Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/dMpsd9wlXgD-cspja3jDD1k9bOA.roa
File: dMpsd9wlXgD-cspja3jDD1k9bOA.roa (raw, json)
Hash identifier: NYHzPamuN1malposZb2BM/eWGsMUpeT5gZWd7cy50qo=
Subject key identifier: 74:CA:6C:77:DC:25:5E:00:FE:72:CA:63:6B:78:C3:0F:59:3D:6C:E0
Certificate issuer: /CN=50bb158d29e37500d5c3a25dada149b2a503f6a5
Certificate serial: 0195BE3E03101707081A2CEBD1E9E2DD6EB4
Authority key identifier: 50:BB:15:8D:29:E3:75:00:D5:C3:A2:5D:AD:A1:49:B2:A5:03:F6:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULsVjSnjdQDVw6JdraFJsqUD9qU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/dMpsd9wlXgD-cspja3jDD1k9bOA.roa
Signing time: Sat 22 Mar 2025 14:24:49 +0000
ROA not before: Sat 22 Mar 2025 14:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202630
IP address blocks: 185.121.88.0/24 maxlen: 24
185.121.89.0/24 maxlen: 24
185.121.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/ULsVjSnjdQDVw6JdraFJsqUD9qU.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/ULsVjSnjdQDVw6JdraFJsqUD9qU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ULsVjSnjdQDVw6JdraFJsqUD9qU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 02:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:be:3e:03:10:17:07:08:1a:2c:eb:d1:e9:e2:dd:6e:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50bb158d29e37500d5c3a25dada149b2a503f6a5
Validity
Not Before: Mar 22 14:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74ca6c77dc255e00fe72ca636b78c30f593d6ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4d:56:d1:25:3e:ac:23:6e:74:8c:9c:04:fb:
76:40:6b:51:e9:fb:be:be:d6:f8:5d:2c:45:1e:98:
bc:9d:49:ee:64:8c:c3:7c:51:b7:d4:e9:40:98:d5:
f2:ba:90:33:27:21:59:36:ab:99:b2:28:c8:09:85:
49:da:c8:5a:27:f2:c9:91:cd:8a:86:d3:46:2d:cc:
fc:81:32:2a:1e:b1:0a:8d:3a:ca:aa:d6:e4:97:8e:
69:be:49:da:23:af:ca:c1:53:d8:33:b6:f8:fd:63:
38:2d:f3:47:47:6e:a7:1f:58:b9:ae:c8:d9:64:4b:
c4:8f:03:50:32:03:28:53:36:8d:b1:20:60:84:31:
69:7e:f2:d5:eb:9d:42:ac:60:06:d1:c6:17:66:40:
7e:24:26:63:da:3f:42:2c:8f:47:a7:46:d1:38:ca:
68:4c:d2:a7:38:fd:b8:f1:44:98:22:a1:a6:72:a0:
65:00:6a:80:be:55:8a:98:d7:b6:53:11:f9:74:bd:
4c:dd:4b:f4:31:73:c7:9c:7c:f7:68:e8:8b:d5:75:
f6:72:a9:62:06:f6:56:9f:e0:5c:40:8c:cb:ba:ad:
0b:f0:aa:b7:22:76:29:e0:3d:9d:82:1b:72:6f:1c:
de:6b:a4:1e:71:bb:3f:1e:66:24:8f:db:30:01:6f:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CA:6C:77:DC:25:5E:00:FE:72:CA:63:6B:78:C3:0F:59:3D:6C:E0
X509v3 Authority Key Identifier:
keyid:50:BB:15:8D:29:E3:75:00:D5:C3:A2:5D:AD:A1:49:B2:A5:03:F6:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULsVjSnjdQDVw6JdraFJsqUD9qU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/dMpsd9wlXgD-cspja3jDD1k9bOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/45d284-a373-4552-bc8a-743112b0e771/1/ULsVjSnjdQDVw6JdraFJsqUD9qU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.88.0/23
