Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/moFeQYBq3L6hVxZoK5HTTm_wjqM.roa
File: moFeQYBq3L6hVxZoK5HTTm_wjqM.roa (raw, json)
Hash identifier: lqMyHVwzlYhJsvnvLBA8lnllD924kEn2qCOMamSzJiw=
Subject key identifier: 9A:81:5E:41:80:6A:DC:BE:A1:57:16:68:2B:91:D3:4E:6F:F0:8E:A3
Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Certificate serial: 01963DE1F40D7A0980B263EBC45C37A388B2
Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/moFeQYBq3L6hVxZoK5HTTm_wjqM.roa
Signing time: Wed 16 Apr 2025 09:15:40 +0000
ROA not before: Wed 16 Apr 2025 09:15:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213605
IP address blocks: 2a14:67c1:a020::/44 maxlen: 48
2a14:67c1:a066::/48 maxlen: 48
2a14:67c1:b100::/40 maxlen: 48
2a14:67c1:b100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:e1:f4:0d:7a:09:80:b2:63:eb:c4:5c:37:a3:88:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0
Validity
Not Before: Apr 16 09:15:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a815e41806adcbea15716682b91d34e6ff08ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9a:0c:2d:21:99:b3:1d:15:b8:86:68:2e:59:
f9:02:f2:0a:d8:f1:29:08:22:f9:b4:2b:96:d7:14:
34:ee:fd:9b:7a:90:dd:fe:f6:cb:81:96:8a:2c:00:
73:fd:d3:3e:a3:54:7d:9b:1c:9d:56:ec:85:47:be:
0e:4e:93:dd:40:84:f0:d7:63:5c:79:d7:5f:82:75:
72:10:4d:49:ec:64:f3:de:7b:9c:80:97:97:55:7b:
75:c7:fa:f7:4e:12:c9:46:f4:60:60:8b:38:63:45:
b0:09:ec:7b:de:c5:4d:41:9b:2f:f6:4f:13:7d:c5:
25:0c:a1:2e:50:1d:3a:9d:cc:ef:ab:57:fc:c4:82:
b5:b1:74:2f:7a:fc:6a:0d:4c:26:c7:75:e4:89:d4:
73:50:1c:74:52:af:8f:6b:e9:0d:8a:3f:15:ef:e0:
2a:37:35:92:07:21:7c:c2:5b:93:d9:81:72:d4:26:
e2:35:5e:4f:7d:ac:6b:19:d1:c6:08:c6:ea:12:96:
6c:4d:60:db:55:ed:1b:0e:16:35:90:80:ae:23:8c:
a2:7f:96:02:4f:87:69:c8:08:67:95:55:54:30:44:
e2:43:e6:f2:ae:95:61:1c:45:98:36:d7:f2:ff:1f:
49:4d:8e:da:e7:74:8f:d0:17:37:d9:e9:52:7d:bf:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:81:5E:41:80:6A:DC:BE:A1:57:16:68:2B:91:D3:4E:6F:F0:8E:A3
X509v3 Authority Key Identifier:
keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/moFeQYBq3L6hVxZoK5HTTm_wjqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:67c1:a020::/44
2a14:67c1:a066::/48
2a14:67c1:b100::/40
Signature Algorithm: sha256WithRSAEncryption
18:8b:51:ff:30:8a:b0:90:70:5a:19:1d:5c:92:09:38:ff:75:
b3:9e:52:9d:9c:60:72:b5:7e:75:bf:d4:ea:91:b6:da:33:bd:
a1:c6:22:e0:d1:a8:1e:e3:6b:82:d2:a7:62:8c:34:89:19:52:
ad:0a:9a:fd:3d:48:a2:71:6c:dc:77:c7:0b:81:05:ba:c8:20:
23:e2:49:2d:94:40:23:71:bb:15:dc:cb:b2:f2:a1:a5:a7:ad:
92:17:90:c6:e0:73:49:60:88:29:17:e7:5b:57:3d:66:c6:ad:
1c:c3:56:29:04:23:c6:20:b8:9b:a7:f0:70:8f:df:84:3b:53:
62:6e:42:da:70:95:fd:8a:14:16:b4:40:dc:78:d9:a5:61:29:
bb:ae:be:e8:f0:e4:b6:99:a3:da:c6:ca:d3:f6:94:73:e6:03:
62:0e:4b:e6:b3:99:b5:fd:88:52:51:80:cc:8c:4a:41:6c:21:
4c:57:60:0d:b2:52:33:33:03:a7:04:78:56:b6:af:c3:c7:16:
c2:07:e4:12:94:4c:b5:df:11:93:90:e5:4b:45:b7:59:04:71:
1e:89:67:4a:7d:d0:13:26:94:29:bf:9d:d0:87:f6:1a:7e:20:
cf:61:29:a6:00:ed:c4:67:96:51:c4:20:ad:2e:40:fe:b2:cd:
6f:ac:77:8d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZY94fQNegmAsmPrxFw3o4iyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll
NGUwZTAwHhcNMjUwNDE2MDkxNTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgxNWU0MTgwNmFkY2JlYTE1NzE2NjgyYjkxZDM0ZTZmZjA4ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJoMLSGZsx0VuIZoLln5AvIK2PEp
CCL5tCuW1xQ07v2bepDd/vbLgZaKLABz/dM+o1R9mxydVuyFR74OTpPdQITw12Nc
eddfgnVyEE1J7GTz3nucgJeXVXt1x/r3ThLJRvRgYIs4Y0WwCex73sVNQZsv9k8T
fcUlDKEuUB06nczvq1f8xIK1sXQvevxqDUwmx3XkidRzUBx0Uq+Pa+kNij8V7+Aq
NzWSByF8wluT2YFy1CbiNV5PfaxrGdHGCMbqEpZsTWDbVe0bDhY1kICuI4yif5YC
T4dpyAhnlVVUMETiQ+byrpVhHEWYNtfy/x9JTY7a53SP0Bc32elSfb+2vQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJqBXkGAaty+oVcWaCuR005v8I6jMB8GA1UdIwQY
MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt
ZjZjYzRlZjBmN2RmLzEvbW9GZVFZQnEzTDZoVnhab0s1SFRUbV93anFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm
LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcEKhRnwaAg
AwcAKhRnwaBmAwYAKhRnwbEwDQYJKoZIhvcNAQELBQADggEBABiLUf8wirCQcFoZ
HVySCTj/dbOeUp2cYHK1fnW/1OqRttozvaHGIuDRqB7ja4LSp2KMNIkZUq0Kmv09
SKJxbNx3xwuBBbrIICPiSS2UQCNxuxXcy7LyoaWnrZIXkMbgc0lgiCkX51tXPWbG
rRzDVikEI8YguJun8HCP34Q7U2JuQtpwlf2KFBa0QNx42aVhKbuuvujw5LaZo9rG
ytP2lHPmA2IOS+azmbX9iFJRgMyMSkFsIUxXYA2yUjMzA6cEeFa2r8PHFsIH5BKU
TLXfEZOQ5UtFt1kEcR6JZ0p90BMmlCm/ndCH9hp+IM9hKaYA7cRnllHEIK0uQP6y
zW+sd40=
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:22:41 2025 by rpki-client