Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/MkBFGKrOUFJR_PtFzbIm_0Kt8Os.roa
File: MkBFGKrOUFJR_PtFzbIm_0Kt8Os.roa (raw, json)
Hash identifier: MWAGOdYdWLQQEq03DBK0C/7h2rvKgHmATNjHLt1oAQQ=
Subject key identifier: 32:40:45:18:AA:CE:50:52:51:FC:FB:45:CD:B2:26:FF:42:AD:F0:EB
Certificate issuer: /CN=5f83c3976cf00e42cbed53924c4a86556bd70142
Certificate serial: 01942444AE40346BB505B51978DE78A8864E
Authority key identifier: 5F:83:C3:97:6C:F0:0E:42:CB:ED:53:92:4C:4A:86:55:6B:D7:01:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X4PDl2zwDkLL7VOSTEqGVWvXAUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/MkBFGKrOUFJR_PtFzbIm_0Kt8Os.roa
Signing time: Wed 01 Jan 2025 23:47:48 +0000
ROA not before: Wed 01 Jan 2025 23:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12350
IP address blocks: 81.23.64.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/X4PDl2zwDkLL7VOSTEqGVWvXAUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/X4PDl2zwDkLL7VOSTEqGVWvXAUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/X4PDl2zwDkLL7VOSTEqGVWvXAUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:ae:40:34:6b:b5:05:b5:19:78:de:78:a8:86:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f83c3976cf00e42cbed53924c4a86556bd70142
Validity
Not Before: Jan 1 23:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32404518aace505251fcfb45cdb226ff42adf0eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:19:6c:34:d5:1e:74:92:72:90:2f:7e:84:
a1:85:ef:94:41:2f:a1:fe:29:b5:99:2c:f8:b8:3e:
69:7e:f3:28:3d:9c:cc:7e:e7:fd:4c:46:f2:3f:b9:
60:14:e6:8f:4d:46:92:fb:ea:1d:f3:29:a1:f2:c2:
3a:1c:d5:f7:d8:6d:6e:dc:1b:ac:94:c3:12:7a:6f:
f3:4e:6a:05:6d:51:fb:6f:f2:66:b7:fa:40:d7:df:
0f:41:80:d0:de:cc:b8:30:c9:b4:29:1b:f1:d4:f1:
c7:7e:f5:e2:f6:1c:52:dc:41:de:e0:4c:5c:bb:58:
2a:36:b0:cd:4b:05:a7:c5:d1:1f:65:56:27:95:5b:
a5:c7:63:90:48:3a:20:7e:7b:57:cd:bf:a0:e3:02:
62:78:91:02:1e:e9:d5:69:25:41:99:3a:0d:99:1d:
59:04:16:9f:42:09:db:cc:59:e8:e2:ac:b1:be:57:
94:54:9f:1d:4b:23:05:98:af:c8:46:25:17:35:e2:
2e:a2:7d:55:a3:3d:b5:1a:22:92:fe:31:4a:6e:88:
8f:cb:0d:5b:6e:f7:f5:e7:7d:f8:b9:b9:9e:4d:77:
62:20:1b:bd:5b:32:d0:bb:87:17:cc:b5:ed:05:3b:
e7:9d:f3:c4:e7:d3:ed:59:9e:e9:d5:a1:47:80:c2:
00:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:40:45:18:AA:CE:50:52:51:FC:FB:45:CD:B2:26:FF:42:AD:F0:EB
X509v3 Authority Key Identifier:
keyid:5F:83:C3:97:6C:F0:0E:42:CB:ED:53:92:4C:4A:86:55:6B:D7:01:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X4PDl2zwDkLL7VOSTEqGVWvXAUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/MkBFGKrOUFJR_PtFzbIm_0Kt8Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/bc59ad-acca-41d2-baa1-9c3effaf2af2/1/X4PDl2zwDkLL7VOSTEqGVWvXAUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.64.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:fd:b7:d9:fd:cf:27:fe:e2:e1:3b:97:18:35:b4:87:ef:56:
94:b7:e6:c3:40:6a:f9:d0:1d:54:25:45:d9:6e:c5:bd:d6:fd:
66:53:f9:64:0c:c3:58:7b:a3:86:c4:f8:fb:c5:fd:88:d5:bc:
c5:85:35:67:f0:ba:01:62:ef:96:1b:e1:f1:82:d3:d3:ed:43:
fc:50:1c:32:0f:bf:26:e8:ec:47:64:fd:ec:01:ce:2a:36:c7:
40:4f:f8:1a:78:89:4f:5a:d8:91:46:7d:3a:30:8f:a0:bf:ec:
18:0b:b5:e1:23:13:84:17:93:cd:07:ad:4d:45:2a:a5:f1:66:
97:79:25:43:b1:78:5c:69:25:8e:2a:18:5b:29:05:de:c8:60:
77:b1:84:11:03:5a:23:8e:d5:9f:d7:43:05:d3:2e:99:7d:c6:
50:4c:be:e6:55:17:a8:70:5c:4e:53:00:0f:cc:8c:8d:26:bf:
25:e7:0c:24:36:a0:49:f6:1f:05:4e:ae:95:aa:e0:4c:c7:8a:
eb:52:aa:0e:47:70:36:d7:b3:1e:bf:ba:48:91:74:e2:f4:77:
61:d9:e3:15:1c:2e:dc:83:b8:b7:ed:da:8e:74:22:49:d6:99:
b1:23:08:68:8c:52:ad:a0:93:98:cf:a2:dc:cb:83:a2:76:95:
26:6a:71:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRK5ANGu1BbUZeN54qIZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmODNjMzk3NmNmMDBlNDJjYmVkNTM5MjRjNGE4NjU1NmJk
NzAxNDIwHhcNMjUwMTAxMjM0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjQwNDUxOGFhY2U1MDUyNTFmY2ZiNDVjZGIyMjZmZjQyYWRmMGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEMZbDTVHnSScpAvfoShhe+UQS+h
/im1mSz4uD5pfvMoPZzMfuf9TEbyP7lgFOaPTUaS++od8ymh8sI6HNX32G1u3Bus
lMMSem/zTmoFbVH7b/Jmt/pA198PQYDQ3sy4MMm0KRvx1PHHfvXi9hxS3EHe4Exc
u1gqNrDNSwWnxdEfZVYnlVulx2OQSDogfntXzb+g4wJieJECHunVaSVBmToNmR1Z
BBafQgnbzFno4qyxvleUVJ8dSyMFmK/IRiUXNeIuon1Voz21GiKS/jFKboiPyw1b
bvf15334ubmeTXdiIBu9WzLQu4cXzLXtBTvnnfPE59PtWZ7p1aFHgMIAxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJARRiqzlBSUfz7Rc2yJv9CrfDrMB8GA1UdIwQY
MBaAFF+Dw5ds8A5Cy+1TkkxKhlVr1wFCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDRQRGwyendEa0xMN1ZPU1RFcUdWV3ZYQVVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9iYzU5YWQtYWNjYS00MWQyLWJhYTEt
OWMzZWZmYWYyYWYyLzEvTWtCRkdLck9VRkpSX1B0RnpiSW1fMEt0OE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9iYzU5YWQtYWNjYS00MWQyLWJhYTEtOWMzZWZmYWYyYWYy
LzEvWDRQRGwyendEa0xMN1ZPU1RFcUdWV3ZYQVVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEURdAMA0G
CSqGSIb3DQEBCwUAA4IBAQCP/bfZ/c8n/uLhO5cYNbSH71aUt+bDQGr50B1UJUXZ
bsW91v1mU/lkDMNYe6OGxPj7xf2I1bzFhTVn8LoBYu+WG+HxgtPT7UP8UBwyD78m
6OxHZP3sAc4qNsdAT/gaeIlPWtiRRn06MI+gv+wYC7XhIxOEF5PNB61NRSql8WaX
eSVDsXhcaSWOKhhbKQXeyGB3sYQRA1ojjtWf10MF0y6ZfcZQTL7mVReocFxOUwAP
zIyNJr8l5wwkNqBJ9h8FTq6VquBMx4rrUqoOR3A217Mev7pIkXTi9Hdh2eMVHC7c
g7i37dqOdCJJ1pmxIwhojFKtoJOYz6Lcy4OidpUmanHL
-----END CERTIFICATE-----
Generated at Sun Apr 20 22:44:55 2025 by rpki-client