Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/MeMsmYAnac73QikfwHpf4FiB8MA.roa
File: MeMsmYAnac73QikfwHpf4FiB8MA.roa (raw, json)
Hash identifier: w8cyx5Qe5TgkNbDbtB6QAHXf0+aV1FgiM053aALKsSg=
Subject key identifier: 31:E3:2C:99:80:27:69:CE:F7:42:29:1F:C0:7A:5F:E0:58:81:F0:C0
Certificate issuer: /CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Certificate serial: 0194228E04C006E178EA9D3D9CC93EB24993
Authority key identifier: 3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/MeMsmYAnac73QikfwHpf4FiB8MA.roa
Signing time: Wed 01 Jan 2025 15:48:40 +0000
ROA not before: Wed 01 Jan 2025 15:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8434
IP address blocks: 194.246.8.0/23 maxlen: 23
194.246.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:04:c0:06:e1:78:ea:9d:3d:9c:c9:3e:b2:49:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee6cecffd9b8bba18d474e7b3993e0a1d14dbb3
Validity
Not Before: Jan 1 15:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31e32c99802769cef742291fc07a5fe05881f0c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:58:56:d6:2c:5c:2d:87:77:e7:95:81:fd:5f:
cb:34:01:16:35:7d:91:13:de:ac:20:7f:39:51:02:
f5:f9:6c:04:df:6c:6a:af:1b:57:ef:61:14:4f:bb:
c5:1c:be:81:d4:26:a2:83:a6:6a:93:1b:dc:f5:6a:
5e:d8:9a:c6:d0:27:6d:13:8b:34:c3:be:b4:4c:37:
74:ab:b8:83:80:88:b7:b4:0f:5a:9e:f6:84:21:3e:
b2:de:20:30:b8:f9:f4:a2:4b:ec:83:e3:dc:fa:e8:
78:a8:7a:f3:1a:42:02:06:27:93:22:14:79:6c:e0:
a8:6c:6c:70:fb:e9:a2:46:a6:76:97:b0:af:eb:31:
e5:d6:3f:98:ac:9c:13:b8:06:2f:07:03:1d:ea:61:
9d:8b:b5:4d:7a:a7:bb:32:89:5f:ec:fa:65:34:a6:
b6:5f:dd:d3:f0:4f:bd:26:83:f0:88:f1:b6:20:b6:
9c:6f:9a:a0:26:5d:3e:67:d2:7c:02:86:55:d1:31:
c0:4a:30:cb:3b:60:89:58:69:5c:c9:e5:9b:31:df:
23:99:d5:ea:d1:17:7b:c2:59:33:4f:11:33:27:0e:
05:d1:ed:7c:8c:ae:57:2c:aa:24:cc:20:f8:da:d4:
64:02:16:62:cc:0f:b2:09:d6:27:b2:9f:f3:ff:d7:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E3:2C:99:80:27:69:CE:F7:42:29:1F:C0:7A:5F:E0:58:81:F0:C0
X509v3 Authority Key Identifier:
keyid:3E:E6:CE:CF:FD:9B:8B:BA:18:D4:74:E7:B3:99:3E:0A:1D:14:DB:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PubOz_2bi7oY1HTns5k-Ch0U27M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/MeMsmYAnac73QikfwHpf4FiB8MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e61caa-2500-4388-a9fa-7324913975d5/1/PubOz_2bi7oY1HTns5k-Ch0U27M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.8.0/23
194.246.14.0/23
