Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mCnYXWu4b63APiLHfTZYtL17V-k.roa
File: mCnYXWu4b63APiLHfTZYtL17V-k.roa (raw, json)
Hash identifier: OJ4rWrUCb6z1gbCAGGIbilgsZuP+VOT09zznTmaPwtU=
Subject key identifier: 98:29:D8:5D:6B:B8:6F:AD:C0:3E:22:C7:7D:36:58:B4:BD:7B:57:E9
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0194DBB51B6F6AFDD86796285C2197ECF667
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mCnYXWu4b63APiLHfTZYtL17V-k.roa
Signing time: Thu 06 Feb 2025 14:41:06 +0000
ROA not before: Thu 06 Feb 2025 14:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209242
IP address blocks: 185.238.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:b5:1b:6f:6a:fd:d8:67:96:28:5c:21:97:ec:f6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 6 14:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9829d85d6bb86fadc03e22c77d3658b4bd7b57e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ae:8f:f9:63:81:4d:e1:0c:3c:a1:ef:be:9a:
33:3e:3c:d6:90:18:85:1d:be:f9:c5:47:6a:57:21:
bd:ab:9b:52:b8:ba:88:8f:c5:a2:f6:54:51:f0:e8:
f9:46:5b:6f:a6:ad:65:c7:1a:b0:6b:d0:69:35:d8:
07:e4:b8:99:e1:9f:48:fc:92:bb:74:3c:0c:f3:d8:
36:51:7f:72:87:e4:ac:84:00:a3:8d:03:70:75:cb:
1d:2c:ea:72:67:63:71:a4:87:c4:88:6c:2a:2d:84:
a0:67:2c:7c:4d:92:af:6d:88:5a:a9:23:9a:cd:ac:
e1:2e:e6:c7:e7:30:85:9d:9c:53:eb:2c:5b:aa:e4:
dd:fc:8e:df:c2:05:54:b6:81:8a:34:8e:0b:e0:5d:
79:4a:2f:46:01:ba:be:59:12:ce:08:3c:bb:3b:91:
e2:db:1f:e3:f7:0f:80:c3:f1:fe:06:7f:c3:96:a8:
a7:75:a3:3e:f2:87:a0:3d:6e:89:cd:c4:6e:b0:6c:
f4:d9:e6:74:02:04:7c:a9:59:ca:ef:f1:46:d4:31:
52:e7:07:bf:54:36:94:53:7c:57:3a:4d:b6:1b:f3:
9c:42:ee:27:df:48:b2:34:00:0a:93:52:d5:d0:8c:
16:77:f5:b0:c9:4a:ca:3f:45:7b:e3:9c:f6:3c:da:
d3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:29:D8:5D:6B:B8:6F:AD:C0:3E:22:C7:7D:36:58:B4:BD:7B:57:E9
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mCnYXWu4b63APiLHfTZYtL17V-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.228.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:ec:e7:50:fe:07:7e:cc:66:0f:d0:45:03:a5:e2:fd:92:0e:
e2:8b:3d:30:72:fe:cf:07:c3:ab:ad:12:1a:5e:c9:74:90:70:
48:59:21:07:e7:62:91:25:e8:3b:33:b8:07:88:85:6c:17:14:
bc:76:f0:9e:01:d4:1a:96:ba:c8:e2:bd:82:f2:4b:7f:79:14:
33:c2:2e:9d:1a:7c:52:10:87:16:ea:34:f9:1b:1b:db:08:14:
5d:d5:06:e2:d1:e5:23:07:7b:45:2c:6f:47:d1:56:0a:2b:dc:
63:3d:6c:f2:48:98:6e:97:64:53:27:e6:bd:7d:00:85:0c:09:
7e:f9:26:07:a6:3d:d5:c4:1a:4e:67:ea:28:5d:6e:24:ce:f6:
2c:19:02:6d:03:47:2d:ca:49:ea:bb:d4:0e:ad:ab:46:d0:4b:
ee:4c:0d:83:ab:a8:4e:e6:9c:e4:04:cd:a7:ff:2f:bc:8a:3e:
9a:1e:cd:ef:c1:10:ca:a1:b5:2b:84:6a:58:ac:9d:12:e7:07:
62:a9:37:8b:93:bd:dc:89:d5:93:38:37:d7:e4:c2:94:9b:2b:
7a:d7:80:8e:e0:4f:d3:a4:36:32:54:fd:dc:ff:de:5a:5d:cc:
be:10:6f:5d:b8:87:7d:08:e0:27:d9:27:ef:70:ef:ef:1c:66:
3c:d0:79:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTbtRtvav3YZ5YoXCGX7PZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMjA2MTQ0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODI5ZDg1ZDZiYjg2ZmFkYzAzZTIyYzc3ZDM2NThiNGJkN2I1N2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9K6P+WOBTeEMPKHvvpozPjzWkBiF
Hb75xUdqVyG9q5tSuLqIj8Wi9lRR8Oj5Rltvpq1lxxqwa9BpNdgH5LiZ4Z9I/JK7
dDwM89g2UX9yh+SshACjjQNwdcsdLOpyZ2NxpIfEiGwqLYSgZyx8TZKvbYhaqSOa
zazhLubH5zCFnZxT6yxbquTd/I7fwgVUtoGKNI4L4F15Si9GAbq+WRLOCDy7O5Hi
2x/j9w+Aw/H+Bn/DlqindaM+8oegPW6JzcRusGz02eZ0AgR8qVnK7/FG1DFS5we/
VDaUU3xXOk22G/OcQu4n30iyNAAKk1LV0IwWd/WwyUrKP0V745z2PNrT5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJgp2F1ruG+twD4ix302WLS9e1fpMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbUNuWVhXdTRiNjNBUGlMSGZUWll0TDE3Vi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue7kMA0G
CSqGSIb3DQEBCwUAA4IBAQBv7OdQ/gd+zGYP0EUDpeL9kg7iiz0wcv7PB8OrrRIa
Xsl0kHBIWSEH52KRJeg7M7gHiIVsFxS8dvCeAdQalrrI4r2C8kt/eRQzwi6dGnxS
EIcW6jT5GxvbCBRd1Qbi0eUjB3tFLG9H0VYKK9xjPWzySJhul2RTJ+a9fQCFDAl+
+SYHpj3VxBpOZ+ooXW4kzvYsGQJtA0ctyknqu9QOratG0EvuTA2Dq6hO5pzkBM2n
/y+8ij6aHs3vwRDKobUrhGpYrJ0S5wdiqTeLk73cidWTODfX5MKUmyt614CO4E/T
pDYyVP3c/95aXcy+EG9duId9COAn2SfvcO/vHGY80Hn0
-----END CERTIFICATE-----
Generated at Sat Apr 12 07:52:57 2025 by rpki-client