Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/mMGnUGaN6rsw58xOd0MAF_HAY9o.roa
File: mMGnUGaN6rsw58xOd0MAF_HAY9o.roa (raw, json)
Hash identifier: 0HzReZTMzsNR7hcuVRKNU/DysaBkSSFxX1IonoMajpg=
Subject key identifier: 98:C1:A7:50:66:8D:EA:BB:30:E7:CC:4E:77:43:00:17:F1:C0:63:DA
Certificate issuer: /CN=c9c4d3412791e3a3e994040589ec8ad2f58fe312
Certificate serial: 01942445996E0A88D9EA0716C3A4F55D5462
Authority key identifier: C9:C4:D3:41:27:91:E3:A3:E9:94:04:05:89:EC:8A:D2:F5:8F:E3:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/mMGnUGaN6rsw58xOd0MAF_HAY9o.roa
Signing time: Wed 01 Jan 2025 23:48:48 +0000
ROA not before: Wed 01 Jan 2025 23:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20775
IP address blocks: 217.194.224.0/20 maxlen: 20
217.194.224.0/21 maxlen: 21
217.194.232.0/21 maxlen: 21
2a02:22d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:99:6e:0a:88:d9:ea:07:16:c3:a4:f5:5d:54:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9c4d3412791e3a3e994040589ec8ad2f58fe312
Validity
Not Before: Jan 1 23:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98c1a750668deabb30e7cc4e77430017f1c063da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:6a:9d:c9:09:ed:47:f5:35:95:0b:f0:6a:
4a:6f:bd:43:2e:ff:d7:fd:3d:72:9b:f4:21:8f:6d:
b4:05:d8:73:77:98:c3:86:35:56:c6:62:e2:bd:c7:
d9:15:bb:2c:a0:b7:b5:78:30:66:da:d8:2e:d3:77:
ec:8f:5b:a1:49:c5:13:70:85:9a:99:2a:04:39:51:
45:25:a8:c3:d9:dc:ac:99:79:54:cb:1e:88:b2:29:
18:f3:11:fc:87:ff:17:da:00:da:7e:bf:bf:b6:f7:
41:94:67:7c:ba:3a:06:85:38:a5:a4:b6:98:9c:dc:
5b:3c:56:1b:0b:3d:e8:00:50:70:7c:a7:c3:5f:c6:
a1:6a:c5:e8:89:08:78:c3:0e:7b:70:49:e0:2d:21:
60:bc:e9:d1:97:51:98:9a:1c:1f:0d:62:62:29:f1:
6e:57:14:7e:67:22:e3:d5:14:3a:f4:09:7f:0a:56:
66:65:4c:ca:64:61:75:cc:75:2b:59:a6:05:6f:28:
f9:98:34:69:0f:fb:8a:0d:fa:3b:34:65:d5:42:35:
20:c5:61:06:51:f3:e1:39:9c:d7:e7:69:79:bc:61:
08:1e:d9:87:6d:c1:a9:67:10:1e:08:f8:5d:95:e1:
c5:d0:f6:2f:a8:97:b0:09:71:10:b0:95:c1:78:8c:
13:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:C1:A7:50:66:8D:EA:BB:30:E7:CC:4E:77:43:00:17:F1:C0:63:DA
X509v3 Authority Key Identifier:
keyid:C9:C4:D3:41:27:91:E3:A3:E9:94:04:05:89:EC:8A:D2:F5:8F:E3:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ycTTQSeR46PplAQFieyK0vWP4xI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/mMGnUGaN6rsw58xOd0MAF_HAY9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c2c8bf-dce4-4283-bf72-cc7f87f4a950/1/ycTTQSeR46PplAQFieyK0vWP4xI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.194.224.0/20
IPv6:
2a02:22d8::/32
