Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/MrwCb1VshNGuSjy8-ZcrQ_jjBz4.roa
File: MrwCb1VshNGuSjy8-ZcrQ_jjBz4.roa (raw, json)
Hash identifier: RL8Yc0SUjE/2UAMDk7eU+CcumrO0VbncY+6nMnTALA4=
Subject key identifier: 32:BC:02:6F:55:6C:84:D1:AE:4A:3C:BC:F9:97:2B:43:F8:E3:07:3E
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01941FFA61FCFC4DC2B775F14C5CB5B3FDB2
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/MrwCb1VshNGuSjy8-ZcrQ_jjBz4.roa
Signing time: Wed 01 Jan 2025 03:48:10 +0000
ROA not before: Wed 01 Jan 2025 03:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31357
IP address blocks: 46.166.253.0/24 maxlen: 24
46.166.254.0/24 maxlen: 24
78.140.0.0/18 maxlen: 18
78.140.0.0/19 maxlen: 19
78.140.4.0/24 maxlen: 24
78.140.48.0/20 maxlen: 20
78.140.58.0/24 maxlen: 24
95.170.96.0/19 maxlen: 19
95.170.96.0/20 maxlen: 20
95.170.104.0/21 maxlen: 21
95.170.120.0/21 maxlen: 21
95.170.120.0/22 maxlen: 22
95.170.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:61:fc:fc:4d:c2:b7:75:f1:4c:5c:b5:b3:fd:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 03:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32bc026f556c84d1ae4a3cbcf9972b43f8e3073e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f1:ed:54:a5:37:8b:3c:0b:0a:d3:16:58:cd:
d3:cd:07:fd:b9:96:b2:31:1c:ae:8c:af:8c:9c:d8:
a4:76:6e:68:97:61:8c:83:21:33:76:d9:a1:53:8a:
3c:76:ae:0b:10:de:a2:82:3f:a5:94:12:39:9f:9a:
6a:57:b5:8c:6b:c2:c9:75:49:a9:d3:37:80:ba:c1:
8e:c8:be:39:e6:75:ec:28:0b:d0:ea:3e:8b:e1:cb:
14:58:51:3c:89:89:62:1d:9e:81:f4:ff:1a:26:2b:
1c:5b:e2:aa:5d:a6:64:7c:a3:63:55:6e:e4:ad:cb:
23:aa:17:a0:40:21:64:0c:b5:b0:8d:e5:67:8f:2e:
c7:c8:55:90:f8:fe:f2:0a:d9:19:63:c1:55:a2:9c:
aa:34:7f:2c:7c:af:8f:8c:e4:a8:07:7d:b4:26:e8:
02:c8:4d:5b:a8:33:c6:ab:f7:a1:61:64:ba:4b:1e:
bc:07:58:6f:fb:0b:1b:06:1b:90:e4:80:ce:ec:44:
50:fa:d6:d6:59:9e:a7:54:e3:7b:70:1a:3b:90:c4:
ec:bd:5e:74:1b:6c:0b:de:cb:8e:d3:02:f9:69:eb:
f7:8f:20:b6:f9:3d:16:d1:6d:26:7c:ac:a5:84:60:
11:45:c6:43:47:8e:7b:52:fa:f7:42:08:f7:fa:5b:
40:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:BC:02:6F:55:6C:84:D1:AE:4A:3C:BC:F9:97:2B:43:F8:E3:07:3E
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/MrwCb1VshNGuSjy8-ZcrQ_jjBz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.166.253.0-46.166.254.255
78.140.0.0/18
95.170.96.0/19
Signature Algorithm: sha256WithRSAEncryption
c0:eb:16:65:07:ea:62:63:33:e2:bc:85:e1:bf:a4:d4:ba:85:
d0:46:e3:d4:56:75:11:34:46:7a:a7:30:fd:56:d7:f4:0a:13:
d7:e9:6d:a1:74:56:af:19:0a:01:0b:31:02:e5:78:9e:73:0c:
db:e0:ad:52:4f:c9:86:a6:69:58:f5:21:2b:7e:44:f1:08:90:
41:ed:7c:40:8c:98:66:7b:d5:ef:d9:a6:fa:d6:d8:98:a4:c7:
bf:b3:64:9d:6c:3c:6f:02:5f:f8:15:98:5e:91:0f:b6:a1:6e:
f3:51:e4:4a:a2:2a:b8:32:bc:3d:92:ec:7c:d2:f3:b1:62:ac:
dc:33:14:d5:b9:98:13:85:54:1a:e5:c7:b5:cf:51:2f:fc:da:
2f:b6:63:c6:6c:59:64:8d:36:4e:05:fb:1d:53:67:3f:75:3c:
33:01:dd:0b:88:53:f0:30:b9:ed:e9:22:4e:98:20:8e:09:43:
1c:ed:ac:3b:3e:5b:75:3c:ee:80:48:d1:20:1d:06:43:92:9b:
8f:0e:b6:d9:26:25:da:c1:64:0a:89:79:32:e3:e8:6a:83:11:
09:b9:a0:52:e0:c3:24:7e:89:e0:97:94:d6:1c:3f:a7:b2:c9:
79:87:de:39:88:ef:48:46:89:83:f3:01:3c:ea:d2:81:1f:3e:
53:19:02:69
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQf+mH8/E3Ct3XxTFy1s/2yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjUwMTAxMDM0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmJjMDI2ZjU1NmM4NGQxYWU0YTNjYmNmOTk3MmI0M2Y4ZTMwNzNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPHtVKU3izwLCtMWWM3TzQf9uZay
MRyujK+MnNikdm5ol2GMgyEzdtmhU4o8dq4LEN6igj+llBI5n5pqV7WMa8LJdUmp
0zeAusGOyL455nXsKAvQ6j6L4csUWFE8iYliHZ6B9P8aJiscW+KqXaZkfKNjVW7k
rcsjqhegQCFkDLWwjeVnjy7HyFWQ+P7yCtkZY8FVopyqNH8sfK+PjOSoB320JugC
yE1bqDPGq/ehYWS6Sx68B1hv+wsbBhuQ5IDO7ERQ+tbWWZ6nVON7cBo7kMTsvV50
G2wL3suO0wL5aev3jyC2+T0W0W0mfKylhGARRcZDR457Uvr3Qgj3+ltAdQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDK8Am9VbITRrko8vPmXK0P44wc+MB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvTXJ3Q2IxVnNoTkd1U2p5OC1aY3JRX2pqQno0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAupv0D
BAAupv4DBAZOjAADBAVfqmAwDQYJKoZIhvcNAQELBQADggEBAMDrFmUH6mJjM+K8
heG/pNS6hdBG49RWdRE0RnqnMP1W1/QKE9fpbaF0Vq8ZCgELMQLleJ5zDNvgrVJP
yYamaVj1ISt+RPEIkEHtfECMmGZ71e/ZpvrW2Jikx7+zZJ1sPG8CX/gVmF6RD7ah
bvNR5EqiKrgyvD2S7HzS87FirNwzFNW5mBOFVBrlx7XPUS/82i+2Y8ZsWWSNNk4F
+x1TZz91PDMB3QuIU/Awue3pIk6YII4JQxztrDs+W3U87oBI0SAdBkOSm48Ottkm
JdrBZAqJeTLj6GqDEQm5oFLgwyR+ieCXlNYcP6eyyXmH3jmI70hGiYPzATzq0oEf
PlMZAmk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:23 2025 by rpki-client