Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/Mo_PTp1RnKkJnXxtlC7OWx0YSxQ.roa
File: Mo_PTp1RnKkJnXxtlC7OWx0YSxQ.roa (raw, json)
Hash identifier: YFv4cH8jBfWT6Q+LN0D+DWnRT7DQ1QH3WQI1NP0LJho=
Subject key identifier: 32:8F:CF:4E:9D:51:9C:A9:09:9D:7C:6D:94:2E:CE:5B:1D:18:4B:14
Certificate issuer: /CN=cb382815b25161365a91610cbdad71f66286f781
Certificate serial: 019424B262C23934BF91C5277AB40AA0C48A
Authority key identifier: CB:38:28:15:B2:51:61:36:5A:91:61:0C:BD:AD:71:F6:62:86:F7:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzgoFbJRYTZakWEMva1x9mKG94E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/Mo_PTp1RnKkJnXxtlC7OWx0YSxQ.roa
Signing time: Thu 02 Jan 2025 01:47:38 +0000
ROA not before: Thu 02 Jan 2025 01:47:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33814
IP address blocks: 46.235.192.0/21 maxlen: 24
2a03:c200::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/yzgoFbJRYTZakWEMva1x9mKG94E.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/yzgoFbJRYTZakWEMva1x9mKG94E.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzgoFbJRYTZakWEMva1x9mKG94E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:62:c2:39:34:bf:91:c5:27:7a:b4:0a:a0:c4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb382815b25161365a91610cbdad71f66286f781
Validity
Not Before: Jan 2 01:47:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=328fcf4e9d519ca9099d7c6d942ece5b1d184b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e6:5c:a0:db:76:08:c5:c7:ac:4b:58:e9:38:
45:05:c9:16:ec:ea:20:cb:5b:ff:a4:c7:fa:7d:f3:
24:81:5c:97:d1:2e:d2:5c:af:1f:e5:f0:46:a8:13:
44:76:1e:2e:21:13:73:91:19:2a:92:22:63:0e:ef:
4f:e7:8a:78:63:d5:54:f2:f0:34:6b:42:85:57:ee:
19:b0:55:ea:7b:c1:6e:4c:e8:cc:6a:3a:9c:c8:8d:
01:19:5d:9c:4b:86:34:06:cc:9e:03:28:84:2a:c1:
be:d7:17:57:2b:84:6c:32:01:84:26:fc:11:0b:08:
62:6a:12:96:04:02:e9:a1:d1:5b:21:0a:71:9f:3b:
7e:d0:b6:3a:d7:2a:a2:25:09:0e:c9:4c:05:80:26:
69:0f:aa:5d:61:65:f1:8f:04:f6:ce:6b:df:73:29:
0e:8a:2d:7b:71:07:0e:cb:42:f4:2f:f6:8f:7e:d8:
8a:f9:a7:57:f8:5a:e1:22:af:26:f5:83:30:4c:8c:
c2:3c:2d:56:76:d7:be:e6:e8:9d:04:f7:34:7d:bb:
74:34:21:a7:3e:d5:a8:2d:18:d4:00:fb:61:51:65:
17:c7:0f:19:aa:90:6c:f0:a4:62:85:75:57:20:21:
50:a0:77:c2:9c:35:00:91:af:c5:40:59:10:e2:5e:
64:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8F:CF:4E:9D:51:9C:A9:09:9D:7C:6D:94:2E:CE:5B:1D:18:4B:14
X509v3 Authority Key Identifier:
keyid:CB:38:28:15:B2:51:61:36:5A:91:61:0C:BD:AD:71:F6:62:86:F7:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzgoFbJRYTZakWEMva1x9mKG94E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/Mo_PTp1RnKkJnXxtlC7OWx0YSxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ef70f1-52a1-4e7a-b3c6-414238c5bbc2/1/yzgoFbJRYTZakWEMva1x9mKG94E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.192.0/21