Signature Algorithm: sha256WithRSAEncryption
78:ed:45:11:35:0f:f9:ff:48:ef:73:5a:f1:e5:61:33:a2:b9:
17:fc:d1:83:05:27:e3:7b:70:d0:d0:34:de:56:8c:36:13:2d:
09:15:b6:89:e4:70:7a:e7:d8:d2:b1:b1:0d:f5:1d:14:6a:f6:
ee:a2:e8:15:13:12:c7:a2:1a:3a:f1:8c:01:dd:7b:da:6a:21:
61:1e:3e:c1:91:96:21:9c:4a:50:20:bf:0f:64:93:44:dd:17:
b9:67:f2:ab:a9:67:51:f2:e5:1c:b7:c5:03:d5:17:f9:e1:fc:
c8:b9:77:18:f5:32:f0:c0:47:8e:9a:0e:4d:ec:af:29:c9:a3:
9f:87:cc:51:22:5c:d2:bb:2b:4a:f5:78:3d:0b:2b:a1:ee:86:
a2:cd:10:69:be:17:5c:f1:0b:99:17:22:ff:dd:e4:42:20:27:
cf:58:84:2b:19:34:91:56:f3:d1:96:52:9e:6d:7c:68:a0:6e:
b1:a8:ae:f2:86:05:6e:5c:e8:a4:17:7d:aa:ba:cd:c8:f4:23:
f9:69:a4:ed:8a:d9:0d:fa:a9:6c:d2:22:9d:36:a9:5f:f5:82:
d8:9a:83:3a:6f:53:8f:f5:8c:0c:0a:36:ec:00:b5:d2:9b:6e:
14:87:41:c3:9b:00:36:a4:0f:63:6e:08:4d:b5:48:ed:20:b6:
e7:4f:93:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijgTABuF46p09nMk+skmTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTZjZWNmZmQ5YjhiYmExOGQ0NzRlN2IzOTkzZTBhMWQx
NGRiYjMwHhcNMjUwMTAxMTU0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWUzMmM5OTgwMjc2OWNlZjc0MjI5MWZjMDdhNWZlMDU4ODFmMGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlhW1ixcLYd355WB/V/LNAEWNX2R
E96sIH85UQL1+WwE32xqrxtX72EUT7vFHL6B1Caig6Zqkxvc9Wpe2JrG0CdtE4s0
w760TDd0q7iDgIi3tA9anvaEIT6y3iAwuPn0okvsg+Pc+uh4qHrzGkICBieTIhR5
bOCobGxw++miRqZ2l7Cv6zHl1j+YrJwTuAYvBwMd6mGdi7VNeqe7Molf7PplNKa2
X93T8E+9JoPwiPG2ILacb5qgJl0+Z9J8AoZV0THASjDLO2CJWGlcyeWbMd8jmdXq
0Rd7wlkzTxEzJw4F0e18jK5XLKokzCD42tRkAhZizA+yCdYnsp/z/9dW6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDHjLJmAJ2nO90IpH8B6X+BYgfDAMB8GA1UdIwQY
MBaAFD7mzs/9m4u6GNR057OZPgodFNuzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEt
NzMyNDkxMzk3NWQ1LzEvTWVNc21ZQW5hYzczUWlrZndIcGY0RmlCOE1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNjFjYWEtMjUwMC00Mzg4LWE5ZmEtNzMyNDkxMzk3NWQ1
LzEvUHViT3pfMmJpN29ZMUhUbnM1ay1DaDBVMjdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwvYIAwQB
wvYOMA0GCSqGSIb3DQEBCwUAA4IBAQB47UURNQ/5/0jvc1rx5WEzorkX/NGDBSfj
e3DQ0DTeVow2Ey0JFbaJ5HB659jSsbEN9R0UavbuougVExLHoho68YwB3XvaaiFh
Hj7BkZYhnEpQIL8PZJNE3Re5Z/KrqWdR8uUct8UD1Rf54fzIuXcY9TLwwEeOmg5N
7K8pyaOfh8xRIlzSuytK9Xg9Cyuh7oaizRBpvhdc8QuZFyL/3eRCICfPWIQrGTSR
VvPRllKebXxooG6xqK7yhgVuXOikF32qus3I9CP5aaTtitkN+qls0iKdNqlf9YLY
moM6b1OP9YwMCjbsALXSm24Uh0HDmwA2pA9jbghNtUjtILbnT5P6
-----END CERTIFICATE-----
Generated at Wed Apr 16 23:29:29 2025 by rpki-client