Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/M0hmVP_O7pmzGC1lZ8auVtUv08M.roa
File: M0hmVP_O7pmzGC1lZ8auVtUv08M.roa (raw, json)
Hash identifier: O6keKWXCa23CBnMYQ5j2NdMEa5h/R6dRjRYYfD56tpY=
Subject key identifier: 33:48:66:54:FF:CE:EE:99:B3:18:2D:65:67:C6:AE:56:D5:2F:D3:C3
Certificate issuer: /CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Certificate serial: 01941FFA95E88D1B1E678A64BD16E3CEF5D9
Authority key identifier: F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/M0hmVP_O7pmzGC1lZ8auVtUv08M.roa
Signing time: Wed 01 Jan 2025 03:48:23 +0000
ROA not before: Wed 01 Jan 2025 03:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201216
IP address blocks: 185.253.108.0/24 maxlen: 24
2a07:1e40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:95:e8:8d:1b:1e:67:8a:64:bd:16:e3:ce:f5:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04d278485ffaea79e910a262533a80b5ab91c8a
Validity
Not Before: Jan 1 03:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=33486654ffceee99b3182d6567c6ae56d52fd3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:66:d9:7f:92:8f:a2:b9:b1:17:6b:b6:6e:af:
a0:2c:c9:ed:10:e5:cf:ae:83:d3:9f:6c:34:d1:12:
b8:a9:ed:09:d1:78:90:c9:78:88:52:23:46:c2:70:
1b:88:68:52:9c:e5:3c:70:b9:25:65:8c:dd:d9:4b:
1b:e4:07:02:39:64:01:80:12:3f:7d:78:0c:c8:2f:
fc:c0:5d:09:78:38:5e:35:c3:18:a5:e3:b0:14:b9:
0f:21:24:9c:7e:34:f3:1f:1f:4d:10:6f:35:9e:14:
16:b4:37:56:35:0f:9c:32:29:fe:41:42:09:df:22:
a6:07:0c:42:41:ab:5f:73:d7:2b:2f:bc:d7:0a:05:
99:66:81:b4:06:8f:72:0f:2d:57:af:e4:ae:ab:cd:
ff:9e:86:ec:9f:9f:43:fb:09:ec:6e:47:21:7d:c0:
78:82:0e:d9:38:29:f2:89:5e:a5:4c:35:b8:76:5e:
5d:de:f4:d4:58:99:60:6c:59:9f:90:61:ea:20:4d:
7f:9e:6b:18:6e:93:df:b6:63:fa:d7:e8:63:32:d7:
91:7e:10:83:ae:ea:7d:7a:84:d2:db:c1:36:f3:3b:
f4:4d:0b:13:a9:94:de:00:09:59:af:a7:8f:1d:03:
61:ca:90:ca:9a:3d:2a:16:6e:91:b3:e6:8a:9a:a9:
bd:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:48:66:54:FF:CE:EE:99:B3:18:2D:65:67:C6:AE:56:D5:2F:D3:C3
X509v3 Authority Key Identifier:
keyid:F0:4D:27:84:85:FF:AE:A7:9E:91:0A:26:25:33:A8:0B:5A:B9:1C:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E0nhIX_rqeekQomJTOoC1q5HIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/M0hmVP_O7pmzGC1lZ8auVtUv08M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/aa7426-711d-4f3e-8df9-5c0e316d28b8/1/8E0nhIX_rqeekQomJTOoC1q5HIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.108.0/24
IPv6:
2a07:1e40::/29
