Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/DMobrS7vy2moYzGxgBwp5Xf3ALI.roa
File: DMobrS7vy2moYzGxgBwp5Xf3ALI.roa (raw, json)
Hash identifier: FXiETzyRXvUDm+4e6t+4D5feOq7eyRK3o1W4hSbV9WQ=
Subject key identifier: 0C:CA:1B:AD:2E:EF:CB:69:A8:63:31:B1:80:1C:29:E5:77:F7:00:B2
Certificate issuer: /CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Certificate serial: 0194282614CE2F0EB9EBBE46E2275188EA08
Authority key identifier: 4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/DMobrS7vy2moYzGxgBwp5Xf3ALI.roa
Signing time: Thu 02 Jan 2025 17:52:51 +0000
ROA not before: Thu 02 Jan 2025 17:52:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49188
IP address blocks: 185.163.244.0/22 maxlen: 22
185.163.244.0/24 maxlen: 24
185.163.245.0/24 maxlen: 24
185.163.246.0/23 maxlen: 23
185.163.246.0/24 maxlen: 24
2a10:9d00::/29 maxlen: 29
2a10:9d00::/48 maxlen: 48
2a10:9d00:1::/48 maxlen: 48
2a10:9d00:2::/48 maxlen: 48
2a10:9d00:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/T-uUV-xRnoI3hncQvMgvow6uZ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/T-uUV-xRnoI3hncQvMgvow6uZ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:14:ce:2f:0e:b9:eb:be:46:e2:27:51:88:ea:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4feb9457ec519e8237867710bcc82fa30eae67c0
Validity
Not Before: Jan 2 17:52:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cca1bad2eefcb69a86331b1801c29e577f700b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:ce:47:b5:7b:d0:ef:07:92:30:c1:ed:67:
42:8a:f9:be:f4:52:36:a2:da:2e:f0:4a:28:2c:83:
64:e0:e6:f4:69:3e:de:9f:75:f8:ae:24:cd:20:0c:
6b:66:47:28:85:60:48:6d:6e:fd:2b:ca:08:8a:cf:
e1:40:76:d9:5e:3c:cf:4c:a1:b6:8f:83:a5:47:53:
2c:f4:ff:e0:14:65:fd:6f:ca:73:7b:f4:e0:5b:8b:
60:e4:1a:5a:20:5f:26:88:fd:86:89:75:63:4f:0a:
8e:3c:a8:45:2a:b7:b8:70:aa:59:6d:3e:40:be:ef:
f0:ad:81:9e:4d:46:c2:be:cb:ce:3e:ad:dd:25:7b:
96:ef:ec:48:d5:17:7b:5c:ed:55:32:a5:cd:0b:c7:
bc:93:c2:60:97:f2:11:13:bd:30:a6:5a:98:22:69:
4b:1a:b5:7c:5e:3d:39:1f:7f:49:09:99:d3:40:b9:
68:3d:b5:43:24:bd:b8:42:e5:66:ac:1e:f8:60:07:
56:fc:7a:5b:63:1d:00:6f:6d:35:69:fe:ba:57:2f:
a9:10:7b:83:18:41:06:65:f6:26:11:8b:c5:b8:7c:
0a:41:7c:4e:85:4c:bc:a0:19:72:63:d1:b8:0b:40:
9e:22:d4:cc:73:89:30:32:31:97:55:4a:8f:d4:3d:
bf:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:CA:1B:AD:2E:EF:CB:69:A8:63:31:B1:80:1C:29:E5:77:F7:00:B2
X509v3 Authority Key Identifier:
keyid:4F:EB:94:57:EC:51:9E:82:37:86:77:10:BC:C8:2F:A3:0E:AE:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T-uUV-xRnoI3hncQvMgvow6uZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/DMobrS7vy2moYzGxgBwp5Xf3ALI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/b8f50e-475f-4b47-85c0-5f123555cfb1/1/T-uUV-xRnoI3hncQvMgvow6uZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.244.0/22
