Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/MOwk6-gNTotPX4medNv9DwpG-nY.roa
File: MOwk6-gNTotPX4medNv9DwpG-nY.roa (raw, json)
Hash identifier: 6Jb3ucO6IvrIBpfG+RtQ1ACJyD7qIWwk6gOaPXaKjcU=
Subject key identifier: 30:EC:24:EB:E8:0D:4E:8B:4F:5F:89:9E:74:DB:FD:0F:0A:46:FA:76
Certificate issuer: /CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Certificate serial: 0194DC26A17110ACFAF079869DA077B2E089
Authority key identifier: EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/MOwk6-gNTotPX4medNv9DwpG-nY.roa
Signing time: Thu 06 Feb 2025 16:45:06 +0000
ROA not before: Thu 06 Feb 2025 16:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62214
IP address blocks: 46.29.136.0/21 maxlen: 21
79.139.56.0/21 maxlen: 21
92.119.120.0/22 maxlen: 22
109.122.216.0/21 maxlen: 21
185.43.204.0/22 maxlen: 22
185.80.48.0/22 maxlen: 22
185.187.72.0/22 maxlen: 22
193.39.12.0/22 maxlen: 22
193.201.184.0/21 maxlen: 21
194.176.123.0/24 maxlen: 24
194.180.12.0/24 maxlen: 24
194.180.16.0/24 maxlen: 24
194.180.19.0/24 maxlen: 24
2a01:6ee0::/32 maxlen: 32
2a01:6ee0::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:26:a1:71:10:ac:fa:f0:79:86:9d:a0:77:b2:e0:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecb1ea5a1050a829224ea486c0e22ebfc75d640c
Validity
Not Before: Feb 6 16:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30ec24ebe80d4e8b4f5f899e74dbfd0f0a46fa76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a5:24:f8:db:97:23:52:64:67:4d:c2:73:77:
6a:ce:22:3f:7e:3e:b3:3b:98:bb:14:1d:2f:b3:94:
50:77:d6:8c:5d:fd:83:da:3d:93:18:1a:6f:a3:67:
51:2a:f6:7b:07:f2:95:2c:a8:df:38:90:e1:2f:3a:
80:0c:f2:c4:b7:11:cc:9c:0f:9f:3b:76:c0:1c:68:
2a:f8:c7:e0:28:21:d4:6e:01:2d:57:16:10:a2:d8:
dd:de:fc:6b:12:d8:91:9b:2b:b5:86:56:08:c1:1c:
b9:83:a2:e5:81:be:f0:40:e5:79:1d:52:15:22:7e:
36:31:31:4d:8b:41:dd:bd:b9:f3:ae:8a:50:fa:e8:
a1:0c:28:71:15:03:20:2e:c5:e2:11:2a:cd:da:e1:
fc:45:61:68:17:d1:98:78:46:3a:51:ad:51:fd:31:
7f:d0:0d:27:78:66:4f:e3:16:98:ee:54:7a:ef:d2:
84:64:2e:9a:68:1b:1e:ea:b3:6d:6f:a6:9b:9e:0d:
bd:a4:15:8c:fa:d4:f1:2b:d9:3c:e3:b6:17:4e:8c:
70:ad:95:82:26:0a:eb:2c:af:45:d4:fb:42:c7:21:
b5:e2:a2:05:5a:48:3f:16:25:7b:61:23:4c:02:53:
90:3d:30:4c:1a:2d:85:04:39:de:52:36:6c:fa:c8:
a7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:EC:24:EB:E8:0D:4E:8B:4F:5F:89:9E:74:DB:FD:0F:0A:46:FA:76
X509v3 Authority Key Identifier:
keyid:EC:B1:EA:5A:10:50:A8:29:22:4E:A4:86:C0:E2:2E:BF:C7:5D:64:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7LHqWhBQqCkiTqSGwOIuv8ddZAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/MOwk6-gNTotPX4medNv9DwpG-nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/21a927-8dd3-48f7-92ce-02ffceff1acc/1/7LHqWhBQqCkiTqSGwOIuv8ddZAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.136.0/21
