Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/MB79B-8QZwUqYrXc2Ibwogq_qLQ.roa
File: MB79B-8QZwUqYrXc2Ibwogq_qLQ.roa (raw, json)
Hash identifier: bNBfBbjDpqRStExCWEma6tP6lj9BYj7p2ZAmcoBXfmY=
Subject key identifier: 30:1E:FD:07:EF:10:67:05:2A:62:B5:DC:D8:86:F0:A2:0A:BF:A8:B4
Certificate issuer: /CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Certificate serial: 019546DC12BFB0F8AC6FCBD1079318002B0A
Authority key identifier: 6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/MB79B-8QZwUqYrXc2Ibwogq_qLQ.roa
Signing time: Thu 27 Feb 2025 10:03:02 +0000
ROA not before: Thu 27 Feb 2025 10:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.121.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 15:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:46:dc:12:bf:b0:f8:ac:6f:cb:d1:07:93:18:00:2b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c195b9bd47001eab50fdba1de0d2d3f4527f675
Validity
Not Before: Feb 27 10:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=301efd07ef1067052a62b5dcd886f0a20abfa8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:21:65:7d:9b:5b:c2:dd:0d:74:7c:67:e8:f4:
ae:8a:17:82:be:63:06:d6:df:f2:70:0e:20:f9:4e:
8d:96:98:33:50:98:27:46:12:ef:70:f4:6f:66:b6:
60:e1:c9:d7:08:1b:e9:76:a2:c7:9c:ef:6b:32:34:
c6:27:3c:ac:a7:61:19:a9:f0:17:5c:0c:b6:07:12:
e7:f0:c0:4a:0c:07:db:85:c2:16:ca:4d:aa:96:ee:
9c:41:08:91:b8:82:f3:fa:19:58:cc:0d:35:30:f8:
5c:22:21:8d:6c:8e:a6:a0:a1:fb:90:d8:1c:44:95:
20:33:11:52:76:b8:9e:87:d9:3e:6a:e5:75:a2:bf:
5f:4e:f5:12:f1:7f:b3:2b:e6:10:b6:6f:0d:66:69:
bd:99:6c:63:99:9b:59:fb:f1:13:5d:74:99:79:45:
92:88:0f:eb:56:f7:7a:b9:22:a1:6a:31:5e:3e:c0:
34:d7:b2:81:1e:ad:0d:50:8d:48:97:e1:9e:64:2f:
9a:6f:32:60:1e:cf:80:a7:af:5b:ce:19:cf:f3:80:
17:8f:3f:02:1b:f5:35:35:57:80:8e:7f:d3:09:42:
76:82:f2:ab:8b:d0:14:16:5e:59:b6:a5:46:d9:6e:
f1:6e:17:78:dc:14:bf:e7:27:11:72:72:2e:ad:5e:
83:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1E:FD:07:EF:10:67:05:2A:62:B5:DC:D8:86:F0:A2:0A:BF:A8:B4
X509v3 Authority Key Identifier:
keyid:6C:19:5B:9B:D4:70:01:EA:B5:0F:DB:A1:DE:0D:2D:3F:45:27:F6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBlbm9RwAeq1D9uh3g0tP0Un9nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/MB79B-8QZwUqYrXc2Ibwogq_qLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/010d3d-1ba8-4a96-8212-94ac8af1bfcf/1/bBlbm9RwAeq1D9uh3g0tP0Un9nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.142.0/24
