Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0m0-0mgsaeM3pIdoBd4Y4QWtza0.roa
File: 0m0-0mgsaeM3pIdoBd4Y4QWtza0.roa (raw, json)
Hash identifier: B5BFxd9ZpXJG4w/8oSJFaxWUqCVv7oe54WxL1YP1fEI=
Subject key identifier: D2:6D:3E:D2:68:2C:69:E3:37:A4:87:68:05:DE:18:E1:05:AD:CD:AD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143DF8B20621395D0A3ECFC9F12C535
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0m0-0mgsaeM3pIdoBd4Y4QWtza0.roa
Signing time: Wed 01 Jan 2025 09:48:03 +0000
ROA not before: Wed 01 Jan 2025 09:48:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 109.176.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:df:8b:20:62:13:95:d0:a3:ec:fc:9f:12:c5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d26d3ed2682c69e337a4876805de18e105adcdad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8b:c5:d5:c5:bc:86:91:74:7e:1a:39:0d:28:
17:41:d9:a7:af:a6:98:68:fa:f6:9c:ea:68:b3:51:
e9:2d:c6:87:3c:8c:fa:99:be:8a:0c:01:39:b4:95:
58:12:56:61:b8:8e:67:ae:f6:8a:8c:c3:a9:ce:79:
c4:72:45:6a:12:a5:7a:ac:fd:7d:84:6e:23:bd:0c:
b8:40:fc:66:7d:81:72:0b:84:f9:42:6d:4d:15:24:
38:71:0f:92:4c:68:a3:57:55:b8:e0:23:f8:d3:3c:
98:4a:ad:88:83:ec:b0:5d:75:0a:ae:c1:56:f8:87:
ed:9b:21:39:0c:41:38:96:9f:56:d2:28:de:a7:d5:
c2:51:f1:7c:e8:c4:f3:1c:59:93:47:3a:56:ef:9d:
a1:25:c9:2e:e0:3b:17:d3:fb:93:ab:e5:c9:d5:43:
50:83:b2:cd:06:08:d0:62:84:aa:aa:bb:ff:35:c2:
85:64:51:d3:d6:b8:f1:c0:a0:70:f4:12:a0:ff:bf:
30:81:9f:02:91:92:7d:74:ae:99:a2:eb:bf:e5:72:
d5:7c:30:97:cb:36:b9:b2:10:ef:30:0c:43:18:04:
2b:a7:ef:84:0b:d4:32:f9:79:75:af:31:0a:6d:1c:
89:2b:e9:44:6f:1c:90:56:20:b2:ab:87:14:6f:32:
e4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:6D:3E:D2:68:2C:69:E3:37:A4:87:68:05:DE:18:E1:05:AD:CD:AD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0m0-0mgsaeM3pIdoBd4Y4QWtza0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:0b:cd:0a:ab:35:fd:4a:ac:ec:9a:2c:97:ef:e8:f0:5d:34:
3e:a3:c2:ae:42:4e:99:b8:a9:7c:7a:05:43:e6:93:74:3f:6c:
81:6b:ea:1e:57:9f:97:7a:39:a8:79:27:41:aa:d1:19:39:a5:
76:37:f0:1c:32:9d:34:9d:86:83:be:5a:34:a1:a7:3e:a6:00:
3e:74:ce:f5:e0:07:e9:8e:78:3d:5b:fb:39:14:91:48:d7:16:
9c:07:e6:ad:cd:15:91:f3:77:70:21:1d:18:06:12:5d:be:f4:
35:eb:d1:b2:69:ff:cf:ef:c7:63:ac:5b:74:cb:36:c9:f5:a6:
c1:51:55:af:63:d3:27:79:24:65:2b:ce:77:8c:fe:09:44:73:
dc:f9:5e:37:f6:aa:f1:28:7b:fb:5e:6e:18:93:23:f3:04:30:
d6:37:78:0b:e7:60:8f:22:80:9a:f1:0f:4d:52:e5:7e:fe:f3:
7c:ad:f9:69:e1:4f:b1:7a:4a:23:8a:c9:37:33:50:6e:ec:d0:
67:da:78:2e:30:e5:57:c6:45:d2:85:5a:17:21:7c:c2:4e:ba:
80:82:2a:a4:de:a5:a7:76:1e:a5:9b:05:e5:fa:8e:51:06:e5:
04:ff:e4:c4:e6:a9:2e:18:1a:72:03:51:e9:a1:cc:e5:7a:79:
39:f0:b0:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ9+LIGITldCj7PyfEsU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjZkM2VkMjY4MmM2OWUzMzdhNDg3NjgwNWRlMThlMTA1YWRjZGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4vF1cW8hpF0fho5DSgXQdmnr6aY
aPr2nOpos1HpLcaHPIz6mb6KDAE5tJVYElZhuI5nrvaKjMOpznnEckVqEqV6rP19
hG4jvQy4QPxmfYFyC4T5Qm1NFSQ4cQ+STGijV1W44CP40zyYSq2Ig+ywXXUKrsFW
+IftmyE5DEE4lp9W0ijep9XCUfF86MTzHFmTRzpW752hJcku4DsX0/uTq+XJ1UNQ
g7LNBgjQYoSqqrv/NcKFZFHT1rjxwKBw9BKg/78wgZ8CkZJ9dK6Zouu/5XLVfDCX
yza5shDvMAxDGAQrp++EC9Qy+Xl1rzEKbRyJK+lEbxyQViCyq4cUbzLkEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJtPtJoLGnjN6SHaAXeGOEFrc2tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMG0wLTBtZ3NhZU0zcElkb0JkNFk0UVd0emEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDQMA0G
CSqGSIb3DQEBCwUAA4IBAQCPC80KqzX9SqzsmiyX7+jwXTQ+o8KuQk6ZuKl8egVD
5pN0P2yBa+oeV5+XejmoeSdBqtEZOaV2N/AcMp00nYaDvlo0oac+pgA+dM714Afp
jng9W/s5FJFI1xacB+atzRWR83dwIR0YBhJdvvQ169Gyaf/P78djrFt0yzbJ9abB
UVWvY9MneSRlK853jP4JRHPc+V439qrxKHv7Xm4YkyPzBDDWN3gL52CPIoCa8Q9N
UuV+/vN8rflp4U+xekojisk3M1Bu7NBn2nguMOVXxkXShVoXIXzCTrqAgiqk3qWn
dh6lmwXl+o5RBuUE/+TE5qkuGBpyA1Hpoczlenk58LAK
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:50:04 2025 by rpki-client