Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa
File: o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa (raw, json)
Hash identifier: T/Zr25wueuSL7uIuxkLz/YPHfupfyL0OiqXaAJQQ9Uw=
Subject key identifier: A3:D3:2B:77:F6:69:FB:5D:7D:B0:38:FE:57:C5:59:BF:E6:C7:E0:FA
Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Certificate serial: 01942669E495B2E71D65271DFA35534FD4ED
Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa
Signing time: Thu 02 Jan 2025 09:47:41 +0000
ROA not before: Thu 02 Jan 2025 09:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47447
IP address blocks: 109.71.72.0/22 maxlen: 22
159.48.12.0/22 maxlen: 22
185.88.212.0/22 maxlen: 22
194.6.208.0/22 maxlen: 22
2a05:cc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:69:e4:95:b2:e7:1d:65:27:1d:fa:35:53:4f:d4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17
Validity
Not Before: Jan 2 09:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3d32b77f669fb5d7db038fe57c559bfe6c7e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b8:c6:c5:47:22:be:2f:8a:30:85:4a:8f:63:
a8:1f:d6:5f:d9:e9:03:80:00:0f:aa:f0:23:81:bf:
22:4d:65:b7:83:35:42:18:2d:d7:ac:a4:9a:bd:4b:
af:8d:3c:af:86:e4:ca:f8:ea:dd:3a:43:94:f9:51:
3f:96:22:e0:5d:79:26:a7:7b:69:92:db:7b:2f:d4:
74:ac:6e:40:ff:2a:db:c9:fd:9b:23:78:52:6a:4f:
f3:e0:c6:5f:4c:84:e3:4d:a6:91:d6:5b:6a:97:6e:
2c:38:d8:fd:80:5f:a1:00:a5:54:06:f8:87:7f:94:
3e:b5:e9:a7:ac:c3:18:89:61:41:57:23:99:a8:4d:
88:10:e2:e4:7f:22:28:08:90:92:51:d0:74:9a:cb:
56:a2:df:1e:1f:ec:43:1f:45:b1:83:4c:b8:64:29:
99:18:81:ab:d2:d3:9f:a2:7a:2c:94:4d:45:26:6a:
ad:d6:5b:38:4d:e2:3b:71:98:8d:9f:c3:f0:d1:c3:
3a:aa:bb:71:d3:15:e1:46:b1:a2:74:cf:12:6b:4c:
da:8e:dd:76:af:a8:f2:18:38:c8:52:79:39:19:5c:
21:d2:1e:66:93:10:02:8b:64:14:7a:d5:d8:3b:ab:
ed:fd:bb:38:50:5a:66:cc:51:f1:13:a8:54:44:af:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D3:2B:77:F6:69:FB:5D:7D:B0:38:FE:57:C5:59:BF:E6:C7:E0:FA
X509v3 Authority Key Identifier:
keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.72.0/22
159.48.12.0/22
185.88.212.0/22
194.6.208.0/22
IPv6:
2a05:cc00::/29
Signature Algorithm: sha256WithRSAEncryption
1b:09:4c:ed:b5:b7:04:d8:ad:bb:00:95:16:9f:3e:59:e5:d1:
f6:31:ab:1d:3c:63:57:0a:37:a3:61:3a:11:14:92:b9:73:67:
db:dc:e8:08:7f:dc:10:c1:6e:8b:d7:d2:48:13:7e:92:e2:49:
e8:37:b9:db:49:61:be:54:f6:91:ec:7d:e2:0c:5b:9d:40:41:
f8:37:29:4e:ad:28:6b:af:12:83:0b:a0:55:47:17:73:f4:e0:
d8:bc:f9:89:e6:44:58:e9:16:f7:f4:90:fe:e3:ec:ab:25:2a:
9d:8f:ea:d3:fe:b6:8d:8c:02:37:2a:ef:b1:27:e0:55:97:d7:
7e:39:85:0b:12:59:fb:06:0f:ec:43:f4:8c:bd:14:a1:6b:6b:
5c:e9:08:b1:9b:a7:d1:75:a5:d2:b1:de:4b:91:3c:fc:1b:dc:
b3:f5:5b:db:37:fe:19:cf:2e:23:12:3a:84:ad:58:ad:63:29:
22:c8:24:74:94:4b:c7:81:0e:3d:dd:a4:01:2e:10:12:64:be:
c7:5e:fb:16:90:1c:d1:d4:3b:02:54:1c:52:96:2c:9f:29:69:
82:8e:5a:44:87:66:c1:e2:dd:31:5f:e7:a9:1b:63:b0:20:14:
51:dc:08:e5:33:53:49:db:69:f0:f3:23:2d:d6:48:fc:5a:b2:
78:0a:c2:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQmaeSVsucdZScd+jVTT9TtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw
ZThlMTcwHhcNMjUwMTAyMDk0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2QzMmI3N2Y2NjlmYjVkN2RiMDM4ZmU1N2M1NTliZmU2YzdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLjGxUcivi+KMIVKj2OoH9Zf2ekD
gAAPqvAjgb8iTWW3gzVCGC3XrKSavUuvjTyvhuTK+OrdOkOU+VE/liLgXXkmp3tp
ktt7L9R0rG5A/yrbyf2bI3hSak/z4MZfTITjTaaR1ltql24sONj9gF+hAKVUBviH
f5Q+temnrMMYiWFBVyOZqE2IEOLkfyIoCJCSUdB0mstWot8eH+xDH0Wxg0y4ZCmZ
GIGr0tOfonoslE1FJmqt1ls4TeI7cZiNn8Pw0cM6qrtx0xXhRrGidM8Sa0zajt12
r6jyGDjIUnk5GVwh0h5mkxACi2QUetXYO6vt/bs4UFpmzFHxE6hURK9ZzwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKPTK3f2aftdfbA4/lfFWb/mx+D6MB8GA1UdIwQY
MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt
OTkxNDk4NjdkYmY3LzEvbzlNcmRfWnAtMTE5c0RqLVY4Vlp2LWJINFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3
LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCbUdIAwQC
nzAMAwQCuVjUAwQCwgbQMA0EAgACMAcDBQMqBcwAMA0GCSqGSIb3DQEBCwUAA4IB
AQAbCUzttbcE2K27AJUWnz5Z5dH2MasdPGNXCjejYToRFJK5c2fb3OgIf9wQwW6L
19JIE36S4knoN7nbSWG+VPaR7H3iDFudQEH4NylOrShrrxKDC6BVRxdz9ODYvPmJ
5kRY6Rb39JD+4+yrJSqdj+rT/raNjAI3Ku+xJ+BVl9d+OYULEln7Bg/sQ/SMvRSh
a2tc6Qixm6fRdaXSsd5LkTz8G9yz9VvbN/4Zzy4jEjqErVitYykiyCR0lEvHgQ49
3aQBLhASZL7HXvsWkBzR1DsCVBxSliyfKWmCjlpEh2bB4t0xX+epG2OwIBRR3Ajl
M1NJ22nw8yMt1kj8WrJ4CsKy
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:41:16 2025 by rpki-client