Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/MK26JBdAOQHbbLIoXza8gOwP2L0.roa
File: MK26JBdAOQHbbLIoXza8gOwP2L0.roa (raw, json)
Hash identifier: bfaAHwdU8g3+OMyQR1jrgL3b4O52QKIOBn86eAMWqtg=
Subject key identifier: 30:AD:BA:24:17:40:39:01:DB:6C:B2:28:5F:36:BC:80:EC:0F:D8:BD
Certificate issuer: /CN=4568d0a7204560b6356d837bbf1510d9636df63a
Certificate serial: 0194266B4046DBA2AC25D9E1E1671B03AD23
Authority key identifier: 45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/MK26JBdAOQHbbLIoXza8gOwP2L0.roa
Signing time: Thu 02 Jan 2025 09:49:10 +0000
ROA not before: Thu 02 Jan 2025 09:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 37.114.72.0/21 maxlen: 32
78.110.16.0/20 maxlen: 32
80.245.208.0/20 maxlen: 32
95.131.232.0/21 maxlen: 32
185.56.252.0/22 maxlen: 32
195.38.30.0/24 maxlen: 32
217.168.160.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:40:46:db:a2:ac:25:d9:e1:e1:67:1b:03:ad:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4568d0a7204560b6356d837bbf1510d9636df63a
Validity
Not Before: Jan 2 09:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30adba2417403901db6cb2285f36bc80ec0fd8bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:76:20:7f:dd:f9:72:9b:2f:d3:64:95:67:65:
91:12:18:fb:4c:c2:e3:a7:a1:0c:6c:8a:fb:ef:00:
ec:ad:17:0d:79:ad:b2:87:7f:da:5f:43:a8:28:a6:
4a:19:15:03:1c:92:bd:23:5e:ca:8c:e6:16:08:da:
4d:14:4a:2b:84:a5:d9:a0:a8:e7:96:51:33:55:03:
3f:32:18:33:77:36:8e:4a:64:81:74:40:1c:2b:9a:
a0:4d:ce:14:df:47:d2:a0:e7:4d:00:ce:92:41:72:
24:4e:82:a6:4e:71:27:09:c9:33:c2:e4:66:60:ce:
79:11:b9:fa:0c:7b:5f:01:16:46:8e:cc:62:e2:b7:
ea:f2:28:d4:3d:4a:23:81:ee:f3:89:df:d0:a4:30:
8f:30:11:b4:c4:51:1a:8f:9d:b3:3d:66:77:13:1c:
b1:8b:b7:09:95:58:09:71:5c:c6:b2:ac:f7:52:50:
5d:fe:fa:a1:7a:3a:05:08:38:74:e6:4c:b5:ac:4b:
af:d2:c0:0c:37:cf:0a:fd:89:41:69:5b:02:0a:a9:
5a:ae:3a:ee:5c:d4:d5:f9:3c:6a:80:cd:57:cf:eb:
1a:ac:e0:58:04:b7:b0:ee:bb:d1:3b:fe:40:12:25:
9c:96:41:4b:91:3e:7e:37:0d:9a:22:29:ad:f9:a6:
ec:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AD:BA:24:17:40:39:01:DB:6C:B2:28:5F:36:BC:80:EC:0F:D8:BD
X509v3 Authority Key Identifier:
keyid:45:68:D0:A7:20:45:60:B6:35:6D:83:7B:BF:15:10:D9:63:6D:F6:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/MK26JBdAOQHbbLIoXza8gOwP2L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/b0fb0b-b96a-4390-86a8-6fe35ae54a5b/1/RWjQpyBFYLY1bYN7vxUQ2WNt9jo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.72.0/21
78.110.16.0/20
80.245.208.0/20
95.131.232.0/21
185.56.252.0/22
