Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/MPJbxNfI4E3-o9R3b5LoavuNf_M.roa
File: MPJbxNfI4E3-o9R3b5LoavuNf_M.roa (raw, json)
Hash identifier: YmpwW40yFr+eOmaR9up2PE3Zd5XCNeKEz4dO44qxY0o=
Subject key identifier: 30:F2:5B:C4:D7:C8:E0:4D:FE:A3:D4:77:6F:92:E8:6A:FB:8D:7F:F3
Certificate issuer: /CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Certificate serial: 01941F8C0B17A0E0117156113EA1AA09C38D
Authority key identifier: C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/MPJbxNfI4E3-o9R3b5LoavuNf_M.roa
Signing time: Wed 01 Jan 2025 01:47:39 +0000
ROA not before: Wed 01 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15435
IP address blocks: 194.13.240.0/20 maxlen: 24
2001:67c:2b0c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Apr 2025 01:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:0b:17:a0:e0:11:71:56:11:3e:a1:aa:09:c3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c58afa22f98a37f6d8d0293a9b319416ec94d386
Validity
Not Before: Jan 1 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f25bc4d7c8e04dfea3d4776f92e86afb8d7ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c5:a4:02:a4:ff:0f:c3:8d:60:f7:a0:1f:ae:
d8:ec:59:be:da:3a:a4:3c:9f:b2:5a:a7:68:19:ba:
0c:6a:52:53:da:b1:05:72:cc:17:81:6f:84:df:3c:
c2:e9:1a:f3:6d:2c:04:5c:3e:c8:3a:38:31:5c:a1:
ed:ca:87:b4:62:84:74:61:b8:75:09:96:bd:54:10:
65:b7:fd:10:9d:a5:ce:c4:8a:19:37:0f:31:a7:88:
d3:7b:e0:8a:eb:fa:9d:33:5b:2e:61:12:20:03:45:
c2:64:86:40:cd:9b:ce:99:e4:e8:71:3a:3a:0d:dc:
12:7c:b3:29:e9:1e:eb:a3:e5:8a:db:fb:f1:a7:da:
aa:fb:b6:9b:e6:11:a8:d5:39:39:48:76:ca:c7:59:
2b:33:e6:4c:4a:5e:e4:ec:4d:3b:0b:3c:5f:ec:0b:
ff:f2:20:4c:7c:4a:ae:d4:d5:fa:f2:26:13:1d:48:
f1:5b:9b:7d:fe:fa:7c:10:d4:e4:1b:68:38:d0:ad:
81:31:09:7f:b1:a5:f5:f8:0f:61:3a:2c:b1:9c:19:
18:11:4b:74:ee:25:0a:93:60:7f:b1:84:5b:8c:af:
fa:35:f9:0a:92:e6:5e:a9:7d:08:ba:da:f3:39:83:
43:e6:4b:0d:5e:8c:ea:ac:53:c0:f2:27:39:ed:64:
5a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F2:5B:C4:D7:C8:E0:4D:FE:A3:D4:77:6F:92:E8:6A:FB:8D:7F:F3
X509v3 Authority Key Identifier:
keyid:C5:8A:FA:22:F9:8A:37:F6:D8:D0:29:3A:9B:31:94:16:EC:94:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/MPJbxNfI4E3-o9R3b5LoavuNf_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/758c8a-613e-4e2a-8fe1-91228620570e/1/xYr6IvmKN_bY0Ck6mzGUFuyU04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.13.240.0/20
IPv6:
2001:67c:2b0c::/48
