Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/MjfPB6z00e-ff7RNJtIi20gDUz8.roa
File: MjfPB6z00e-ff7RNJtIi20gDUz8.roa (raw, json)
Hash identifier: Cpw1zTo9jE0fDsY0ux+7L1DgxTy3Nnzm8fXHw47pw5Q=
Subject key identifier: 32:37:CF:07:AC:F4:D1:EF:9F:7F:B4:4D:26:D2:22:DB:48:03:53:3F
Certificate issuer: /CN=34a63dc86120e87f4cff8c59af3261e6e1292fd9
Certificate serial: 01942823AAD940A1DA1EF173E812968747D0
Authority key identifier: 34:A6:3D:C8:61:20:E8:7F:4C:FF:8C:59:AF:32:61:E6:E1:29:2F:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NKY9yGEg6H9M_4xZrzJh5uEpL9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/MjfPB6z00e-ff7RNJtIi20gDUz8.roa
Signing time: Thu 02 Jan 2025 17:50:13 +0000
ROA not before: Thu 02 Jan 2025 17:50:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210966
IP address blocks: 185.25.106.0/24 maxlen: 24
2a11:540::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/NKY9yGEg6H9M_4xZrzJh5uEpL9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/NKY9yGEg6H9M_4xZrzJh5uEpL9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/NKY9yGEg6H9M_4xZrzJh5uEpL9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:aa:d9:40:a1:da:1e:f1:73:e8:12:96:87:47:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34a63dc86120e87f4cff8c59af3261e6e1292fd9
Validity
Not Before: Jan 2 17:50:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3237cf07acf4d1ef9f7fb44d26d222db4803533f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:f8:9c:f4:66:3e:84:10:af:de:ac:ff:46:
21:86:9e:c3:3d:c1:bb:d7:0b:ff:5a:10:ab:b8:93:
53:db:32:25:53:6e:39:5c:1a:83:50:31:fd:19:4a:
34:e4:aa:39:d8:57:3f:8f:62:c1:b2:a7:1e:6e:bc:
0d:ca:2e:a5:2a:5b:67:24:95:cc:20:60:d2:94:2f:
87:b5:83:15:be:13:dc:5e:d7:1a:89:bb:04:d3:d6:
bd:30:41:5f:1c:a8:8d:c3:1d:37:1b:5e:a0:8a:f4:
0c:27:65:4f:98:59:d1:e6:7c:c1:f3:de:f9:fc:44:
7f:4b:46:65:87:45:41:cb:35:85:57:55:93:72:7e:
ad:34:b1:c9:03:fa:d7:38:20:b6:e0:e6:72:b6:9a:
26:9c:a3:99:09:c6:cc:f3:d4:38:92:bb:10:3d:08:
53:9a:f1:19:b5:80:34:9a:54:c1:35:e7:20:9d:43:
c0:28:14:7b:60:ac:16:74:74:78:53:d1:11:7f:24:
bf:d4:12:52:ae:af:68:b5:58:21:2e:d9:2a:f4:44:
62:62:f0:d4:e3:50:9c:05:2b:2f:46:d3:fe:1c:68:
0c:92:cc:01:53:4a:b5:ac:18:70:ee:fa:16:cd:1e:
a4:b4:0b:ee:1a:fc:22:35:7f:85:41:63:98:14:a0:
fd:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:37:CF:07:AC:F4:D1:EF:9F:7F:B4:4D:26:D2:22:DB:48:03:53:3F
X509v3 Authority Key Identifier:
keyid:34:A6:3D:C8:61:20:E8:7F:4C:FF:8C:59:AF:32:61:E6:E1:29:2F:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NKY9yGEg6H9M_4xZrzJh5uEpL9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/MjfPB6z00e-ff7RNJtIi20gDUz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/6b9c7a-9dc7-4040-b29a-fc7a0ea6b0e2/1/NKY9yGEg6H9M_4xZrzJh5uEpL9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.106.0/24
