Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/tcp-Msodt7Yoyc_U-JzWb4RQflg.roa
File: tcp-Msodt7Yoyc_U-JzWb4RQflg.roa (raw, json)
Hash identifier: 2O16WNiH/chbI3skghuISKeRLWAnGH5be6qCPHCOEPw=
Subject key identifier: B5:CA:7E:32:CA:1D:B7:B6:28:C9:CF:D4:F8:9C:D6:6F:84:50:7E:58
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019425217F09E904F0146A5050C0CCD7CC0C
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/tcp-Msodt7Yoyc_U-JzWb4RQflg.roa
Signing time: Thu 02 Jan 2025 03:48:59 +0000
ROA not before: Thu 02 Jan 2025 03:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207490
IP address blocks: 80.72.16.0/23 maxlen: 23
80.72.26.0/23 maxlen: 23
2a00:8740:500::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 07:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:7f:09:e9:04:f0:14:6a:50:50:c0:cc:d7:cc:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jan 2 03:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5ca7e32ca1db7b628c9cfd4f89cd66f84507e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9a:71:cd:25:3b:38:6d:16:b5:f5:f5:25:5e:
7d:54:07:8d:21:4a:ac:e9:bd:1e:4a:a7:39:ff:6d:
fb:1c:5b:3a:51:4b:4f:da:15:eb:a9:d3:0c:b9:2d:
69:b8:aa:c7:94:c4:49:e9:21:4a:0b:9e:c8:9a:1a:
5c:a1:d5:e2:f7:00:7c:6d:29:ea:08:9e:28:ba:fe:
37:9f:d8:2c:5e:00:8e:30:70:0f:6e:86:79:8e:20:
45:77:da:c1:d5:1a:b0:7d:96:1f:4d:63:e8:3c:9f:
cb:48:7c:d5:ed:af:66:d3:c9:29:d9:ff:29:29:35:
40:17:4a:2f:19:4a:8b:4c:7b:d3:c5:fd:32:56:eb:
ce:a6:f3:f3:70:44:7f:90:62:04:e1:2e:69:ac:47:
6c:c8:a1:90:d7:b6:33:a2:6f:88:69:d2:e0:5f:53:
99:4b:50:b7:fe:a9:f1:aa:ad:c9:b4:da:09:1b:27:
e7:a0:be:6c:dc:87:3c:af:c9:2e:ef:7a:d5:49:bc:
44:6a:79:60:4d:44:de:98:a0:2e:86:f9:71:4d:69:
63:2c:f6:80:fa:4f:e6:91:e8:a1:98:3a:2e:fa:2a:
03:92:3f:e0:66:16:a9:d3:52:a2:2f:6c:ee:ff:0d:
8c:cd:59:53:60:7e:6a:4d:6b:fb:07:f0:d0:5e:a8:
28:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:CA:7E:32:CA:1D:B7:B6:28:C9:CF:D4:F8:9C:D6:6F:84:50:7E:58
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/tcp-Msodt7Yoyc_U-JzWb4RQflg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.16.0/23
80.72.26.0/23
IPv6:
2a00:8740:500::/40
Signature Algorithm: sha256WithRSAEncryption
2e:d1:51:b8:85:b2:15:89:2b:66:58:39:c2:2b:25:1f:cb:40:
80:e4:d0:a9:68:fb:b0:51:42:c7:b4:58:6c:47:e9:cf:c3:6e:
7b:5c:02:e9:43:43:2a:17:19:9d:ee:73:1d:70:6e:bc:86:1f:
4c:77:93:0a:70:4c:5c:17:ac:0b:67:aa:3d:8c:e3:64:ee:8d:
5a:f8:c7:30:01:8c:c9:98:5e:90:8f:1b:49:b5:72:c7:d4:6e:
0b:ce:ee:be:92:93:96:ec:96:95:b1:30:e3:b1:dd:a4:df:5b:
f5:70:7a:f8:c6:f7:d3:9e:90:e6:6c:50:74:91:d7:47:c8:8a:
f3:28:71:5b:81:85:86:28:67:4a:0c:fe:36:69:d6:9a:15:2d:
cb:03:3f:4a:82:5e:a6:62:ff:74:c3:a5:4b:98:40:5e:ef:5f:
5e:5b:b2:d0:01:73:53:ad:b7:4f:6e:68:18:8c:4d:43:02:d5:
71:7a:9e:0b:fe:5a:8a:92:83:75:41:c8:fd:b1:3c:05:41:22:
8e:8b:d5:df:5d:3e:0e:48:40:cf:4a:78:0b:7e:83:58:90:ee:
60:e1:42:c9:27:6d:dd:b3:af:2a:4a:ec:60:a0:c1:f5:f6:a4:
97:8a:73:a0:5e:4c:ac:13:22:5e:90:5b:5a:85:72:ca:dc:05:
0b:48:fd:fc
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQlIX8J6QTwFGpQUMDM18wMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwMTAyMDM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWNhN2UzMmNhMWRiN2I2MjhjOWNmZDRmODljZDY2Zjg0NTA3ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJpxzSU7OG0WtfX1JV59VAeNIUqs
6b0eSqc5/237HFs6UUtP2hXrqdMMuS1puKrHlMRJ6SFKC57ImhpcodXi9wB8bSnq
CJ4ouv43n9gsXgCOMHAPboZ5jiBFd9rB1RqwfZYfTWPoPJ/LSHzV7a9m08kp2f8p
KTVAF0ovGUqLTHvTxf0yVuvOpvPzcER/kGIE4S5prEdsyKGQ17Yzom+IadLgX1OZ
S1C3/qnxqq3JtNoJGyfnoL5s3Ic8r8ku73rVSbxEanlgTUTemKAuhvlxTWljLPaA
+k/mkeihmDou+ioDkj/gZhap01KiL2zu/w2MzVlTYH5qTWv7B/DQXqgoWwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFLXKfjLKHbe2KMnP1Pic1m+EUH5YMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvdGNwLU1zb2R0N1lveWNfVS1KeldiNFJRZmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBUEgQAwQB
UEgaMA4EAgACMAgDBgAqAIdABTANBgkqhkiG9w0BAQsFAAOCAQEALtFRuIWyFYkr
Zlg5wislH8tAgOTQqWj7sFFCx7RYbEfpz8Nue1wC6UNDKhcZne5zHXBuvIYfTHeT
CnBMXBesC2eqPYzjZO6NWvjHMAGMyZhekI8bSbVyx9RuC87uvpKTluyWlbEw47Hd
pN9b9XB6+Mb3056Q5mxQdJHXR8iK8yhxW4GFhihnSgz+NmnWmhUtywM/SoJepmL/
dMOlS5hAXu9fXluy0AFzU623T25oGIxNQwLVcXqeC/5aipKDdUHI/bE8BUEijovV
310+DkhAz0p4C36DWJDuYOFCySdt3bOvKkrsYKDB9fakl4pzoF5MrBMiXpBbWoVy
ytwFC0j9/A==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:34 2025 by rpki-client