Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mUn4bAz55ffqb0tiJskpWuVtNjA.roa
File: mUn4bAz55ffqb0tiJskpWuVtNjA.roa (raw, json)
Hash identifier: BAAWKJEZVUELA0qluua1re9Mkphc7hB4/fV/DRwqpfQ=
Subject key identifier: 99:49:F8:6C:0C:F9:E5:F7:EA:6F:4B:62:26:C9:29:5A:E5:6D:36:30
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0196399C5B48123B4EB3AA30CA63047D4BC3
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mUn4bAz55ffqb0tiJskpWuVtNjA.roa
Signing time: Tue 15 Apr 2025 13:21:10 +0000
ROA not before: Tue 15 Apr 2025 13:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8311
IP address blocks: 194.143.196.0/24 maxlen: 24
194.143.200.0/24 maxlen: 24
194.143.210.0/23 maxlen: 23
194.143.211.0/24 maxlen: 24
194.143.212.0/23 maxlen: 23
194.143.214.0/24 maxlen: 24
194.143.215.0/24 maxlen: 24
213.220.10.0/23 maxlen: 23
213.220.32.0/22 maxlen: 22
213.220.58.0/23 maxlen: 24
213.220.60.0/23 maxlen: 24
213.220.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:9c:5b:48:12:3b:4e:b3:aa:30:ca:63:04:7d:4b:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Apr 15 13:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9949f86c0cf9e5f7ea6f4b6226c9295ae56d3630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:80:96:7a:ed:3c:f5:09:10:fc:60:3b:76:
1d:b2:a9:d4:db:d6:64:18:c6:bf:f4:1d:26:ec:ad:
cb:d6:35:37:9e:08:af:5c:00:c8:f7:73:87:8a:61:
cf:c9:1e:b0:a7:41:90:18:91:3e:2d:72:6b:d2:83:
e0:e0:44:29:7d:38:fa:59:0b:94:8d:06:de:76:ca:
1f:8a:50:6d:f6:c6:01:2d:1a:32:bd:72:a0:2a:95:
6a:8f:76:b4:7a:f5:47:ae:47:af:e0:d9:6c:ae:47:
9a:ed:6c:5a:bf:b5:b8:4a:8e:bb:b3:fe:a2:73:e7:
33:50:19:bd:4a:7d:35:4c:13:44:be:2f:bd:bf:b1:
fe:31:67:78:eb:06:09:8d:06:43:fa:b1:43:77:08:
1a:2f:04:b5:65:51:56:48:e6:99:f8:e4:18:97:6f:
7a:0f:39:86:4f:a7:b3:74:9b:c5:34:6c:56:f1:27:
45:14:36:51:d7:ee:34:43:b0:00:72:8e:a9:a7:6d:
a7:1a:06:35:18:4f:84:74:2d:c5:b4:9e:fa:c0:94:
49:bc:ff:08:4d:94:55:da:47:5e:ac:b7:29:83:15:
b6:81:55:1a:04:a3:10:82:77:73:94:e3:e7:fe:1c:
e7:6e:79:73:3c:fe:d8:7c:7e:0a:98:d1:a6:7e:6b:
a4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:49:F8:6C:0C:F9:E5:F7:EA:6F:4B:62:26:C9:29:5A:E5:6D:36:30
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mUn4bAz55ffqb0tiJskpWuVtNjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.196.0/24
194.143.200.0/24
194.143.210.0-194.143.215.255
213.220.10.0/23
213.220.32.0/22
213.220.58.0-213.220.61.255
213.220.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:aa:61:ed:7e:d1:78:cc:f7:fb:79:ec:3b:d1:ed:1f:20:c0:
aa:3b:fb:83:43:cc:f7:5d:5f:cb:fc:3c:75:d1:81:18:43:13:
b2:15:21:d1:19:36:e1:77:5c:3f:aa:38:f1:01:15:79:1a:d9:
51:14:af:a3:4b:a8:2c:65:83:e0:1a:7c:44:4a:83:4c:10:e9:
1a:e6:49:02:05:4e:12:a3:8a:76:d7:17:e9:38:a4:0a:8b:ce:
c0:70:b2:ed:a8:b0:81:f4:e5:0b:c7:7a:74:2b:0e:f0:32:92:
16:3b:05:d8:ce:29:02:57:63:88:7a:81:1b:ce:a6:48:cb:eb:
c9:ff:1e:88:ca:d6:dd:7a:4a:20:0b:07:fe:da:aa:48:e1:ce:
70:fe:37:69:c5:32:44:b5:b4:f7:41:a7:80:67:d8:04:16:c9:
2e:69:4e:30:a8:e5:13:fa:bc:f3:8d:61:3a:57:69:96:1a:ed:
bc:07:38:bc:11:14:f7:23:e1:0a:30:37:53:64:5a:cb:42:18:
40:2b:44:5a:6d:54:66:66:f6:dd:74:6c:14:77:d2:98:f5:39:
24:e2:8a:62:06:58:75:29:3a:e1:a0:5c:33:41:a1:7b:20:80:
95:94:9f:42:1e:a4:56:09:77:17:f6:64:aa:ea:0d:62:6b:4a:
79:57:14:af
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZY5nFtIEjtOs6owymMEfUvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNDE1MTMyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTQ5Zjg2YzBjZjllNWY3ZWE2ZjRiNjIyNmM5Mjk1YWU1NmQzNjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkWAlnrtPPUJEPxgO3YdsqnU29Zk
GMa/9B0m7K3L1jU3ngivXADI93OHimHPyR6wp0GQGJE+LXJr0oPg4EQpfTj6WQuU
jQbedsofilBt9sYBLRoyvXKgKpVqj3a0evVHrkev4Nlsrkea7Wxav7W4So67s/6i
c+czUBm9Sn01TBNEvi+9v7H+MWd46wYJjQZD+rFDdwgaLwS1ZVFWSOaZ+OQYl296
DzmGT6ezdJvFNGxW8SdFFDZR1+40Q7AAco6pp22nGgY1GE+EdC3FtJ76wJRJvP8I
TZRV2kderLcpgxW2gVUaBKMQgndzlOPn/hznbnlzPP7YfH4KmNGmfmukTQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFJlJ+GwM+eX36m9LYibJKVrlbTYwMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvbVVuNGJBejU1ZmZxYjB0aUpza3BXdVZ0TmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAwo/EAwQA
wo/IMAwDBAHCj9IDBAPCj9ADBAHV3AoDBALV3CAwDAMEAdXcOgMEAdXcPAMEANXc
PzANBgkqhkiG9w0BAQsFAAOCAQEAP6ph7X7ReMz3+3nsO9HtHyDAqjv7g0PM911f
y/w8ddGBGEMTshUh0Rk24XdcP6o48QEVeRrZURSvo0uoLGWD4Bp8REqDTBDpGuZJ
AgVOEqOKdtcX6TikCovOwHCy7aiwgfTlC8d6dCsO8DKSFjsF2M4pAldjiHqBG86m
SMvryf8eiMrW3XpKIAsH/tqqSOHOcP43acUyRLW090GngGfYBBbJLmlOMKjlE/q8
841hOldplhrtvAc4vBEU9yPhCjA3U2Ray0IYQCtEWm1UZmb23XRsFHfSmPU5JOKK
YgZYdSk64aBcM0GheyCAlZSfQh6kVgl3F/ZkquoNYmtKeVcUrw==
-----END CERTIFICATE-----
Generated at Mon May 5 13:45:06 2025 by rpki-client