Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/md0xmKCv-Yp-JRpqVfuJ2Ux3if8.roa
File: md0xmKCv-Yp-JRpqVfuJ2Ux3if8.roa (raw, json)
Hash identifier: 8054rmQS0LY7yY1rJuM5gJA2IaUlLbJ4rpwSB+nsZj8=
Subject key identifier: 99:DD:31:98:A0:AF:F9:8A:7E:25:1A:6A:55:FB:89:D9:4C:77:89:FF
Certificate issuer: /CN=c463c34603a946952ff276e0a25fd361fcacf251
Certificate serial: 019629BC2A6EA559C40A6744E7DE045F68D4
Authority key identifier: C4:63:C3:46:03:A9:46:95:2F:F2:76:E0:A2:5F:D3:61:FC:AC:F2:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xGPDRgOpRpUv8nbgol_TYfys8lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/md0xmKCv-Yp-JRpqVfuJ2Ux3if8.roa
Signing time: Sat 12 Apr 2025 11:21:59 +0000
ROA not before: Sat 12 Apr 2025 11:21:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198363
IP address blocks: 176.103.248.0/21 maxlen: 21
176.103.248.0/24 maxlen: 24
176.103.249.0/24 maxlen: 24
176.103.250.0/24 maxlen: 24
176.103.251.0/24 maxlen: 24
176.103.252.0/24 maxlen: 24
176.103.253.0/24 maxlen: 24
176.103.254.0/24 maxlen: 24
176.103.255.0/24 maxlen: 24
2001:67c:e30::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/xGPDRgOpRpUv8nbgol_TYfys8lE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/xGPDRgOpRpUv8nbgol_TYfys8lE.mft
rsync://rpki.ripe.net/repository/DEFAULT/xGPDRgOpRpUv8nbgol_TYfys8lE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:29:bc:2a:6e:a5:59:c4:0a:67:44:e7:de:04:5f:68:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c463c34603a946952ff276e0a25fd361fcacf251
Validity
Not Before: Apr 12 11:21:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99dd3198a0aff98a7e251a6a55fb89d94c7789ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d3:48:77:8b:a5:e7:09:56:44:99:6f:87:14:
72:fb:cc:32:bf:7d:7a:a2:fc:22:0c:f8:d2:f0:d5:
ba:0b:df:f5:04:02:fb:27:07:35:ba:a1:c9:9a:29:
be:39:5e:2f:32:f1:af:33:b3:60:2e:45:f8:43:95:
e5:23:e9:03:08:64:dd:b5:d0:10:0d:25:98:c0:5e:
bc:d0:b2:43:97:cc:bf:8e:dd:af:9d:89:04:e2:ca:
21:cd:49:41:76:0c:fe:2f:a0:03:00:2f:3c:ae:38:
71:cc:d4:ff:4b:fe:6d:a3:57:36:a6:05:a6:a2:ff:
89:ac:19:35:1f:c3:41:6b:15:f9:94:84:7d:8f:95:
f0:45:d4:fd:15:a6:d1:c1:8d:b1:a2:8b:39:b1:d0:
c9:95:4f:3b:53:bd:4c:fb:66:e6:88:6a:95:9a:6e:
af:88:b6:ce:26:1e:6d:c9:a6:f8:cb:fa:65:66:0c:
bd:19:ad:62:fa:b9:35:92:e7:40:e3:b3:1b:27:2f:
d7:ae:3c:09:0a:63:69:77:16:c2:ae:96:34:05:a4:
f4:08:62:94:1e:bc:b6:bf:a1:4d:19:9c:13:df:fe:
f1:e7:fd:7e:8f:81:5f:66:50:8f:c1:15:0a:cc:f1:
4c:48:bb:d6:5d:31:e9:33:64:7b:08:47:60:62:22:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:DD:31:98:A0:AF:F9:8A:7E:25:1A:6A:55:FB:89:D9:4C:77:89:FF
X509v3 Authority Key Identifier:
