Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/MPEgzsc7IRKTR0peLznny5u9zQU.roa
File: MPEgzsc7IRKTR0peLznny5u9zQU.roa (raw, json)
Hash identifier: CxmJR4HXGFyr5aOUpVP31nHFIaZWyT3pJR2Fks8oBCI=
Subject key identifier: 30:F1:20:CE:C7:3B:21:12:93:47:4A:5E:2F:39:E7:CB:9B:BD:CD:05
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 0194D62CC7A529F40AC0EAEB8C863537FB9E
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/MPEgzsc7IRKTR0peLznny5u9zQU.roa
Signing time: Wed 05 Feb 2025 12:54:06 +0000
ROA not before: Wed 05 Feb 2025 12:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.184.0.0/21 maxlen: 24
89.184.8.0/23 maxlen: 23
89.184.14.0/23 maxlen: 23
89.184.16.0/21 maxlen: 24
89.184.24.0/21 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:2c:c7:a5:29:f4:0a:c0:ea:eb:8c:86:35:37:fb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Feb 5 12:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30f120cec73b211293474a5e2f39e7cb9bbdcd05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c1:da:8e:c5:66:bf:07:da:42:fb:dc:25:26:
38:9d:f9:31:d0:d7:42:8b:45:fc:2e:8d:cd:c1:33:
91:44:4b:7c:94:af:93:8a:82:c2:a1:5a:ed:e4:8d:
63:76:39:90:63:7b:95:6d:82:36:fc:8b:2a:cd:02:
f9:75:b7:24:b8:63:3b:c4:aa:31:7e:1d:2f:af:89:
24:b5:18:52:f2:c3:7c:40:5e:6e:5f:43:88:dc:42:
eb:5d:73:7a:61:e9:ea:83:69:c3:d4:b8:6c:cb:7f:
d5:b4:2b:64:ff:f5:21:7b:44:12:59:b0:66:ab:e9:
82:4a:79:60:f6:c6:02:b7:51:28:9d:eb:56:40:8b:
f6:7a:fb:40:c6:74:16:86:ce:48:f4:73:ca:3d:67:
fc:7d:79:58:de:7e:29:81:cb:8f:b6:b6:a1:bf:2e:
a5:f8:09:7c:76:af:0b:f1:a7:20:a6:ff:dd:60:08:
39:74:c1:66:87:89:ca:50:63:e5:65:cc:69:f2:52:
c7:4e:68:74:fb:8b:93:6f:0e:ef:41:60:10:6b:71:
bc:27:ab:b9:ba:7e:33:74:4b:64:e2:8d:b5:19:65:
af:8f:f1:64:ce:5c:4e:e6:3c:b2:3d:1b:04:d9:84:
bb:68:4d:76:3b:59:16:41:b3:f1:96:c6:29:8a:68:
58:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F1:20:CE:C7:3B:21:12:93:47:4A:5E:2F:39:E7:CB:9B:BD:CD:05
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/MPEgzsc7IRKTR0peLznny5u9zQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.0.0-89.184.9.255
89.184.14.0-89.184.31.255
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
94:0b:1c:e9:6a:70:13:c8:f8:22:15:02:1a:91:95:83:89:8a:
2a:27:5b:29:c0:ce:1b:3a:5b:9d:ca:6a:0c:b6:ad:98:50:80:
07:50:44:a0:56:53:55:2f:4e:23:bd:4e:3d:ba:92:b3:36:d6:
66:18:53:d8:53:9c:41:a0:6b:1d:98:5b:94:34:ac:f0:8a:4b:
dd:84:56:ed:6c:e8:75:d6:4d:0a:13:4b:34:ca:f8:89:67:a3:
1e:be:2b:0a:00:ff:2b:d5:a2:08:f1:88:a6:6d:f0:30:80:0e:
a6:c9:87:ad:29:a4:a2:8b:e7:bc:71:15:21:2f:7e:50:b7:ec:
47:db:9a:25:db:53:f0:85:aa:2a:91:40:51:64:cb:06:df:08:
73:70:58:3d:bd:74:d8:3e:01:6a:8a:5c:ed:91:de:0d:f3:07:
59:ba:cd:e9:22:9a:d3:a5:32:47:af:8c:28:bb:1b:e7:4a:18:
b7:cf:fc:07:dc:3e:34:4e:3b:fa:51:ae:b0:a3:2a:3e:8c:1c:
36:57:29:4f:94:4c:68:cf:07:3b:27:6b:55:02:6b:47:d9:e2:
12:5f:bc:05:cf:de:ce:ec:3f:29:dd:35:47:d9:a6:ee:f8:bd:
90:0e:78:85:6a:c9:5f:05:a1:45:ed:e4:c5:bd:7f:07:87:78:
a1:aa:64:d4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZTWLMelKfQKwOrrjIY1N/ueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjUwMjA1MTI1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGYxMjBjZWM3M2IyMTEyOTM0NzRhNWUyZjM5ZTdjYjliYmRjZDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosHajsVmvwfaQvvcJSY4nfkx0NdC
i0X8Lo3NwTORREt8lK+TioLCoVrt5I1jdjmQY3uVbYI2/IsqzQL5dbckuGM7xKox
fh0vr4kktRhS8sN8QF5uX0OI3ELrXXN6Yenqg2nD1Lhsy3/VtCtk//Uhe0QSWbBm
q+mCSnlg9sYCt1EonetWQIv2evtAxnQWhs5I9HPKPWf8fXlY3n4pgcuPtrahvy6l
+Al8dq8L8acgpv/dYAg5dMFmh4nKUGPlZcxp8lLHTmh0+4uTbw7vQWAQa3G8J6u5
un4zdEtk4o21GWWvj/FkzlxO5jyyPRsE2YS7aE12O1kWQbPxlsYpimhYYQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDDxIM7HOyESk0dKXi8558ubvc0FMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvTVBFZ3pzYzdJUktUUjBwZUx6bm55NXU5elFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAsDAwNZuAME
AVm4CDAMAwQBWbgOAwQFWbgAAwQAwd9nAwQAwd9sMA0GCSqGSIb3DQEBCwUAA4IB
AQCUCxzpanATyPgiFQIakZWDiYoqJ1spwM4bOludymoMtq2YUIAHUESgVlNVL04j
vU49upKzNtZmGFPYU5xBoGsdmFuUNKzwikvdhFbtbOh11k0KE0s0yviJZ6MevisK
AP8r1aII8YimbfAwgA6myYetKaSii+e8cRUhL35Qt+xH25ol21PwhaoqkUBRZMsG
3whzcFg9vXTYPgFqilztkd4N8wdZus3pIprTpTJHr4wouxvnShi3z/wH3D40Tjv6
Ua6woyo+jBw2VylPlExozwc7J2tVAmtH2eISX7wFz97O7D8p3TVH2abu+L2QDniF
aslfBaFF7eTFvX8Hh3ihqmTU
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:18:59 2025 by rpki-client