Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/MAyKtR82lE73Rh03ItY-WJwlb0g.roa
File: MAyKtR82lE73Rh03ItY-WJwlb0g.roa (raw, json)
Hash identifier: f22v5OwOnzL/KWHiBBd5+v5oBvo4HOCog7B7G8jEiaw=
Subject key identifier: 30:0C:8A:B5:1F:36:94:4E:F7:46:1D:37:22:D6:3E:58:9C:25:6F:48
Certificate issuer: /CN=0aa2f1205553fa5960f1805c6ed9389e9e0dc92c
Certificate serial: 0194228E1F953426F9CE8C48245E6B50CA08
Authority key identifier: 0A:A2:F1:20:55:53:FA:59:60:F1:80:5C:6E:D9:38:9E:9E:0D:C9:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CqLxIFVT-llg8YBcbtk4np4NySw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/MAyKtR82lE73Rh03ItY-WJwlb0g.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16376
IP address blocks: 185.105.64.0/23 maxlen: 24
185.105.66.0/23 maxlen: 24
2a09:fd40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/CqLxIFVT-llg8YBcbtk4np4NySw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/CqLxIFVT-llg8YBcbtk4np4NySw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CqLxIFVT-llg8YBcbtk4np4NySw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 03:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:1f:95:34:26:f9:ce:8c:48:24:5e:6b:50:ca:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0aa2f1205553fa5960f1805c6ed9389e9e0dc92c
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=300c8ab51f36944ef7461d3722d63e589c256f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d9:3d:30:4a:a0:f8:56:c0:f4:ac:9f:4d:67:
bd:72:ac:39:c9:04:25:dc:1c:22:85:9d:fc:3e:de:
b9:57:09:89:c6:b1:eb:e5:25:0a:3d:f4:25:d9:8c:
2c:a5:8f:d9:77:ae:ee:63:97:d6:58:7d:4a:14:a1:
a9:52:59:46:b6:8c:59:1f:b1:d7:16:91:2c:f4:38:
97:35:73:b3:54:ed:2a:d5:77:b4:51:e0:f7:ee:06:
7f:7d:57:b5:1c:af:8a:03:72:31:01:90:7c:1d:e3:
33:5e:56:f6:cd:4f:eb:b4:56:f9:db:cb:82:fb:48:
13:80:e8:9a:ff:b1:65:94:b2:b4:aa:c2:8b:30:20:
b1:b8:3a:76:79:62:b3:71:18:ae:0f:19:ff:98:b9:
3f:db:25:58:d8:1d:e4:dc:ea:11:7f:e6:a8:fc:4b:
3f:cb:f6:4b:b5:4c:55:10:32:8d:d7:a6:12:88:11:
cd:95:f7:dd:95:82:6f:6b:19:4f:ea:54:e8:34:5b:
fb:cd:df:52:70:bd:b1:05:0b:5a:c2:9a:3c:65:86:
cc:68:4a:51:1a:99:8f:53:d8:68:75:11:a8:96:04:
79:96:ba:d8:7b:fe:25:74:3f:77:f5:9b:33:ea:16:
2c:e3:62:50:23:28:24:26:38:d8:0a:21:b1:36:9a:
b2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:0C:8A:B5:1F:36:94:4E:F7:46:1D:37:22:D6:3E:58:9C:25:6F:48
X509v3 Authority Key Identifier:
keyid:0A:A2:F1:20:55:53:FA:59:60:F1:80:5C:6E:D9:38:9E:9E:0D:C9:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CqLxIFVT-llg8YBcbtk4np4NySw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/MAyKtR82lE73Rh03ItY-WJwlb0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/64e442-137e-4101-bb6c-b06831596449/1/CqLxIFVT-llg8YBcbtk4np4NySw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.64.0/22
