Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/MeVZOtqNt3JW5yw4ZXWY1mEC3c4.roa
File: MeVZOtqNt3JW5yw4ZXWY1mEC3c4.roa (raw, json)
Hash identifier: aT7Qdf0+N9/MSDlSTyJ9aA4YP0o287rEoQwXL6tiMCM=
Subject key identifier: 31:E5:59:3A:DA:8D:B7:72:56:E7:2C:38:65:75:98:D6:61:02:DD:CE
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 0194228E342F21AB33756D407A8B684F4744
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/MeVZOtqNt3JW5yw4ZXWY1mEC3c4.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29014
IP address blocks: 45.83.108.0/22 maxlen: 24
212.108.160.0/20 maxlen: 20
212.108.176.0/21 maxlen: 21
2a02:358::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:34:2f:21:ab:33:75:6d:40:7a:8b:68:4f:47:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31e5593ada8db77256e72c38657598d66102ddce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:94:91:a4:b0:a0:d6:1a:1f:22:1a:b7:49:
97:08:22:13:fc:fd:8f:0f:73:e8:50:14:ca:c8:e9:
8d:7c:4c:d4:30:28:1d:34:30:2a:0b:4c:bb:df:07:
87:cf:57:33:60:6c:b9:85:50:5b:54:56:5a:78:08:
08:df:68:fc:ea:a5:5d:57:68:20:90:45:43:b1:63:
dc:14:52:3e:76:01:9f:f8:97:e2:23:30:19:f2:7f:
47:93:fc:7e:2e:9f:2f:0f:db:1e:63:33:96:84:80:
f7:2c:b6:ce:f7:e1:74:83:ab:dd:f8:eb:f4:75:ed:
fb:89:f5:ae:5d:2d:4a:a2:0a:0b:92:55:2a:c5:4b:
72:18:3d:90:65:4d:7f:78:b3:67:17:f1:6e:5c:ad:
7c:87:e8:4f:53:72:bf:12:1c:ce:52:6f:07:5e:e7:
04:cc:e7:b3:36:52:29:cd:ad:ef:c6:ef:9d:84:db:
2f:47:28:46:0b:4a:18:00:45:82:5f:df:8d:90:54:
bf:6a:05:d9:47:8a:a2:2c:4c:9f:20:44:54:9a:0e:
df:76:86:56:0d:ac:8d:b1:2e:4e:26:59:d9:4c:04:
29:a2:50:47:7d:b4:ab:7d:13:85:47:55:4b:7f:b9:
42:04:09:57:20:09:46:44:55:c7:26:f2:ee:bc:53:
87:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:E5:59:3A:DA:8D:B7:72:56:E7:2C:38:65:75:98:D6:61:02:DD:CE
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/MeVZOtqNt3JW5yw4ZXWY1mEC3c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.108.0/22
212.108.160.0-212.108.183.255
IPv6:
2a02:358::/32
Signature Algorithm: sha256WithRSAEncryption
45:85:a5:27:9e:42:fc:71:25:16:d2:a3:5a:71:85:23:8f:55:
73:af:ac:51:48:9f:7a:f0:f6:c1:35:96:e2:c6:51:fa:10:db:
00:ad:27:3f:a1:57:89:63:26:0a:9b:76:c2:8c:3f:b3:90:d1:
5c:aa:15:97:5b:ee:07:57:98:81:40:27:68:45:d1:5e:27:db:
1a:1f:cd:ff:82:8f:ba:de:dd:c6:27:06:59:db:44:02:43:2a:
63:4f:8d:40:04:6e:be:42:15:ac:ac:05:73:8b:7b:9e:e1:38:
6e:1f:03:a0:f4:55:b0:f5:7f:7e:b0:dc:7f:46:df:63:81:24:
dd:91:cd:3f:7a:04:04:47:be:d0:03:c3:07:45:3f:6a:53:7c:
8a:13:02:16:58:15:6d:77:c8:ea:18:42:2c:5a:dd:b3:e1:6a:
56:0f:97:5a:8f:a8:45:0e:59:3a:c3:9e:bf:2b:35:15:5f:dc:
3f:86:d8:f2:14:d9:9a:70:fa:27:42:2e:3f:a8:62:d2:55:a5:
e6:8b:67:28:66:27:7f:0b:50:6f:c6:f9:21:f2:f8:46:f8:9a:
04:0e:43:76:45:a6:a5:7f:b2:33:43:f7:24:e1:cd:de:2e:42:
8c:98:ba:4f:35:15:b7:41:ba:d8:fd:2d:51:a7:fc:72:7f:25:
32:77:7c:87
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQijjQvIaszdW1AeotoT0dEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWU1NTkzYWRhOGRiNzcyNTZlNzJjMzg2NTc1OThkNjYxMDJkZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9mUkaSwoNYaHyIat0mXCCIT/P2P
D3PoUBTKyOmNfEzUMCgdNDAqC0y73weHz1czYGy5hVBbVFZaeAgI32j86qVdV2gg
kEVDsWPcFFI+dgGf+JfiIzAZ8n9Hk/x+Lp8vD9seYzOWhID3LLbO9+F0g6vd+Ov0
de37ifWuXS1KogoLklUqxUtyGD2QZU1/eLNnF/FuXK18h+hPU3K/EhzOUm8HXucE
zOezNlIpza3vxu+dhNsvRyhGC0oYAEWCX9+NkFS/agXZR4qiLEyfIERUmg7fdoZW
DayNsS5OJlnZTAQpolBHfbSrfROFR1VLf7lCBAlXIAlGRFXHJvLuvFOH0wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDHlWTrajbdyVucsOGV1mNZhAt3OMB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEvTWVWWk90cU50M0pXNXl3NFpYV1kxbUVDM2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCLVNsMAwD
BAXUbKADBAPUbLAwDQQCAAIwBwMFACoCA1gwDQYJKoZIhvcNAQELBQADggEBAEWF
pSeeQvxxJRbSo1pxhSOPVXOvrFFIn3rw9sE1luLGUfoQ2wCtJz+hV4ljJgqbdsKM
P7OQ0VyqFZdb7gdXmIFAJ2hF0V4n2xofzf+Cj7re3cYnBlnbRAJDKmNPjUAEbr5C
FaysBXOLe57hOG4fA6D0VbD1f36w3H9G32OBJN2RzT96BARHvtADwwdFP2pTfIoT
AhZYFW13yOoYQixa3bPhalYPl1qPqEUOWTrDnr8rNRVf3D+G2PIU2Zpw+idCLj+o
YtJVpeaLZyhmJ38LUG/G+SHy+Eb4mgQOQ3ZFpqV/sjND9yThzd4uQoyYuk81FbdB
utj9LVGn/HJ/JTJ3fIc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:14:15 2025 by rpki-client