Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/GIOmfmHCMocjivkrgQOQCDT39Gk.roa
File: GIOmfmHCMocjivkrgQOQCDT39Gk.roa (raw, json)
Hash identifier: CeNAySO4uUs7Vr01dtrCsDXUZqihcLaXgfCKLkV9OxA=
Subject key identifier: 18:83:A6:7E:61:C2:32:87:23:8A:F9:2B:81:03:90:08:34:F7:F4:69
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 0196FD19983B448F7F91B2E390DC60577A6F
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/GIOmfmHCMocjivkrgQOQCDT39Gk.roa
Signing time: Fri 23 May 2025 12:23:54 +0000
ROA not before: Fri 23 May 2025 12:23:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212422
IP address blocks: 193.59.94.0/24 maxlen: 24
193.59.95.0/24 maxlen: 24
193.59.98.0/24 maxlen: 24
193.59.102.0/24 maxlen: 24
193.59.103.0/24 maxlen: 24
194.181.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.mft
rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:19:98:3b:44:8f:7f:91:b2:e3:90:dc:60:57:7a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: May 23 12:23:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1883a67e61c23287238af92b8103900834f7f469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:55:b9:17:87:fb:6b:ce:00:1b:0b:5b:8a:b6:
1d:a9:45:83:23:2b:46:4e:63:1e:1f:73:46:a5:75:
12:25:6c:35:9b:b1:c8:1d:9e:e3:4d:b2:7e:ab:5a:
5f:f2:c9:4f:ce:da:a2:ea:95:87:f2:ce:a3:47:d0:
84:2c:c7:04:98:3e:7c:c8:ed:27:f0:e3:c7:ed:c1:
5f:8b:9e:fe:77:1c:39:01:40:a3:70:56:a7:0e:fd:
87:05:35:cc:8c:04:16:35:f8:b2:f9:b7:81:d4:c5:
0e:c4:42:06:f1:e8:95:42:5e:08:c3:ad:8a:70:f6:
09:a2:58:7b:40:5d:a7:18:1d:c4:d6:aa:50:a8:08:
c4:c1:ec:98:f3:06:fe:23:f0:1c:33:67:02:ac:c3:
b0:1d:27:83:b9:59:cc:c5:d6:66:13:34:46:45:8b:
13:0e:16:d1:0f:fe:ce:10:64:ab:0c:db:9e:ae:42:
ad:cb:66:0c:ef:38:0e:13:18:62:3f:8a:64:e3:97:
bf:44:f6:ae:8d:be:f2:63:c4:f4:8e:70:ba:86:ce:
89:dd:cb:08:20:c6:8c:30:8d:76:9c:68:b3:c3:68:
79:65:db:12:39:5d:7f:4f:e0:2f:e8:f9:51:3e:e6:
c3:31:f7:47:2c:2a:a1:c4:b1:48:88:b2:7d:7d:d2:
29:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:83:A6:7E:61:C2:32:87:23:8A:F9:2B:81:03:90:08:34:F7:F4:69
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/GIOmfmHCMocjivkrgQOQCDT39Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.94.0/23
193.59.98.0/24
193.59.102.0/23
194.181.250.0/24
Signature Algorithm: sha256WithRSAEncryption
73:ec:a5:6b:40:95:2c:20:d8:da:fb:e5:6f:69:df:4c:bf:13:
