Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MOnyvymPV70rA-n7s2qFGgmyraY.roa
File: MOnyvymPV70rA-n7s2qFGgmyraY.roa (raw, json)
Hash identifier: 85Gf5MFfTrOZBrJ3gxPjNi7Zx/lmYfRY4Lsl6tbceT8=
Subject key identifier: 30:E9:F2:BF:29:8F:57:BD:2B:03:E9:FB:B3:6A:85:1A:09:B2:AD:A6
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 019601F2C5DF2B175FF6D1348C1160E2F595
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MOnyvymPV70rA-n7s2qFGgmyraY.roa
Signing time: Fri 04 Apr 2025 17:56:49 +0000
ROA not before: Fri 04 Apr 2025 17:56:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210158
IP address blocks: 195.77.128.0/22 maxlen: 22
195.77.128.0/23 maxlen: 23
195.77.128.0/24 maxlen: 24
195.77.129.0/24 maxlen: 24
195.77.130.0/23 maxlen: 23
195.77.130.0/24 maxlen: 24
195.77.131.0/24 maxlen: 24
195.235.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 08:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:01:f2:c5:df:2b:17:5f:f6:d1:34:8c:11:60:e2:f5:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Apr 4 17:56:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e9f2bf298f57bd2b03e9fbb36a851a09b2ada6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e0:80:aa:e4:f2:39:1a:1b:3c:99:dd:68:21:
3d:d2:4e:7a:3d:96:6c:52:ca:f8:22:75:20:52:f4:
f2:bd:c8:f3:c6:60:df:43:80:58:a4:12:18:f3:2d:
1b:5b:7a:2d:62:bb:9d:03:37:52:49:f4:12:f5:70:
fd:99:a5:fa:a8:9e:61:e4:53:0c:2b:27:70:41:97:
9e:6e:d0:38:a4:82:41:41:4c:cc:46:32:e8:74:ca:
a9:83:13:ca:46:1d:a3:ab:b8:ab:2a:c0:b5:d6:7d:
9b:e1:75:01:d5:56:a8:2c:06:3e:12:0c:84:aa:6f:
c2:de:c0:e6:bf:38:e2:b8:f9:c0:ee:f3:4c:8c:41:
dc:bd:44:84:8c:42:f3:9d:db:1b:02:03:f4:83:1f:
a2:0b:a5:9b:e5:08:fa:e8:72:45:35:84:13:bc:5e:
d9:a8:b3:9c:16:75:e5:e1:4c:88:64:c4:29:8d:63:
86:48:58:3f:c9:01:67:64:cd:9d:3c:af:d3:38:54:
79:54:84:28:2f:7d:14:e2:24:d8:a3:dc:cc:26:0a:
c8:82:9d:53:75:11:3d:3e:37:be:f3:af:1d:cb:e3:
c4:5e:16:e9:a3:ab:5b:e0:07:c9:4c:fa:78:fe:8e:
f4:31:b7:b1:72:c2:98:f9:d7:0a:4f:15:b3:9b:a9:
87:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E9:F2:BF:29:8F:57:BD:2B:03:E9:FB:B3:6A:85:1A:09:B2:AD:A6
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MOnyvymPV70rA-n7s2qFGgmyraY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.77.128.0/22
195.235.5.0/24
Signature Algorithm: sha256WithRSAEncryption
00:01:56:2e:34:2c:53:53:18:d4:fa:a9:d0:1a:05:ca:c3:64:
37:70:91:28:3d:c7:4f:41:73:e0:dd:5d:fe:a7:e4:a8:65:67:
36:79:9d:54:d8:d5:f0:24:e8:d2:ae:15:35:5c:41:34:f1:e5:
ee:45:1f:ca:87:e0:4f:f6:0c:cd:7c:62:f0:45:ad:17:f8:3c:
c4:bd:f5:2b:8f:d0:56:bc:49:a8:38:89:66:a1:4c:66:b2:9f:
ea:9b:e5:0d:aa:ba:33:1b:42:d6:b3:06:5d:17:4a:24:fa:57:
0d:3a:7c:33:93:3e:10:ef:ee:da:ba:40:70:44:96:fa:9a:4c:
77:e4:30:19:5c:23:ef:03:30:a9:b4:51:0f:68:38:6c:23:7f:
66:53:5a:fd:1a:90:7e:4c:b8:50:5a:cf:6f:69:cc:50:90:df:
d8:70:e4:d2:5d:12:5f:d5:d6:dc:58:72:c6:3c:44:a6:6c:1b:
d1:20:50:ae:68:eb:a6:56:60:21:ce:cd:1f:47:34:ae:70:0c:
bc:0f:93:9c:6a:be:dc:c3:97:2e:e1:d7:06:62:05:16:d8:6f:
c9:b0:32:22:e6:f0:f1:a9:be:fb:45:a4:20:b5:2a:20:fc:ca:
2e:0f:8b:6b:e2:70:6d:cd:fc:8b:8f:d4:ea:33:5f:0d:8e:db:
32:17:ff:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYB8sXfKxdf9tE0jBFg4vWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwNDA0MTc1NjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGU5ZjJiZjI5OGY1N2JkMmIwM2U5ZmJiMzZhODUxYTA5YjJhZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuCAquTyORobPJndaCE90k56PZZs
Usr4InUgUvTyvcjzxmDfQ4BYpBIY8y0bW3otYrudAzdSSfQS9XD9maX6qJ5h5FMM
KydwQZeebtA4pIJBQUzMRjLodMqpgxPKRh2jq7irKsC11n2b4XUB1VaoLAY+EgyE
qm/C3sDmvzjiuPnA7vNMjEHcvUSEjELzndsbAgP0gx+iC6Wb5Qj66HJFNYQTvF7Z
qLOcFnXl4UyIZMQpjWOGSFg/yQFnZM2dPK/TOFR5VIQoL30U4iTYo9zMJgrIgp1T
dRE9Pje+868dy+PEXhbpo6tb4AfJTPp4/o70MbexcsKY+dcKTxWzm6mHeQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDDp8r8pj1e9KwPp+7NqhRoJsq2mMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvTU9ueXZ5bVBWNzByQS1uN3MycUZHZ215cmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw02AAwQA
w+sFMA0GCSqGSIb3DQEBCwUAA4IBAQAAAVYuNCxTUxjU+qnQGgXKw2Q3cJEoPcdP
QXPg3V3+p+SoZWc2eZ1U2NXwJOjSrhU1XEE08eXuRR/Kh+BP9gzNfGLwRa0X+DzE
vfUrj9BWvEmoOIlmoUxmsp/qm+UNqrozG0LWswZdF0ok+lcNOnwzkz4Q7+7aukBw
RJb6mkx35DAZXCPvAzCptFEPaDhsI39mU1r9GpB+TLhQWs9vacxQkN/YcOTSXRJf
1dbcWHLGPESmbBvRIFCuaOumVmAhzs0fRzSucAy8D5Ocar7cw5cu4dcGYgUW2G/J
sDIi5vDxqb77RaQgtSog/MouD4tr4nBtzfyLj9TqM18NjtsyF/92
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:46:29 2025 by rpki-client