Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/mPlgxbWD56Le2xy3b_FhRsqSxsc.roa
File: mPlgxbWD56Le2xy3b_FhRsqSxsc.roa (raw, json)
Hash identifier: AfWfwIbPTYGoiVxVmMF6d4mso8lDoU2eXTIxJq7pZSw=
Subject key identifier: 98:F9:60:C5:B5:83:E7:A2:DE:DB:1C:B7:6F:F1:61:46:CA:92:C6:C7
Certificate issuer: /CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Certificate serial: 0194258F052DDDCA922742CC64802B08F34C
Authority key identifier: A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/mPlgxbWD56Le2xy3b_FhRsqSxsc.roa
Signing time: Thu 02 Jan 2025 05:48:37 +0000
ROA not before: Thu 02 Jan 2025 05:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 185.94.240.0/23 maxlen: 23
185.94.242.0/23 maxlen: 23
185.124.96.0/24 maxlen: 24
185.124.97.0/24 maxlen: 24
185.124.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:05:2d:dd:ca:92:27:42:cc:64:80:2b:08:f3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a389e7035b08e181a341f37eda7343d23f1cafa4
Validity
Not Before: Jan 2 05:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f960c5b583e7a2dedb1cb76ff16146ca92c6c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b0:05:59:92:ef:6c:1a:ba:77:b0:46:66:b7:
ea:7e:81:cc:94:a2:25:4f:22:bd:2a:c2:5f:68:89:
91:d8:af:31:f5:98:43:ec:c8:ef:58:a3:99:bc:99:
69:a9:a5:8e:f6:09:22:18:2d:0e:c7:f8:8d:99:e8:
22:08:bb:67:31:7f:c4:88:87:1b:db:2a:c4:ee:cf:
94:2d:f8:10:ba:1b:85:d3:ca:fa:b0:82:8d:d1:1e:
68:d8:c6:ea:8c:b9:0e:89:9e:03:ee:06:0a:d5:ec:
18:da:4a:94:de:56:39:25:5b:96:ea:9c:35:20:0b:
80:a5:05:1e:48:84:47:49:3c:7d:68:1e:81:de:16:
5f:3a:29:29:25:3f:83:a9:c5:77:2c:82:05:56:6d:
c7:9e:36:42:a4:28:28:aa:0e:be:ea:dc:7d:14:99:
81:0a:fd:b4:cc:65:69:b9:4d:f9:d0:1d:e5:62:2d:
9d:c0:ab:37:1c:72:1c:64:17:0c:ab:73:8e:af:02:
0a:ed:44:d4:b0:dc:b1:53:a5:f2:8c:48:84:cf:d3:
6b:16:89:09:29:8d:80:a5:c5:c5:82:df:4c:bc:86:
0f:f0:fa:db:70:a3:5b:4a:9c:b8:1f:88:2e:1f:e3:
34:08:f4:18:90:e8:4f:9c:7d:00:06:c2:7c:fc:24:
3e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F9:60:C5:B5:83:E7:A2:DE:DB:1C:B7:6F:F1:61:46:CA:92:C6:C7
X509v3 Authority Key Identifier:
keyid:A3:89:E7:03:5B:08:E1:81:A3:41:F3:7E:DA:73:43:D2:3F:1C:AF:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4nnA1sI4YGjQfN-2nND0j8cr6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/mPlgxbWD56Le2xy3b_FhRsqSxsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/f053cd-1d79-43a1-9aab-0e72416b4dc7/1/o4nnA1sI4YGjQfN-2nND0j8cr6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.240.0/22