dd:aa:2f:d4:47:19:19:86:3f:50:44:62:cc:4c:17:f4:d5:64:
17:99:e1:c3:b3:ff:be:69:8e:c5:e5:61:f2:6a:27:a7:5f:a5:
fb:c1:6e:08:e5:9b:78:cb:ec:4d:ac:a6:5d:c5:f5:54:02:4c:
b4:33:1f:7d:bd:19:3d:8c:6e:2b:0f:a6:9f:32:bf:ab:41:6a:
e5:06:b5:c5:d0:e4:1f:5e:8d:52:d0:76:1c:4c:5a:9f:3c:e6:
fc:0c:e5:22:b2:55:b3:d6:c2:47:1e:88:fb:ce:ef:4f:ce:4f:
6d:0b:05:ca:b2:51:69:66:3a:94:3b:bb:fa:0c:3d:a1:fe:50:
a8:73:ef:f7:22:92:2f:d5:5e:22:83:9a:a8:8c:59:35:48:a0:
d0:52:8f:48:a9:4e:e3:33:b4:65:ae:88:dc:36:3b:81:38:49:
7e:82:7e:f7:3f:b9:73:5a:d6:80:fb:c3:53:2f:ad:63:2f:49:
22:8a:cc:c5:cc:96:08:f3:dd:c2:c8:f3:4b:d5:13:14:51:fb:
6f:84:0e:b7:29:d8:dc:62:68:6e:a3:0b:d2:b4:a6:fc:a6:24:
2b:ba:90:1a:1d:65:fb:46:fc:77:9b:99:5c:4a:5a:e2:41:65:
14:7e:f0:19
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZb9GZg7RI9/kbLjkNxgV3pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwYzQwOTYxM2ZlYTBhMmI0NDJjZTExMmU5Y2JkYjQ4NWUw
MTE4OGYwHhcNMjUwNTIzMTIyMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODgzYTY3ZTYxYzIzMjg3MjM4YWY5MmI4MTAzOTAwODM0ZjdmNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA81W5F4f7a84AGwtbirYdqUWDIytG
TmMeH3NGpXUSJWw1m7HIHZ7jTbJ+q1pf8slPztqi6pWH8s6jR9CELMcEmD58yO0n
8OPH7cFfi57+dxw5AUCjcFanDv2HBTXMjAQWNfiy+beB1MUOxEIG8eiVQl4Iw62K
cPYJolh7QF2nGB3E1qpQqAjEweyY8wb+I/AcM2cCrMOwHSeDuVnMxdZmEzRGRYsT
DhbRD/7OEGSrDNuerkKty2YM7zgOExhiP4pk45e/RPaujb7yY8T0jnC6hs6J3csI
IMaMMI12nGizw2h5ZdsSOV1/T+Av6PlRPubDMfdHLCqhxLFIiLJ9fdIplwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBiDpn5hwjKHI4r5K4EDkAg09/RpMB8GA1UdIwQY
MBaAFDDECWE/6gorRCzhEunL20heARiPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYt
YzA2NzFiZjRjZjNlLzEvR0lPbWZtSENNb2NqaXZrcmdRT1FDRFQzOUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzhmYjUtYWZjYS00ZGI3LTg4ODYtYzA2NzFiZjRjZjNl
LzEvTU1RSllUX3FDaXRFTE9FUzZjdmJTRjRCR0k4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwTteAwQA
wTtiAwQBwTtmAwQAwrX6MA0GCSqGSIb3DQEBCwUAA4IBAQBz7KVrQJUsINja++Vv
ad9MvxPdqi/URxkZhj9QRGLMTBf01WQXmeHDs/++aY7F5WHyaienX6X7wW4I5Zt4
y+xNrKZdxfVUAky0Mx99vRk9jG4rD6afMr+rQWrlBrXF0OQfXo1S0HYcTFqfPOb8
DOUislWz1sJHHoj7zu9Pzk9tCwXKslFpZjqUO7v6DD2h/lCoc+/3IpIv1V4ig5qo
jFk1SKDQUo9IqU7jM7RlrojcNjuBOEl+gn73P7lzWtaA+8NTL61jL0kiiszFzJYI
893CyPNL1RMUUftvhA63KdjcYmhuowvStKb8piQrupAaHWX7Rvx3m5lcSlriQWUU
fvAZ
-----END CERTIFICATE-----
Generated at Sat Jun 7 16:48:36 2025 by rpki-client