Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/mouRKK4_Q2E-W7kvAvNPxrpZLhE.roa
File: mouRKK4_Q2E-W7kvAvNPxrpZLhE.roa (raw, json)
Hash identifier: ybMAN8gUri6B6wRdRo0fLl/8jSvuyoOJGt4dM0c6HXQ=
Subject key identifier: 9A:8B:91:28:AE:3F:43:61:3E:5B:B9:2F:02:F3:4F:C6:BA:59:2E:11
Certificate issuer: /CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Certificate serial: 019420D5C359FFA19BEFB776E66C7F504034
Authority key identifier: 31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/mouRKK4_Q2E-W7kvAvNPxrpZLhE.roa
Signing time: Wed 01 Jan 2025 07:47:47 +0000
ROA not before: Wed 01 Jan 2025 07:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211656
IP address blocks: 62.112.24.0/22 maxlen: 24
185.117.252.0/22 maxlen: 24
185.165.228.0/22 maxlen: 24
2a10:ad40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:c3:59:ff:a1:9b:ef:b7:76:e6:6c:7f:50:40:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d4ee4afff55e67444d47d49b512a8368bf9ef6
Validity
Not Before: Jan 1 07:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a8b9128ae3f43613e5bb92f02f34fc6ba592e11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:09:21:6d:35:e9:20:a2:51:73:c0:8c:3b:09:
38:ee:d8:b7:17:c7:33:11:43:d1:ce:0f:f4:ba:64:
99:1d:f1:cd:8e:b8:52:3e:bb:85:1c:70:79:fc:e3:
35:55:c0:0a:10:c9:7a:06:d2:29:3b:0a:2b:fa:79:
c9:66:5a:25:80:f1:43:3a:b5:59:89:5b:e0:b9:ea:
3d:d7:5b:cf:d2:89:7e:23:a6:05:a3:66:7a:4f:dd:
b0:00:92:b8:70:34:5e:80:c8:cf:b4:33:48:83:2d:
ba:a6:4c:6c:8e:ad:5a:10:b1:32:8d:fa:44:6d:3a:
15:11:f4:60:f9:45:ef:4b:70:4c:40:34:1f:29:2f:
af:15:67:2a:0f:f1:06:c1:b8:cd:a5:53:be:ce:e5:
18:af:94:7f:97:6b:eb:1d:17:25:ec:c9:46:df:3f:
bf:89:89:4c:6e:93:1d:c7:0f:1c:81:21:3d:fb:6b:
6b:ab:f1:74:6e:5b:ce:d0:f3:c5:f4:a2:2a:2a:6d:
6b:13:fc:12:8e:88:d8:8b:dd:03:ce:fa:9a:aa:d2:
93:0d:ff:b0:2a:01:aa:7f:ff:47:d7:f7:b1:0c:94:
06:f0:e9:6d:58:cd:fa:60:b4:13:a4:03:72:77:90:
a0:f3:1e:94:d1:34:6b:d6:ab:26:77:1d:28:6b:fc:
d0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8B:91:28:AE:3F:43:61:3E:5B:B9:2F:02:F3:4F:C6:BA:59:2E:11
X509v3 Authority Key Identifier:
keyid:31:D4:EE:4A:FF:F5:5E:67:44:4D:47:D4:9B:51:2A:83:68:BF:9E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdTuSv_1XmdETUfUm1Eqg2i_nvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/mouRKK4_Q2E-W7kvAvNPxrpZLhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e44dea-8d51-440a-bc02-bab576e20393/1/MdTuSv_1XmdETUfUm1Eqg2i_nvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.24.0/22
185.117.252.0/22
