Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/gMolns_uejn9VG4O2M9g9t6tvgo.roa
File: gMolns_uejn9VG4O2M9g9t6tvgo.roa (raw, json)
Hash identifier: pPHWNiYrbOjsjJvc3tnPANoOhTs+IAl6nKZxeY0Xyos=
Subject key identifier: 80:CA:25:9E:CF:EE:7A:39:FD:54:6E:0E:D8:CF:60:F6:DE:AD:BE:0A
Certificate issuer: /CN=9f0743496c7ff3effb870601139cad9d2f271e10
Certificate serial: 01941FFA2DFD7912183C2B6E36802FBB23C4
Authority key identifier: 9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/gMolns_uejn9VG4O2M9g9t6tvgo.roa
Signing time: Wed 01 Jan 2025 03:47:56 +0000
ROA not before: Wed 01 Jan 2025 03:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 62.100.216.0/22 maxlen: 24
185.89.251.0/24 maxlen: 24
193.228.224.0/24 maxlen: 24
193.239.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.mft
rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 23:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:2d:fd:79:12:18:3c:2b:6e:36:80:2f:bb:23:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f0743496c7ff3effb870601139cad9d2f271e10
Validity
Not Before: Jan 1 03:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80ca259ecfee7a39fd546e0ed8cf60f6deadbe0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:6d:92:aa:2a:4b:af:69:f8:de:9f:e9:11:4c:
f2:a8:e2:b0:47:5e:b9:b9:ad:54:23:6b:77:46:b8:
66:09:28:f3:05:ca:c4:b0:ca:99:db:d8:c2:42:f2:
8b:b1:69:41:13:23:fc:33:39:8f:18:d8:33:4a:38:
a7:7f:ae:67:25:d1:19:b4:60:1e:e2:8d:82:03:55:
9f:15:23:36:89:c1:34:f9:e0:49:93:2f:3b:91:99:
87:b9:99:0e:57:8a:54:bd:5a:1e:a9:b1:9b:49:42:
fb:bd:5a:e4:73:9f:fd:4b:a8:e0:e2:60:dd:18:25:
b1:9c:6c:27:3e:24:a1:d9:f5:1c:5b:79:67:da:65:
8d:05:ff:67:37:fa:d7:2f:e2:5c:74:35:8c:84:3e:
8f:d0:1d:2f:11:14:20:dd:8c:d9:23:1d:e4:2c:e8:
65:13:c1:9a:c5:42:c6:f8:c7:da:b1:c3:74:93:91:
f1:c2:17:d0:b6:1e:89:4d:28:be:2e:0f:aa:48:39:
df:a7:1e:d2:b5:f5:c9:08:2e:63:8f:45:d9:17:9e:
ac:58:10:8a:5d:b3:ad:20:40:02:15:6b:d7:d0:b6:
78:1d:76:60:be:f9:cc:f9:a8:77:5b:b3:27:ce:e3:
ea:ba:33:21:6f:28:a5:50:53:d2:11:54:12:09:16:
e6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:CA:25:9E:CF:EE:7A:39:FD:54:6E:0E:D8:CF:60:F6:DE:AD:BE:0A
X509v3 Authority Key Identifier:
keyid:9F:07:43:49:6C:7F:F3:EF:FB:87:06:01:13:9C:AD:9D:2F:27:1E:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nwdDSWx_8-_7hwYBE5ytnS8nHhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/gMolns_uejn9VG4O2M9g9t6tvgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/22b7ab-fc11-407a-bd3c-63411367d90a/1/nwdDSWx_8-_7hwYBE5ytnS8nHhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.100.216.0/22