Signature Algorithm: sha256WithRSAEncryption
1f:c7:79:8f:59:8a:fc:f2:6f:e4:bb:6a:22:d2:2b:d2:83:51:
cb:a6:fb:2b:18:bb:f4:06:40:b8:54:f0:72:99:8f:59:59:76:
44:0e:32:30:a3:ec:96:68:06:82:fb:a0:9f:ab:95:ae:f0:d0:
74:08:50:01:91:1c:1e:f0:27:a7:2a:1f:29:3d:74:9b:5f:21:
6b:27:e4:58:70:b0:d8:22:32:15:de:37:21:ad:82:8d:4d:e3:
8e:05:fd:ca:bb:87:8c:0f:0a:5e:66:01:02:5d:b5:e7:f0:35:
27:fe:5b:d7:0f:95:00:f3:83:2e:04:af:5e:6b:60:ed:ff:d3:
b2:c2:fc:01:fe:7c:cf:1b:0f:28:4d:cc:16:f0:c3:62:08:6f:
cd:48:75:31:35:f5:ba:fb:29:87:6e:c0:84:fe:27:7c:56:8d:
78:19:57:91:8e:c4:f3:8e:3a:6a:4a:c9:8b:21:4a:3f:8d:ba:
f1:a6:b3:50:85:ff:57:89:31:2f:1c:ba:e9:80:c0:e9:d6:41:
fb:50:33:7d:ba:81:f9:30:74:2d:32:d4:4b:26:e7:e0:13:a9:
06:6e:42:3a:57:82:e7:01:d9:a1:8f:a0:c3:5c:b6:23:b7:e2:
a9:c9:7e:5c:3f:7c:8c:7a:b4:2c:70:b2:0d:d6:87:60:42:0f:
4d:c5:7e:84
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQfjAsXoOARcVYRPqGqCcONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1OGFmYTIyZjk4YTM3ZjZkOGQwMjkzYTliMzE5NDE2ZWM5
NGQzODYwHhcNMjUwMTAxMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYyNWJjNGQ3YzhlMDRkZmVhM2Q0Nzc2ZjkyZTg2YWZiOGQ3ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8WkAqT/D8ONYPegH67Y7Fm+2jqk
PJ+yWqdoGboMalJT2rEFcswXgW+E3zzC6RrzbSwEXD7IOjgxXKHtyoe0YoR0Ybh1
CZa9VBBlt/0QnaXOxIoZNw8xp4jTe+CK6/qdM1suYRIgA0XCZIZAzZvOmeTocTo6
DdwSfLMp6R7ro+WK2/vxp9qq+7ab5hGo1Tk5SHbKx1krM+ZMSl7k7E07Czxf7Av/
8iBMfEqu1NX68iYTHUjxW5t9/vp8ENTkG2g40K2BMQl/saX1+A9hOiyxnBkYEUt0
7iUKk2B/sYRbjK/6NfkKkuZeqX0IutrzOYND5ksNXozqrFPA8ic57WRaoQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDDyW8TXyOBN/qPUd2+S6Gr7jX/zMB8GA1UdIwQY
MBaAFMWK+iL5ijf22NApOpsxlBbslNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEt
OTEyMjg2MjA1NzBlLzEvTVBKYnhOZkk0RTMtbzlSM2I1TG9hdnVOZl9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NThjOGEtNjEzZS00ZTJhLThmZTEtOTEyMjg2MjA1NzBl
LzEveFlyNkl2bUtOX2JZMENrNm16R1VGdXlVMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQEwg3wMA8E
AgACMAkDBwAgAQZ8KwwwDQYJKoZIhvcNAQELBQADggEBAB/HeY9Zivzyb+S7aiLS
K9KDUcum+ysYu/QGQLhU8HKZj1lZdkQOMjCj7JZoBoL7oJ+rla7w0HQIUAGRHB7w
J6cqHyk9dJtfIWsn5FhwsNgiMhXeNyGtgo1N444F/cq7h4wPCl5mAQJdtefwNSf+
W9cPlQDzgy4Er15rYO3/07LC/AH+fM8bDyhNzBbww2IIb81IdTE19br7KYduwIT+
J3xWjXgZV5GOxPOOOmpKyYshSj+NuvGms1CF/1eJMS8cuumAwOnWQftQM326gfkw
dC0y1Esm5+ATqQZuQjpXgucB2aGPoMNctiO34qnJflw/fIx6tCxwsg3Wh2BCD03F
foQ=
-----END CERTIFICATE-----
Generated at Fri Apr 25 10:20:00 2025 by rpki-client