Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTzP7-OE3iar-gmJStHw1lP30pw.roa
File: MTzP7-OE3iar-gmJStHw1lP30pw.roa (raw, json)
Hash identifier: wQpcoOLP6jbU1g1CoTI7AZhuvoycVtXP6qWqmDMWO4g=
Subject key identifier: 31:3C:CF:EF:E3:84:DE:26:AB:FA:09:89:4A:D1:F0:D6:53:F7:D2:9C
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01968690AF609C825BBB81DAD4D89F21BE0E
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTzP7-OE3iar-gmJStHw1lP30pw.roa
Signing time: Wed 30 Apr 2025 11:59:11 +0000
ROA not before: Wed 30 Apr 2025 11:59:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213005
IP address blocks: 45.81.155.0/24 maxlen: 24
81.21.228.0/22 maxlen: 24
85.115.192.0/22 maxlen: 24
88.135.64.0/22 maxlen: 24
92.60.34.0/24 maxlen: 24
93.92.228.0/22 maxlen: 24
185.106.124.0/22 maxlen: 24
185.179.228.0/22 maxlen: 22
185.189.64.0/22 maxlen: 24
185.211.180.0/22 maxlen: 22
185.223.220.0/22 maxlen: 22
185.227.128.0/22 maxlen: 22
185.230.48.0/22 maxlen: 24
185.245.34.0/23 maxlen: 23
193.26.152.0/22 maxlen: 24
193.35.88.0/22 maxlen: 24
194.38.56.0/22 maxlen: 24
212.80.208.0/22 maxlen: 24
212.115.44.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:90:af:60:9c:82:5b:bb:81:da:d4:d8:9f:21:be:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 30 11:59:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=313ccfefe384de26abfa09894ad1f0d653f7d29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d1:e6:cc:d7:59:69:73:1d:b6:bd:1e:af:9a:
be:e5:e6:94:d6:d6:0c:55:90:27:a0:7b:ad:75:fa:
05:07:ba:d4:05:39:b1:68:ec:dd:7b:cc:fc:08:17:
82:c9:3a:9c:ca:9c:bd:ad:10:c5:73:32:49:cf:ab:
56:ca:d8:01:5d:5a:9b:c0:7f:c4:c2:79:42:02:df:
4d:78:c4:b6:86:97:7b:69:57:5f:91:5e:00:e6:08:
b2:72:80:90:ef:a1:8c:14:d3:d4:5b:73:d6:f7:07:
0f:da:35:9b:18:ed:0b:8b:66:e8:e0:18:a3:d8:ba:
2c:36:c6:07:ae:5f:aa:2c:0c:fe:c7:c0:9a:14:09:
29:9a:33:be:0f:57:c9:f9:eb:11:f2:19:77:56:cd:
81:4c:92:e3:71:e4:58:32:89:1f:42:75:84:b9:ce:
9b:8f:5a:e0:6e:16:c9:a7:00:b4:f0:15:31:10:22:
cf:46:65:0e:d4:94:29:5e:f1:88:f7:8d:68:17:4f:
43:df:18:8e:3b:4c:2e:5d:84:ce:d3:c6:53:c0:28:
43:30:99:af:5c:76:e2:8e:09:84:7e:88:df:3b:65:
80:56:ce:b3:d6:f9:cf:9f:7d:5f:a4:b6:7b:ed:dc:
6e:5c:e3:d0:03:f9:5f:9b:1c:e3:a4:40:3b:f3:23:
9a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:3C:CF:EF:E3:84:DE:26:AB:FA:09:89:4A:D1:F0:D6:53:F7:D2:9C
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MTzP7-OE3iar-gmJStHw1lP30pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.155.0/24
81.21.228.0/22
85.115.192.0/22
88.135.64.0/22
92.60.34.0/24