79.139.56.0/21
92.119.120.0/22
109.122.216.0/21
185.43.204.0/22
185.80.48.0/22
185.187.72.0/22
193.39.12.0/22
193.201.184.0/21
194.176.123.0/24
194.180.12.0/24
194.180.16.0/24
194.180.19.0/24
IPv6:
2a01:6ee0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:4e:16:5b:eb:da:92:f8:46:43:37:eb:7d:72:13:2a:c2:ef:
1d:cb:26:dc:97:94:8a:e5:8e:40:d1:7b:54:bc:d7:cb:5c:2b:
d2:0d:82:b8:71:68:ff:ae:9f:5d:a0:85:13:5b:2f:32:ad:45:
cf:82:b2:dc:ad:b5:27:f1:5f:41:ce:ef:7d:ff:9d:a8:13:fd:
5a:3e:79:9e:bb:9a:72:d8:ad:4a:83:93:05:cf:6d:bf:81:af:
59:6f:a6:c8:c9:ab:a3:a2:1d:cc:71:73:e8:08:c1:f4:3c:73:
a7:5d:23:5b:0d:92:64:af:11:46:bf:ad:60:5d:32:eb:8a:a2:
22:db:88:2a:91:df:ba:e3:a5:11:c0:e3:fa:e4:45:0f:47:a0:
c8:19:e3:34:3d:cc:5c:fd:af:28:4f:6b:dc:86:a0:09:af:13:
08:a5:0b:0f:66:3a:9e:7a:37:39:c7:bf:3c:34:05:17:a1:07:
9c:f9:68:63:69:f2:5f:8d:59:0c:52:03:a7:79:ae:3c:94:be:
15:97:fe:c5:7a:b7:b6:1d:8b:1b:06:b8:b1:4d:c1:17:ad:c7:
5b:08:bb:bd:d4:67:86:e6:95:60:c1:49:aa:6f:25:7a:69:22:
8f:22:13:3d:54:9e:6f:29:21:4c:2f:9d:ae:19:6a:b3:05:e6:
67:55:d8:10
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZTcJqFxEKz68HmGnaB3suCJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYjFlYTVhMTA1MGE4MjkyMjRlYTQ4NmMwZTIyZWJmYzc1
ZDY0MGMwHhcNMjUwMjA2MTY0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGVjMjRlYmU4MGQ0ZThiNGY1Zjg5OWU3NGRiZmQwZjBhNDZmYTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKUk+NuXI1JkZ03Cc3dqziI/fj6z
O5i7FB0vs5RQd9aMXf2D2j2TGBpvo2dRKvZ7B/KVLKjfOJDhLzqADPLEtxHMnA+f
O3bAHGgq+MfgKCHUbgEtVxYQotjd3vxrEtiRmyu1hlYIwRy5g6Llgb7wQOV5HVIV
In42MTFNi0HdvbnzropQ+uihDChxFQMgLsXiESrN2uH8RWFoF9GYeEY6Ua1R/TF/
0A0neGZP4xaY7lR679KEZC6aaBse6rNtb6abng29pBWM+tTxK9k847YXToxwrZWC
JgrrLK9F1PtCxyG14qIFWkg/FiV7YSNMAlOQPTBMGi2FBDneUjZs+sinAwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFDDsJOvoDU6LT1+JnnTb/Q8KRvp2MB8GA1UdIwQY
MBaAFOyx6loQUKgpIk6khsDiLr/HXWQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2Ut
MDJmZmNlZmYxYWNjLzEvTU93azYtZ05Ub3RQWDRtZWROdjlEd3BHLW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMWE5MjctOGRkMy00OGY3LTkyY2UtMDJmZmNlZmYxYWNj
LzEvN0xIcVdoQlFxQ2tpVHFTR3dPSXV2OGRkWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDLh2IAwQD
T4s4AwQCXHd4AwQDbXrYAwQCuSvMAwQCuVAwAwQCubtIAwQCwScMAwQDwcm4AwQA
wrB7AwQAwrQMAwQAwrQQAwQAwrQTMA0EAgACMAcDBQAqAW7gMA0GCSqGSIb3DQEB
CwUAA4IBAQAeThZb69qS+EZDN+t9chMqwu8dyybcl5SK5Y5A0XtUvNfLXCvSDYK4
cWj/rp9doIUTWy8yrUXPgrLcrbUn8V9Bzu99/52oE/1aPnmeu5py2K1Kg5MFz22/
ga9Zb6bIyaujoh3McXPoCMH0PHOnXSNbDZJkrxFGv61gXTLriqIi24gqkd+646UR
wOP65EUPR6DIGeM0Pcxc/a8oT2vchqAJrxMIpQsPZjqeejc5x788NAUXoQec+Whj
afJfjVkMUgOnea48lL4Vl/7Fere2HYsbBrixTcEXrcdbCLu91GeG5pVgwUmqbyV6
aSKPIhM9VJ5vKSFML52uGWqzBeZnVdgQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:08:42 2025 by rpki-client