Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/mVS8rlA27Rm5BH1YZmHsYliJgHk.roa
File: mVS8rlA27Rm5BH1YZmHsYliJgHk.roa (raw, json)
Hash identifier: kSobMvLQWQPPJ+5wYRzt2RMBbz/GSTGKNOrc7qdwFJQ=
Subject key identifier: 99:54:BC:AE:50:36:ED:19:B9:04:7D:58:66:61:EC:62:58:89:80:79
Certificate issuer: /CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Certificate serial: 019424B3CC7A104C883B0509BE7750635510
Authority key identifier: 00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/mVS8rlA27Rm5BH1YZmHsYliJgHk.roa
Signing time: Thu 02 Jan 2025 01:49:10 +0000
ROA not before: Thu 02 Jan 2025 01:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12574
IP address blocks: 213.160.64.0/19 maxlen: 24
2a00:17d8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:cc:7a:10:4c:88:3b:05:09:be:77:50:63:55:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=005ff9cc89c66a8a3a5d734a0d65c61fdc8518be
Validity
Not Before: Jan 2 01:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9954bcae5036ed19b9047d586661ec6258898079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:90:ff:52:bd:7d:41:24:b6:62:7b:24:2b:
af:b6:ee:f2:f0:5e:3e:13:e6:03:8f:42:f2:3c:c7:
17:a4:59:40:92:5d:10:d9:cd:a0:5f:83:84:52:2e:
83:ba:a5:cd:97:2a:94:18:77:0c:51:90:5d:95:e6:
c2:a3:b1:5a:52:3d:fc:4d:60:c8:61:e4:e4:c1:d3:
0b:86:96:45:dd:4b:13:5e:8d:14:d8:bb:9d:23:da:
21:a2:8f:d4:9a:30:74:87:6b:74:79:02:8d:2b:08:
5e:0f:23:be:fa:fe:3e:bf:93:eb:6a:d4:10:6c:5d:
6d:07:53:3d:3b:d7:3e:7e:4c:c7:3b:9e:5e:31:bd:
f3:bc:4c:01:04:80:9c:e0:66:0d:f4:0f:0c:2c:8c:
a1:25:77:11:ef:94:4c:3f:5f:18:a3:a9:75:f3:57:
0b:2f:d8:a3:c7:29:74:9c:70:a2:4a:97:a4:44:c5:
f9:d9:c1:ac:52:48:b3:84:aa:61:f2:fc:00:3d:5e:
e8:68:22:93:06:92:9c:be:a9:44:db:1b:e0:85:51:
bb:16:b2:ce:cb:2c:a6:0c:90:99:97:a0:60:e9:b8:
83:f5:78:4a:6f:25:dc:b5:1f:d8:30:bc:63:f4:93:
e1:d4:6f:84:6c:bf:14:1b:88:f1:80:9c:4c:ad:3b:
c4:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:54:BC:AE:50:36:ED:19:B9:04:7D:58:66:61:EC:62:58:89:80:79
X509v3 Authority Key Identifier:
keyid:00:5F:F9:CC:89:C6:6A:8A:3A:5D:73:4A:0D:65:C6:1F:DC:85:18:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AF_5zInGaoo6XXNKDWXGH9yFGL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/mVS8rlA27Rm5BH1YZmHsYliJgHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d53c78-0d5b-4237-9999-0e2d697b27e3/1/AF_5zInGaoo6XXNKDWXGH9yFGL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.160.64.0/19
IPv6:
2a00:17d8::/32
