Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/MB5X3jwgPK45EdK2Y1nlAV9RCo0.roa
File: MB5X3jwgPK45EdK2Y1nlAV9RCo0.roa (raw, json)
Hash identifier: ATGZdB+IK8QSAEJVHUskknnzb6Y7ykVg4VF4GTfN8js=
Subject key identifier: 30:1E:57:DE:3C:20:3C:AE:39:11:D2:B6:63:59:E5:01:5F:51:0A:8D
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 01942825C8D0354F64EFC704075BA9B44CC7
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/MB5X3jwgPK45EdK2Y1nlAV9RCo0.roa
Signing time: Thu 02 Jan 2025 17:52:32 +0000
ROA not before: Thu 02 Jan 2025 17:52:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202650
IP address blocks: 91.190.82.48/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:c8:d0:35:4f:64:ef:c7:04:07:5b:a9:b4:4c:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Jan 2 17:52:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=301e57de3c203cae3911d2b66359e5015f510a8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:a6:29:96:ab:da:db:53:c5:ed:34:a8:15:1c:
cb:84:37:4c:e7:e7:3f:aa:99:8a:e7:b3:fe:42:11:
ea:dd:72:88:fc:ca:9c:df:1c:6b:e5:fd:33:6f:fb:
35:23:fa:66:db:71:93:02:71:ab:d2:a2:ab:d2:61:
2b:74:84:9e:64:2f:89:d1:dc:a7:79:1f:83:71:21:
0f:7c:50:14:c9:38:7c:56:99:07:f4:3c:69:65:fd:
91:2e:2b:ec:d7:5e:9e:a8:97:4e:44:0c:3a:40:97:
f9:4a:28:e2:0a:5d:e9:4d:fa:69:0f:88:53:6a:49:
74:9e:71:82:d1:bf:e3:1e:08:9b:33:49:aa:88:3c:
8f:17:6b:e9:a5:d9:fa:d9:07:4b:03:0a:59:13:20:
9c:3a:07:89:e4:15:6e:be:bb:99:e0:1f:f4:f9:51:
fd:50:a4:6b:48:19:56:5b:db:80:5f:dc:29:50:b2:
be:e5:4e:84:3d:71:42:d6:36:48:64:c1:6c:f4:ce:
44:5c:ea:71:30:5e:3a:b5:e1:c3:57:a0:d7:77:f7:
65:50:52:79:be:9b:f9:5a:2f:ff:bc:ae:47:90:bf:
01:fe:91:e1:7c:30:05:89:f0:08:0b:dd:0e:22:28:
f5:16:37:c6:42:42:e5:13:7f:bb:8e:55:49:77:1a:
25:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1E:57:DE:3C:20:3C:AE:39:11:D2:B6:63:59:E5:01:5F:51:0A:8D
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/MB5X3jwgPK45EdK2Y1nlAV9RCo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.82.48/28
Signature Algorithm: sha256WithRSAEncryption
6b:32:2c:44:8d:5f:40:8f:e1:3a:bd:8b:de:88:c6:52:59:8a:
55:07:4e:ce:73:52:36:50:fb:b3:18:bb:08:46:63:94:e6:69:
87:7e:2d:a0:70:b1:ad:12:2d:30:5a:f6:ed:ed:be:21:12:d5:
fb:9f:a9:74:5d:97:ee:59:a1:98:03:f7:de:a6:8e:8e:33:4e:
1a:57:57:0a:3a:72:e2:1d:f5:8d:3a:b2:7a:31:43:53:5c:1c:
05:64:1f:e1:e7:f8:99:da:db:33:0d:cd:17:f8:f1:62:24:24:
c8:4f:7e:c1:2c:58:4e:4e:70:51:a5:bd:32:6b:e0:fd:65:46:
d7:a3:32:95:11:8a:e2:9c:2c:46:43:e6:f3:03:cd:d5:ce:5b:
42:b6:ff:d3:ae:8c:6a:33:22:e4:83:db:af:11:d4:7c:f7:98:
ed:19:b0:fc:15:b9:77:95:95:62:71:02:cb:35:1a:de:56:07:
1c:a5:0e:df:08:69:e3:ac:cc:ab:c0:77:30:a2:be:8a:2e:9f:
7a:e3:61:51:30:f3:81:9f:e0:60:6b:41:89:29:d9:b7:b0:3d:
c8:78:25:20:18:25:9e:63:02:06:f1:fb:f8:68:22:ba:b3:17:
ed:9b:a5:1d:36:40:ac:3f:31:2f:0c:b4:80:19:04:af:1e:bf:
fc:6f:0e:3e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQoJcjQNU9k78cEB1uptEzHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjUwMTAyMTc1MjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFlNTdkZTNjMjAzY2FlMzkxMWQyYjY2MzU5ZTUwMTVmNTEwYThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3KYplqva21PF7TSoFRzLhDdM5+c/
qpmK57P+QhHq3XKI/Mqc3xxr5f0zb/s1I/pm23GTAnGr0qKr0mErdISeZC+J0dyn
eR+DcSEPfFAUyTh8VpkH9DxpZf2RLivs116eqJdORAw6QJf5SijiCl3pTfppD4hT
akl0nnGC0b/jHgibM0mqiDyPF2vppdn62QdLAwpZEyCcOgeJ5BVuvruZ4B/0+VH9
UKRrSBlWW9uAX9wpULK+5U6EPXFC1jZIZMFs9M5EXOpxMF46teHDV6DXd/dlUFJ5
vpv5Wi//vK5HkL8B/pHhfDAFifAIC90OIij1FjfGQkLlE3+7jlVJdxolQwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDAeV948IDyuORHStmNZ5QFfUQqNMB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvTUI1WDNqd2dQSzQ1RWRLMlkxbmxBVjlSQ28wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYtM2Q1MjIxODFhMmM0
LzEvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUEW75SMDAN
BgkqhkiG9w0BAQsFAAOCAQEAazIsRI1fQI/hOr2L3ojGUlmKVQdOznNSNlD7sxi7
CEZjlOZph34toHCxrRItMFr27e2+IRLV+5+pdF2X7lmhmAP33qaOjjNOGldXCjpy
4h31jTqyejFDU1wcBWQf4ef4mdrbMw3NF/jxYiQkyE9+wSxYTk5wUaW9Mmvg/WVG
16MylRGK4pwsRkPm8wPN1c5bQrb/066MajMi5IPbrxHUfPeY7Rmw/BW5d5WVYnEC
yzUa3lYHHKUO3whp46zMq8B3MKK+ii6feuNhUTDzgZ/gYGtBiSnZt7A9yHglIBgl
nmMCBvH7+GgiurMX7ZulHTZArD8xLwy0gBkErx6//G8OPg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:31:42 2025 by rpki-client