Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/mgF34y33vscxiS4stuO3BYu8JlE.roa
File: mgF34y33vscxiS4stuO3BYu8JlE.roa (raw, json)
Hash identifier: G0qOZyPDZdpreKkYGFQ+RFa5w/ELVkiOatwZcMI9hrQ=
Subject key identifier: 9A:01:77:E3:2D:F7:BE:C7:31:89:2E:2C:B6:E3:B7:05:8B:BC:26:51
Certificate issuer: /CN=c1233861207a230564ef36f11e0157344731e3f9
Certificate serial: 0196E7BAA2ACC6EA65AAC565AF331FC40BD9
Authority key identifier: C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/mgF34y33vscxiS4stuO3BYu8JlE.roa
Signing time: Mon 19 May 2025 08:48:10 +0000
ROA not before: Mon 19 May 2025 08:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 46.228.131.0/24 maxlen: 24
46.228.135.0/24 maxlen: 24
46.228.136.0/23 maxlen: 24
46.228.140.0/24 maxlen: 24
46.228.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:ba:a2:ac:c6:ea:65:aa:c5:65:af:33:1f:c4:0b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1233861207a230564ef36f11e0157344731e3f9
Validity
Not Before: May 19 08:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a0177e32df7bec731892e2cb6e3b7058bbc2651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:28:55:64:43:88:0e:c7:0b:8a:aa:6f:29:5b:
17:86:ee:97:34:2b:f7:76:f9:d1:18:ac:97:fa:e5:
71:2c:9c:a0:84:6d:d1:37:24:fd:54:f6:ea:60:35:
83:64:31:4b:08:13:d8:be:f2:c9:dd:9a:ae:d0:31:
81:7e:a9:2a:9c:4c:80:67:00:14:ea:50:4a:ca:84:
cb:b7:c5:ba:31:7d:3a:b6:db:8b:c0:18:30:e1:69:
85:9f:03:c8:f7:89:4c:d4:9d:a7:3a:03:7c:ac:e4:
57:da:b1:e8:b8:f4:ec:ac:22:ae:87:51:ae:fe:4f:
9c:d5:ec:75:41:fa:a0:f9:24:4b:00:34:8c:7d:28:
47:0e:00:29:a4:75:48:6c:e6:99:54:a5:8d:86:37:
f3:13:de:a2:62:29:f3:ec:00:13:d0:ff:59:46:87:
eb:0d:0b:b1:44:6d:58:26:89:b7:03:34:28:ac:ca:
d2:1a:f6:8e:4e:25:e1:67:0d:e7:fc:a2:86:3c:de:
97:5c:8e:ac:5d:e1:d7:0d:bc:d9:38:99:62:e0:29:
bc:04:24:f3:55:4f:49:50:cb:0c:27:f5:c6:35:5f:
da:68:32:28:d8:1a:57:b9:d8:44:a3:ed:43:2c:87:
f2:e7:fa:79:e5:69:2f:bd:ee:a7:68:73:ca:9e:9c:
b5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:01:77:E3:2D:F7:BE:C7:31:89:2E:2C:B6:E3:B7:05:8B:BC:26:51
X509v3 Authority Key Identifier:
keyid:C1:23:38:61:20:7A:23:05:64:EF:36:F1:1E:01:57:34:47:31:E3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wSM4YSB6IwVk7zbxHgFXNEcx4_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/mgF34y33vscxiS4stuO3BYu8JlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/2c9320-38d9-4604-ad92-1c7b2b91d308/1/wSM4YSB6IwVk7zbxHgFXNEcx4_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.228.131.0/24