Signature Algorithm: sha256WithRSAEncryption
97:7c:16:9a:3c:8d:41:b0:53:5e:81:4a:2d:c2:73:89:09:d9:
de:df:1c:ff:76:bb:52:1f:14:ff:56:da:cc:de:df:d1:ab:3a:
3c:74:71:25:57:e5:d8:bf:8d:ed:10:59:5d:b1:d3:27:dc:54:
6e:c7:64:9b:2d:b1:4b:21:bc:25:bc:cc:3d:12:e8:14:28:c1:
b2:63:03:35:e3:bc:3b:b9:50:e1:87:22:46:85:6f:43:b5:db:
52:b1:90:4e:7c:af:31:4c:67:07:e5:04:c5:d9:aa:ef:22:4b:
51:44:fe:53:39:35:83:fc:47:81:11:f6:86:7a:1a:ee:7a:d7:
72:f4:05:23:93:ba:9d:db:b8:2c:56:77:05:ec:5d:c1:dd:14:
2e:c8:44:34:c5:37:ad:28:43:ce:66:89:f5:e7:84:7f:1e:0e:
d2:91:dd:cd:51:23:85:38:3b:9a:db:18:9a:a2:99:41:ca:fc:
53:52:b1:5f:1e:35:4b:15:40:3e:0f:9d:28:6d:6a:c9:e6:3d:
43:e6:d1:b5:5c:b4:c0:78:3b:80:bf:73:1c:90:38:b6:3d:8e:
72:9e:bd:18:12:39:f8:d4:6c:2f:f7:18:7c:81:62:9c:59:48:
43:eb:85:fd:81:5e:75:2c:0c:81:1b:84:fd:b6:40:26:1b:0c:
bb:f0:8e:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVG3BK/sPisb8vRB5MYACsKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMTk1YjliZDQ3MDAxZWFiNTBmZGJhMWRlMGQyZDNmNDUy
N2Y2NzUwHhcNMjUwMjI3MTAwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDFlZmQwN2VmMTA2NzA1MmE2MmI1ZGNkODg2ZjBhMjBhYmZhOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSFlfZtbwt0NdHxn6PSuiheCvmMG
1t/ycA4g+U6NlpgzUJgnRhLvcPRvZrZg4cnXCBvpdqLHnO9rMjTGJzysp2EZqfAX
XAy2BxLn8MBKDAfbhcIWyk2qlu6cQQiRuILz+hlYzA01MPhcIiGNbI6moKH7kNgc
RJUgMxFSdrieh9k+auV1or9fTvUS8X+zK+YQtm8NZmm9mWxjmZtZ+/ETXXSZeUWS
iA/rVvd6uSKhajFePsA017KBHq0NUI1Il+GeZC+abzJgHs+Ap69bzhnP84AXjz8C
G/U1NVeAjn/TCUJ2gvKri9AUFl5ZtqVG2W7xbhd43BS/5ycRcnIurV6D2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDAe/QfvEGcFKmK13NiG8KIKv6i0MB8GA1UdIwQY
MBaAFGwZW5vUcAHqtQ/bod4NLT9FJ/Z1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTIt
OTRhYzhhZjFiZmNmLzEvTUI3OUItOFFad1VxWXJYYzJJYndvZ3FfcUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8wMTBkM2QtMWJhOC00YTk2LTgyMTItOTRhYzhhZjFiZmNm
LzEvYkJsYm05UndBZXExRDl1aDNnMHRQMFVuOW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXmOMA0G
CSqGSIb3DQEBCwUAA4IBAQCXfBaaPI1BsFNegUotwnOJCdne3xz/drtSHxT/VtrM
3t/Rqzo8dHElV+XYv43tEFldsdMn3FRux2SbLbFLIbwlvMw9EugUKMGyYwM147w7
uVDhhyJGhW9DtdtSsZBOfK8xTGcH5QTF2arvIktRRP5TOTWD/EeBEfaGehruetdy
9AUjk7qd27gsVncF7F3B3RQuyEQ0xTetKEPOZon154R/Hg7Skd3NUSOFODua2xia
oplByvxTUrFfHjVLFUA+D50obWrJ5j1D5tG1XLTAeDuAv3MckDi2PY5ynr0YEjn4
1Gwv9xh8gWKcWUhD64X9gV51LAyBG4T9tkAmGwy78I4h
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:54:18 2025 by rpki-client