Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/MWXFWupmeH0x6eo-nSAsEyxsUK4.roa
File: MWXFWupmeH0x6eo-nSAsEyxsUK4.roa (raw, json)
Hash identifier: FcrTWOvQwbii+S/ULF+HgAsrIKV1okSCxZzQQr84deE=
Subject key identifier: 31:65:C5:5A:EA:66:78:7D:31:E9:EA:3E:9D:20:2C:13:2C:6C:50:AE
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 0194282322D27561A886A9DD2E47C03873FE
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/MWXFWupmeH0x6eo-nSAsEyxsUK4.roa
Signing time: Thu 02 Jan 2025 17:49:38 +0000
ROA not before: Thu 02 Jan 2025 17:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60109
IP address blocks: 37.16.100.0/22 maxlen: 22
37.16.108.0/24 maxlen: 24
37.16.109.0/24 maxlen: 24
185.57.180.0/22 maxlen: 22
2a00:4cc4::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Apr 2025 12:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:22:d2:75:61:a8:86:a9:dd:2e:47:c0:38:73:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Jan 2 17:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3165c55aea66787d31e9ea3e9d202c132c6c50ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:41:2f:7c:0d:93:45:4f:fb:1f:e3:3f:12:a5:
07:ab:90:30:b1:41:c0:fe:3c:aa:c3:22:64:bc:21:
6c:40:50:71:cd:07:4e:0c:82:39:58:c3:d6:39:c5:
e0:33:48:e0:66:63:9f:6e:49:70:e8:a3:e2:cf:3d:
db:db:03:1e:35:a6:7a:f7:6f:56:f9:d7:bf:90:f3:
b7:cb:af:42:94:d7:bd:fd:70:fa:ae:7e:84:bb:11:
9d:4b:3d:10:09:f9:99:2a:18:53:b3:0d:19:ab:23:
58:6c:c2:ab:5f:92:ca:be:a6:4f:4a:40:59:63:75:
35:c9:c4:9d:20:9b:af:85:c5:14:f2:77:50:91:b4:
dd:86:b7:a3:80:cb:b4:e0:39:5e:cb:60:15:bf:1f:
b6:60:d5:a6:88:88:24:29:db:3a:b0:f2:52:69:bc:
6e:a9:df:59:f4:2c:10:63:21:c9:19:ca:6f:a8:ef:
b9:c6:52:03:bf:59:27:5c:94:79:73:4c:a1:25:e6:
97:54:90:7c:da:ca:63:f3:a7:4a:90:cb:41:11:39:
23:4f:cd:3e:a4:86:6a:f6:36:07:b9:9c:a6:7d:b2:
1c:0a:aa:a1:c0:f3:dd:e2:d4:85:93:63:83:2d:83:
d2:fc:7f:d2:a2:6e:a2:c1:f4:70:de:a8:e4:66:82:
7e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:65:C5:5A:EA:66:78:7D:31:E9:EA:3E:9D:20:2C:13:2C:6C:50:AE
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/MWXFWupmeH0x6eo-nSAsEyxsUK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.100.0/22
37.16.108.0/23
185.57.180.0/22
IPv6:
2a00:4cc4::/32
Signature Algorithm: sha256WithRSAEncryption
19:ed:ca:b4:fc:96:d4:61:67:ca:ff:d2:64:85:4e:2f:bd:9f:
11:39:0f:45:c9:6c:6a:d4:83:97:ee:f6:c4:c3:91:99:c5:2f:
d6:51:ef:5b:50:cc:9d:ce:be:e6:41:6c:1a:51:f4:ad:e8:b1:
b0:2c:63:f0:56:be:95:82:ad:36:96:15:76:d3:86:92:54:c2:
1c:af:dc:c4:eb:d3:5f:ee:3f:f9:60:0b:78:82:9c:64:ad:bc:
96:ae:18:89:a1:0f:21:1b:76:ba:99:f5:8c:a3:a1:53:31:bf:
97:74:31:1f:d4:b6:d8:51:5e:1b:a3:1a:87:30:a2:bb:f4:3d:
e8:82:72:14:13:4c:b6:ad:26:89:97:fe:90:5f:dc:32:e2:95:
d2:99:ce:53:59:09:fd:96:57:9b:99:6d:6b:7d:41:ec:25:35:
c0:80:b1:45:f7:06:e5:52:78:6b:30:6a:78:a9:be:75:d5:6c:
0c:92:c5:8b:a4:43:9c:a1:c9:0d:82:11:5f:92:d5:ae:e6:9d:
af:73:62:1a:03:ca:7b:02:35:e8:e9:b3:7d:79:bc:1d:d1:55:
8d:f6:f0:90:e5:93:ab:e7:94:f8:14:85:c4:ae:66:1f:9e:04:
f4:02:f9:7b:ac:5d:ca:6b:70:ac:15:54:d2:ae:06:4f:84:2c:
29:62:da:cb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQoIyLSdWGohqndLkfAOHP+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjUwMTAyMTc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY1YzU1YWVhNjY3ODdkMzFlOWVhM2U5ZDIwMmMxMzJjNmM1MGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEEvfA2TRU/7H+M/EqUHq5AwsUHA
/jyqwyJkvCFsQFBxzQdODII5WMPWOcXgM0jgZmOfbklw6KPizz3b2wMeNaZ6929W
+de/kPO3y69ClNe9/XD6rn6EuxGdSz0QCfmZKhhTsw0ZqyNYbMKrX5LKvqZPSkBZ
Y3U1ycSdIJuvhcUU8ndQkbTdhrejgMu04Dley2AVvx+2YNWmiIgkKds6sPJSabxu
qd9Z9CwQYyHJGcpvqO+5xlIDv1knXJR5c0yhJeaXVJB82spj86dKkMtBETkjT80+
pIZq9jYHuZymfbIcCqqhwPPd4tSFk2ODLYPS/H/Som6iwfRw3qjkZoJ+twIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDFlxVrqZnh9MenqPp0gLBMsbFCuMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvTVdYRld1cG1lSDB4NmVvLW5TQXNFeXhzVUs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJRBkAwQB
JRBsAwQCuTm0MA0EAgACMAcDBQAqAEzEMA0GCSqGSIb3DQEBCwUAA4IBAQAZ7cq0
/JbUYWfK/9JkhU4vvZ8ROQ9FyWxq1IOX7vbEw5GZxS/WUe9bUMydzr7mQWwaUfSt
6LGwLGPwVr6Vgq02lhV204aSVMIcr9zE69Nf7j/5YAt4gpxkrbyWrhiJoQ8hG3a6
mfWMo6FTMb+XdDEf1LbYUV4boxqHMKK79D3ognIUE0y2rSaJl/6QX9wy4pXSmc5T
WQn9llebmW1rfUHsJTXAgLFF9wblUnhrMGp4qb511WwMksWLpEOcockNghFfktWu
5p2vc2IaA8p7AjXo6bN9ebwd0VWN9vCQ5ZOr55T4FIXErmYfngT0Avl7rF3Ka3Cs
FVTSrgZPhCwpYtrL
-----END CERTIFICATE-----
Generated at Wed Apr 23 20:14:58 2025 by rpki-client