Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mpV8JsWkft4gjwYvNIa197VEWyg.roa
File: mpV8JsWkft4gjwYvNIa197VEWyg.roa (raw, json)
Hash identifier: P0A3TOht6NlobDc3l2NinQhqSKtC+m95sKJJfxm5/WI=
Subject key identifier: 9A:95:7C:26:C5:A4:7E:DE:20:8F:06:2F:34:86:B5:F7:B5:44:5B:28
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 01967E90A4382C84BD7BECB61C687F0BEAFF
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mpV8JsWkft4gjwYvNIa197VEWyg.roa
Signing time: Mon 28 Apr 2025 22:42:10 +0000
ROA not before: Mon 28 Apr 2025 22:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19917
IP address blocks: 124.158.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 23:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7e:90:a4:38:2c:84:bd:7b:ec:b6:1c:68:7f:0b:ea:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Apr 28 22:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a957c26c5a47ede208f062f3486b5f7b5445b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:da:ec:4e:d4:db:a9:44:b3:72:48:00:cb:3f:
28:05:fd:62:5f:7b:1f:e1:af:29:cb:f6:81:ae:3b:
e5:2c:c9:50:ab:7a:51:a5:fa:27:3a:05:4c:9b:17:
5b:45:92:16:66:64:ed:2f:07:06:9c:dc:f5:2b:c9:
51:f1:8d:d6:4b:2f:81:59:ae:b1:c3:13:8e:af:8e:
9f:21:93:6e:3a:b3:5e:c3:b5:fd:c5:81:d4:d3:71:
86:db:ff:fb:f3:b8:16:88:46:5a:7c:12:31:32:88:
96:d5:eb:f1:11:2b:87:8d:d9:fa:0d:af:87:37:8d:
1d:3a:22:9e:af:b0:35:4e:18:fb:ed:1c:55:eb:c3:
14:bf:3d:87:29:33:56:9e:40:e3:52:b0:e2:e7:47:
4d:55:3f:dc:21:01:dd:01:f1:a3:be:a9:ee:a9:a4:
84:56:3a:d9:58:21:bf:9a:3f:6f:b1:24:18:43:99:
6e:14:79:1b:53:fd:35:9b:3c:1b:ac:45:7c:56:09:
54:86:4d:3c:97:4f:f8:d4:b5:de:50:6b:30:07:35:
66:7c:74:44:d5:9c:02:68:e2:99:33:43:ae:3e:bd:
a5:32:d5:f3:dc:5f:cb:34:ea:68:c6:40:5c:9a:81:
8e:d9:ab:0a:db:a5:6e:a9:30:dd:58:1a:74:d0:56:
ca:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:95:7C:26:C5:A4:7E:DE:20:8F:06:2F:34:86:B5:F7:B5:44:5B:28
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/mpV8JsWkft4gjwYvNIa197VEWyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.158.100.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c3:b7:fc:5f:49:c1:75:a3:2c:f0:9d:03:51:61:6e:ba:f8:
8f:c0:77:6f:02:57:49:62:13:2d:c4:f3:33:69:85:be:88:11:
a0:54:12:d0:13:66:46:44:26:23:67:e4:05:44:1b:f8:d5:35:
89:18:4c:f1:0c:7d:a6:1a:82:56:e1:07:bd:09:c5:f6:49:57:
f1:d7:b0:d7:4c:4a:58:3f:d4:05:d5:28:34:0f:53:10:0e:5b:
5d:72:37:7d:14:15:69:ca:db:4a:27:15:63:79:42:d8:50:c9:
8e:f7:f4:b7:15:1c:f2:cf:65:58:70:37:5c:3b:69:b7:d6:81:
7c:8a:0d:84:2f:b3:c3:84:11:56:fa:cd:7e:1d:4f:87:dd:4a:
b8:2b:1e:de:eb:42:7d:2d:7f:c6:30:65:54:c0:fd:25:fd:0f:
d3:8b:b6:65:4d:c4:84:e4:55:38:14:de:61:4b:45:27:17:36:
be:92:9d:3f:e9:76:6d:0b:1b:38:21:ce:62:81:b8:c7:77:b4:
ef:04:ff:33:a3:80:4f:87:5b:c2:db:9f:24:0d:a8:ba:c4:83:
7b:5f:56:b7:3a:e2:55:48:1d:cb:71:ca:dd:d7:f3:39:ed:5c:
0e:85:93:55:2a:ff:30:e7:e4:a1:f9:24:f2:db:95:78:5c:bc:
e1:6d:db:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZ+kKQ4LIS9e+y2HGh/C+r/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwNDI4MjI0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTk1N2MyNmM1YTQ3ZWRlMjA4ZjA2MmYzNDg2YjVmN2I1NDQ1YjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldrsTtTbqUSzckgAyz8oBf1iX3sf
4a8py/aBrjvlLMlQq3pRpfonOgVMmxdbRZIWZmTtLwcGnNz1K8lR8Y3WSy+BWa6x
wxOOr46fIZNuOrNew7X9xYHU03GG2//787gWiEZafBIxMoiW1evxESuHjdn6Da+H
N40dOiKer7A1Thj77RxV68MUvz2HKTNWnkDjUrDi50dNVT/cIQHdAfGjvqnuqaSE
VjrZWCG/mj9vsSQYQ5luFHkbU/01mzwbrEV8VglUhk08l0/41LXeUGswBzVmfHRE
1ZwCaOKZM0OuPr2lMtXz3F/LNOpoxkBcmoGO2asK26VuqTDdWBp00FbK2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJqVfCbFpH7eII8GLzSGtfe1RFsoMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvbXBWOEpzV2tmdDRnandZdk5JYTE5N1ZFV3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAfJ5kMA0G
CSqGSIb3DQEBCwUAA4IBAQCaw7f8X0nBdaMs8J0DUWFuuviPwHdvAldJYhMtxPMz
aYW+iBGgVBLQE2ZGRCYjZ+QFRBv41TWJGEzxDH2mGoJW4Qe9CcX2SVfx17DXTEpY
P9QF1Sg0D1MQDltdcjd9FBVpyttKJxVjeULYUMmO9/S3FRzyz2VYcDdcO2m31oF8
ig2EL7PDhBFW+s1+HU+H3Uq4Kx7e60J9LX/GMGVUwP0l/Q/Ti7ZlTcSE5FU4FN5h
S0UnFza+kp0/6XZtCxs4Ic5igbjHd7TvBP8zo4BPh1vC258kDai6xIN7X1a3OuJV
SB3Lccrd1/M57VwOhZNVKv8w5+Sh+STy25V4XLzhbdtz
-----END CERTIFICATE-----
Generated at Mon May 12 07:20:33 2025 by rpki-client