Signature Algorithm: sha256WithRSAEncryption
7d:f2:43:3b:a2:da:69:f6:fa:d0:64:f8:a2:64:75:0d:6d:7b:
ce:48:5f:9d:ec:55:21:f5:32:6f:b5:e2:22:4e:7b:12:c6:59:
44:b7:1d:a6:45:5f:72:fe:71:f6:d3:06:54:df:35:18:b9:21:
49:2a:c3:bd:d3:a5:aa:fc:f4:29:4b:a7:fc:24:f2:c2:10:ce:
c7:b8:6c:dc:52:03:3a:6c:b2:46:c1:b5:89:8e:25:8f:29:e1:
98:9c:ef:d0:48:1a:1c:a1:c8:7f:06:27:e9:c4:b2:aa:82:ed:
61:7c:fb:75:8b:1c:83:55:2c:6b:94:ef:6c:29:50:71:da:7e:
35:0a:36:50:fb:96:90:e5:f3:2a:6b:1c:bf:38:13:db:fb:99:
f4:8b:ae:be:85:b0:f7:ac:b6:00:75:e3:59:c6:79:91:27:3e:
ae:d0:3c:bb:d1:29:93:68:46:52:70:2e:61:98:7a:a1:14:be:
e3:4f:3d:e6:39:1e:bd:6d:39:a9:e1:13:30:0f:b3:9b:c3:2b:
20:a1:54:4a:3f:d0:20:88:98:95:29:74:82:3b:fc:df:96:e4:
70:e5:82:b7:8b:b3:4f:e0:ce:d6:40:fb:55:e9:10:29:11:fb:
ce:46:b3:37:67:cc:21:86:90:7a:3d:ca:56:a1:8d:40:85:4c:
26:73:4f:78
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQks8x6EEyIOwUJvndQY1UQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNWZmOWNjODljNjZhOGEzYTVkNzM0YTBkNjVjNjFmZGM4
NTE4YmUwHhcNMjUwMTAyMDE0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTU0YmNhZTUwMzZlZDE5YjkwNDdkNTg2NjYxZWM2MjU4ODk4MDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX2Q/1K9fUEktmJ7JCuvtu7y8F4+
E+YDj0LyPMcXpFlAkl0Q2c2gX4OEUi6DuqXNlyqUGHcMUZBdlebCo7FaUj38TWDI
YeTkwdMLhpZF3UsTXo0U2LudI9ohoo/UmjB0h2t0eQKNKwheDyO++v4+v5PratQQ
bF1tB1M9O9c+fkzHO55eMb3zvEwBBICc4GYN9A8MLIyhJXcR75RMP18Yo6l181cL
L9ijxyl0nHCiSpekRMX52cGsUkizhKph8vwAPV7oaCKTBpKcvqlE2xvghVG7FrLO
yyymDJCZl6Bg6biD9XhKbyXctR/YMLxj9JPh1G+EbL8UG4jxgJxMrTvE+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJlUvK5QNu0ZuQR9WGZh7GJYiYB5MB8GA1UdIwQY
MBaAFABf+cyJxmqKOl1zSg1lxh/chRi+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTkt
MGUyZDY5N2IyN2UzLzEvbVZTOHJsQTI3Um01QkgxWVptSHNZbGlKZ0hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kNTNjNzgtMGQ1Yi00MjM3LTk5OTktMGUyZDY5N2IyN2Uz
LzEvQUZfNXpJbkdhb282WFhOS0RXWEdIOXlGR0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1aBAMA0E
AgACMAcDBQAqABfYMA0GCSqGSIb3DQEBCwUAA4IBAQB98kM7otpp9vrQZPiiZHUN
bXvOSF+d7FUh9TJvteIiTnsSxllEtx2mRV9y/nH20wZU3zUYuSFJKsO906Wq/PQp
S6f8JPLCEM7HuGzcUgM6bLJGwbWJjiWPKeGYnO/QSBococh/BifpxLKqgu1hfPt1
ixyDVSxrlO9sKVBx2n41CjZQ+5aQ5fMqaxy/OBPb+5n0i66+hbD3rLYAdeNZxnmR
Jz6u0Dy70SmTaEZScC5hmHqhFL7jTz3mOR69bTmp4RMwD7ObwysgoVRKP9AgiJiV
KXSCO/zfluRw5YK3i7NP4M7WQPtV6RApEfvORrM3Z8whhpB6PcpWoY1AhUwmc094
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:01:33 2025 by rpki-client