IPv6:
2a10:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:98:18:f9:c0:f4:42:af:59:55:dd:ff:8c:f2:e7:34:67:eb:
a1:13:8e:7f:31:da:3e:8d:33:fa:d6:5e:e4:50:ef:17:2a:45:
5c:e9:db:83:1b:26:34:df:b7:30:fe:31:43:58:65:23:09:66:
2a:db:aa:13:9c:d3:03:bc:70:59:0e:4d:1b:95:b7:a0:a9:99:
1e:e3:ec:88:ea:bc:a2:17:59:fb:d4:58:a3:51:c0:67:29:4f:
11:3f:28:70:ff:fc:3c:7e:14:db:a5:83:72:cb:f2:a4:ef:bb:
50:54:68:0a:66:43:56:49:ad:1f:7b:e2:20:b1:6f:ec:98:d3:
95:9e:20:cd:dc:17:a7:da:9c:18:f2:62:d3:81:6c:33:c5:31:
84:e0:11:af:7c:c8:f0:f7:f2:47:4c:ad:75:b5:f2:cb:d3:bb:
3a:fd:6b:9d:13:76:74:e7:e6:ac:a8:ff:8c:9c:5e:ed:9b:80:
ab:93:6d:8a:07:29:d3:3c:91:18:e6:05:63:76:c3:d7:54:0b:
5b:64:c6:a6:23:f1:02:84:4c:71:e5:20:05:52:3f:56:54:0c:
11:14:39:e1:17:75:93:9f:d6:ce:34:21:96:07:fc:e2:99:c3:
29:50:68:b6:df:88:22:54:2c:6d:df:49:d7:60:61:07:df:6c:
cb:d5:ee:59
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQoJhTOLw65675G4idRiOoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmZWI5NDU3ZWM1MTllODIzNzg2NzcxMGJjYzgyZmEzMGVh
ZTY3YzAwHhcNMjUwMTAyMTc1MjUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2NhMWJhZDJlZWZjYjY5YTg2MzMxYjE4MDFjMjllNTc3ZjcwMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfHOR7V70O8HkjDB7WdCivm+9FI2
otou8EooLINk4Ob0aT7en3X4riTNIAxrZkcohWBIbW79K8oIis/hQHbZXjzPTKG2
j4OlR1Ms9P/gFGX9b8pze/TgW4tg5BpaIF8miP2GiXVjTwqOPKhFKre4cKpZbT5A
vu/wrYGeTUbCvsvOPq3dJXuW7+xI1Rd7XO1VMqXNC8e8k8Jgl/IRE70wplqYImlL
GrV8Xj05H39JCZnTQLloPbVDJL24QuVmrB74YAdW/HpbYx0Ab201af66Vy+pEHuD
GEEGZfYmEYvFuHwKQXxOhUy8oBlyY9G4C0CeItTMc4kwMjGXVUqP1D2/cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAzKG60u78tpqGMxsYAcKeV39wCyMB8GA1UdIwQY
MBaAFE/rlFfsUZ6CN4Z3ELzIL6MOrmfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAt
NWYxMjM1NTVjZmIxLzEvRE1vYnJTN3Z5Mm1vWXpHeGdCd3A1WGYzQUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9iOGY1MGUtNDc1Zi00YjQ3LTg1YzAtNWYxMjM1NTVjZmIx
LzEvVC11VVYteFJub0kzaG5jUXZNZ3ZvdzZ1WjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaP0MA0E
AgACMAcDBQMqEJ0AMA0GCSqGSIb3DQEBCwUAA4IBAQBqmBj5wPRCr1lV3f+M8uc0
Z+uhE45/Mdo+jTP61l7kUO8XKkVc6duDGyY037cw/jFDWGUjCWYq26oTnNMDvHBZ
Dk0blbegqZke4+yI6ryiF1n71FijUcBnKU8RPyhw//w8fhTbpYNyy/Kk77tQVGgK
ZkNWSa0fe+IgsW/smNOVniDN3Ben2pwY8mLTgWwzxTGE4BGvfMjw9/JHTK11tfLL
07s6/WudE3Z05+asqP+MnF7tm4Crk22KBynTPJEY5gVjdsPXVAtbZMamI/EChExx
5SAFUj9WVAwRFDnhF3WTn9bONCGWB/zimcMpUGi234giVCxt30nXYGEH32zL1e5Z
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:41:26 2025 by rpki-client