Signature Algorithm: sha256WithRSAEncryption
3d:19:5a:5f:68:3a:15:e9:5f:dc:95:fc:ae:2b:2e:e1:34:4b:
13:09:b5:bd:0b:73:d6:1a:b8:38:73:d3:8d:c3:a5:6b:cd:88:
c2:c0:ad:ee:fb:56:52:a8:76:d5:6b:08:da:78:29:94:6b:5c:
c3:85:06:cc:32:f4:53:ee:b8:82:fe:06:ed:56:54:4d:59:ef:
dc:48:cf:6b:d1:93:fb:60:cc:cb:49:ec:26:30:c3:50:23:4c:
f5:cf:22:24:06:66:8e:40:c1:f9:33:e5:b7:3b:13:99:b2:00:
9f:9c:c4:ff:af:6d:32:0f:88:fb:cf:ff:42:01:7d:1d:77:a3:
f4:78:db:11:43:66:8a:81:94:61:28:86:1b:cf:87:99:30:27:
07:67:c1:5a:1d:5d:a1:5b:24:66:4d:ab:f2:ff:d5:60:46:90:
8f:b7:d3:d5:7a:25:d0:d1:ae:e9:30:06:8c:05:28:00:90:4e:
a4:c6:da:6d:2d:7c:97:5b:08:a7:58:ce:fd:9b:31:48:f8:5a:
65:fe:f2:c6:0b:ca:cd:e8:a8:7a:61:0a:fe:05:f6:e8:44:83:
37:2a:62:c6:59:b9:59:fd:ad:0c:3b:4a:eb:cb:b8:da:3d:59:
15:d7:1f:db:8c:dc:67:8a:a0:56:a2:99:ae:d3:14:a3:aa:9e:
60:b4:da:83
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQf+pXojRseZ4pkvRbjzvXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGQyNzg0ODVmZmFlYTc5ZTkxMGEyNjI1MzNhODBiNWFi
OTFjOGEwHhcNMjUwMTAxMDM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQ4NjY1NGZmY2VlZTk5YjMxODJkNjU2N2M2YWU1NmQ1MmZkM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2bZf5KPormxF2u2bq+gLMntEOXP
roPTn2w00RK4qe0J0XiQyXiIUiNGwnAbiGhSnOU8cLklZYzd2Usb5AcCOWQBgBI/
fXgMyC/8wF0JeDheNcMYpeOwFLkPISScfjTzHx9NEG81nhQWtDdWNQ+cMin+QUIJ
3yKmBwxCQatfc9crL7zXCgWZZoG0Bo9yDy1Xr+Suq83/nobsn59D+wnsbkchfcB4
gg7ZOCnyiV6lTDW4dl5d3vTUWJlgbFmfkGHqIE1/nmsYbpPftmP61+hjMteRfhCD
rup9eoTS28E28zv0TQsTqZTeAAlZr6ePHQNhypDKmj0qFm6Rs+aKmqm9ZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDNIZlT/zu6ZsxgtZWfGrlbVL9PDMB8GA1UdIwQY
MBaAFPBNJ4SF/66nnpEKJiUzqAtauRyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjkt
NWMwZTMxNmQyOGI4LzEvTTBobVZQX083cG16R0MxbFo4YXVWdFV2MDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9hYTc0MjYtNzExZC00ZjNlLThkZjktNWMwZTMxNmQyOGI4
LzEvOEUwbmhJWF9ycWVla1FvbUpUT29DMXE1SElvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuf1sMA0E
AgACMAcDBQMqBx5AMA0GCSqGSIb3DQEBCwUAA4IBAQA9GVpfaDoV6V/clfyuKy7h
NEsTCbW9C3PWGrg4c9ONw6VrzYjCwK3u+1ZSqHbVawjaeCmUa1zDhQbMMvRT7riC
/gbtVlRNWe/cSM9r0ZP7YMzLSewmMMNQI0z1zyIkBmaOQMH5M+W3OxOZsgCfnMT/
r20yD4j7z/9CAX0dd6P0eNsRQ2aKgZRhKIYbz4eZMCcHZ8FaHV2hWyRmTavy/9Vg
RpCPt9PVeiXQ0a7pMAaMBSgAkE6kxtptLXyXWwinWM79mzFI+Fpl/vLGC8rN6Kh6
YQr+BfboRIM3KmLGWblZ/a0MO0rry7jaPVkV1x/bjNxniqBWopmu0xSjqp5gtNqD
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:13:18 2025 by rpki-client