Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/MckCG4y-wri8O-rhV1d-4APvk7Q.roa
File: MckCG4y-wri8O-rhV1d-4APvk7Q.roa (raw, json)
Hash identifier: t6aCmEdp+Iv6iGvY/88GuOgzU150j1sRRJp3dvFtQRo=
Subject key identifier: 31:C9:02:1B:8C:BE:C2:B8:BC:3B:EA:E1:57:57:7E:E0:03:EF:93:B4
Certificate issuer: /CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Certificate serial: 019773E7C224F023B6A67DA54AEED4E7DFCF
Authority key identifier: 64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/MckCG4y-wri8O-rhV1d-4APvk7Q.roa
Signing time: Sun 15 Jun 2025 14:04:17 +0000
ROA not before: Sun 15 Jun 2025 14:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52043
IP address blocks: 31.130.112.0/21 maxlen: 24
46.151.240.0/21 maxlen: 24
176.106.8.0/21 maxlen: 24
176.106.16.0/20 maxlen: 24
176.124.116.0/22 maxlen: 24
176.124.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:e7:c2:24:f0:23:b6:a6:7d:a5:4a:ee:d4:e7:df:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64c2493e4c2eea930b1ec2c8363d2d1ffae6e17e
Validity
Not Before: Jun 15 14:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31c9021b8cbec2b8bc3beae157577ee003ef93b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:aa:a6:e6:e4:f9:ef:0c:6c:7e:0e:1f:ad:99:
51:20:00:69:9e:0d:86:eb:12:87:4b:ed:fe:7f:ac:
ac:ec:eb:77:77:29:48:be:a9:62:7f:9f:ee:8f:17:
99:70:83:5d:38:33:b2:cd:ae:40:12:36:fe:36:b3:
3d:5e:d2:93:b2:bf:9e:87:f4:98:57:38:c4:c8:d5:
fb:78:26:77:58:23:d6:38:ec:be:99:69:2b:9a:aa:
92:c0:f5:01:c1:ea:98:02:c1:9a:fc:9e:ee:0b:f4:
dd:33:b2:43:26:06:9a:cf:c0:bf:83:7c:d1:e1:c0:
c0:70:c0:5d:47:61:7b:19:a8:09:ea:ee:07:b4:52:
51:d9:e8:9c:b8:1b:50:8f:ed:01:95:d8:7d:55:d0:
42:7e:c9:52:4a:88:a9:6c:ff:e7:1f:2d:df:95:69:
b7:1c:34:bd:8d:7c:dd:8b:2e:cd:30:2d:30:21:57:
f7:d2:5c:37:c3:13:9b:4b:fe:bd:69:7c:6b:26:89:
e6:31:4b:cd:f4:e4:bf:4b:f9:e8:43:a5:06:37:db:
1d:95:5b:8d:66:d0:16:69:83:0e:42:ef:42:77:31:
5c:98:7e:6d:fa:f8:c9:3b:46:d2:bf:97:01:98:43:
34:7b:61:e2:73:20:51:d4:39:65:83:b5:4d:77:92:
a0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C9:02:1B:8C:BE:C2:B8:BC:3B:EA:E1:57:57:7E:E0:03:EF:93:B4
X509v3 Authority Key Identifier:
keyid:64:C2:49:3E:4C:2E:EA:93:0B:1E:C2:C8:36:3D:2D:1F:FA:E6:E1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZMJJPkwu6pMLHsLINj0tH_rm4X4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/MckCG4y-wri8O-rhV1d-4APvk7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/43caf7-8fc6-4123-8a93-652e0f5e5be8/1/ZMJJPkwu6pMLHsLINj0tH_rm4X4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.112.0/21