IPv6:
2a09:fd40::/48
Signature Algorithm: sha256WithRSAEncryption
8a:2c:1a:95:4d:01:2c:f2:58:bd:6d:52:da:04:ce:fd:b1:6e:
d4:a1:db:b1:9d:4e:a9:d6:7f:78:1f:f2:2f:13:e5:8d:3a:7b:
26:5b:f8:02:23:d0:f9:ec:85:de:02:be:27:35:5b:84:9c:d4:
f8:23:1e:47:f4:49:0f:f8:44:24:b2:6d:c2:7c:e3:51:03:32:
7b:05:11:06:3b:b4:14:18:e0:bf:9f:67:a4:5f:06:e8:44:e3:
39:28:3a:64:87:b0:5d:87:81:8f:12:25:cb:3e:01:35:9a:7f:
32:21:1d:64:c2:73:9c:20:88:0d:9c:0a:5e:b1:1a:a7:46:0d:
a2:22:36:98:4a:ea:76:8c:5f:05:b6:ff:ae:9e:4e:9c:6a:e0:
27:a5:59:b6:f2:e4:66:c2:b5:42:15:a3:73:11:f9:58:60:10:
0e:3c:92:43:bd:77:c4:ec:fc:fe:b6:d8:77:96:1a:42:1e:e1:
c3:9a:ac:c8:14:74:3d:3e:ec:c8:37:3e:7e:30:eb:8c:5c:17:
37:5f:58:cf:e6:fe:63:e1:ec:dd:a9:82:cf:39:e2:41:80:bd:
6b:72:b1:4f:d2:40:3a:46:91:cc:a3:75:bd:f3:f1:e6:f2:2a:
9c:aa:1e:2a:c9:58:83:fb:df:79:0f:e2:0d:50:44:93:1d:dc:
60:aa:83:e5
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQijh+VNCb5zoxIJF5rUMoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYTJmMTIwNTU1M2ZhNTk2MGYxODA1YzZlZDkzODllOWUw
ZGM5MmMwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDBjOGFiNTFmMzY5NDRlZjc0NjFkMzcyMmQ2M2U1ODljMjU2ZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Nk9MEqg+FbA9KyfTWe9cqw5yQQl
3BwihZ38Pt65VwmJxrHr5SUKPfQl2YwspY/Zd67uY5fWWH1KFKGpUllGtoxZH7HX
FpEs9DiXNXOzVO0q1Xe0UeD37gZ/fVe1HK+KA3IxAZB8HeMzXlb2zU/rtFb528uC
+0gTgOia/7FllLK0qsKLMCCxuDp2eWKzcRiuDxn/mLk/2yVY2B3k3OoRf+ao/Es/
y/ZLtUxVEDKN16YSiBHNlffdlYJvaxlP6lToNFv7zd9ScL2xBQtawpo8ZYbMaEpR
GpmPU9hodRGolgR5lrrYe/4ldD939Zsz6hYs42JQIygkJjjYCiGxNpqylwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDAMirUfNpRO90YdNyLWPlicJW9IMB8GA1UdIwQY
MBaAFAqi8SBVU/pZYPGAXG7ZOJ6eDcksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3FMeElGVlQtbGxnOFlCY2J0azRucDROeVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS82NGU0NDItMTM3ZS00MTAxLWJiNmMt
YjA2ODMxNTk2NDQ5LzEvTUF5S3RSODJsRTczUmgwM0l0WS1XSndsYjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS82NGU0NDItMTM3ZS00MTAxLWJiNmMtYjA2ODMxNTk2NDQ5
LzEvQ3FMeElGVlQtbGxnOFlCY2J0azRucDROeVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuWlAMA8E
AgACMAkDBwAqCf1AAAAwDQYJKoZIhvcNAQELBQADggEBAIosGpVNASzyWL1tUtoE
zv2xbtSh27GdTqnWf3gf8i8T5Y06eyZb+AIj0Pnshd4Cvic1W4Sc1PgjHkf0SQ/4
RCSybcJ841EDMnsFEQY7tBQY4L+fZ6RfBuhE4zkoOmSHsF2HgY8SJcs+ATWafzIh
HWTCc5wgiA2cCl6xGqdGDaIiNphK6naMXwW2/66eTpxq4CelWbby5GbCtUIVo3MR
+VhgEA48kkO9d8Ts/P622HeWGkIe4cOarMgUdD0+7Mg3Pn4w64xcFzdfWM/m/mPh
7N2pgs854kGAvWtysU/SQDpGkcyjdb3z8ebyKpyqHirJWIP733kP4g1QRJMd3GCq
g+U=
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:00:43 2025 by rpki-client