185.89.251.0/24
193.228.224.0/24
193.239.146.0/23
Signature Algorithm: sha256WithRSAEncryption
7b:fb:77:13:5f:94:c7:5a:3b:41:f6:53:69:45:0b:93:f1:ca:
3a:29:cf:8c:11:31:92:e1:3d:d8:5a:4a:63:31:65:c6:b6:6d:
0f:46:72:d3:74:19:8b:b8:c9:51:bf:7e:bd:3a:56:d0:0d:9d:
61:6b:67:db:5d:b6:0b:44:80:57:93:27:8e:d6:f5:b4:54:82:
bb:51:7d:05:bd:fd:cd:49:26:04:59:11:45:7b:ab:6d:f5:9d:
63:2c:89:49:7e:91:b9:c6:05:e3:b5:be:ca:2f:ba:5a:ed:34:
6b:33:b1:39:fe:c6:ca:77:7a:cd:6c:0b:c7:57:96:53:0e:72:
b3:7b:e5:6a:c5:1e:0a:fd:6f:6f:1e:63:cb:0b:ea:36:79:fc:
53:b6:8b:67:77:02:3d:de:e0:93:e9:86:4f:50:2f:53:b7:b6:
28:3e:8b:b8:4b:d2:69:0d:11:13:8a:30:54:af:36:a2:f2:d5:
53:94:05:b8:d8:ec:cd:16:8f:be:15:92:ff:eb:c7:7c:37:9f:
91:25:88:16:25:b0:44:87:63:a0:8c:fb:36:8c:a2:37:36:5e:
c3:e7:0a:03:89:f8:da:37:ed:8a:38:ca:95:d6:1f:42:fc:23:
60:84:ba:07:d8:06:e1:50:5c:3a:42:8a:a5:61:b3:74:9d:39:
7c:20:12:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+i39eRIYPCtuNoAvuyPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMDc0MzQ5NmM3ZmYzZWZmYjg3MDYwMTEzOWNhZDlkMmYy
NzFlMTAwHhcNMjUwMTAxMDM0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGNhMjU5ZWNmZWU3YTM5ZmQ1NDZlMGVkOGNmNjBmNmRlYWRiZTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2m2SqipLr2n43p/pEUzyqOKwR165
ua1UI2t3RrhmCSjzBcrEsMqZ29jCQvKLsWlBEyP8MzmPGNgzSjinf65nJdEZtGAe
4o2CA1WfFSM2icE0+eBJky87kZmHuZkOV4pUvVoeqbGbSUL7vVrkc5/9S6jg4mDd
GCWxnGwnPiSh2fUcW3ln2mWNBf9nN/rXL+JcdDWMhD6P0B0vERQg3YzZIx3kLOhl
E8GaxULG+MfascN0k5HxwhfQth6JTSi+Lg+qSDnfpx7StfXJCC5jj0XZF56sWBCK
XbOtIEACFWvX0LZ4HXZgvvnM+ah3W7MnzuPqujMhbyilUFPSEVQSCRbmcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIDKJZ7P7no5/VRuDtjPYPberb4KMB8GA1UdIwQY
MBaAFJ8HQ0lsf/Pv+4cGAROcrZ0vJx4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2Mt
NjM0MTEzNjdkOTBhLzEvZ01vbG5zX3Vlam45Vkc0TzJNOWc5dDZ0dmdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yMmI3YWItZmMxMS00MDdhLWJkM2MtNjM0MTEzNjdkOTBh
LzEvbndkRFNXeF84LV83aHdZQkU1eXRuUzhuSGhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCPmTYAwQA
uVn7AwQAweTgAwQBwe+SMA0GCSqGSIb3DQEBCwUAA4IBAQB7+3cTX5THWjtB9lNp
RQuT8co6Kc+METGS4T3YWkpjMWXGtm0PRnLTdBmLuMlRv369OlbQDZ1ha2fbXbYL
RIBXkyeO1vW0VIK7UX0Fvf3NSSYEWRFFe6tt9Z1jLIlJfpG5xgXjtb7KL7pa7TRr
M7E5/sbKd3rNbAvHV5ZTDnKze+VqxR4K/W9vHmPLC+o2efxTtotndwI93uCT6YZP
UC9Tt7YoPou4S9JpDRETijBUrzai8tVTlAW42OzNFo++FZL/68d8N5+RJYgWJbBE
h2OgjPs2jKI3Nl7D5woDifjaN+2KOMqV1h9C/CNghLoH2AbhUFw6QoqlYbN0nTl8
IBIi
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:42:35 2025 by rpki-client