Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/Mso8HCZYvubZwvzJB-sovDxI8mw.roa
File: Mso8HCZYvubZwvzJB-sovDxI8mw.roa (raw, json)
Hash identifier: 5QSILlhvVsZeQGG8ZFj/oRE0YF6aKeUC8j5XzlKYPOQ=
Subject key identifier: 32:CA:3C:1C:26:58:BE:E6:D9:C2:FC:C9:07:EB:28:BC:3C:48:F2:6C
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 019427B58D1E595E41EE657A6427511E5C21
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/Mso8HCZYvubZwvzJB-sovDxI8mw.roa
Signing time: Thu 02 Jan 2025 15:49:56 +0000
ROA not before: Thu 02 Jan 2025 15:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49223
IP address blocks: 212.79.112.0/22 maxlen: 22
212.79.116.0/22 maxlen: 22
212.79.120.0/23 maxlen: 23
212.87.160.0/21 maxlen: 21
212.87.172.0/22 maxlen: 22
212.87.176.0/22 maxlen: 22
212.87.182.0/23 maxlen: 23
212.87.184.0/22 maxlen: 22
212.87.188.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:8d:1e:59:5e:41:ee:65:7a:64:27:51:1e:5c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Jan 2 15:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32ca3c1c2658bee6d9c2fcc907eb28bc3c48f26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ea:94:da:9c:63:d0:9c:12:3a:33:d3:0b:ae:
45:50:80:a5:5f:b9:b9:30:06:f0:2b:43:48:64:0a:
d4:ea:29:9f:14:3e:52:b4:e0:1f:df:82:c7:3b:a3:
a8:57:f9:ec:4c:ed:86:52:9e:b8:9d:7b:06:29:bc:
ef:02:cb:12:d3:b6:83:45:5d:c3:8e:83:79:0e:13:
61:fe:9c:ca:f2:cc:40:32:42:c4:e7:0e:ba:12:ba:
1e:80:a4:7f:1e:ae:e3:46:b5:69:b3:34:b8:00:e2:
96:7a:e2:ab:e4:b4:67:dc:01:21:9e:a7:eb:a1:66:
a4:71:be:e9:1d:97:7e:08:c1:67:ff:15:e2:01:aa:
cf:7a:3e:9c:a3:51:0c:3f:00:32:64:e1:20:d3:7e:
f1:2a:9c:71:77:6f:81:29:0f:91:81:fe:d3:05:28:
de:ff:82:f3:53:19:10:9e:dd:3c:26:7d:a4:a1:9b:
4a:d9:90:0d:27:3b:0f:d0:a5:a3:e6:b1:80:e3:d5:
be:d3:0c:67:d4:08:44:3a:8e:34:90:1d:a7:42:81:
6b:2a:4c:e5:b6:84:3b:49:31:96:06:3b:9f:66:dc:
1b:67:c8:09:89:4b:ad:de:dd:4e:d6:2c:b5:27:51:
ab:08:5f:05:3b:82:8a:66:a6:bd:1b:3b:9e:ab:14:
f8:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:CA:3C:1C:26:58:BE:E6:D9:C2:FC:C9:07:EB:28:BC:3C:48:F2:6C
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/Mso8HCZYvubZwvzJB-sovDxI8mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.79.112.0-212.79.121.255
212.87.160.0/21
212.87.172.0-212.87.179.255
212.87.182.0-212.87.191.255
Signature Algorithm: sha256WithRSAEncryption
20:76:3c:0b:52:23:b0:30:6a:b5:fc:d4:72:78:af:7f:cf:6d:
d4:df:09:50:10:68:c2:db:cd:32:db:10:9c:45:b1:ec:4d:d9:
71:91:3f:62:74:cd:72:4c:d2:af:56:26:15:32:59:df:b4:90:
4f:c7:e8:ba:76:4a:f0:fb:1b:72:35:7e:99:ef:d6:b2:a4:67:
c9:a9:64:7f:8a:a6:0f:5e:46:ff:18:57:9c:0b:01:0d:29:98:
0c:fa:1a:1e:b2:98:a8:48:a2:03:64:95:ac:a9:d3:13:83:e5:
33:02:3a:2f:3d:66:94:df:fb:e6:78:2d:d3:9c:f1:2f:a9:d1:
9b:00:4e:94:64:8b:27:16:b7:b1:8f:02:e9:a1:2e:59:32:a8:
fe:2a:73:db:8f:54:20:e1:04:ba:38:65:bd:c4:a0:e3:cf:cd:
fa:78:ca:4c:0a:0d:a9:12:63:33:93:a1:a5:f3:4d:77:79:ea:
19:07:88:80:2f:f3:11:a0:56:a8:9b:57:06:08:ee:96:74:49:
fe:60:e9:0f:f2:fa:6a:3d:c9:e5:b0:f5:40:0b:5a:e6:04:89:
e2:49:f6:94:67:5b:e9:1b:ec:87:fb:07:53:38:e1:bf:10:66:
2b:8b:60:5a:73:5a:25:70:8e:2f:e5:1f:a1:78:0e:ab:8f:12:
ab:aa:1c:50
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQntY0eWV5B7mV6ZCdRHlwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjUwMTAyMTU0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmNhM2MxYzI2NThiZWU2ZDljMmZjYzkwN2ViMjhiYzNjNDhmMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOqU2pxj0JwSOjPTC65FUIClX7m5
MAbwK0NIZArU6imfFD5StOAf34LHO6OoV/nsTO2GUp64nXsGKbzvAssS07aDRV3D
joN5DhNh/pzK8sxAMkLE5w66EroegKR/Hq7jRrVpszS4AOKWeuKr5LRn3AEhnqfr
oWakcb7pHZd+CMFn/xXiAarPej6co1EMPwAyZOEg037xKpxxd2+BKQ+Rgf7TBSje
/4LzUxkQnt08Jn2koZtK2ZANJzsP0KWj5rGA49W+0wxn1AhEOo40kB2nQoFrKkzl
toQ7STGWBjufZtwbZ8gJiUut3t1O1iy1J1GrCF8FO4KKZqa9GzueqxT40wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDLKPBwmWL7m2cL8yQfrKLw8SPJsMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvTXNvOEhDWll2dWJad3Z6SkItc292RHhJOG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBATUT3AD
BAHUT3gDBAPUV6AwDAMEAtRXrAMEAtRXsDAMAwQB1Fe2AwQG1FeAMA0GCSqGSIb3
DQEBCwUAA4IBAQAgdjwLUiOwMGq1/NRyeK9/z23U3wlQEGjC280y2xCcRbHsTdlx
kT9idM1yTNKvViYVMlnftJBPx+i6dkrw+xtyNX6Z79aypGfJqWR/iqYPXkb/GFec
CwENKZgM+hoespioSKIDZJWsqdMTg+UzAjovPWaU3/vmeC3TnPEvqdGbAE6UZIsn
FrexjwLpoS5ZMqj+KnPbj1Qg4QS6OGW9xKDjz836eMpMCg2pEmMzk6Gl8013eeoZ
B4iAL/MRoFaom1cGCO6WdEn+YOkP8vpqPcnlsPVAC1rmBIniSfaUZ1vpG+yH+wdT
OOG/EGYri2Bac1olcI4v5R+heA6rjxKrqhxQ
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:42 2025 by rpki-client