Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mwl0r7vx7glziPY_QItxRsSJeAk.roa
File: mwl0r7vx7glziPY_QItxRsSJeAk.roa (raw, json)
Hash identifier: 1Ot+hb3FMddnj8lrNQfPiqO4rxPdgpHynBKtjzrIzH4=
Subject key identifier: 9B:09:74:AF:BB:F1:EE:09:73:88:F6:3F:40:8B:71:46:C4:89:78:09
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01958CAF8C6F9D4A2EC0F86562869E45E81B
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mwl0r7vx7glziPY_QItxRsSJeAk.roa
Signing time: Wed 12 Mar 2025 23:27:49 +0000
ROA not before: Wed 12 Mar 2025 23:27:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 89.34.171.0/24 maxlen: 24
89.42.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 09:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8c:af:8c:6f:9d:4a:2e:c0:f8:65:62:86:9e:45:e8:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Mar 12 23:27:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b0974afbbf1ee097388f63f408b7146c4897809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c6:5a:e1:1f:e1:66:13:de:a3:d4:de:8d:a5:
f2:5a:5c:49:82:22:7e:fb:c3:7d:7f:51:1e:cf:e8:
f4:53:cd:8a:96:66:35:92:05:0b:0d:da:36:e0:42:
6a:51:2a:2c:80:38:4a:2a:c3:51:85:bf:85:2a:44:
44:c0:3d:a7:00:90:34:ff:b2:45:fc:48:c4:41:a5:
5c:67:47:1d:58:e0:72:57:c3:1c:9d:14:f9:8a:d1:
24:a9:c7:d5:71:6c:77:a4:0c:af:78:04:5f:92:00:
fc:8f:b2:80:cc:da:41:69:ee:2b:70:31:8e:b8:8e:
be:b4:41:77:8f:d2:df:a9:ea:7a:2e:b2:f2:ae:b5:
67:75:63:88:92:5b:c0:e0:e4:bb:1e:49:80:62:93:
3b:d4:38:a5:c2:c7:f0:dc:3e:3c:f6:e5:5b:55:b0:
3e:30:0a:43:74:25:86:a9:ec:ca:f5:ae:5e:6f:4e:
aa:39:42:8f:48:28:be:cb:b5:70:4b:85:98:64:51:
ea:85:72:a2:58:57:7b:d1:9d:04:76:3d:ca:70:da:
0a:76:0d:a5:c4:b8:81:b2:8c:97:8d:4e:11:ab:8b:
b7:50:05:6f:bb:ff:ad:7f:12:59:83:d5:4d:d6:aa:
da:bf:4c:05:87:12:32:ae:39:eb:cf:b3:d7:0c:4e:
bd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:09:74:AF:BB:F1:EE:09:73:88:F6:3F:40:8B:71:46:C4:89:78:09
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/mwl0r7vx7glziPY_QItxRsSJeAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.171.0/24
89.42.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:27:b3:29:2d:1e:1c:b8:d3:72:31:7b:43:85:64:ea:f4:43:
e0:bb:f0:c5:6c:7f:13:6c:85:44:27:fa:5a:38:b2:79:24:ac:
90:15:67:e4:29:fa:ac:95:94:e8:bb:be:a4:0f:67:ce:f9:ce:
ba:0b:80:a8:88:44:f6:eb:f5:99:6f:96:01:a8:8f:8f:39:7d:
6d:f7:af:11:7a:93:7d:24:45:10:d0:14:a8:8f:c0:46:a2:e6:
97:53:d9:fd:16:4a:54:af:25:59:9e:07:cd:fe:c5:58:99:ea:
ab:53:4d:7b:2a:f9:25:ce:7e:f5:0b:02:7d:e1:e0:ec:2f:54:
74:24:c6:1f:b4:b8:ba:ed:66:16:59:51:e3:2d:82:80:ec:27:
58:31:ad:f9:99:24:9d:84:f0:a2:d9:bc:20:d8:7b:7f:d6:a2:
1a:e0:7d:f3:09:42:fa:1a:fa:e4:2f:f7:dd:d0:f3:f9:01:84:
c5:db:24:d6:e8:c7:f3:7e:3a:59:8b:02:d6:2a:20:99:1a:47:
c4:82:74:e8:e1:3e:c8:67:9a:8b:20:a7:26:38:75:de:c4:8a:
6f:d4:b2:25:85:0e:47:2d:9f:42:51:24:9b:92:91:02:c5:2f:
e9:41:05:c8:c7:04:36:50:d3:cc:64:4d:3d:25:37:cb:fe:3a:
bf:a2:46:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZWMr4xvnUouwPhlYoaeRegbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMzEyMjMyNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjA5NzRhZmJiZjFlZTA5NzM4OGY2M2Y0MDhiNzE0NmM0ODk3ODA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8Za4R/hZhPeo9TejaXyWlxJgiJ+
+8N9f1Eez+j0U82KlmY1kgULDdo24EJqUSosgDhKKsNRhb+FKkREwD2nAJA0/7JF
/EjEQaVcZ0cdWOByV8McnRT5itEkqcfVcWx3pAyveARfkgD8j7KAzNpBae4rcDGO
uI6+tEF3j9Lfqep6LrLyrrVndWOIklvA4OS7HkmAYpM71Dilwsfw3D489uVbVbA+
MApDdCWGqezK9a5eb06qOUKPSCi+y7VwS4WYZFHqhXKiWFd70Z0Edj3KcNoKdg2l
xLiBsoyXjU4Rq4u3UAVvu/+tfxJZg9VN1qrav0wFhxIyrjnrz7PXDE69lwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJsJdK+78e4Jc4j2P0CLcUbEiXgJMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvbXdsMHI3dng3Z2x6aVBZX1FJdHhSc1NKZUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSKrAwQA
WSrVMA0GCSqGSIb3DQEBCwUAA4IBAQBOJ7MpLR4cuNNyMXtDhWTq9EPgu/DFbH8T
bIVEJ/paOLJ5JKyQFWfkKfqslZTou76kD2fO+c66C4CoiET26/WZb5YBqI+POX1t
968RepN9JEUQ0BSoj8BGouaXU9n9FkpUryVZngfN/sVYmeqrU017Kvklzn71CwJ9
4eDsL1R0JMYftLi67WYWWVHjLYKA7CdYMa35mSSdhPCi2bwg2Ht/1qIa4H3zCUL6
GvrkL/fd0PP5AYTF2yTW6MfzfjpZiwLWKiCZGkfEgnTo4T7IZ5qLIKcmOHXexIpv
1LIlhQ5HLZ9CUSSbkpECxS/pQQXIxwQ2UNPMZE09JTfL/jq/okaT
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:09:57 2025 by rpki-client