46.228.135.0-46.228.137.255
46.228.140.0/23
Signature Algorithm: sha256WithRSAEncryption
57:e6:1f:a8:56:23:63:29:fc:78:b9:3c:85:f4:70:39:40:2a:
8e:08:93:46:06:dc:d8:46:27:81:41:ba:40:aa:2a:f1:99:b4:
bd:24:23:23:5b:c7:5c:0e:8d:ba:bf:07:a0:6b:0f:09:b7:5a:
55:56:a0:d3:3c:2a:d4:e8:f8:d7:34:49:02:d1:8f:5c:f6:3b:
b1:ca:a1:bf:06:17:6a:0d:2b:f9:af:30:71:d8:55:91:27:3a:
c7:74:d6:66:12:9e:26:b4:66:4e:38:7d:01:0f:91:33:d9:bc:
29:46:3a:d0:9e:16:bb:37:79:a8:da:de:43:25:3e:ba:77:2f:
60:5d:7d:87:74:9c:75:40:aa:1c:6b:7f:b1:b3:9f:db:76:a1:
ff:48:3d:91:77:0e:71:df:33:ab:cf:85:dd:db:8b:97:21:b0:
da:cf:79:85:64:2f:f5:b0:15:7b:6e:0b:58:ec:e5:df:5c:e8:
a0:d8:eb:b5:a3:cd:95:69:d3:01:c3:8f:13:1a:72:66:91:69:
3b:28:10:0e:d4:32:13:76:aa:87:f7:e5:cf:8a:56:c9:c0:c6:
fc:d9:de:c2:3e:e3:3e:8a:ee:61:a7:0f:67:3c:42:5f:5d:dd:
9f:34:06:ac:a7:58:b6:26:4d:ee:65:e2:0c:48:46:ea:ce:ea:
b1:dc:56:fe
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZbnuqKsxuplqsVlrzMfxAvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMjMzODYxMjA3YTIzMDU2NGVmMzZmMTFlMDE1NzM0NDcz
MWUzZjkwHhcNMjUwNTE5MDg0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTAxNzdlMzJkZjdiZWM3MzE4OTJlMmNiNmUzYjcwNThiYmMyNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlChVZEOIDscLiqpvKVsXhu6XNCv3
dvnRGKyX+uVxLJyghG3RNyT9VPbqYDWDZDFLCBPYvvLJ3Zqu0DGBfqkqnEyAZwAU
6lBKyoTLt8W6MX06ttuLwBgw4WmFnwPI94lM1J2nOgN8rORX2rHouPTsrCKuh1Gu
/k+c1ex1Qfqg+SRLADSMfShHDgAppHVIbOaZVKWNhjfzE96iYinz7AAT0P9ZRofr
DQuxRG1YJom3AzQorMrSGvaOTiXhZw3n/KKGPN6XXI6sXeHXDbzZOJli4Cm8BCTz
VU9JUMsMJ/XGNV/aaDIo2BpXudhEo+1DLIfy5/p55Wkvve6naHPKnpy1iQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJoBd+Mt977HMYkuLLbjtwWLvCZRMB8GA1UdIwQY
MBaAFMEjOGEgeiMFZO828R4BVzRHMeP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTIt
MWM3YjJiOTFkMzA4LzEvbWdGMzR5MzN2c2N4aVM0c3R1TzNCWXU4SmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC8yYzkzMjAtMzhkOS00NjA0LWFkOTItMWM3YjJiOTFkMzA4
LzEvd1NNNFlTQjZJd1ZrN3pieEhnRlhORWN4NF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALuSDMAwD
BAAu5IcDBAEu5IgDBAEu5IwwDQYJKoZIhvcNAQELBQADggEBAFfmH6hWI2Mp/Hi5
PIX0cDlAKo4Ik0YG3NhGJ4FBukCqKvGZtL0kIyNbx1wOjbq/B6BrDwm3WlVWoNM8
KtTo+Nc0SQLRj1z2O7HKob8GF2oNK/mvMHHYVZEnOsd01mYSnia0Zk44fQEPkTPZ
vClGOtCeFrs3eaja3kMlPrp3L2BdfYd0nHVAqhxrf7Gzn9t2of9IPZF3DnHfM6vP
hd3bi5chsNrPeYVkL/WwFXtuC1js5d9c6KDY67WjzZVp0wHDjxMacmaRaTsoEA7U
MhN2qof35c+KVsnAxvzZ3sI+4z6K7mGnD2c8Ql9d3Z80BqynWLYmTe5l4gxIRurO
6rHcVv4=
-----END CERTIFICATE-----
Generated at Mon Jun 2 17:04:59 2025 by rpki-client