185.165.228.0/22
IPv6:
2a10:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
90:8d:97:2f:4f:74:a5:2e:df:5a:ee:b6:6c:19:a8:aa:34:a0:
60:37:a5:6b:9e:72:68:11:74:e4:17:91:bb:e9:04:1b:53:2e:
21:d0:cc:f5:23:57:47:28:bb:e2:50:0d:ca:95:3d:87:54:69:
9a:0b:82:21:d7:df:85:6e:f6:c7:de:fa:97:13:f5:29:c2:16:
8f:cd:b0:05:8d:65:1d:7e:e0:58:91:2a:5a:4f:9c:71:56:aa:
10:7b:a7:91:39:5d:a8:8a:a5:7c:7f:16:66:95:9d:90:f3:e8:
2e:33:e3:e7:0c:ff:52:74:26:4f:40:6a:02:a7:f8:e6:3c:98:
36:79:36:ee:68:7b:84:f8:65:38:9d:b2:29:b7:25:bb:83:1d:
93:36:64:49:e4:c9:4f:18:10:6c:63:5e:75:6c:c6:f8:71:ae:
5d:ce:cf:54:a4:8e:ed:d2:66:00:89:9e:4d:f2:d6:d1:60:95:
0b:7a:c1:28:99:cc:35:ad:64:9e:d3:ef:d3:b5:cb:34:01:49:
52:e8:58:4d:1e:ea:1f:35:7b:d6:c3:60:66:09:7b:93:6f:b1:
c7:b9:80:e1:da:41:a4:04:be:67:13:50:6e:86:eb:9b:fc:ff:
2b:cd:78:bd:cd:ad:04:34:0c:31:65:df:c6:b5:25:91:29:56:
54:34:82:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQg1cNZ/6Gb77d25mx/UEA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDRlZTRhZmZmNTVlNjc0NDRkNDdkNDliNTEyYTgzNjhi
ZjllZjYwHhcNMjUwMTAxMDc0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThiOTEyOGFlM2Y0MzYxM2U1YmI5MmYwMmYzNGZjNmJhNTkyZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwkhbTXpIKJRc8CMOwk47ti3F8cz
EUPRzg/0umSZHfHNjrhSPruFHHB5/OM1VcAKEMl6BtIpOwor+nnJZlolgPFDOrVZ
iVvgueo911vP0ol+I6YFo2Z6T92wAJK4cDRegMjPtDNIgy26pkxsjq1aELEyjfpE
bToVEfRg+UXvS3BMQDQfKS+vFWcqD/EGwbjNpVO+zuUYr5R/l2vrHRcl7MlG3z+/
iYlMbpMdxw8cgSE9+2trq/F0blvO0PPF9KIqKm1rE/wSjojYi90DzvqaqtKTDf+w
KgGqf/9H1/exDJQG8OltWM36YLQTpANyd5Cg8x6U0TRr1qsmdx0oa/zQAQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJqLkSiuP0NhPlu5LwLzT8a6WS4RMB8GA1UdIwQY
MBaAFDHU7kr/9V5nRE1H1JtRKoNov572MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDIt
YmFiNTc2ZTIwMzkzLzEvbW91UktLNF9RMkUtVzdrdkF2TlB4cnBaTGhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNDRkZWEtOGQ1MS00NDBhLWJjMDItYmFiNTc2ZTIwMzkz
LzEvTWRUdVN2XzFYbWRFVFVmVW0xRXFnMmlfbnZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCPnAYAwQC
uXX8AwQCuaXkMA0EAgACMAcDBQMqEK1AMA0GCSqGSIb3DQEBCwUAA4IBAQCQjZcv
T3SlLt9a7rZsGaiqNKBgN6VrnnJoEXTkF5G76QQbUy4h0Mz1I1dHKLviUA3KlT2H
VGmaC4Ih19+FbvbH3vqXE/UpwhaPzbAFjWUdfuBYkSpaT5xxVqoQe6eROV2oiqV8
fxZmlZ2Q8+guM+PnDP9SdCZPQGoCp/jmPJg2eTbuaHuE+GU4nbIptyW7gx2TNmRJ
5MlPGBBsY151bMb4ca5dzs9UpI7t0mYAiZ5N8tbRYJULesEomcw1rWSe0+/Ttcs0
AUlS6FhNHuofNXvWw2BmCXuTb7HHuYDh2kGkBL5nE1Buhuub/P8rzXi9za0ENAwx
Zd/GtSWRKVZUNIJO
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:10:31 2025 by rpki-client