Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa
File: mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa (raw, json)
Hash identifier: HyXUe+PYjqIKyOZOZZRdFXR1ckNBvzFOngXjiDgbrBY=
Subject key identifier: 99:6C:0F:9C:FD:92:E2:0F:49:87:15:98:28:AA:F2:66:31:32:D4:0A
Certificate issuer: /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Certificate serial: 019425FC1BF01CC6A5C099FAB60487501D57
Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa
Signing time: Thu 02 Jan 2025 07:47:46 +0000
ROA not before: Thu 02 Jan 2025 07:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20495
IP address blocks: 185.33.116.0/23 maxlen: 23
185.33.116.0/24 maxlen: 32
185.33.117.0/24 maxlen: 32
185.33.118.0/23 maxlen: 23
185.33.118.0/24 maxlen: 32
185.33.119.0/24 maxlen: 32
2a00:cc20::/33 maxlen: 33
2a00:cc20::/34 maxlen: 128
2a00:cc20:4000::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 22:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:1b:f0:1c:c6:a5:c0:99:fa:b6:04:87:50:1d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Validity
Not Before: Jan 2 07:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=996c0f9cfd92e20f4987159828aaf2663132d40a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4c:28:0a:45:df:1d:36:ae:d2:39:80:60:33:
8e:c4:dc:f1:ba:a4:d5:ba:92:e8:db:a1:00:e0:8e:
77:21:c6:eb:13:1b:fe:f5:b4:4e:c1:75:ef:57:7e:
f4:29:fc:bb:f1:41:db:62:b4:b4:cd:48:6e:f3:45:
3f:e7:4c:fc:8f:a5:ec:89:41:39:48:1f:1e:3a:67:
4d:5f:c5:4a:19:bf:96:77:34:ae:18:24:5f:53:99:
c2:82:8b:28:7c:13:0b:b0:88:a5:a3:d6:a1:ba:4b:
1a:f7:a7:56:ee:1d:dc:ee:5f:b2:ea:34:25:df:ab:
fc:14:0c:ca:36:16:bb:43:55:fa:c8:93:cf:d6:dc:
5b:ab:90:3e:27:8c:22:5e:26:90:a6:8a:74:28:a1:
d7:44:ec:36:02:af:35:c9:38:4d:15:dd:cd:95:52:
93:25:20:2e:70:3e:ef:cd:74:86:1d:c6:12:8e:e9:
66:da:fa:8e:92:ec:44:1b:21:bc:eb:65:16:8e:35:
85:05:cc:d6:c3:79:9e:30:90:2f:13:99:d6:0a:90:
9e:67:1b:58:c0:4a:35:8e:16:e9:8b:65:76:3a:75:
8d:7a:80:4e:8a:e9:52:04:e7:63:60:d8:dd:e6:86:
a7:5f:d8:05:d2:b5:44:19:15:9b:b3:57:36:c1:13:
d2:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:6C:0F:9C:FD:92:E2:0F:49:87:15:98:28:AA:F2:66:31:32:D4:0A
X509v3 Authority Key Identifier:
keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/mWwPnP2S4g9JhxWYKKryZjEy1Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.116.0/22
IPv6:
2a00:cc20::/33
Signature Algorithm: sha256WithRSAEncryption
5a:7d:fa:ed:ea:25:5d:9c:b4:b6:07:30:43:ce:ab:01:83:15:
10:f1:22:6a:f4:ba:92:a5:39:f6:b0:09:95:57:05:71:95:15:
e7:fe:d2:31:be:0f:1b:5e:20:78:93:c8:fa:72:90:eb:2b:c5:
21:ce:62:c7:5c:71:e2:6b:8b:7f:36:36:3f:f3:69:08:5f:d7:
aa:61:cf:91:f9:23:a5:61:ef:da:bc:33:c6:03:fb:6d:87:a9:
ad:7d:68:b2:a8:a9:96:ac:72:cd:a6:18:60:58:2d:e4:cb:4f:
e8:e5:df:b1:ba:01:41:86:0e:0e:9e:f7:ef:ec:06:d3:b7:62:
18:a6:df:bb:3a:31:ca:f2:96:56:7e:0b:1c:2d:aa:91:5f:cc:
7e:3a:a9:97:a1:6d:aa:6f:97:73:aa:9e:02:2e:aa:14:06:dc:
02:76:11:5f:2f:86:07:a8:8c:61:9a:a3:31:49:d8:4e:66:b5:
46:c8:56:c4:86:5f:90:7a:ed:a2:b6:34:80:49:ec:71:64:f4:
e0:4c:67:7f:a9:98:7f:d6:66:48:ff:58:7a:84:c8:7b:89:75:
d0:63:a4:6a:0d:29:6c:c5:73:07:cc:e1:22:1d:89:48:8b:9c:
ba:bb:4c:47:50:53:12:89:65:51:93:8f:60:a5:c2:f3:86:56:
dc:23:0f:66
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQl/BvwHMalwJn6tgSHUB1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTFiYzUwY2ZlZDlkMDJlNTgxOTZhMmM4MWM5ODhlMzBi
YTEyNjAwHhcNMjUwMTAyMDc0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTZjMGY5Y2ZkOTJlMjBmNDk4NzE1OTgyOGFhZjI2NjMxMzJkNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukwoCkXfHTau0jmAYDOOxNzxuqTV
upLo26EA4I53IcbrExv+9bROwXXvV370Kfy78UHbYrS0zUhu80U/50z8j6XsiUE5
SB8eOmdNX8VKGb+WdzSuGCRfU5nCgosofBMLsIilo9ahuksa96dW7h3c7l+y6jQl
36v8FAzKNha7Q1X6yJPP1txbq5A+J4wiXiaQpop0KKHXROw2Aq81yThNFd3NlVKT
JSAucD7vzXSGHcYSjulm2vqOkuxEGyG862UWjjWFBczWw3meMJAvE5nWCpCeZxtY
wEo1jhbpi2V2OnWNeoBOiulSBOdjYNjd5oanX9gF0rVEGRWbs1c2wRPSjQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJlsD5z9kuIPSYcVmCiq8mYxMtQKMB8GA1UdIwQY
MBaAFAgRvFDP7Z0C5YGWosgcmI4wuhJgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYt
ZWU1YTY3NDNiZTU2LzEvbVd3UG5QMlM0ZzlKaHhXWUtLcnlaakV5MUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wYzgxOTQtNzZkMS00NjVlLWE3NDYtZWU1YTY3NDNiZTU2
LzEvQ0JHOFVNX3RuUUxsZ1phaXlCeVlqakM2RW1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCuSF0MA4E
AgACMAgDBgcqAMwgADANBgkqhkiG9w0BAQsFAAOCAQEAWn367eolXZy0tgcwQ86r
AYMVEPEiavS6kqU59rAJlVcFcZUV5/7SMb4PG14geJPI+nKQ6yvFIc5ix1xx4muL
fzY2P/NpCF/XqmHPkfkjpWHv2rwzxgP7bYeprX1osqiplqxyzaYYYFgt5MtP6OXf
sboBQYYODp737+wG07diGKbfuzoxyvKWVn4LHC2qkV/Mfjqpl6Ftqm+Xc6qeAi6q
FAbcAnYRXy+GB6iMYZqjMUnYTma1RshWxIZfkHrtorY0gEnscWT04Exnf6mYf9Zm
SP9YeoTIe4l10GOkag0pbMVzB8zhIh2JSIucurtMR1BTEollUZOPYKXC84ZW3CMP
Zg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:42:43 2025 by rpki-client