IPv6:
2a11:540::/30
Signature Algorithm: sha256WithRSAEncryption
10:0f:9e:0e:17:d4:4b:ad:29:13:79:76:91:b4:90:95:ed:59:
5d:a5:87:95:0e:05:e5:51:96:a4:3f:4a:03:28:09:84:a0:e5:
44:9b:60:56:16:06:22:b9:5a:b2:eb:d8:8c:5c:94:81:65:fc:
5b:5a:9a:fd:35:18:54:9d:20:94:23:6b:51:8f:86:6a:a7:5a:
e9:3f:71:ee:4b:7b:eb:b9:c0:e5:c4:54:59:c7:9a:20:7c:e3:
c2:1c:d2:0b:e2:65:32:40:97:48:8a:bc:03:cc:38:9f:a2:54:
48:a6:b5:d9:71:bc:b4:e9:1d:f6:f7:bb:92:42:34:6f:f5:a0:
fe:27:29:fc:36:e1:b3:e9:5f:83:e9:e7:e6:f9:8a:42:f7:f7:
30:5b:8a:38:09:b2:7c:fe:c8:20:17:79:cc:c0:04:ef:73:12:
80:b5:c0:67:bb:60:71:33:ce:a3:56:2c:c2:98:0b:2c:b6:f7:
27:ba:10:ce:e9:f5:2a:55:85:69:19:4a:12:16:48:8e:a8:b3:
54:eb:c4:63:e0:f5:f5:fe:4f:de:f5:3b:42:7c:1b:cc:ad:f7:
1b:4b:c9:61:cb:6b:c4:b6:3e:80:d1:6d:42:1d:2d:79:a2:36:
34:31:37:47:c3:83:0b:51:1f:ba:4d:11:bd:31:5b:b1:47:80:
c0:a1:b3:fe
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoI6rZQKHaHvFz6BKWh0fQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0YTYzZGM4NjEyMGU4N2Y0Y2ZmOGM1OWFmMzI2MWU2ZTEy
OTJmZDkwHhcNMjUwMTAyMTc1MDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjM3Y2YwN2FjZjRkMWVmOWY3ZmI0NGQyNmQyMjJkYjQ4MDM1MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxr4nPRmPoQQr96s/0Yhhp7DPcG7
1wv/WhCruJNT2zIlU245XBqDUDH9GUo05Ko52Fc/j2LBsqcebrwNyi6lKltnJJXM
IGDSlC+HtYMVvhPcXtcaibsE09a9MEFfHKiNwx03G16givQMJ2VPmFnR5nzB8975
/ER/S0Zlh0VByzWFV1WTcn6tNLHJA/rXOCC24OZytpomnKOZCcbM89Q4krsQPQhT
mvEZtYA0mlTBNecgnUPAKBR7YKwWdHR4U9ERfyS/1BJSrq9otVghLtkq9ERiYvDU
41CcBSsvRtP+HGgMkswBU0q1rBhw7voWzR6ktAvuGvwiNX+FQWOYFKD9YQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDI3zwes9NHvn3+0TSbSIttIA1M/MB8GA1UdIwQY
MBaAFDSmPchhIOh/TP+MWa8yYebhKS/ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTktZOXlHRWc2SDlNXzR4WnJ6Smg1dUVwTDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82YjljN2EtOWRjNy00MDQwLWIyOWEt
ZmM3YTBlYTZiMGUyLzEvTWpmUEI2ejAwZS1mZjdSTkp0SWkyMGdEVXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82YjljN2EtOWRjNy00MDQwLWIyOWEtZmM3YTBlYTZiMGUy
LzEvTktZOXlHRWc2SDlNXzR4WnJ6Smg1dUVwTDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRlqMA0E
AgACMAcDBQIqEQVAMA0GCSqGSIb3DQEBCwUAA4IBAQAQD54OF9RLrSkTeXaRtJCV
7VldpYeVDgXlUZakP0oDKAmEoOVEm2BWFgYiuVqy69iMXJSBZfxbWpr9NRhUnSCU
I2tRj4Zqp1rpP3HuS3vrucDlxFRZx5ogfOPCHNIL4mUyQJdIirwDzDifolRIprXZ
cby06R3297uSQjRv9aD+Jyn8NuGz6V+D6efm+YpC9/cwW4o4CbJ8/sggF3nMwATv
cxKAtcBnu2BxM86jVizCmAsstvcnuhDO6fUqVYVpGUoSFkiOqLNU68Rj4PX1/k/e
9TtCfBvMrfcbS8lhy2vEtj6A0W1CHS15ojY0MTdHw4MLUR+6TRG9MVuxR4DAobP+
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:48:12 2025 by rpki-client