Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/DYMRxMEMoWV3Z5tMWRgW1jHqK9s.roa
File: DYMRxMEMoWV3Z5tMWRgW1jHqK9s.roa (raw, json)
Hash identifier: 6wMdwoy8UyJzHKKarNEHW2Cdeen4yoziiPrTe9YFHSg=
Subject key identifier: 0D:83:11:C4:C1:0C:A1:65:77:67:9B:4C:59:18:16:D6:31:EA:2B:DB
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 019426D8ECA3451CA9C047B6625C65B01A52
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/DYMRxMEMoWV3Z5tMWRgW1jHqK9s.roa
Signing time: Thu 02 Jan 2025 11:48:58 +0000
ROA not before: Thu 02 Jan 2025 11:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60824
IP address blocks: 129.233.192.0/24 maxlen: 24
129.233.193.0/24 maxlen: 24
129.233.194.0/23 maxlen: 23
129.233.196.0/24 maxlen: 24
153.96.28.0/22 maxlen: 22
153.96.32.0/21 maxlen: 21
153.96.60.0/24 maxlen: 24
153.96.70.0/23 maxlen: 23
153.96.72.0/22 maxlen: 22
153.96.88.0/22 maxlen: 22
153.96.114.0/23 maxlen: 23
153.96.128.0/22 maxlen: 22
153.96.204.0/23 maxlen: 23
153.96.206.0/24 maxlen: 24
192.44.7.0/24 maxlen: 24
192.44.14.0/24 maxlen: 24
192.44.16.0/24 maxlen: 24
192.44.19.0/24 maxlen: 24
192.44.22.0/24 maxlen: 24
192.44.27.0/24 maxlen: 24
192.107.235.0/24 maxlen: 24
192.107.236.0/24 maxlen: 24
194.113.96.0/22 maxlen: 22
2a03:db80:4810::/48 maxlen: 48
2a03:db80:4814::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:ec:a3:45:1c:a9:c0:47:b6:62:5c:65:b0:1a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 11:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d8311c4c10ca16577679b4c591816d631ea2bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a0:eb:1e:15:10:41:3e:7b:0e:f5:c2:54:36:
18:f5:f5:95:0c:87:15:0f:09:16:e8:ec:bf:9d:2f:
ab:1c:bb:22:5a:65:45:99:2d:03:c9:fb:e1:f4:ab:
a0:ab:2f:4d:a7:84:1c:ac:13:2b:e5:cf:fb:b9:00:
1d:35:18:26:e3:b6:7e:cf:a4:f3:5d:1a:f3:c8:88:
20:2a:d6:9b:7a:08:6b:de:4f:d3:33:40:87:9f:0e:
64:8f:aa:84:e6:89:08:5d:b0:6c:2c:bf:c8:7a:41:
7c:17:e0:32:be:93:b3:0f:1b:fa:45:0a:91:3c:f0:
45:8a:41:b8:f0:fc:82:ac:72:13:bf:6d:74:5a:49:
27:6a:45:e3:32:c3:8d:61:7a:0f:83:42:21:d0:54:
a6:f9:1f:4b:b4:49:42:63:56:94:62:2d:74:3e:b3:
e5:f9:92:e1:31:65:7a:7b:15:0a:2a:28:6e:fc:28:
32:65:08:8b:9d:d8:67:6f:7a:4e:1a:f9:b6:48:a5:
18:0f:a1:ab:e6:38:c4:7d:1d:81:80:9b:fc:fd:31:
b9:10:49:f2:95:c9:09:e3:b9:71:4d:41:c8:08:fc:
a2:39:68:c4:5e:48:53:de:b3:48:0b:3b:fd:e2:20:
7c:1a:ff:1e:f6:56:a6:93:e0:88:a2:e3:36:bc:fb:
0b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:83:11:C4:C1:0C:A1:65:77:67:9B:4C:59:18:16:D6:31:EA:2B:DB
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/DYMRxMEMoWV3Z5tMWRgW1jHqK9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.192.0-129.233.196.255
153.96.28.0-153.96.39.255
153.96.60.0/24
