Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RfMWV7rG0Jn4VSc5KtOyq0mrBu8.roa
File: RfMWV7rG0Jn4VSc5KtOyq0mrBu8.roa (raw, json)
Hash identifier: 0tHMUOLB6g04PqLCDkXbegheuHUQrFJIj+RsXS01vt0=
Subject key identifier: 45:F3:16:57:BA:C6:D0:99:F8:55:27:39:2A:D3:B2:AB:49:AB:06:EF
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0197A105D5458EFC3562E8555A00F183C50F
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RfMWV7rG0Jn4VSc5KtOyq0mrBu8.roa
Signing time: Tue 24 Jun 2025 08:20:03 +0000
ROA not before: Tue 24 Jun 2025 08:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48753
IP address blocks: 85.121.148.0/24 maxlen: 24
194.102.104.0/24 maxlen: 24
217.156.66.0/24 maxlen: 24
217.156.67.0/24 maxlen: 24
217.156.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:05:d5:45:8e:fc:35:62:e8:55:5a:00:f1:83:c5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 24 08:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45f31657bac6d099f85527392ad3b2ab49ab06ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:93:1c:40:d5:e2:4d:ed:d5:ae:a5:e9:70:e9:
4b:da:92:63:fc:c0:4d:c2:1d:b7:40:9b:0b:4f:b1:
28:2a:c2:7c:14:a9:7a:b5:30:17:58:7a:fe:6c:ed:
79:54:33:f7:cf:f2:88:00:e6:16:06:dd:66:fe:1d:
fa:3e:c1:f0:4f:03:38:87:69:55:bd:06:5e:e7:e8:
67:54:70:47:77:c9:48:97:57:f6:18:70:57:c3:54:
e4:76:f5:a8:92:1e:d1:e1:c4:7b:d4:8d:e9:7e:ef:
9c:2a:1a:d1:5a:12:87:0f:01:87:fc:db:bc:bf:23:
eb:aa:cd:75:76:97:68:6c:9b:c1:b2:b5:25:8c:25:
d4:46:3d:20:36:3f:54:91:c6:8c:84:19:00:81:13:
08:6f:48:ca:58:03:b0:13:8d:72:7d:96:0f:a7:0c:
f0:28:21:5a:ce:99:2d:00:68:dc:bd:2b:d2:f7:e8:
a2:22:5c:8d:67:a2:73:61:3c:7b:54:a2:c3:8b:28:
31:1a:81:3f:3f:3f:8f:04:95:90:4e:74:10:1f:14:
af:62:11:77:0b:f7:fd:b9:0b:8e:da:c4:8e:44:74:
51:fb:01:5d:98:62:9b:e0:70:bd:5a:d1:84:9b:4a:
df:42:08:7f:08:d0:aa:dd:2f:1d:fc:f3:af:eb:f9:
19:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F3:16:57:BA:C6:D0:99:F8:55:27:39:2A:D3:B2:AB:49:AB:06:EF
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/RfMWV7rG0Jn4VSc5KtOyq0mrBu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.148.0/24
194.102.104.0/24
217.156.66.0/23
217.156.122.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:aa:01:bc:81:f4:c3:d1:13:f5:56:c5:87:0b:02:5b:a5:ee:
b3:da:20:b1:62:c3:f9:88:84:b1:22:a6:64:dd:2c:79:4c:18:
f0:6d:5e:08:36:56:86:e7:fa:b7:5a:a9:b9:f2:dc:b4:d8:18:
d0:29:a5:05:c8:33:b0:23:0b:ec:10:fd:ef:7f:80:b3:2d:97:
7f:9b:08:3a:76:13:75:ff:e5:e5:a7:f3:04:9e:79:63:b5:d2:
f1:07:ff:47:31:ad:89:b3:5a:75:ff:0e:25:41:83:0c:4b:99:
e9:d2:ad:61:a4:55:45:f2:f7:66:b1:3e:b8:61:2e:24:1a:a0:
20:e0:42:d4:95:bd:9b:28:60:37:74:c8:6c:47:b9:ad:9d:89:
09:78:c1:75:f4:ba:9e:ff:7c:e5:77:ed:d0:8d:dc:69:08:d1:
1c:90:94:f5:20:d5:3a:fe:2b:bd:1b:45:fe:3c:22:46:08:63:
b6:16:bd:6b:83:bc:09:b3:42:dd:a8:f7:45:f7:a1:a4:83:d1:
a8:94:d6:b8:19:e8:57:ec:12:10:a3:d9:39:5e:42:ae:76:50:
f3:fb:d5:90:da:41:d0:c3:39:55:27:d9:5b:d9:77:78:25:99:
51:62:9b:2d:7d:54:f5:87:29:74:3b:7a:c7:70:fc:04:03:cc:
6a:cc:6a:63
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZehBdVFjvw1YuhVWgDxg8UPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNjI0MDgyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWYzMTY1N2JhYzZkMDk5Zjg1NTI3MzkyYWQzYjJhYjQ5YWIwNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1JMcQNXiTe3VrqXpcOlL2pJj/MBN
wh23QJsLT7EoKsJ8FKl6tTAXWHr+bO15VDP3z/KIAOYWBt1m/h36PsHwTwM4h2lV
vQZe5+hnVHBHd8lIl1f2GHBXw1TkdvWokh7R4cR71I3pfu+cKhrRWhKHDwGH/Nu8
vyPrqs11dpdobJvBsrUljCXURj0gNj9UkcaMhBkAgRMIb0jKWAOwE41yfZYPpwzw
KCFazpktAGjcvSvS9+iiIlyNZ6JzYTx7VKLDiygxGoE/Pz+PBJWQTnQQHxSvYhF3
C/f9uQuO2sSORHRR+wFdmGKb4HC9WtGEm0rfQgh/CNCq3S8d/POv6/kZXQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEXzFle6xtCZ+FUnOSrTsqtJqwbvMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvUmZNV1Y3ckcwSm40VlNjNUt0T3lxMG1yQnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXmUAwQA
wmZoAwQB2ZxCAwQA2Zx6MA0GCSqGSIb3DQEBCwUAA4IBAQC/qgG8gfTD0RP1VsWH
CwJbpe6z2iCxYsP5iISxIqZk3Sx5TBjwbV4INlaG5/q3Wqm58ty02BjQKaUFyDOw
IwvsEP3vf4CzLZd/mwg6dhN1/+Xlp/MEnnljtdLxB/9HMa2Js1p1/w4lQYMMS5np
0q1hpFVF8vdmsT64YS4kGqAg4ELUlb2bKGA3dMhsR7mtnYkJeMF19Lqe/3zld+3Q
jdxpCNEckJT1INU6/iu9G0X+PCJGCGO2Fr1rg7wJs0LdqPdF96Gkg9GolNa4GehX
7BIQo9k5XkKudlDz+9WQ2kHQwzlVJ9lb2Xd4JZlRYpstfVT1hyl0O3rHcPwEA8xq
zGpj
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:33:23 2025 by rpki-client