Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/Mx0tomllVsmkxbnh1iU8_2PCyj0.roa
File: Mx0tomllVsmkxbnh1iU8_2PCyj0.roa (raw, json)
Hash identifier: 7kB7d7CTYtow392lbDCXYANcYe1E5mU3cWH2302D1Ck=
Subject key identifier: 33:1D:2D:A2:69:65:56:C9:A4:C5:B9:E1:D6:25:3C:FF:63:C2:CA:3D
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 0194C83C12B9F530A8D44D8E9B17894D2895
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/Mx0tomllVsmkxbnh1iU8_2PCyj0.roa
Signing time: Sun 02 Feb 2025 19:56:07 +0000
ROA not before: Sun 02 Feb 2025 19:56:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15580
IP address blocks: 91.206.86.0/24 maxlen: 24
185.55.192.0/24 maxlen: 24
193.8.188.0/24 maxlen: 24
193.58.216.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.222.0/24 maxlen: 24
193.58.223.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.12.0/22 maxlen: 22
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.4.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
194.127.9.224/27 maxlen: 27
194.127.10.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.16.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.19.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.26.0/23 maxlen: 23
194.127.26.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.29.0/24 maxlen: 24
194.127.30.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.32.0/22 maxlen: 24
194.127.32.0/24 maxlen: 24
194.127.33.0/24 maxlen: 24
194.127.34.0/24 maxlen: 24
194.127.35.0/24 maxlen: 24
194.127.64.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.mft
rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:c8:3c:12:b9:f5:30:a8:d4:4d:8e:9b:17:89:4d:28:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Feb 2 19:56:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=331d2da2696556c9a4c5b9e1d6253cff63c2ca3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:7d:83:63:3c:6c:4e:f9:75:d4:02:f6:22:f3:
91:52:77:22:8d:43:3a:6c:73:6a:a9:f1:34:67:bb:
02:cb:68:36:d4:e2:24:d5:ff:1a:f9:f6:e2:a0:17:
4a:7e:ed:93:1c:2c:06:d2:f4:96:4b:5f:ae:42:9f:
a9:a1:9d:c7:67:ff:6c:f3:41:ee:d2:75:47:22:15:
cc:86:ec:3c:77:91:d9:47:80:11:8b:ad:af:e7:54:
1e:22:bb:52:90:65:68:b5:93:c5:b8:cb:42:8e:84:
9b:bc:c7:43:b0:13:9c:ec:75:c8:a6:55:40:3d:a7:
23:48:4c:2c:de:d0:8e:c3:db:33:d0:a7:d3:b6:8e:
a2:6f:ac:4c:56:14:7d:4e:09:65:a6:65:46:73:3e:
56:cd:3e:f9:23:d3:94:cc:24:eb:a6:7a:fc:db:5e:
14:18:90:2b:01:e6:ed:9e:5e:69:60:cd:e9:03:ce:
05:0f:47:ad:ca:0d:32:7d:aa:65:41:f2:da:ea:99:
b2:38:37:bf:19:c6:8c:7b:37:c2:eb:3a:75:f9:a3:
3b:24:21:2a:4a:92:b9:73:68:2f:10:6e:83:82:91:
e1:9c:fc:2e:e8:97:4a:1a:fa:8f:6a:f6:63:8e:54:
bf:9f:c7:6b:7b:41:fd:ea:5c:71:2e:f4:8d:5d:32:
45:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:1D:2D:A2:69:65:56:C9:A4:C5:B9:E1:D6:25:3C:FF:63:C2:CA:3D
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/Mx0tomllVsmkxbnh1iU8_2PCyj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.86.0/24
185.55.192.0/24
193.8.188.0/24
193.58.216.0/24
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.81.0/24
194.127.88.0/23
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
85:2c:72:53:25:57:92:47:18:22:c9:35:8f:7b:fe:ec:e8:20:
66:25:34:2c:68:05:04:d5:21:6c:c0:f4:8d:08:75:03:2f:0b:
8e:67:fc:e7:82:84:78:30:ce:c2:66:ea:3d:b7:a2:6a:2e:b5:
71:18:9b:47:18:8f:41:ff:9b:c0:84:5d:36:c8:1c:4d:64:e3:
66:a0:5b:f9:62:2c:66:76:41:cf:53:bd:a4:e4:1d:4b:4d:e7:
99:d8:e5:fa:13:44:7b:71:8b:bd:a6:57:79:75:58:66:4e:86:
78:72:89:e8:50:01:cb:28:89:58:00:c7:20:56:43:00:89:dd:
a6:39:b1:30:27:ff:b1:86:7b:c6:a7:6f:f4:2b:2d:8a:fb:ca:
c6:62:74:e6:a1:1d:2a:1e:5c:0d:d9:4b:38:89:15:c9:52:90:
d3:32:00:2e:a2:78:24:66:97:1a:60:8b:e5:21:0d:a5:b6:a0:
6f:0e:c9:7e:f0:91:fe:da:ab:04:d9:53:e2:b7:84:44:6d:93:
d7:32:95:d3:d9:a0:5e:76:54:e6:ac:31:c2:fd:d0:91:16:cd:
10:b4:b8:a1:9e:40:be:b0:db:0e:65:4d:b0:8f:1b:7d:5f:b8:
26:5d:9e:84:72:ce:67:37:bd:50:32:54:43:83:d2:77:6a:4a:
1f:f4:30:87
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZTIPBK59TCo1E2OmxeJTSiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjUwMjAyMTk1NjA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzFkMmRhMjY5NjU1NmM5YTRjNWI5ZTFkNjI1M2NmZjYzYzJjYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzX2DYzxsTvl11AL2IvORUncijUM6
bHNqqfE0Z7sCy2g21OIk1f8a+fbioBdKfu2THCwG0vSWS1+uQp+poZ3HZ/9s80Hu
0nVHIhXMhuw8d5HZR4ARi62v51QeIrtSkGVotZPFuMtCjoSbvMdDsBOc7HXIplVA
PacjSEws3tCOw9sz0KfTto6ib6xMVhR9TgllpmVGcz5WzT75I9OUzCTrpnr8214U
GJArAebtnl5pYM3pA84FD0etyg0yfaplQfLa6pmyODe/GcaMezfC6zp1+aM7JCEq
SpK5c2gvEG6DgpHhnPwu6JdKGvqPavZjjlS/n8dre0H96lxxLvSNXTJFEQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDMdLaJpZVbJpMW54dYlPP9jwso9MB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvTXgwdG9tbGxWc21reGJuaDFpVThfMlBDeWowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwXwQCAAEwWQMEAFvOVgME
ALk3wAMEAMEIvAMEAME62AMEAcE63gMEAcHCBjAMAwQBwcIKAwQEwcIAMAsDAwDC
fwMEAsJ/QDAMAwQDwn9IAwQAwn9MAwQAwn9RAwQBwn9YMA0EAgACMAcDBQAqAQb4
MA0GCSqGSIb3DQEBCwUAA4IBAQCFLHJTJVeSRxgiyTWPe/7s6CBmJTQsaAUE1SFs
wPSNCHUDLwuOZ/zngoR4MM7CZuo9t6JqLrVxGJtHGI9B/5vAhF02yBxNZONmoFv5
YixmdkHPU72k5B1LTeeZ2OX6E0R7cYu9pld5dVhmToZ4conoUAHLKIlYAMcgVkMA
id2mObEwJ/+xhnvGp2/0Ky2K+8rGYnTmoR0qHlwN2Us4iRXJUpDTMgAuongkZpca
YIvlIQ2ltqBvDsl+8JH+2qsE2VPit4REbZPXMpXT2aBedlTmrDHC/dCRFs0QtLih
nkC+sNsOZU2wjxt9X7gmXZ6Ecs5nN71QMlRDg9J3akof9DCH
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:16 2025 by rpki-client