195.38.30.0/24
217.168.160.0/20
Signature Algorithm: sha256WithRSAEncryption
0f:77:f0:4a:5b:a5:39:a1:9a:c4:f6:88:42:7b:98:0a:8c:22:
fe:a7:fc:9c:52:72:00:d4:35:87:04:5d:5f:f2:d3:6e:1f:92:
48:6f:66:51:75:d2:93:d4:eb:43:f6:80:54:48:60:e0:5d:e6:
35:3a:cc:b3:66:c2:cd:24:e5:8e:56:69:e7:4c:f7:e3:ec:21:
8a:09:ed:81:fd:f2:cf:eb:c1:75:25:a9:aa:38:ae:71:53:33:
45:52:3b:b3:7f:72:6c:35:9b:74:8c:12:3c:53:44:fd:99:30:
d1:9d:c2:b4:86:b5:61:d3:3e:08:cf:1c:96:41:aa:a6:f8:c2:
fa:5c:9a:df:57:d3:82:09:aa:d0:e5:86:c9:97:c3:54:8c:30:
54:75:e1:5c:06:e3:3e:90:5b:8f:75:1f:3c:e7:b6:cd:9d:3f:
ba:bb:86:19:91:56:e0:46:8b:90:c8:cf:18:d2:47:a8:3c:20:
f4:cd:12:78:59:20:96:9e:28:53:4b:d2:db:f2:d5:e4:f7:f0:
26:c9:97:67:c9:66:d8:15:6f:ab:8a:82:89:db:45:7b:45:9c:
85:d4:6b:d6:9b:d0:37:62:8f:01:c3:5a:ac:8a:8c:65:a7:7e:
cf:03:fc:7f:c2:b2:58:2a:63:15:b8:ad:0c:8e:c8:1a:d7:cb:
d1:9f:b0:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQma0BG26KsJdnh4WcbA60jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NjhkMGE3MjA0NTYwYjYzNTZkODM3YmJmMTUxMGQ5NjM2
ZGY2M2EwHhcNMjUwMTAyMDk0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFkYmEyNDE3NDAzOTAxZGI2Y2IyMjg1ZjM2YmM4MGVjMGZkOGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63Ygf935cpsv02SVZ2WREhj7TMLj
p6EMbIr77wDsrRcNea2yh3/aX0OoKKZKGRUDHJK9I17KjOYWCNpNFEorhKXZoKjn
llEzVQM/MhgzdzaOSmSBdEAcK5qgTc4U30fSoOdNAM6SQXIkToKmTnEnCckzwuRm
YM55Ebn6DHtfARZGjsxi4rfq8ijUPUojge7zid/QpDCPMBG0xFEaj52zPWZ3Exyx
i7cJlVgJcVzGsqz3UlBd/vqhejoFCDh05ky1rEuv0sAMN88K/YlBaVsCCqlarjru
XNTV+TxqgM1Xz+sarOBYBLew7rvRO/5AEiWclkFLkT5+Nw2aIimt+absJwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDCtuiQXQDkB22yyKF82vIDsD9i9MB8GA1UdIwQY
MBaAFEVo0KcgRWC2NW2De78VENljbfY6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgt
NmZlMzVhZTU0YTViLzEvTUsyNkpCZEFPUUhiYkxJb1h6YThnT3dQMkwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9iMGZiMGItYjk2YS00MzkwLTg2YTgtNmZlMzVhZTU0YTVi
LzEvUldqUXB5QkZZTFkxYllON3Z4VVEyV050OWpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJXJIAwQE
Tm4QAwQEUPXQAwQDX4PoAwQCuTj8AwQAwyYeAwQE2aigMA0GCSqGSIb3DQEBCwUA
A4IBAQAPd/BKW6U5oZrE9ohCe5gKjCL+p/ycUnIA1DWHBF1f8tNuH5JIb2ZRddKT
1OtD9oBUSGDgXeY1OsyzZsLNJOWOVmnnTPfj7CGKCe2B/fLP68F1JamqOK5xUzNF
Ujuzf3JsNZt0jBI8U0T9mTDRncK0hrVh0z4IzxyWQaqm+ML6XJrfV9OCCarQ5YbJ
l8NUjDBUdeFcBuM+kFuPdR8857bNnT+6u4YZkVbgRouQyM8Y0keoPCD0zRJ4WSCW
nihTS9Lb8tXk9/AmyZdnyWbYFW+rioKJ20V7RZyF1GvWm9A3Yo8Bw1qsioxlp37P
A/x/wrJYKmMVuK0Mjsga18vRn7B3
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:10 2025 by rpki-client