Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/M714mkyeLGecG3CxD57_mFs1bVI.roa
File: M714mkyeLGecG3CxD57_mFs1bVI.roa (raw, json)
Hash identifier: sWZ4L0BbCyDSxcxQBSHqJ3/DS0RNI5BibcEqYwkAaKY=
Subject key identifier: 33:BD:78:9A:4C:9E:2C:67:9C:1B:70:B1:0F:9E:FF:98:5B:35:6D:52
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01968380FCD583602065C8D8FB4C129B6377
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/M714mkyeLGecG3CxD57_mFs1bVI.roa
Signing time: Tue 29 Apr 2025 21:43:10 +0000
ROA not before: Tue 29 Apr 2025 21:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205655
IP address blocks: 31.135.6.0/24 maxlen: 24
91.224.40.0/24 maxlen: 24
176.103.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:83:80:fc:d5:83:60:20:65:c8:d8:fb:4c:12:9b:63:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Apr 29 21:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33bd789a4c9e2c679c1b70b10f9eff985b356d52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bf:26:fb:0c:ac:33:88:74:e3:2f:b4:e0:43:
79:10:7f:4a:3d:b3:c9:49:59:6d:7e:ba:96:52:57:
ab:69:89:c7:01:72:99:d4:ce:f3:85:19:1b:39:9c:
96:c6:16:8d:1e:7a:40:46:15:ed:78:43:2b:5b:21:
08:a3:6b:dc:9c:69:c7:ac:82:f8:ce:60:35:c8:db:
5c:09:11:fd:05:e7:4f:22:66:01:17:8d:a0:c3:41:
96:ba:80:e6:50:ae:ad:44:6c:c4:dc:e5:70:43:90:
4a:dd:77:a8:8c:5f:a8:b3:32:7c:3d:6f:b7:cd:46:
05:24:1c:20:98:a8:af:b4:60:2f:9b:6c:4c:3d:a5:
24:08:ac:98:26:f1:c4:9a:16:bc:26:86:4a:1f:be:
34:aa:76:8f:ef:ec:fe:90:52:c4:f5:8c:e3:19:83:
ae:10:99:ba:08:aa:71:d9:43:c3:84:6d:3f:a1:5b:
9a:cf:68:14:17:56:16:cf:1d:d4:e5:83:ca:12:99:
07:fb:aa:0d:f5:40:3c:a0:13:bb:84:59:19:3f:72:
60:bc:ff:05:b5:da:ea:a0:76:4a:7c:b2:cd:6a:0b:
41:97:e0:cf:f2:0e:7e:34:1f:ae:f7:6d:63:4c:5b:
48:1c:2e:d5:19:31:2f:83:ca:31:e1:32:a4:32:54:
51:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:BD:78:9A:4C:9E:2C:67:9C:1B:70:B1:0F:9E:FF:98:5B:35:6D:52
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/M714mkyeLGecG3CxD57_mFs1bVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.135.6.0/24
91.224.40.0/24
176.103.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:15:31:67:89:db:0d:fd:92:0c:cd:26:0f:dd:a5:76:89:5b:
c2:9a:10:f2:d8:2b:04:f2:a7:89:40:66:44:86:15:89:47:95:
76:e6:17:74:d8:67:5b:b4:34:1a:39:f3:08:f5:3a:df:2f:19:
13:25:5c:78:75:55:3c:10:d4:dc:fa:3a:ae:28:f8:9a:f6:d1:
30:0f:ea:9e:01:05:f6:20:9b:e7:6b:4a:2a:64:ed:93:79:90:
15:1d:a0:b5:17:5c:08:0a:df:8c:03:47:16:a6:38:1d:69:d3:
28:ff:cd:10:5f:69:e9:1b:98:84:ff:94:68:a5:88:c6:8d:2e:
e8:73:c9:ea:b6:f5:dc:52:49:4e:a4:c2:cf:e2:7e:6a:ca:a4:
bc:78:d7:e8:2a:c1:6b:9c:0e:47:e6:e2:e1:9f:67:d8:fa:f2:
8b:12:e7:6f:8b:42:4c:33:15:b1:29:bb:e7:fb:0d:ad:db:d6:
45:ea:1f:38:cd:95:a8:91:73:5e:19:c0:06:2b:a2:c9:b5:95:
cf:4a:48:31:7a:6f:bd:5b:24:f7:06:87:fd:cd:79:4b:27:80:
b7:86:5b:e6:7e:00:e2:52:d1:bd:92:5c:d0:72:cd:77:20:68:
d0:70:06:b1:ac:0c:08:a0:28:f4:f2:c2:c1:a0:94:9c:53:b7:
b2:33:8e:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaDgPzVg2AgZcjY+0wSm2N3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNDI5MjE0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2JkNzg5YTRjOWUyYzY3OWMxYjcwYjEwZjllZmY5ODViMzU2ZDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL8m+wysM4h04y+04EN5EH9KPbPJ
SVltfrqWUleraYnHAXKZ1M7zhRkbOZyWxhaNHnpARhXteEMrWyEIo2vcnGnHrIL4
zmA1yNtcCRH9BedPImYBF42gw0GWuoDmUK6tRGzE3OVwQ5BK3XeojF+oszJ8PW+3
zUYFJBwgmKivtGAvm2xMPaUkCKyYJvHEmha8JoZKH740qnaP7+z+kFLE9YzjGYOu
EJm6CKpx2UPDhG0/oVuaz2gUF1YWzx3U5YPKEpkH+6oN9UA8oBO7hFkZP3JgvP8F
tdrqoHZKfLLNagtBl+DP8g5+NB+u921jTFtIHC7VGTEvg8ox4TKkMlRRqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDO9eJpMnixnnBtwsQ+e/5hbNW1SMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvTTcxNG1reWVMR2VjRzNDeEQ1N19tRnMxYlZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAH4cGAwQA
W+AoAwQAsGd4MA0GCSqGSIb3DQEBCwUAA4IBAQB9FTFnidsN/ZIMzSYP3aV2iVvC
mhDy2CsE8qeJQGZEhhWJR5V25hd02GdbtDQaOfMI9TrfLxkTJVx4dVU8ENTc+jqu
KPia9tEwD+qeAQX2IJvna0oqZO2TeZAVHaC1F1wICt+MA0cWpjgdadMo/80QX2np
G5iE/5RopYjGjS7oc8nqtvXcUklOpMLP4n5qyqS8eNfoKsFrnA5H5uLhn2fY+vKL
Eudvi0JMMxWxKbvn+w2t29ZF6h84zZWokXNeGcAGK6LJtZXPSkgxem+9WyT3Bof9
zXlLJ4C3hlvmfgDiUtG9klzQcs13IGjQcAaxrAwIoCj08sLBoJScU7eyM46j
-----END CERTIFICATE-----
Generated at Tue May 6 14:28:22 2025 by rpki-client