:5b:7f:91:b1:fd:32:04:5c:69:
55:95:61:45:82:38:b8:39:4e:70:21:12:18:95:5a:
86:3e:82:91:c7:9e:ac:e5:72:b9:e4:60:1b:ed:1b:
47:ae:6b:50:15:f1:33:d8:05:eb:d6:4a:88:14:df:
bd:ae:19:99:46:da:f3:3e:dd:87:72:66:26:eb:05:
79:99:89:12:96:0a:46:97:f0:56:28:05:00:4e:e7:
ea:60:d3:e9:47:d9:1f:c9:ca:36:94:a3:bc:e4:a9:
57:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:5F:B0:0D:DD:15:31:AE:AF:9E:C2:8D:9C:E1:CF:77:1A:D5:C1:CA
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/MV-wDd0VMa6vnsKNnOHPdxrVwco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.238.4.0/23
104.238.8.0/23
104.239.30.0/23
104.239.94.0/24
138.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
27:61:02:17:fb:c0:f2:cd:bd:e2:02:ae:5a:5f:08:38:d0:6d:
29:d1:8f:87:ac:cb:b8:b0:07:d0:ff:7c:fa:ab:52:57:d6:03:
8a:a1:27:9c:ec:cc:47:ca:0f:63:0e:26:7c:3e:c7:85:82:cd:
9e:62:7c:d0:c8:aa:a0:ec:0d:ca:67:87:0f:40:5f:18:a4:3d:
11:39:ef:45:d5:3b:73:88:c6:22:f0:25:04:81:46:cf:cc:c5:
32:1f:d6:5c:0a:ac:58:e4:49:4e:1b:1c:45:ba:cd:1e:1e:50:
40:43:bf:b7:b8:82:36:64:5b:2a:79:2b:22:98:1b:4c:a9:76:
2f:b2:e9:67:b3:ac:38:14:c9:c3:36:c5:6b:6d:c1:d7:b6:68:
0e:19:6c:3c:b4:90:56:19:f4:42:55:e7:19:70:4e:8d:fa:94:
ca:c6:59:a5:67:68:7f:ca:dd:90:17:9e:00:18:08:6c:cf:e4:
69:17:e5:04:6d:de:3e:d6:e1:94:1e:35:6e:3f:3a:22:56:a3:
d8:2e:59:3f:f3:e1:46:e5:13:6e:22:c1:dc:d2:85:fc:e2:84:
00:ca:68:2b:0c:19:e3:42:68:e3:4a:02:04:8b:d8:3c:64:62:
96:ee:df:fd:88:ef:de:8f:43:0f:8f:f7:98:cb:00:2d:50:c6:
31:86:f4:11
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/RN1nMnOEpwMQBRUUQd9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTVmYjAwZGRkMTUzMWFlYWY5ZWMyOGQ5Y2UxY2Y3NzFhZDVjMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIIvHhgqLR/pqr4+III+NzuCwThU
NatjcUkC354FFCrAEAnDUzoGJzhTypwwoM8FWWnQJ6Byn6W1JRaLTt9Wp1RIEFKV
dP+JiCJxyh1B30ZXKHx1nBaCwcy9N80JpEmh968lpaTMdvU7+ad/s3XwoyCVQeSr
Q2FTbIHAAE7lkivPJeMnBc9K6o5OTW9omgSev40yyfymKBt+9BRbf5Gx/TIEXGlV
lWFFgji4OU5wIRIYlVqGPoKRx56s5XK55GAb7RtHrmtQFfEz2AXr1kqIFN+9rhmZ
RtrzPt2HcmYm6wV5mYkSlgpGl/BWKAUATufqYNPpR9kfyco2lKO85KlXOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDFfsA3dFTGur57CjZzhz3ca1cHKMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvTVYtd0RkMFZNYTZ2bnNLTm5PSFBkeHJWd2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBaO4EAwQB
aO4IAwQBaO8eAwQAaO9eAwQAioCdMA0GCSqGSIb3DQEBCwUAA4IBAQAnYQIX+8Dy
zb3iAq5aXwg40G0p0Y+HrMu4sAfQ/3z6q1JX1gOKoSec7MxHyg9jDiZ8PseFgs2e
YnzQyKqg7A3KZ4cPQF8YpD0ROe9F1TtziMYi8CUEgUbPzMUyH9ZcCqxY5ElOGxxF
us0eHlBAQ7+3uII2ZFsqeSsimBtMqXYvsulns6w4FMnDNsVrbcHXtmgOGWw8tJBW
GfRCVecZcE6N+pTKxlmlZ2h/yt2QF54AGAhsz+RpF+UEbd4+1uGUHjVuPzoiVqPY
Llk/8+FG5RNuIsHc0oX84oQAymgrDBnjQmjjSgIEi9g8ZGKW7t/9iO/ej0MPj/eY
ywAtUMYxhvQR
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:11:47 2025 by rpki-client