185.121.91.0/24
Signature Algorithm: sha256WithRSAEncryption
50:da:27:ac:a6:8f:cc:ed:9a:8d:87:7e:14:3e:ff:ea:b5:91:
30:9b:04:e9:7c:73:9d:24:f1:da:69:a1:84:79:5a:3f:1a:82:
de:16:96:2f:ee:db:45:02:2a:e4:01:ba:20:92:50:ef:8f:83:
b6:66:f6:5a:fb:0d:65:b0:25:9f:02:a9:60:37:c8:c0:52:0a:
0f:b9:be:61:57:88:f9:c5:eb:f0:c0:0a:ef:cb:b7:22:44:ff:
1a:04:18:73:8d:45:72:51:76:b5:51:7c:5c:b7:4d:44:6b:0c:
12:2b:e2:3e:02:25:08:fc:9d:31:fd:ad:30:bb:a0:ef:2d:fa:
54:4f:fd:31:ae:f2:30:f4:04:58:00:04:12:ae:ff:cf:7c:48:
93:4f:35:55:9b:e2:90:ef:cd:75:b5:b7:f2:e0:a1:50:ed:19:
a5:99:e0:58:3e:73:4c:cd:b7:7a:87:07:6a:4c:6f:18:0b:1f:
42:5c:e0:ef:86:07:f6:c7:90:99:fb:ee:3d:03:e5:6d:ef:1d:
97:d1:70:bb:f1:ad:72:7e:18:07:da:e7:a4:29:75:12:27:b7:
02:9e:75:f7:03:ff:23:9f:12:f5:77:79:85:bf:c7:9a:5b:95:
32:84:23:f0:50:93:4a:49:e5:a9:2e:72:45:94:ba:c6:e7:af:
de:9d:49:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZW+PgMQFwcIGizr0eni3W60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYmIxNThkMjllMzc1MDBkNWMzYTI1ZGFkYTE0OWIyYTUw
M2Y2YTUwHhcNMjUwMzIyMTQyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNhNmM3N2RjMjU1ZTAwZmU3MmNhNjM2Yjc4YzMwZjU5M2Q2Y2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzk1W0SU+rCNudIycBPt2QGtR6fu+
vtb4XSxFHpi8nUnuZIzDfFG31OlAmNXyupAzJyFZNquZsijICYVJ2shaJ/LJkc2K
htNGLcz8gTIqHrEKjTrKqtbkl45pvknaI6/KwVPYM7b4/WM4LfNHR26nH1i5rsjZ
ZEvEjwNQMgMoUzaNsSBghDFpfvLV651CrGAG0cYXZkB+JCZj2j9CLI9Hp0bROMpo
TNKnOP248USYIqGmcqBlAGqAvlWKmNe2UxH5dL1M3Uv0MXPHnHz3aOiL1XX2cqli
BvZWn+BcQIzLuq0L8Kq3InYp4D2dghtybxzea6Qecbs/HmYkj9swAW/UdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHTKbHfcJV4A/nLKY2t4ww9ZPWzgMB8GA1UdIwQY
MBaAFFC7FY0p43UA1cOiXa2hSbKlA/alMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUxzVmpTbmpkUURWdzZKZHJhRkpzcVVEOXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi80NWQyODQtYTM3My00NTUyLWJjOGEt
NzQzMTEyYjBlNzcxLzEvZE1wc2Q5d2xYZ0QtY3NwamEzakREMWs5Yk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi80NWQyODQtYTM3My00NTUyLWJjOGEtNzQzMTEyYjBlNzcx
LzEvVUxzVmpTbmpkUURWdzZKZHJhRkpzcVVEOXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuXlYAwQA
uXlbMA0GCSqGSIb3DQEBCwUAA4IBAQBQ2iespo/M7ZqNh34UPv/qtZEwmwTpfHOd
JPHaaaGEeVo/GoLeFpYv7ttFAirkAbogklDvj4O2ZvZa+w1lsCWfAqlgN8jAUgoP
ub5hV4j5xevwwArvy7ciRP8aBBhzjUVyUXa1UXxct01EawwSK+I+AiUI/J0x/a0w
u6DvLfpUT/0xrvIw9ARYAAQSrv/PfEiTTzVVm+KQ7811tbfy4KFQ7RmlmeBYPnNM
zbd6hwdqTG8YCx9CXODvhgf2x5CZ++49A+Vt7x2X0XC78a1yfhgH2uekKXUSJ7cC
nnX3A/8jnxL1d3mFv8eaW5UyhCPwUJNKSeWpLnJFlLrG56/enUmk
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:34:55 2025 by rpki-client