Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/OMnZiNHbw7E-f80Ik0oReEwyFs8.roa
File: OMnZiNHbw7E-f80Ik0oReEwyFs8.roa (raw, json)
Hash identifier: J4ZRlc9ZTuyWB+1e21hJBQgTzJ68vGeASJd7wVF5XJs=
Subject key identifier: 38:C9:D9:88:D1:DB:C3:B1:3E:7F:CD:08:93:4A:11:78:4C:32:16:CF
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 0194236A16CF5598177E0477B49AE99C4E7F
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/OMnZiNHbw7E-f80Ik0oReEwyFs8.roa
Signing time: Wed 01 Jan 2025 19:49:02 +0000
ROA not before: Wed 01 Jan 2025 19:49:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
194.104.149.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:16:cf:55:98:17:7e:04:77:b4:9a:e9:9c:4e:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jan 1 19:49:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38c9d988d1dbc3b13e7fcd08934a11784c3216cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d7:e0:26:4c:b5:84:87:eb:dc:a9:47:84:08:
89:a3:47:0b:09:8c:1c:af:cc:2a:32:c5:86:a9:29:
ce:d5:96:3e:4b:cb:92:03:98:69:e0:04:d9:05:2c:
39:b7:7b:a8:f7:e5:d9:7c:51:e7:05:ce:5b:80:16:
1b:fc:92:bd:d4:31:b9:1c:f1:71:07:62:ce:e7:d5:
aa:81:e7:5f:62:cb:8e:49:cc:28:ca:c0:49:53:5a:
59:0b:a8:b1:0b:09:fd:21:bd:bf:d8:8a:8d:18:6a:
f4:7e:c2:c0:2c:39:a7:16:80:ab:bf:22:3f:ec:0f:
2b:86:b9:8e:78:3a:bf:c2:35:f5:21:22:7d:9f:b0:
f4:c9:4a:a2:4a:ee:22:5a:c6:39:53:f1:fe:94:43:
01:65:e9:79:5f:53:ea:18:a5:fc:78:07:b3:c5:13:
40:84:86:12:25:30:63:55:49:b0:c4:d1:51:19:0f:
4e:14:ad:2b:66:22:b0:af:e9:64:64:ec:31:c0:c6:
3a:88:9a:d3:c3:df:96:c7:fd:ac:37:99:4d:e4:4c:
c4:d8:ed:ad:75:7d:fa:79:6c:46:9a:dd:10:3f:40:
9a:c2:23:5a:56:97:88:6c:f6:73:3d:f8:b0:39:d9:
f3:2c:40:71:6b:c3:14:0f:6a:52:92:76:1c:a7:1d:
57:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C9:D9:88:D1:DB:C3:B1:3E:7F:CD:08:93:4A:11:78:4C:32:16:CF
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/OMnZiNHbw7E-f80Ik0oReEwyFs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
6a:a4:21:52:f7:6a:9e:44:fb:4a:cf:66:8f:a5:ed:f5:22:ab:
2d:96:be:ab:c7:e5:9f:cd:50:85:16:2a:61:86:b8:cf:e9:5b:
ff:04:6d:83:a7:97:eb:a5:d3:31:ae:fd:27:c7:c6:28:d9:2a:
c3:1a:25:f5:8f:1d:66:74:54:57:f4:70:f5:fa:f9:74:29:0b:
d8:16:b0:c3:4a:0a:83:75:80:7b:d1:c7:a6:0e:ac:93:01:ff:
ff:0c:c9:f6:61:47:49:b3:0e:9b:54:87:15:d6:d5:d2:44:ba:
9b:02:f0:e4:0b:1e:de:1a:aa:60:5e:d1:d1:1a:b8:91:b2:46:
ea:8b:43:e9:34:68:e8:6f:8a:c6:d5:d7:34:d3:3a:46:ec:c3:
36:58:6f:c8:38:a5:c8:97:6d:62:91:81:2c:7a:e7:71:db:83:
a6:a5:83:73:7f:66:0a:44:b9:7e:4c:00:2b:68:dd:0f:cd:ac:
2e:29:94:52:58:8e:25:c6:ce:12:10:32:c9:06:df:2e:1d:34:
5e:f8:3b:97:19:89:c4:91:92:f8:de:aa:81:2e:a4:e2:6e:6f:
25:c0:a4:48:8a:ee:eb:f9:8b:9a:15:5f:35:8a:4c:1f:c8:26:
1c:31:3a:f3:08:88:ad:7a:98:69:55:69:0d:a5:56:d5:04:0f:
86:10:15:42
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQjahbPVZgXfgR3tJrpnE5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjUwMTAxMTk0OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM5ZDk4OGQxZGJjM2IxM2U3ZmNkMDg5MzRhMTE3ODRjMzIxNmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNfgJky1hIfr3KlHhAiJo0cLCYwc
r8wqMsWGqSnO1ZY+S8uSA5hp4ATZBSw5t3uo9+XZfFHnBc5bgBYb/JK91DG5HPFx
B2LO59WqgedfYsuOScwoysBJU1pZC6ixCwn9Ib2/2IqNGGr0fsLALDmnFoCrvyI/
7A8rhrmOeDq/wjX1ISJ9n7D0yUqiSu4iWsY5U/H+lEMBZel5X1PqGKX8eAezxRNA
hIYSJTBjVUmwxNFRGQ9OFK0rZiKwr+lkZOwxwMY6iJrTw9+Wx/2sN5lN5EzE2O2t
dX36eWxGmt0QP0CawiNaVpeIbPZzPfiwOdnzLEBxa8MUD2pSknYcpx1XUQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFDjJ2YjR28OxPn/NCJNKEXhMMhbPMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvT01uWmlOSGJ3N0UtZjgwSWswb1JlRXd5RnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEB
CwUAA4IBAQBqpCFS92qeRPtKz2aPpe31Iqstlr6rx+WfzVCFFiphhrjP6Vv/BG2D
p5frpdMxrv0nx8Yo2SrDGiX1jx1mdFRX9HD1+vl0KQvYFrDDSgqDdYB70cemDqyT
Af//DMn2YUdJsw6bVIcV1tXSRLqbAvDkCx7eGqpgXtHRGriRskbqi0PpNGjob4rG
1dc00zpG7MM2WG/IOKXIl21ikYEseudx24OmpYNzf2YKRLl+TAAraN0PzawuKZRS
WI4lxs4SEDLJBt8uHTRe+DuXGYnEkZL43qqBLqTibm8lwKRIiu7r+YuaFV81ikwf
yCYcMTrzCIitephpVWkNpVbVBA+GEBVC
-----END CERTIFICATE-----
Generated at Tue Apr 8 19:03:27 2025 by rpki-client