185.124.96.0/23
185.124.99.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ae:98:5d:58:f6:68:38:92:2d:50:41:55:f3:58:2e:88:5e:
93:19:4f:f6:78:d5:0e:15:c4:f7:27:0e:5c:72:12:1c:20:b4:
31:6f:bd:99:f9:16:c8:74:1c:47:4c:2b:87:6c:09:db:17:8e:
15:19:0e:56:79:0f:b3:f3:fe:9d:70:45:4b:d5:e9:96:07:e3:
1c:34:8f:8f:52:f3:40:34:a3:fd:f4:33:a8:01:97:20:f3:34:
df:80:ba:63:4d:f5:3f:28:4e:2a:fa:e3:cf:b5:7d:c7:28:56:
18:5a:54:5e:5f:7d:5a:78:f2:6c:79:57:ba:14:b1:4e:2c:32:
47:f2:c6:50:c7:a8:d4:cc:5d:af:4f:ab:c3:f8:b5:1d:3a:55:
a5:5b:a5:28:90:3f:d2:e9:f1:ef:54:19:d6:99:d3:00:7e:22:
65:d2:b5:6c:8d:1c:89:21:b6:b9:62:71:15:54:2d:17:81:21:
a6:19:54:33:08:00:c2:9e:6e:a0:31:21:d8:a6:9c:84:06:c0:
17:57:48:60:60:ac:2a:de:3e:5a:16:f7:ec:71:df:bf:66:eb:
97:32:cf:52:25:8f:bf:12:1c:8c:76:f0:42:f3:70:da:d3:ff:
aa:cf:83:e4:0f:92:e0:a3:e2:b9:1e:41:de:81:f6:58:b5:2a:
4b:56:d4:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQljwUt3cqSJ0LMZIArCPNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODllNzAzNWIwOGUxODFhMzQxZjM3ZWRhNzM0M2QyM2Yx
Y2FmYTQwHhcNMjUwMTAyMDU0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY5NjBjNWI1ODNlN2EyZGVkYjFjYjc2ZmYxNjE0NmNhOTJjNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7AFWZLvbBq6d7BGZrfqfoHMlKIl
TyK9KsJfaImR2K8x9ZhD7MjvWKOZvJlpqaWO9gkiGC0Ox/iNmegiCLtnMX/EiIcb
2yrE7s+ULfgQuhuF08r6sIKN0R5o2MbqjLkOiZ4D7gYK1ewY2kqU3lY5JVuW6pw1
IAuApQUeSIRHSTx9aB6B3hZfOikpJT+DqcV3LIIFVm3HnjZCpCgoqg6+6tx9FJmB
Cv20zGVpuU350B3lYi2dwKs3HHIcZBcMq3OOrwIK7UTUsNyxU6XyjEiEz9NrFokJ
KY2ApcXFgt9MvIYP8PrbcKNbSpy4H4guH+M0CPQYkOhPnH0ABsJ8/CQ+PQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJj5YMW1g+ei3tsct2/xYUbKksbHMB8GA1UdIwQY
MBaAFKOJ5wNbCOGBo0HzftpzQ9I/HK+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWIt
MGU3MjQxNmI0ZGM3LzEvbVBsZ3hiV0Q1NkxlMnh5M2JfRmhSc3FTeHNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mMDUzY2QtMWQ3OS00M2ExLTlhYWItMGU3MjQxNmI0ZGM3
LzEvbzRubkExc0k0WUdqUWZOLTJuTkQwajhjcjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuV7wAwQB
uXxgAwQAuXxjMA0GCSqGSIb3DQEBCwUAA4IBAQCLrphdWPZoOJItUEFV81guiF6T
GU/2eNUOFcT3Jw5cchIcILQxb72Z+RbIdBxHTCuHbAnbF44VGQ5WeQ+z8/6dcEVL
1emWB+McNI+PUvNANKP99DOoAZcg8zTfgLpjTfU/KE4q+uPPtX3HKFYYWlReX31a
ePJseVe6FLFOLDJH8sZQx6jUzF2vT6vD+LUdOlWlW6UokD/S6fHvVBnWmdMAfiJl
0rVsjRyJIba5YnEVVC0XgSGmGVQzCADCnm6gMSHYppyEBsAXV0hgYKwq3j5aFvfs
cd+/ZuuXMs9SJY+/EhyMdvBC83Da0/+qz4PkD5Lgo+K5HkHegfZYtSpLVtTO
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:29 2025 by rpki-client