153.96.70.0-153.96.75.255
153.96.88.0/22
153.96.114.0/23
153.96.128.0/22
153.96.204.0-153.96.206.255
192.44.7.0/24
192.44.14.0/24
192.44.16.0/24
192.44.19.0/24
192.44.22.0/24
192.44.27.0/24
192.107.235.0-192.107.236.255
194.113.96.0/22
IPv6:
2a03:db80:4810::/48
2a03:db80:4814::/48
Signature Algorithm: sha256WithRSAEncryption
55:83:04:3a:87:a3:3c:20:89:6b:d4:5c:69:79:83:9c:fe:39:
72:af:d8:03:33:76:14:b8:15:8f:eb:94:6f:72:a0:60:01:3c:
46:25:13:32:54:a3:7b:31:71:ce:3f:e6:34:a4:27:e2:ac:a8:
3f:68:cb:2b:dc:65:e4:03:fb:7f:60:39:61:9c:0b:df:dd:b8:
3d:01:bf:ff:09:da:01:d8:52:76:e8:20:36:64:a8:98:4c:2a:
c7:83:29:79:31:c0:10:b6:19:1d:30:6f:4a:60:fa:40:1a:4c:
02:ab:88:00:ca:70:cb:02:2b:08:7c:1b:97:74:f4:1f:82:7c:
78:f4:71:3d:c9:35:1a:6c:56:5e:91:b3:f9:e8:26:5d:cd:9f:
1e:71:cd:7e:32:36:66:12:97:34:c8:15:55:c0:d0:f0:ad:0d:
f4:7f:3a:c3:32:7a:71:40:2e:6f:7c:e0:06:0f:21:9e:0d:78:
f9:49:09:9f:c0:ce:3f:b6:cb:ab:47:be:47:6f:d9:74:fa:4e:
85:21:88:7a:9c:1f:40:81:97:be:33:57:0e:87:92:ad:c1:6f:
34:c2:14:63:22:24:35:21:11:ec:bf:69:80:0b:82:bb:bc:25:
94:01:e6:e3:58:b6:0f:71:ed:2a:79:72:86:67:12:49:d0:4a:
df:df:83:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZQm2OyjRRypwEe2YlxlsBpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjUwMTAyMTE0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDgzMTFjNGMxMGNhMTY1Nzc2NzliNGM1OTE4MTZkNjMxZWEyYmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaDrHhUQQT57DvXCVDYY9fWVDIcV
DwkW6Oy/nS+rHLsiWmVFmS0Dyfvh9Kugqy9Np4QcrBMr5c/7uQAdNRgm47Z+z6Tz
XRrzyIggKtabeghr3k/TM0CHnw5kj6qE5okIXbBsLL/IekF8F+AyvpOzDxv6RQqR
PPBFikG48PyCrHITv210WkknakXjMsONYXoPg0Ih0FSm+R9LtElCY1aUYi10PrPl
+ZLhMWV6exUKKihu/CgyZQiLndhnb3pOGvm2SKUYD6Gr5jjEfR2BgJv8/TG5EEny
lckJ47lxTUHICPyiOWjEXkhT3rNICzv94iB8Gv8e9lamk+CIouM2vPsL7wIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFA2DEcTBDKFld2ebTFkYFtYx6ivbMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvRFlNUnhNRU1vV1YzWjV0TVdSZ1cxakhxSzlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBjwQCAAEwgYgwDAME
BoHpwAMEAIHpxDAMAwQCmWAcAwQDmWAgAwQAmWA8MAwDBAGZYEYDBAKZYEgDBAKZ
YFgDBAGZYHIDBAKZYIAwDAMEAplgzAMEAJlgzgMEAMAsBwMEAMAsDgMEAMAsEAME
AMAsEwMEAMAsFgMEAMAsGzAMAwQAwGvrAwQAwGvsAwQCwnFgMBgEAgACMBIDBwAq
A9uASBADBwAqA9uASBQwDQYJKoZIhvcNAQELBQADggEBAFWDBDqHozwgiWvUXGl5
g5z+OXKv2AMzdhS4FY/rlG9yoGABPEYlEzJUo3sxcc4/5jSkJ+KsqD9oyyvcZeQD
+39gOWGcC9/duD0Bv/8J2gHYUnboIDZkqJhMKseDKXkxwBC2GR0wb0pg+kAaTAKr
iADKcMsCKwh8G5d09B+CfHj0cT3JNRpsVl6Rs/noJl3Nnx5xzX4yNmYSlzTIFVXA
0PCtDfR/OsMyenFALm984AYPIZ4NePlJCZ/Azj+2y6tHvkdv2XT6ToUhiHqcH0CB
l74zVw6Hkq3BbzTCFGMiJDUhEey/aYALgru8JZQB5uNYtg9x7Sp5coZnEknQSt/f
g6U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:23 2025 by rpki-client