93.92.228.0/22
185.106.124.0/22
185.179.228.0/22
185.189.64.0/22
185.211.180.0/22
185.223.220.0/22
185.227.128.0/22
185.230.48.0/22
185.245.34.0/23
193.26.152.0/22
193.35.88.0/22
194.38.56.0/22
212.80.208.0/22
212.115.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:97:65:9e:8f:6b:05:81:ed:3a:37:09:c2:1f:a1:4e:a3:09:
29:27:dc:0e:00:14:2c:c7:e9:df:c6:a3:9b:dc:df:76:78:13:
8e:ce:42:21:7f:47:0f:0e:00:b9:3a:ec:b5:78:5a:59:28:dd:
a0:1b:85:56:0f:ba:e1:07:e8:4e:06:2e:dd:47:11:ec:29:99:
99:06:d5:e6:66:ef:2b:ea:95:8c:b0:17:8c:f5:dd:99:f1:1d:
df:5e:a8:24:9e:e8:b3:0e:06:a1:6e:77:ee:b2:41:b4:bc:6b:
3e:bd:9d:61:68:92:7b:00:7a:eb:2a:00:75:fa:df:e8:6c:e9:
aa:9f:28:ed:05:7a:b7:d6:0d:53:f2:83:47:b1:1a:ef:42:cb:
df:d4:93:ff:96:08:76:62:20:66:d2:37:b2:b8:70:af:16:17:
da:84:be:5e:7c:ed:b8:c2:45:6c:40:3b:1f:16:92:92:7e:64:
12:63:3a:c2:09:c3:e5:77:72:f6:ef:49:d1:c7:bc:f8:26:fe:
05:64:c0:e8:b4:97:87:96:24:d0:86:d5:62:cc:10:6b:1b:18:
62:e5:06:ce:db:70:03:83:46:21:a2:c2:86:88:cb:d8:56:69:
cf:bf:90:eb:37:e9:ce:83:fd:3c:91:c8:97:03:1e:92:a5:f0:
e9:0b:71:e1
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZaGkK9gnIJbu4Ha1NifIb4OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDMwMTE1OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTNjY2ZlZmUzODRkZTI2YWJmYTA5ODk0YWQxZjBkNjUzZjdkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NHmzNdZaXMdtr0er5q+5eaU1tYM
VZAnoHutdfoFB7rUBTmxaOzde8z8CBeCyTqcypy9rRDFczJJz6tWytgBXVqbwH/E
wnlCAt9NeMS2hpd7aVdfkV4A5giycoCQ76GMFNPUW3PW9wcP2jWbGO0Li2bo4Bij
2LosNsYHrl+qLAz+x8CaFAkpmjO+D1fJ+esR8hl3Vs2BTJLjceRYMokfQnWEuc6b
j1rgbhbJpwC08BUxECLPRmUO1JQpXvGI941oF09D3xiOO0wuXYTO08ZTwChDMJmv
XHbijgmEfojfO2WAVs6z1vnPn31fpLZ77dxuXOPQA/lfmxzjpEA78yOatQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFDE8z+/jhN4mq/oJiUrR8NZT99KcMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTVR6UDctT0UzaWFyLWdtSlN0SHcxbFAzMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAC1RmwME
AlEV5AMEAlVzwAMEAliHQAMEAFw8IgMEAl1c5AMEArlqfAMEArmz5AMEArm9QAME
ArnTtAMEArnf3AMEArnjgAMEArnmMAMEAbn1IgMEAsEamAMEAsEjWAMEAsImOAME
AtRQ0AMEAtRzLDANBgkqhkiG9w0BAQsFAAOCAQEAGpdlno9rBYHtOjcJwh+hTqMJ
KSfcDgAULMfp38ajm9zfdngTjs5CIX9HDw4AuTrstXhaWSjdoBuFVg+64QfoTgYu
3UcR7CmZmQbV5mbvK+qVjLAXjPXdmfEd316oJJ7osw4GoW537rJBtLxrPr2dYWiS
ewB66yoAdfrf6Gzpqp8o7QV6t9YNU/KDR7Ea70LL39ST/5YIdmIgZtI3srhwrxYX
2oS+XnztuMJFbEA7HxaSkn5kEmM6wgnD5Xdy9u9J0ce8+Cb+BWTA6LSXh5Yk0IbV
YswQaxsYYuUGzttwA4NGIaLChojL2FZpz7+Q6zfpzoP9PJHIlwMekqXw6Qtx4Q==
-----END CERTIFICATE-----
Generated at Tue May 6 10:38:16 2025 by rpki-client