IPv6:
2a03:c200::/32
Signature Algorithm: sha256WithRSAEncryption
19:ff:09:46:15:25:76:bb:0c:38:cd:45:52:00:fb:92:9e:52:
bd:6d:87:c3:65:fc:e9:bc:e0:d5:f4:10:64:f1:36:54:c6:bc:
bb:8b:04:05:a4:83:41:a5:bb:f3:19:cd:b5:e5:9c:89:69:14:
f8:e2:46:92:12:fa:a6:36:cb:31:e2:b4:14:07:11:83:a4:6a:
38:b8:4a:bd:35:94:bd:93:38:45:de:23:88:89:f7:45:31:6b:
76:34:4d:b7:5e:26:e1:70:17:3a:fd:0c:dc:99:7a:94:cd:3b:
d7:0a:24:78:d0:25:c5:a1:9d:6e:4d:16:2b:97:1c:76:2b:69:
36:c0:97:f5:ae:65:74:57:24:9a:54:57:b5:70:22:48:81:94:
37:ea:a4:e6:e6:3c:c1:16:68:d6:1a:7f:98:44:9f:a7:76:15:
de:4b:25:f8:aa:ae:d3:96:8e:b2:d2:aa:c4:93:e6:78:16:fe:
84:84:ee:5c:3e:51:73:52:c9:8f:60:8c:b6:78:92:5f:4c:5e:
94:da:ec:e5:4d:93:dc:c5:de:87:50:59:18:dd:2d:dc:af:0f:
45:c8:39:35:c5:b6:c8:a9:b4:2d:3a:f0:c2:da:f2:eb:61:3e:
53:b6:5c:5a:8e:29:52:c3:29:1f:10:ca:ea:dd:40:76:17:c1:
ae:3b:da:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQksmLCOTS/kcUnerQKoMSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzgyODE1YjI1MTYxMzY1YTkxNjEwY2JkYWQ3MWY2NjI4
NmY3ODEwHhcNMjUwMTAyMDE0NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhmY2Y0ZTlkNTE5Y2E5MDk5ZDdjNmQ5NDJlY2U1YjFkMTg0YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeZcoNt2CMXHrEtY6ThFBckW7Oog
y1v/pMf6ffMkgVyX0S7SXK8f5fBGqBNEdh4uIRNzkRkqkiJjDu9P54p4Y9VU8vA0
a0KFV+4ZsFXqe8FuTOjMajqcyI0BGV2cS4Y0BsyeAyiEKsG+1xdXK4RsMgGEJvwR
CwhiahKWBALpodFbIQpxnzt+0LY61yqiJQkOyUwFgCZpD6pdYWXxjwT2zmvfcykO
ii17cQcOy0L0L/aPftiK+adX+FrhIq8m9YMwTIzCPC1Wdte+5uidBPc0fbt0NCGn
PtWoLRjUAPthUWUXxw8ZqpBs8KRihXVXICFQoHfCnDUAka/FQFkQ4l5kvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDKPz06dUZypCZ18bZQuzlsdGEsUMB8GA1UdIwQY
MBaAFMs4KBWyUWE2WpFhDL2tcfZihveBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpnb0ZiSlJZVFpha1dFTXZhMXg5bUtHOTRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lZjcwZjEtNTJhMS00ZTdhLWIzYzYt
NDE0MjM4YzViYmMyLzEvTW9fUFRwMVJuS2tKblh4dGxDN09XeDBZU3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lZjcwZjEtNTJhMS00ZTdhLWIzYzYtNDE0MjM4YzViYmMy
LzEveXpnb0ZiSlJZVFpha1dFTXZhMXg5bUtHOTRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLuvAMA0E
AgACMAcDBQAqA8IAMA0GCSqGSIb3DQEBCwUAA4IBAQAZ/wlGFSV2uww4zUVSAPuS
nlK9bYfDZfzpvODV9BBk8TZUxry7iwQFpINBpbvzGc215ZyJaRT44kaSEvqmNssx
4rQUBxGDpGo4uEq9NZS9kzhF3iOIifdFMWt2NE23XibhcBc6/QzcmXqUzTvXCiR4
0CXFoZ1uTRYrlxx2K2k2wJf1rmV0VySaVFe1cCJIgZQ36qTm5jzBFmjWGn+YRJ+n
dhXeSyX4qq7Tlo6y0qrEk+Z4Fv6EhO5cPlFzUsmPYIy2eJJfTF6U2uzlTZPcxd6H
UFkY3S3crw9FyDk1xbbIqbQtOvDC2vLrYT5TtlxajilSwykfEMrq3UB2F8GuO9rG
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:08:13 2025 by rpki-client