Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/MBp32VcQqAbMoARjt7V1PCPscvg.roa
File: MBp32VcQqAbMoARjt7V1PCPscvg.roa (raw, json)
Hash identifier: pI5Os3fewlyJzy3/SsAFuRA7NUz4NSu4MCASZkD0XZY=
Subject key identifier: 30:1A:77:D9:57:10:A8:06:CC:A0:04:63:B7:B5:75:3C:23:EC:72:F8
Certificate issuer: /CN=aafc41aafbbccaa96711849745ef722a5260ac7e
Certificate serial: 019420D5C11333558CA014253FE1B604AE7A
Authority key identifier: AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/MBp32VcQqAbMoARjt7V1PCPscvg.roa
Signing time: Wed 01 Jan 2025 07:47:46 +0000
ROA not before: Wed 01 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31027
IP address blocks: 45.67.92.0/22 maxlen: 24
2a09:7440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c1:13:33:55:8c:a0:14:25:3f:e1:b6:04:ae:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aafc41aafbbccaa96711849745ef722a5260ac7e
Validity
Not Before: Jan 1 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=301a77d95710a806cca00463b7b5753c23ec72f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:15:f0:d4:26:58:6a:85:87:b2:ac:e2:07:
44:a1:5f:85:dc:0d:85:1a:82:60:8a:fe:44:86:ab:
06:62:1f:27:af:5e:66:05:bf:43:1f:01:67:5c:1c:
30:84:d7:65:07:07:65:0b:4e:0e:bf:e2:9b:64:01:
a8:30:ac:a3:41:c9:5e:d0:06:1b:29:12:83:7a:63:
ce:8a:08:58:ea:2e:38:22:19:a6:f9:11:e0:0b:43:
d4:81:39:98:00:6a:99:f3:0e:1e:c2:cf:59:3c:cb:
de:03:2c:8b:f0:b4:81:62:4f:ff:2a:4f:9e:60:78:
e5:d1:5a:73:1e:b2:df:5b:aa:20:07:43:48:dd:19:
4e:ba:2b:62:ef:f6:d9:bd:3a:bf:27:50:44:8c:55:
56:3c:66:54:2b:de:49:ad:52:de:a3:f8:1f:00:d3:
fd:6e:67:37:5b:38:b4:3d:8c:d8:ed:69:7a:64:fa:
b9:cf:a5:5f:97:c3:10:c1:9a:88:8b:3c:d3:14:b2:
4b:e6:33:06:b1:04:91:4f:66:d5:5b:ca:83:ad:44:
aa:26:f2:1d:38:e3:7c:c3:20:8f:ef:34:72:71:f3:
3c:a8:c7:7c:b2:50:64:34:4b:27:96:d8:2b:eb:00:
2b:e2:86:16:7e:e9:67:9d:4b:65:1e:8b:0f:d3:0f:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1A:77:D9:57:10:A8:06:CC:A0:04:63:B7:B5:75:3C:23:EC:72:F8
X509v3 Authority Key Identifier:
keyid:AA:FC:41:AA:FB:BC:CA:A9:67:11:84:97:45:EF:72:2A:52:60:AC:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qvxBqvu8yqlnEYSXRe9yKlJgrH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/MBp32VcQqAbMoARjt7V1PCPscvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/9fddd4-526a-4807-b127-1bc31c62401f/1/qvxBqvu8yqlnEYSXRe9yKlJgrH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.92.0/22
IPv6:
2a09:7440::/32