46.151.240.0/21
176.106.8.0-176.106.31.255
176.124.116.0-176.124.127.255
Signature Algorithm: sha256WithRSAEncryption
a6:80:8d:f8:fa:bf:cf:01:dd:26:3c:93:56:24:12:2d:ad:8f:
4e:9c:15:c4:0e:ca:8a:e5:0b:f5:d4:df:f5:a3:1e:50:c9:bc:
13:7c:86:a7:31:32:bd:d5:3b:05:a9:80:fb:9f:6a:00:17:9e:
0f:8f:c5:b8:20:2f:4e:7f:e2:a6:c6:c4:9b:52:32:d8:4a:57:
2a:79:ef:e7:fc:e7:3e:65:75:48:59:e7:6f:74:22:ee:c7:c3:
68:16:88:0f:10:4f:39:bf:92:98:46:fe:c3:83:77:78:a6:94:
46:a0:9a:ff:6f:79:91:03:48:d1:b8:77:8f:f8:ea:d3:0d:9c:
4b:29:9e:05:64:9f:7d:2c:db:c7:fa:ba:8c:21:f3:a5:ed:01:
55:e2:01:09:ce:ff:3d:35:84:50:8b:69:54:4f:28:98:7b:4e:
e9:14:9e:57:7c:48:36:ba:c2:cc:79:16:9b:27:7e:e1:65:75:
4f:98:b4:0f:5b:5d:d2:ae:5e:73:71:36:d3:8d:54:77:93:7f:
df:b4:98:c0:bf:5c:05:70:b0:32:a9:b8:f6:f2:07:f4:0e:46:
98:0e:1c:68:13:a1:93:ad:af:a5:9e:86:2a:78:27:e2:47:4c:
ba:61:05:8c:d6:54:89:d3:b9:92:dc:99:fe:3c:86:27:2d:a8:
cc:49:79:f8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZdz58Ik8CO2pn2lSu7U59/PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YzI0OTNlNGMyZWVhOTMwYjFlYzJjODM2M2QyZDFmZmFl
NmUxN2UwHhcNMjUwNjE1MTQwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWM5MDIxYjhjYmVjMmI4YmMzYmVhZTE1NzU3N2VlMDAzZWY5M2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqqm5uT57wxsfg4frZlRIABpng2G
6xKHS+3+f6ys7Ot3dylIvqlif5/ujxeZcINdODOyza5AEjb+NrM9XtKTsr+eh/SY
VzjEyNX7eCZ3WCPWOOy+mWkrmqqSwPUBweqYAsGa/J7uC/TdM7JDJgaaz8C/g3zR
4cDAcMBdR2F7GagJ6u4HtFJR2eicuBtQj+0Bldh9VdBCfslSSoipbP/nHy3flWm3
HDS9jXzdiy7NMC0wIVf30lw3wxObS/69aXxrJonmMUvN9OS/S/noQ6UGN9sdlVuN
ZtAWaYMOQu9CdzFcmH5t+vjJO0bSv5cBmEM0e2HicyBR1Dllg7VNd5Kg8wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDHJAhuMvsK4vDvq4VdXfuAD75O0MB8GA1UdIwQY
MBaAFGTCST5MLuqTCx7CyDY9LR/65uF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMt
NjUyZTBmNWU1YmU4LzEvTWNrQ0c0eS13cmk4Ty1yaFYxZC00QVB2azdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80M2NhZjctOGZjNi00MTIzLThhOTMtNjUyZTBmNWU1YmU4
LzEvWk1KSlBrd3U2cE1MSHNMSU5qMHRIX3JtNFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQDH4JwAwQD
LpfwMAwDBAOwaggDBAWwagAwDAMEArB8dAMEB7B8ADANBgkqhkiG9w0BAQsFAAOC
AQEApoCN+Pq/zwHdJjyTViQSLa2PTpwVxA7KiuUL9dTf9aMeUMm8E3yGpzEyvdU7
BamA+59qABeeD4/FuCAvTn/ipsbEm1Iy2EpXKnnv5/znPmV1SFnnb3Qi7sfDaBaI
DxBPOb+SmEb+w4N3eKaURqCa/295kQNI0bh3j/jq0w2cSymeBWSffSzbx/q6jCHz
pe0BVeIBCc7/PTWEUItpVE8omHtO6RSeV3xINrrCzHkWmyd+4WV1T5i0D1td0q5e
c3E2041Ud5N/37SYwL9cBXCwMqm49vIH9A5GmA4caBOhk62vpZ6GKngn4kdMumEF
jNZUidO5ktyZ/jyGJy2ozEl5+A==
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:13:26 2025 by rpki-client