Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MOmPnFD3_BvKICEDrVxdc5P71wQ.roa
File: MOmPnFD3_BvKICEDrVxdc5P71wQ.roa (raw, json)
Hash identifier: 5amrtvXKStjRkA/TYFvMfNHEoknUJ9hISthQnbHgSyQ=
Subject key identifier: 30:E9:8F:9C:50:F7:FC:1B:CA:20:21:03:AD:5C:5D:73:93:FB:D7:04
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01958A42D339786EB3B0E6823068FB37E408
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MOmPnFD3_BvKICEDrVxdc5P71wQ.roa
Signing time: Wed 12 Mar 2025 12:09:49 +0000
ROA not before: Wed 12 Mar 2025 12:09:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:8a:42:d3:39:78:6e:b3:b0:e6:82:30:68:fb:37:e4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 12 12:09:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e98f9c50f7fc1bca202103ad5c5d7393fbd704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:9a:8d:ea:10:82:cd:74:6f:96:2d:0d:9c:1f:
88:ef:65:ae:39:75:c7:1f:d2:5f:1a:c0:06:bc:e4:
88:0e:7e:f8:1c:b6:37:cf:08:91:01:4e:7f:b0:6e:
ad:c9:4e:10:c7:03:62:68:89:f9:ce:c1:f9:04:29:
9a:1a:fe:e3:0e:b7:72:76:f5:44:90:ce:f9:aa:e8:
1c:e6:c5:89:23:34:41:64:81:4e:40:2f:ae:df:a1:
4a:eb:01:a3:47:ff:93:f8:56:29:4c:26:b8:3d:18:
70:9c:06:2f:1d:28:29:a1:6c:c5:c2:59:51:04:c6:
c4:6b:e0:86:78:fc:0d:7e:e2:b4:a2:f1:1c:51:18:
30:bf:02:e3:3e:f9:c7:4f:51:8f:9a:14:90:7e:93:
8a:54:9e:ab:33:c9:a6:f6:52:8b:b8:a0:47:2a:cc:
98:cd:a4:d6:4e:8b:83:ce:3e:3a:0b:ca:49:14:db:
5e:8c:0f:90:a4:7d:e9:33:6c:70:bf:25:48:7e:82:
3c:0a:f2:0f:75:5e:33:e1:c9:9e:8e:b0:03:1c:12:
d6:75:12:77:f1:82:56:8d:30:09:12:71:8f:65:8f:
17:8e:1b:a2:65:13:45:27:25:64:36:da:da:b8:8b:
63:90:a2:20:a2:f4:75:be:5b:bd:2d:a4:91:f6:56:
f4:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E9:8F:9C:50:F7:FC:1B:CA:20:21:03:AD:5C:5D:73:93:FB:D7:04
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/MOmPnFD3_BvKICEDrVxdc5P71wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.13.0-185.121.14.255
185.202.207.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
Signature Algorithm: sha256WithRSAEncryption
68:97:1e:f6:6d:0d:f5:29:16:49:40:71:86:d2:7b:12:2c:d7:
ab:36:66:e5:dd:87:09:50:15:02:56:0e:29:7e:da:9b:73:fb:
09:96:77:b1:61:39:8c:3b:75:35:3a:c1:46:c9:e2:4f:84:6a:
04:02:89:fe:b1:01:a4:81:62:94:23:e8:e7:a7:f1:01:e5:99:
a4:5b:74:22:5c:df:bb:5a:93:ce:00:7d:3b:83:e6:fd:67:9a:
a7:68:d4:1e:50:ea:1f:43:c3:ed:b5:d8:75:f7:f0:89:eb:31:
7d:f3:dd:54:92:b8:a6:ee:a6:41:60:78:57:5e:c6:db:39:fe:
41:77:09:cd:76:c3:69:60:2a:7b:6a:68:74:4f:bf:bc:48:d3:
ac:c5:ea:12:59:83:be:58:ee:b2:8d:c5:9c:19:c6:70:34:1c:
e2:81:cd:63:88:0a:ac:b1:5d:6a:6b:ce:40:65:95:94:99:bd:
55:88:07:56:de:62:2c:24:e1:8a:6e:2a:79:36:ad:08:7d:ae:
f8:21:a8:0a:be:b4:3a:3a:92:46:cf:15:cb:0e:ff:46:b2:be:
58:56:d2:9a:76:95:2a:c8:08:de:67:42:1f:45:f7:d8:e4:30:
53:88:82:bb:24:93:5d:56:bb:e3:20:e1:50:be:33:c8:5a:b1:
83:11:1c:0d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZWKQtM5eG6zsOaCMGj7N+QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwMzEyMTIwOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGU5OGY5YzUwZjdmYzFiY2EyMDIxMDNhZDVjNWQ3MzkzZmJkNzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pqN6hCCzXRvli0NnB+I72WuOXXH
H9JfGsAGvOSIDn74HLY3zwiRAU5/sG6tyU4QxwNiaIn5zsH5BCmaGv7jDrdydvVE
kM75qugc5sWJIzRBZIFOQC+u36FK6wGjR/+T+FYpTCa4PRhwnAYvHSgpoWzFwllR
BMbEa+CGePwNfuK0ovEcURgwvwLjPvnHT1GPmhSQfpOKVJ6rM8mm9lKLuKBHKsyY
zaTWTouDzj46C8pJFNtejA+QpH3pM2xwvyVIfoI8CvIPdV4z4cmejrADHBLWdRJ3
8YJWjTAJEnGPZY8XjhuiZRNFJyVkNtrauItjkKIgovR1vlu9LaSR9lb02QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDDpj5xQ9/wbyiAhA61cXXOT+9cEMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvTU9tUG5GRDNfQnZLSUNFRHJWeGRjNVA3MXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAC5eQ0D
BAC5eQ4DBAC5ys8DBAC56MwDBAC57BgwDAMEALnvjQMEALnvjgMEALn6tQMEALn+
njANBgkqhkiG9w0BAQsFAAOCAQEAaJce9m0N9SkWSUBxhtJ7EizXqzZm5d2HCVAV
AlYOKX7am3P7CZZ3sWE5jDt1NTrBRsniT4RqBAKJ/rEBpIFilCPo56fxAeWZpFt0
Ilzfu1qTzgB9O4Pm/Weap2jUHlDqH0PD7bXYdffwiesxffPdVJK4pu6mQWB4V17G
2zn+QXcJzXbDaWAqe2podE+/vEjTrMXqElmDvljuso3FnBnGcDQc4oHNY4gKrLFd
amvOQGWVlJm9VYgHVt5iLCThim4qeTatCH2u+CGoCr60OjqSRs8Vyw7/RrK+WFbS
mnaVKsgI3mdCH0X32OQwU4iCuySTXVa74yDhUL4zyFqxgxEcDQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:49:19 2025 by rpki-client