Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MNdd66wWbRgPtZoWCx7l6DBf4hY.roa
File: MNdd66wWbRgPtZoWCx7l6DBf4hY.roa (raw, json)
Hash identifier: aC5qHrT2Z/Mrp/oUCEiCkoUUfzqtsZx1RnOvm6M59kI=
Subject key identifier: 30:D7:5D:EB:AC:16:6D:18:0F:B5:9A:16:0B:1E:E5:E8:30:5F:E2:16
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01970DC1D0620B239D65F5BD84F8EA624BB9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MNdd66wWbRgPtZoWCx7l6DBf4hY.roa
Signing time: Mon 26 May 2025 18:01:34 +0000
ROA not before: Mon 26 May 2025 18:01:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 10:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:c1:d0:62:0b:23:9d:65:f5:bd:84:f8:ea:62:4b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 18:01:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30d75debac166d180fb59a160b1ee5e8305fe216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a7:72:27:c5:40:c4:93:f9:8d:bf:8e:fe:a6:
6c:14:a6:0d:d1:ed:e2:44:e7:3f:3b:74:46:4f:b4:
a4:6f:22:d4:95:47:ff:ae:6e:41:04:1a:5b:ba:a2:
84:89:8e:6b:05:85:ed:bf:9c:11:b2:01:cd:a2:96:
a1:34:7b:8c:87:fd:c3:a7:6c:fa:83:dc:aa:0c:1e:
1e:1e:8c:24:f3:64:5a:b7:11:f2:5b:d4:4d:db:aa:
14:55:dc:e1:a5:ee:8c:81:d2:ae:90:b3:2e:0c:c4:
e7:0c:0e:f6:3d:7d:f6:e7:87:01:15:36:eb:8c:da:
46:4c:bd:21:e8:9a:0a:73:fa:e8:50:00:93:b5:57:
97:a2:85:b8:e0:0c:b2:1c:c7:2b:08:2d:12:ef:bf:
25:dc:50:e2:50:b2:d7:3a:58:7f:14:2f:f9:13:d3:
0e:68:4e:fa:e8:9b:95:9d:ed:f3:92:a2:7e:d4:c0:
49:b7:0d:ad:43:8d:5a:5b:74:d6:a9:ee:f6:54:5e:
96:d2:51:cb:57:22:73:fb:3f:98:c4:61:66:d6:68:
9c:8f:88:e7:5c:a6:8c:13:be:25:42:03:76:33:b4:
d0:3d:9c:28:33:61:46:aa:de:af:5c:67:0a:c2:1e:
fc:47:5c:51:c0:30:5a:8d:eb:fa:68:9b:c8:f9:f0:
22:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:D7:5D:EB:AC:16:6D:18:0F:B5:9A:16:0B:1E:E5:E8:30:5F:E2:16
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/MNdd66wWbRgPtZoWCx7l6DBf4hY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.104.0/24
89.213.123.0/24
213.210.52.0/23
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
05:82:b9:af:2a:36:f5:29:21:34:96:59:bf:72:f9:b2:a1:3e:
31:20:21:df:26:42:de:52:ab:86:74:a4:d2:80:e9:e0:b5:ff:
aa:66:81:c2:46:2c:58:fc:26:e0:4a:a4:2b:19:c6:1a:1c:ca:
0a:37:60:b9:d3:f2:57:50:4b:3e:a1:a9:1c:a0:8e:6a:1a:ee:
9c:c9:2c:53:b8:b1:c4:af:85:e0:f2:a3:4f:c7:c9:c7:08:3d:
76:44:67:b9:88:67:94:4f:10:1c:3f:80:0d:de:db:1c:4a:71:
ba:2f:1e:da:b1:9f:3d:ec:b0:fb:2e:2d:38:94:d0:57:35:a0:
ae:3f:2e:ac:e2:fb:ff:db:7d:ca:ee:b6:b8:c5:c9:b6:6c:85:
17:e2:dc:5b:33:99:4f:60:ec:4e:64:fe:f8:0a:b2:f7:de:8c:
02:d7:4d:12:2d:8f:58:9c:bd:f2:41:3e:8d:c4:64:49:0e:14:
0e:ec:d1:0e:4b:c1:97:f4:ca:06:f6:db:9a:15:30:14:60:d1:
4b:2f:df:c8:ca:8f:4a:fb:c3:14:6b:77:9a:7a:61:1d:83:b1:
d9:e9:de:71:09:3c:c5:a3:8f:be:84:16:b4:18:b6:5c:d3:a6:
73:63:76:75:f3:6d:81:55:74:9e:8c:f9:03:65:03:4c:2d:fe:
c1:16:3f:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZcNwdBiCyOdZfW9hPjqYku5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTI2MTgwMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGQ3NWRlYmFjMTY2ZDE4MGZiNTlhMTYwYjFlZTVlODMwNWZlMjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6dyJ8VAxJP5jb+O/qZsFKYN0e3i
ROc/O3RGT7SkbyLUlUf/rm5BBBpbuqKEiY5rBYXtv5wRsgHNopahNHuMh/3Dp2z6
g9yqDB4eHowk82RatxHyW9RN26oUVdzhpe6MgdKukLMuDMTnDA72PX3254cBFTbr
jNpGTL0h6JoKc/roUACTtVeXooW44AyyHMcrCC0S778l3FDiULLXOlh/FC/5E9MO
aE766JuVne3zkqJ+1MBJtw2tQ41aW3TWqe72VF6W0lHLVyJz+z+YxGFm1micj4jn
XKaME74lQgN2M7TQPZwoM2FGqt6vXGcKwh78R1xRwDBajev6aJvI+fAi0wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDDXXeusFm0YD7WaFgse5egwX+IWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTU5kZDY2d1diUmdQdFpvV0N4N2w2REJmNGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUpiOAwQA
WdVoAwQAWdV7AwQB1dI0AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAFgrmvKjb1
KSE0llm/cvmyoT4xICHfJkLeUquGdKTSgOngtf+qZoHCRixY/CbgSqQrGcYaHMoK
N2C50/JXUEs+oakcoI5qGu6cySxTuLHEr4Xg8qNPx8nHCD12RGe5iGeUTxAcP4AN
3tscSnG6Lx7asZ897LD7Li04lNBXNaCuPy6s4vv/233K7ra4xcm2bIUX4txbM5lP
YOxOZP74CrL33owC100SLY9YnL3yQT6NxGRJDhQO7NEOS8GX9MoG9tuaFTAUYNFL
L9/Iyo9K+8MUa3eaemEdg7HZ6d5xCTzFo4++hBa0GLZc06ZzY3Z1822BVXSejPkD
ZQNMLf7BFj/I
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:44:51 2025 by rpki-client