Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/mPel-Ky4KTw-yipTpTX6XFn1X6g.roa
File: mPel-Ky4KTw-yipTpTX6XFn1X6g.roa (raw, json)
Hash identifier: N5pE0c5lXs23W7feBcxuowFluJhlp7T2zf0Dpvw7muA=
Subject key identifier: 98:F7:A5:F8:AC:B8:29:3C:3E:CA:2A:53:A5:35:FA:5C:59:F5:5F:A8
Certificate issuer: /CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Certificate serial: 019658C298E30ABD4110E54E670669847B05
Authority key identifier: 74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/mPel-Ky4KTw-yipTpTX6XFn1X6g.roa
Signing time: Mon 21 Apr 2025 14:31:10 +0000
ROA not before: Mon 21 Apr 2025 14:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 185.11.134.0/24 maxlen: 24
185.11.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:58:c2:98:e3:0a:bd:41:10:e5:4e:67:06:69:84:7b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Validity
Not Before: Apr 21 14:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98f7a5f8acb8293c3eca2a53a535fa5c59f55fa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:82:39:ef:fe:c0:43:8a:11:e4:ac:e4:16:ee:
7a:0b:ba:7e:cc:ab:83:b3:b6:13:c3:7d:55:0f:72:
db:88:9d:a8:0f:16:25:c9:bc:79:4a:96:6d:d4:d4:
6c:34:4f:e8:de:a6:ef:48:f0:ed:dc:ba:1d:e6:ae:
0e:7a:ab:3f:32:3f:3e:a8:8d:d7:04:85:2c:23:a5:
75:32:12:e8:48:18:6b:21:94:bc:90:41:05:c4:45:
b4:fb:3d:03:ec:3a:be:53:ef:9b:e5:04:b9:bd:36:
46:bf:a5:28:81:49:19:5e:a3:5c:8b:0b:07:eb:c7:
7a:80:a2:17:71:3c:02:b3:88:80:5d:bd:a7:13:fa:
a3:d2:32:a9:eb:d3:ef:28:d5:35:5f:ef:c0:45:58:
31:5a:ba:b7:c3:0e:04:0e:95:5e:d7:17:17:be:8d:
53:38:db:26:07:2d:2f:50:63:c0:e8:18:f4:ef:54:
de:fb:08:19:bd:93:51:2b:8d:8d:12:8b:09:c1:01:
49:ba:57:10:d6:5f:1b:3b:94:8d:66:31:5d:6a:09:
e2:cd:e6:4b:34:32:8c:d4:81:aa:69:db:d5:2b:ea:
3e:ee:6d:61:99:e3:4a:c0:2f:a4:1e:bc:4b:77:73:
7e:d1:0a:94:71:ca:10:d0:be:f3:fa:f4:22:3d:b5:
af:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:F7:A5:F8:AC:B8:29:3C:3E:CA:2A:53:A5:35:FA:5C:59:F5:5F:A8
X509v3 Authority Key Identifier:
keyid:74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/mPel-Ky4KTw-yipTpTX6XFn1X6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.134.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:8d:be:bd:52:f7:82:97:12:39:fe:6a:c9:69:39:7e:52:68:
c6:a7:68:12:aa:61:8a:8b:71:ce:e6:53:ff:e1:db:6b:5d:25:
40:b0:05:c2:d5:e7:e2:bf:ea:39:75:89:95:96:47:16:f1:fb:
e5:0d:d2:4c:d3:72:a5:85:a7:67:4c:15:9f:24:8b:5f:f6:39:
fc:4b:fe:43:1d:ad:8c:d0:f8:b2:7c:f9:16:a3:c4:a9:c7:e3:
45:41:0f:2e:c6:e2:66:e1:17:17:19:ef:b7:6b:0e:e5:8e:9d:
9c:42:cb:dd:12:62:7e:5b:f7:3f:0a:48:95:a8:5c:1c:b6:79:
d8:82:61:ea:c2:79:6a:92:99:de:b6:48:a6:6c:5c:a6:bf:b4:
87:d1:d2:2b:15:60:2a:26:0d:b5:0e:b9:91:84:96:2d:b3:f6:
54:32:cd:1a:e0:5f:61:04:f3:e4:83:4b:fe:ba:ac:59:e8:61:
30:b7:83:4d:b5:f8:75:8e:e5:2b:bb:da:1b:b4:fc:93:e2:68:
fa:5d:8c:79:96:21:2f:f6:79:d7:f9:23:88:90:28:72:3b:13:
dd:20:f4:4f:27:93:41:3b:ac:a5:e6:9d:b5:53:d3:67:e6:8f:
87:57:ca:45:54:77:75:a3:9a:48:b4:3b:96:76:17:8a:6b:d6:
a5:d9:ce:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZYwpjjCr1BEOVOZwZphHsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MDRlMTZmMzMzZDg5NjUwYzY2MTNhYzZjOTVkMzQ4ZGM0
Yjc5NTAwHhcNMjUwNDIxMTQzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGY3YTVmOGFjYjgyOTNjM2VjYTJhNTNhNTM1ZmE1YzU5ZjU1ZmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2II57/7AQ4oR5KzkFu56C7p+zKuD
s7YTw31VD3LbiJ2oDxYlybx5SpZt1NRsNE/o3qbvSPDt3Lod5q4Oeqs/Mj8+qI3X
BIUsI6V1MhLoSBhrIZS8kEEFxEW0+z0D7Dq+U++b5QS5vTZGv6UogUkZXqNciwsH
68d6gKIXcTwCs4iAXb2nE/qj0jKp69PvKNU1X+/ARVgxWrq3ww4EDpVe1xcXvo1T
ONsmBy0vUGPA6Bj071Te+wgZvZNRK42NEosJwQFJulcQ1l8bO5SNZjFdagnizeZL
NDKM1IGqadvVK+o+7m1hmeNKwC+kHrxLd3N+0QqUccoQ0L7z+vQiPbWvxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJj3pfisuCk8PsoqU6U1+lxZ9V+oMB8GA1UdIwQY
MBaAFHQE4W8zPYllDGYTrGyV00jcS3lQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzct
MThjNWViZWYyN2E4LzEvbVBlbC1LeTRLVHcteWlwVHBUWDZYRm4xWDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzctMThjNWViZWYyN2E4
LzEvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQuGMA0G
CSqGSIb3DQEBCwUAA4IBAQCKjb69UveClxI5/mrJaTl+UmjGp2gSqmGKi3HO5lP/
4dtrXSVAsAXC1efiv+o5dYmVlkcW8fvlDdJM03KlhadnTBWfJItf9jn8S/5DHa2M
0PiyfPkWo8Spx+NFQQ8uxuJm4RcXGe+3aw7ljp2cQsvdEmJ+W/c/CkiVqFwctnnY
gmHqwnlqkpnetkimbFymv7SH0dIrFWAqJg21DrmRhJYts/ZUMs0a4F9hBPPkg0v+
uqxZ6GEwt4NNtfh1juUru9obtPyT4mj6XYx5liEv9nnX+SOIkChyOxPdIPRPJ5NB
O6yl5p21U9Nn5o+HV8pFVHd1o5pItDuWdheKa9al2c7i
-----END CERTIFICATE-----
Generated at Mon May 5 14:32:38 2025 by rpki-client