Signature Algorithm: sha256WithRSAEncryption
8d:fb:b4:34:b3:46:05:0c:19:07:ad:ec:b2:4f:ff:24:2e:6f:
f7:92:0f:23:55:89:26:ed:db:96:08:be:0a:79:39:6f:f4:6b:
b2:54:c5:cd:63:00:4b:47:21:c7:41:43:8d:07:9d:74:6c:17:
a4:4c:ed:d8:07:47:7d:c3:6a:69:e0:a1:f2:8d:b4:98:e8:ad:
95:3e:ef:d4:3b:48:e8:6c:be:2e:e2:7d:93:82:de:81:02:c3:
3e:51:32:32:9d:62:a9:10:eb:d1:57:3b:d6:6e:b5:92:ad:61:
61:f5:86:18:7b:ba:2b:2c:d3:ff:31:4a:02:30:17:24:48:1d:
80:31:7a:af:f6:6d:7f:bc:19:e7:02:23:42:cd:5c:38:bc:20:
ae:f5:15:14:a5:8e:41:f8:a3:8a:0f:03:0d:bb:46:ab:17:49:
97:ad:19:01:46:45:2c:56:8a:9c:68:c9:db:2d:f5:56:15:e2:
1e:17:fe:f9:88:2d:8e:29:92:67:08:38:47:8b:18:b8:fb:0d:
64:78:c5:5f:2a:93:68:fa:5d:73:9f:95:c9:93:1a:08:79:2d:
dd:84:ed:d7:8d:1f:63:47:ea:87:b3:5b:0a:54:c2:55:25:c2:
2f:49:48:65:38:7e:a1:f2:37:64:89:f3:ba:b0:53:71:cf:07:
1b:80:85:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQg1cETM1WMoBQlP+G2BK56MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhZmM0MWFhZmJiY2NhYTk2NzExODQ5NzQ1ZWY3MjJhNTI2
MGFjN2UwHhcNMjUwMTAxMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFhNzdkOTU3MTBhODA2Y2NhMDA0NjNiN2I1NzUzYzIzZWM3MmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/QV8NQmWGqFh7Ks4gdEoV+F3A2F
GoJgiv5EhqsGYh8nr15mBb9DHwFnXBwwhNdlBwdlC04Ov+KbZAGoMKyjQcle0AYb
KRKDemPOighY6i44Ihmm+RHgC0PUgTmYAGqZ8w4ews9ZPMveAyyL8LSBYk//Kk+e
YHjl0VpzHrLfW6ogB0NI3RlOuiti7/bZvTq/J1BEjFVWPGZUK95JrVLeo/gfANP9
bmc3Wzi0PYzY7Wl6ZPq5z6Vfl8MQwZqIizzTFLJL5jMGsQSRT2bVW8qDrUSqJvId
OON8wyCP7zRycfM8qMd8slBkNEsnltgr6wAr4oYWfulnnUtlHosP0w/Q3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDAad9lXEKgGzKAEY7e1dTwj7HL4MB8GA1UdIwQY
MBaAFKr8Qar7vMqpZxGEl0XvcipSYKx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjct
MWJjMzFjNjI0MDFmLzEvTUJwMzJWY1FxQWJNb0FSanQ3VjFQQ1BzY3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85ZmRkZDQtNTI2YS00ODA3LWIxMjctMWJjMzFjNjI0MDFm
LzEvcXZ4QnF2dTh5cWxuRVlTWFJlOXlLbEpnckg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLUNcMA0E
AgACMAcDBQAqCXRAMA0GCSqGSIb3DQEBCwUAA4IBAQCN+7Q0s0YFDBkHreyyT/8k
Lm/3kg8jVYkm7duWCL4KeTlv9GuyVMXNYwBLRyHHQUONB510bBekTO3YB0d9w2pp
4KHyjbSY6K2VPu/UO0jobL4u4n2Tgt6BAsM+UTIynWKpEOvRVzvWbrWSrWFh9YYY
e7orLNP/MUoCMBckSB2AMXqv9m1/vBnnAiNCzVw4vCCu9RUUpY5B+KOKDwMNu0ar
F0mXrRkBRkUsVoqcaMnbLfVWFeIeF/75iC2OKZJnCDhHixi4+w1keMVfKpNo+l1z
n5XJkxoIeS3dhO3XjR9jR+qHs1sKVMJVJcIvSUhlOH6h8jdkifO6sFNxzwcbgIV9
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:27:11 2025 by rpki-client