keyid:C4:63:C3:46:03:A9:46:95:2F:F2:76:E0:A2:5F:D3:61:FC:AC:F2:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xGPDRgOpRpUv8nbgol_TYfys8lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/md0xmKCv-Yp-JRpqVfuJ2Ux3if8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/24fae9-ed87-44f6-a795-006420e4344d/1/xGPDRgOpRpUv8nbgol_TYfys8lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.248.0/21
IPv6:
2001:67c:e30::/48
Signature Algorithm: sha256WithRSAEncryption
3e:63:99:cb:ac:f7:8c:2b:cc:15:b2:61:33:5a:a7:e5:2d:83:
55:22:d6:ee:e6:50:f0:5b:1a:5b:4c:1a:68:e0:52:49:41:cb:
44:b1:3c:52:ec:39:d0:f8:30:9f:db:14:00:d9:17:ba:1a:35:
dd:aa:e3:43:a9:11:b1:f4:bc:2b:a3:d6:23:41:a0:f8:d8:63:
2e:27:4f:ac:0b:62:25:8e:05:82:42:d2:3c:0e:a3:73:8f:42:
e7:93:ae:fd:6c:08:da:7c:ca:41:2f:6d:23:2c:24:6f:39:a6:
78:94:72:1f:1e:57:a4:c7:a2:ac:24:4f:2a:29:b7:dd:a6:1d:
c9:e3:97:23:42:98:a8:fb:1b:3c:a5:59:7c:93:45:d7:2e:2a:
dd:db:d5:c5:4e:7a:a9:8e:74:c9:3f:fa:7a:ee:a4:27:ae:b1:
e2:aa:a5:f0:1b:7b:30:e9:14:15:61:7b:44:62:53:5a:80:6b:
13:ef:bd:83:76:c2:d2:9a:96:56:af:c5:c3:b8:9e:9a:c1:f7:
57:a7:e1:5a:9d:2e:dc:91:54:c0:c4:44:4d:0c:c0:a4:07:07:
b7:44:3d:a6:ea:6d:49:ef:a7:e5:3c:a5:d9:5e:a9:6f:5d:8b:
53:7a:34:b7:63:67:d6:07:6a:70:33:ec:d2:76:09:43:21:a5:
68:58:fd:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZYpvCpupVnECmdE594EX2jUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NjNjMzQ2MDNhOTQ2OTUyZmYyNzZlMGEyNWZkMzYxZmNh
Y2YyNTEwHhcNMjUwNDEyMTEyMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWRkMzE5OGEwYWZmOThhN2UyNTFhNmE1NWZiODlkOTRjNzc4OWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNNId4ul5wlWRJlvhxRy+8wyv316
ovwiDPjS8NW6C9/1BAL7Jwc1uqHJmim+OV4vMvGvM7NgLkX4Q5XlI+kDCGTdtdAQ
DSWYwF680LJDl8y/jt2vnYkE4sohzUlBdgz+L6ADAC88rjhxzNT/S/5to1c2pgWm
ov+JrBk1H8NBaxX5lIR9j5XwRdT9FabRwY2xoos5sdDJlU87U71M+2bmiGqVmm6v
iLbOJh5tyab4y/plZgy9Ga1i+rk1kudA47MbJy/XrjwJCmNpdxbCrpY0BaT0CGKU
Hry2v6FNGZwT3/7x5/1+j4FfZlCPwRUKzPFMSLvWXTHpM2R7CEdgYiIvxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJndMZigr/mKfiUaalX7idlMd4n/MB8GA1UdIwQY
MBaAFMRjw0YDqUaVL/J24KJf02H8rPJRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEdQRFJnT3BScFV2OG5iZ29sX1RZZnlzOGxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8yNGZhZTktZWQ4Ny00NGY2LWE3OTUt
MDA2NDIwZTQzNDRkLzEvbWQweG1LQ3YtWXAtSlJwcVZmdUoyVXgzaWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8yNGZhZTktZWQ4Ny00NGY2LWE3OTUtMDA2NDIwZTQzNDRk
LzEveEdQRFJnT3BScFV2OG5iZ29sX1RZZnlzOGxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDsGf4MA8E
AgACMAkDBwAgAQZ8DjAwDQYJKoZIhvcNAQELBQADggEBAD5jmcus94wrzBWyYTNa
p+Utg1Ui1u7mUPBbGltMGmjgUklBy0SxPFLsOdD4MJ/bFADZF7oaNd2q40OpEbH0
vCuj1iNBoPjYYy4nT6wLYiWOBYJC0jwOo3OPQueTrv1sCNp8ykEvbSMsJG85pniU
ch8eV6THoqwkTyopt92mHcnjlyNCmKj7GzylWXyTRdcuKt3b1cVOeqmOdMk/+nru
pCeuseKqpfAbezDpFBVhe0RiU1qAaxPvvYN2wtKallavxcO4nprB91en4VqdLtyR
VMDERE0MwKQHB7dEPabqbUnvp+U8pdleqW9di1N6NLdjZ9YHanAz7NJ2CUMhpWhY
/Sw=
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:53:20 2025 by rpki-client