Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/mWetSYOn1BkhZCQeBuy0aNAtp2k.roa
File: mWetSYOn1BkhZCQeBuy0aNAtp2k.roa (raw, json)
Hash identifier: 7QsWLfC1FbX4IQpj2Fc+FdTBylJTVc8Q6Q3mzopMiwY=
Subject key identifier: 99:67:AD:49:83:A7:D4:19:21:64:24:1E:06:EC:B4:68:D0:2D:A7:69
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1DEEC7B2A5AE7B101A77F436EA73D
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/mWetSYOn1BkhZCQeBuy0aNAtp2k.roa
Signing time: Wed 01 Jan 2025 11:48:12 +0000
ROA not before: Wed 01 Jan 2025 11:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205285
IP address blocks: 31.46.29.0/24 maxlen: 24
78.92.232.0/23 maxlen: 23
84.1.114.0/24 maxlen: 24
84.1.115.0/24 maxlen: 24
84.1.116.0/24 maxlen: 24
84.2.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:de:ec:7b:2a:5a:e7:b1:01:a7:7f:43:6e:a7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9967ad4983a7d4192164241e06ecb468d02da769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1d:b3:54:ee:92:77:5f:7f:55:5e:88:d5:f9:
f8:99:d2:d8:48:8d:5d:04:fd:62:bc:74:e5:68:8a:
af:ee:b1:4c:a5:f1:04:46:ac:98:16:0d:a8:1f:83:
5c:25:4a:3b:87:32:f2:2b:08:a7:3c:e7:94:31:e5:
65:25:53:3a:20:18:b2:19:6b:ce:3b:a3:18:70:7b:
b6:2b:14:67:f4:47:24:1c:56:f0:99:d0:cf:9f:71:
0f:d5:e8:d5:a8:ef:ca:0b:86:06:e9:56:35:cf:91:
c6:57:d4:8d:09:0b:bf:c5:f2:3f:a3:13:49:88:fb:
1e:c1:17:23:ff:4d:fe:ea:a6:dc:1a:0b:b7:15:fb:
ff:47:05:60:d8:52:8e:ba:1d:5a:d1:f0:f6:fb:b1:
20:42:fb:e5:d8:34:77:c6:38:f0:5e:cf:33:e6:8b:
a1:4c:c5:60:45:67:67:a8:eb:f0:9b:92:32:3a:98:
0d:54:ae:6b:f4:9c:7e:61:70:ed:56:21:44:31:1c:
95:69:56:b2:ab:6a:e8:4b:8d:a6:88:63:53:c1:d9:
14:6f:ae:f8:21:88:59:4b:6c:84:2d:4d:a7:16:72:
f7:8a:a7:eb:99:87:b3:fb:85:98:1f:0f:25:45:3e:
43:06:17:38:97:4b:b1:3b:dc:17:9f:90:09:3c:3b:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:67:AD:49:83:A7:D4:19:21:64:24:1E:06:EC:B4:68:D0:2D:A7:69
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/mWetSYOn1BkhZCQeBuy0aNAtp2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.46.29.0/24
78.92.232.0/23
84.1.114.0-84.1.116.255
84.2.63.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:58:00:9c:94:62:4e:cf:87:e6:3c:ce:d1:48:38:b2:1e:c1:
3c:c9:6f:a1:f6:28:f3:2c:40:06:e8:a1:48:ad:9e:32:ac:ea:
1f:21:01:c0:43:91:93:b6:77:80:cf:09:22:29:94:87:20:1a:
30:c4:82:0a:5c:ec:58:49:a1:9a:3f:29:8e:bf:88:6a:81:dd:
31:f7:1d:41:94:f5:63:2e:93:4c:32:63:d0:91:ba:aa:4f:4a:
3b:0c:ed:c7:a6:66:a7:d4:67:7f:00:8a:2d:be:d5:53:e7:e2:
a0:b1:f6:4e:fb:e3:ed:1c:45:da:dc:18:4c:2e:96:79:0d:ea:
ac:2f:56:c3:e0:fd:48:f9:ee:52:d3:20:89:4d:08:d9:77:4b:
d6:87:99:e5:9c:93:61:eb:cd:3b:39:8f:a1:ce:35:96:13:3a:
f4:3a:b1:93:cb:59:dd:d4:6f:20:8b:47:ff:15:6c:c2:9a:04:
3f:ed:7c:41:45:c0:83:b3:cc:56:ec:71:97:b7:93:ec:ac:10:
cb:ae:ae:6f:6b:5a:04:dc:33:25:0d:af:26:93:a2:26:6a:a3:
17:11:c4:f1:8e:4e:b2:7a:2d:bc:57:f1:75:69:8c:69:4e:07:
93:cf:f1:21:11:40:bf:40:f2:17:ae:26:ea:62:65:b4:fd:54:
d3:3c:92:33
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQhsd7seypa57EBp39Dbqc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTY3YWQ0OTgzYTdkNDE5MjE2NDI0MWUwNmVjYjQ2OGQwMmRhNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB2zVO6Sd19/VV6I1fn4mdLYSI1d
BP1ivHTlaIqv7rFMpfEERqyYFg2oH4NcJUo7hzLyKwinPOeUMeVlJVM6IBiyGWvO
O6MYcHu2KxRn9EckHFbwmdDPn3EP1ejVqO/KC4YG6VY1z5HGV9SNCQu/xfI/oxNJ
iPsewRcj/03+6qbcGgu3Ffv/RwVg2FKOuh1a0fD2+7EgQvvl2DR3xjjwXs8z5ouh
TMVgRWdnqOvwm5IyOpgNVK5r9Jx+YXDtViFEMRyVaVayq2roS42miGNTwdkUb674
IYhZS2yELU2nFnL3iqfrmYez+4WYHw8lRT5DBhc4l0uxO9wXn5AJPDtPbQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJlnrUmDp9QZIWQkHgbstGjQLadpMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvbVdldFNZT24xQmtoWkNRZUJ1eTBhTkF0cDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAHy4dAwQB
TlzoMAwDBAFUAXIDBABUAXQDBABUAj8wDQYJKoZIhvcNAQELBQADggEBACxYAJyU
Yk7Ph+Y8ztFIOLIewTzJb6H2KPMsQAbooUitnjKs6h8hAcBDkZO2d4DPCSIplIcg
GjDEggpc7FhJoZo/KY6/iGqB3TH3HUGU9WMuk0wyY9CRuqpPSjsM7cemZqfUZ38A
ii2+1VPn4qCx9k774+0cRdrcGEwulnkN6qwvVsPg/Uj57lLTIIlNCNl3S9aHmeWc
k2HrzTs5j6HONZYTOvQ6sZPLWd3UbyCLR/8VbMKaBD/tfEFFwIOzzFbscZe3k+ys
EMuurm9rWgTcMyUNryaToiZqoxcRxPGOTrJ6LbxX8XVpjGlOB5PP8SERQL9A8heu
JupiZbT9VNM8kjM=
-----END CERTIFICATE-----
Generated at Sun Apr 13 04:22:43 2025 by rpki-client