Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/MKy6XWAYP3zxh7zwKNcWOiDPR-k.roa
File: MKy6XWAYP3zxh7zwKNcWOiDPR-k.roa (raw, json)
Hash identifier: R+XM0slVwo6Gs1r7U5p3g+xfmCVjwikkwCXqqmpC4RI=
Subject key identifier: 30:AC:BA:5D:60:18:3F:7C:F1:87:BC:F0:28:D7:16:3A:20:CF:47:E9
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0194274770836C6672E23F291871C30CDBC5
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/MKy6XWAYP3zxh7zwKNcWOiDPR-k.roa
Signing time: Thu 02 Jan 2025 13:49:40 +0000
ROA not before: Thu 02 Jan 2025 13:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212384
IP address blocks: 87.254.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 11:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:70:83:6c:66:72:e2:3f:29:18:71:c3:0c:db:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 2 13:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30acba5d60183f7cf187bcf028d7163a20cf47e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1d:ca:c8:22:4e:21:86:92:eb:11:90:5f:a9:
ed:f3:58:a3:f0:64:81:db:a3:64:bc:aa:6a:ef:90:
00:15:10:f3:be:9e:57:a8:ea:fc:50:81:da:d5:ad:
f9:9f:0f:c1:5f:24:ae:e6:a7:d7:84:50:fe:33:7f:
ac:a4:a6:35:5c:d6:19:28:43:66:21:70:01:e0:17:
9f:2c:cd:b7:e0:e5:83:d7:da:aa:bf:09:06:0f:10:
ca:af:37:22:8e:bb:44:ac:19:63:12:a7:d8:14:f0:
4e:c9:0b:fd:2a:1d:ce:a5:99:46:67:d1:7c:60:21:
c4:2f:e5:03:b4:d6:20:1d:ad:92:95:cc:58:a1:20:
f9:a0:f3:d8:8f:5d:b6:24:04:2a:f8:45:c1:1a:00:
73:2f:5a:42:63:10:99:d0:9c:a0:3e:52:44:0e:39:
7d:ba:66:bc:4c:90:52:e8:cc:3d:38:4f:12:8f:9b:
db:bd:7b:da:6a:f6:ba:95:51:7d:24:0d:60:7f:c1:
d6:52:0a:a8:88:31:1b:b0:6f:c8:7e:ec:8e:63:6c:
28:11:cd:14:99:9b:e2:28:5a:35:e5:72:72:58:f2:
a9:db:d0:10:07:18:31:15:62:dd:d7:f5:db:ab:e5:
2a:60:74:58:13:eb:21:58:cd:97:27:80:8a:ea:47:
ad:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:AC:BA:5D:60:18:3F:7C:F1:87:BC:F0:28:D7:16:3A:20:CF:47:E9
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/MKy6XWAYP3zxh7zwKNcWOiDPR-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.31.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:91:04:66:46:16:51:83:fc:15:ce:35:6a:93:0e:f3:22:2b:
f2:69:6a:0e:ae:85:34:20:38:5d:88:8a:04:25:18:08:aa:1f:
be:b5:ce:ce:d2:ff:1a:6b:08:ba:ba:02:48:69:17:9d:9c:0c:
2a:67:48:b2:3b:fc:c5:bb:74:ae:ff:a6:a5:0a:92:72:ca:be:
01:0a:f6:e7:b1:d4:b5:ed:39:f7:ef:a8:c9:b7:67:46:6a:61:
b3:0c:67:f6:97:29:b6:0a:09:e5:dd:10:8b:ff:81:08:35:d2:
6a:5b:bc:81:13:10:ba:de:28:36:1f:80:08:79:b3:c1:ed:f9:
a3:da:10:f2:85:9e:28:26:6b:04:8a:28:48:e8:cc:2c:8b:17:
53:a3:5b:e0:c5:b5:17:19:5c:62:f3:6f:ad:2f:b1:09:f4:cf:
6b:0d:04:51:07:f5:63:a3:55:7c:58:d3:67:f9:8f:2a:10:e9:
ff:fb:51:d7:91:db:e7:51:b0:40:a5:b2:57:50:0e:b6:fb:d2:
9e:ec:bb:72:c4:ea:83:b1:94:95:d4:07:68:a2:bc:15:7c:3c:
8c:17:88:80:59:ff:2a:29:4b:7f:01:b5:15:63:ba:2b:5d:a1:
33:9d:d7:db:fd:f1:5f:6f:aa:83:01:14:69:9f:94:2d:ab:77:
c3:09:ab:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnR3CDbGZy4j8pGHHDDNvFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwMTAyMTM0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGFjYmE1ZDYwMTgzZjdjZjE4N2JjZjAyOGQ3MTYzYTIwY2Y0N2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR3KyCJOIYaS6xGQX6nt81ij8GSB
26NkvKpq75AAFRDzvp5XqOr8UIHa1a35nw/BXySu5qfXhFD+M3+spKY1XNYZKENm
IXAB4BefLM234OWD19qqvwkGDxDKrzcijrtErBljEqfYFPBOyQv9Kh3OpZlGZ9F8
YCHEL+UDtNYgHa2SlcxYoSD5oPPYj122JAQq+EXBGgBzL1pCYxCZ0JygPlJEDjl9
uma8TJBS6Mw9OE8Sj5vbvXvaava6lVF9JA1gf8HWUgqoiDEbsG/IfuyOY2woEc0U
mZviKFo15XJyWPKp29AQBxgxFWLd1/Xbq+UqYHRYE+shWM2XJ4CK6ketiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCsul1gGD988Ye88CjXFjogz0fpMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvTUt5NlhXQVlQM3p4aDd6d0tOY1dPaURQUi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4fMA0G
CSqGSIb3DQEBCwUAA4IBAQB9kQRmRhZRg/wVzjVqkw7zIivyaWoOroU0IDhdiIoE
JRgIqh++tc7O0v8aawi6ugJIaRednAwqZ0iyO/zFu3Su/6alCpJyyr4BCvbnsdS1
7Tn376jJt2dGamGzDGf2lym2Cgnl3RCL/4EINdJqW7yBExC63ig2H4AIebPB7fmj
2hDyhZ4oJmsEiihI6MwsixdTo1vgxbUXGVxi82+tL7EJ9M9rDQRRB/Vjo1V8WNNn
+Y8qEOn/+1HXkdvnUbBApbJXUA62+9Ke7LtyxOqDsZSV1AdoorwVfDyMF4iAWf8q
KUt/AbUVY7orXaEzndfb/fFfb6qDARRpn5Qtq3fDCasE
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:57:39 2025 by rpki-client