Signature Algorithm: sha256WithRSAEncryption
b0:4e:0c:b5:76:e6:48:ae:4c:73:52:b8:74:96:c1:3f:b6:0d:
8c:6b:c4:07:ff:d9:de:a5:a3:12:2c:11:dd:41:8c:bf:7a:7c:
ee:5c:a8:51:54:56:9d:72:64:1d:09:57:ae:6b:06:82:d2:4c:
bc:ad:75:73:45:17:3d:18:f8:92:fd:8c:7f:32:d0:52:2e:b9:
cf:c1:e2:7a:6c:6b:37:af:ec:a3:ae:8f:80:f5:e3:9b:48:fd:
5f:10:e0:45:f6:2d:9d:aa:86:ad:f5:09:a8:d8:09:6f:90:65:
d9:2e:7f:81:38:d9:ac:f4:66:c8:4b:d2:ce:8d:b2:e0:f4:b8:
90:83:d4:2b:93:f4:1c:17:ff:01:17:75:79:21:28:b5:c6:9e:
72:24:69:66:35:e0:36:77:20:34:35:b4:34:8f:28:56:2f:4a:
0e:4c:4e:3c:b6:73:99:04:ba:36:fe:96:d6:4c:72:04:5a:25:
d9:ee:ee:e9:d1:fc:95:5b:20:b1:f0:46:3d:36:5e:6d:88:ec:
c7:f9:0f:52:78:28:9a:5e:94:ee:74:16:ac:4d:c7:d3:91:3f:
95:34:81:4d:7a:09:ca:74:f8:df:34:6b:97:b3:f4:30:a7:fa:
5d:f9:12:77:9c:a0:1a:d0:5d:ad:49:0c:b9:bf:d8:b2:63:7e:
95:6e:fc:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRZluCojZ6gcWw6T1XVRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YzRkMzQxMjc5MWUzYTNlOTk0MDQwNTg5ZWM4YWQyZjU4
ZmUzMTIwHhcNMjUwMTAxMjM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGMxYTc1MDY2OGRlYWJiMzBlN2NjNGU3NzQzMDAxN2YxYzA2M2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBhqnckJ7Uf1NZUL8GpKb71DLv/X
/T1ym/Qhj220Bdhzd5jDhjVWxmLivcfZFbssoLe1eDBm2tgu03fsj1uhScUTcIWa
mSoEOVFFJajD2dysmXlUyx6IsikY8xH8h/8X2gDafr+/tvdBlGd8ujoGhTilpLaY
nNxbPFYbCz3oAFBwfKfDX8ahasXoiQh4ww57cEngLSFgvOnRl1GYmhwfDWJiKfFu
VxR+ZyLj1RQ69Al/ClZmZUzKZGF1zHUrWaYFbyj5mDRpD/uKDfo7NGXVQjUgxWEG
UfPhOZzX52l5vGEIHtmHbcGpZxAeCPhdleHF0PYvqJewCXEQsJXBeIwThQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJjBp1Bmjeq7MOfMTndDABfxwGPaMB8GA1UdIwQY
MBaAFMnE00EnkeOj6ZQEBYnsitL1j+MSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWNUVFFTZVI0NlBwbEFRRmlleUswdldQNHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jMmM4YmYtZGNlNC00MjgzLWJmNzIt
Y2M3Zjg3ZjRhOTUwLzEvbU1HblVHYU42cnN3NTh4T2QwTUFGX0hBWTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jMmM4YmYtZGNlNC00MjgzLWJmNzItY2M3Zjg3ZjRhOTUw
LzEveWNUVFFTZVI0NlBwbEFRRmlleUswdldQNHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2cLgMA0E
AgACMAcDBQAqAiLYMA0GCSqGSIb3DQEBCwUAA4IBAQCwTgy1duZIrkxzUrh0lsE/
tg2Ma8QH/9nepaMSLBHdQYy/enzuXKhRVFadcmQdCVeuawaC0ky8rXVzRRc9GPiS
/Yx/MtBSLrnPweJ6bGs3r+yjro+A9eObSP1fEOBF9i2dqoat9Qmo2AlvkGXZLn+B
ONms9GbIS9LOjbLg9LiQg9Qrk/QcF/8BF3V5ISi1xp5yJGlmNeA2dyA0NbQ0jyhW
L0oOTE48tnOZBLo2/pbWTHIEWiXZ7u7p0fyVWyCx8EY9Nl5tiOzH+Q9SeCiaXpTu
dBasTcfTkT+VNIFNegnKdPjfNGuXs/Qwp/pd+RJ3nKAa0F2tSQy5v9iyY36Vbvx8
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:12:11 2025 by rpki-client