Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/oCM0PQPAQTFeZjH_bur3wGsBnfY.roa
File: oCM0PQPAQTFeZjH_bur3wGsBnfY.roa (raw, json)
Hash identifier: zpqsOKB5HhYA51pMtIuoRoqUM3ZnFM9ulXRkOtcM4VE=
Subject key identifier: A0:23:34:3D:03:C0:41:31:5E:66:31:FF:6E:EA:F7:C0:6B:01:9D:F6
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0194228D7C177211CCECDBC4822199B6AA84
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/oCM0PQPAQTFeZjH_bur3wGsBnfY.roa
Signing time: Wed 01 Jan 2025 15:48:05 +0000
ROA not before: Wed 01 Jan 2025 15:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:7c:17:72:11:cc:ec:db:c4:82:21:99:b6:aa:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jan 1 15:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a023343d03c041315e6631ff6eeaf7c06b019df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:69:9a:b6:fe:27:ae:7e:44:d5:41:dc:51:29:
4d:fa:5b:4e:98:93:27:ae:18:99:55:b3:59:db:9d:
ab:20:cd:18:d3:2a:53:2b:27:47:d9:6b:85:6e:84:
f6:d1:a3:59:e4:a2:62:85:73:4b:a2:6a:23:a3:3f:
db:49:e5:75:aa:26:0a:1c:84:b2:f0:35:d1:5b:8f:
d8:5c:b8:f5:e9:cf:5c:d6:80:5f:f3:2f:08:c6:38:
ee:36:08:e4:28:90:33:aa:37:fb:39:34:27:08:9e:
31:e9:dd:3c:28:0f:7d:48:ca:e4:b3:3c:4e:1f:2a:
3b:fb:03:b3:93:08:34:8d:78:ef:40:96:2a:dc:65:
f1:6d:d8:ec:d8:7b:6a:ba:47:66:0a:8f:53:f9:41:
a0:9b:73:73:a8:33:37:12:fb:84:fd:35:21:37:d2:
b2:0a:d7:74:a0:08:80:75:65:40:22:37:be:8c:06:
66:82:26:78:f8:39:2f:0c:28:57:a4:70:55:6c:3a:
e2:0b:00:08:db:82:cf:25:a8:e9:a0:07:1b:e8:59:
df:58:bd:f7:da:32:42:9d:e5:ef:5b:63:4c:65:7d:
40:5a:97:fb:69:ad:76:26:d2:fd:b4:16:80:4c:63:
24:95:aa:06:87:47:15:99:e1:dd:77:9c:aa:44:81:
f6:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:23:34:3D:03:C0:41:31:5E:66:31:FF:6E:EA:F7:C0:6B:01:9D:F6
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/oCM0PQPAQTFeZjH_bur3wGsBnfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:d2:fd:72:a6:b0:4f:09:91:79:5d:e4:cc:ac:37:e8:db:d7:
fb:fb:c3:be:9d:29:e5:c5:48:81:25:e8:0e:a0:35:29:f6:ce:
cd:43:f6:df:b8:88:94:aa:46:55:e4:26:e0:9c:74:8c:fe:a6:
72:f2:d4:a2:91:bc:16:d8:45:7e:ef:ae:11:3d:90:26:1c:9e:
7d:e9:cb:b5:55:3d:0c:4f:22:7e:aa:d1:5a:b5:f3:03:23:84:
3d:bf:c0:46:96:bf:43:b2:92:76:3c:2a:b6:40:ca:53:85:24:
51:e4:31:bb:36:7d:a6:9e:ef:df:b2:62:f6:df:df:54:95:23:
d3:63:06:e3:8d:d2:37:ce:b0:e2:8a:ee:58:59:16:67:7b:0e:
ab:1c:5c:65:de:2d:25:44:1b:fa:21:6f:e8:b9:ef:50:db:72:
c0:80:9a:2d:b5:19:63:b5:b8:f1:ec:95:fb:1b:60:f4:eb:93:
01:48:dd:bb:fe:a2:50:38:04:ca:8c:cc:e6:01:61:50:6c:c0:
08:8f:d2:f9:6e:a4:e7:50:f9:da:6f:52:34:75:d5:36:db:a8:
e6:bc:0f:04:ac:21:b2:2c:71:a9:58:49:1f:b2:3f:17:a6:69:
00:d6:15:3e:24:89:2d:53:d8:53:34:1f:79:52:f5:0c:e0:79:
1a:1a:7b:13
-----BEGIN CERTIFICATE-----
MIIHNDCCBhygAwIBAgISAZQijXwXchHM7NvEgiGZtqqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwMTAxMTU0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIzMzQzZDAzYzA0MTMxNWU2NjMxZmY2ZWVhZjdjMDZiMDE5ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGmatv4nrn5E1UHcUSlN+ltOmJMn
rhiZVbNZ252rIM0Y0ypTKydH2WuFboT20aNZ5KJihXNLomojoz/bSeV1qiYKHISy
8DXRW4/YXLj16c9c1oBf8y8IxjjuNgjkKJAzqjf7OTQnCJ4x6d08KA99SMrkszxO
Hyo7+wOzkwg0jXjvQJYq3GXxbdjs2HtqukdmCo9T+UGgm3NzqDM3EvuE/TUhN9Ky
Ctd0oAiAdWVAIje+jAZmgiZ4+DkvDChXpHBVbDriCwAI24LPJajpoAcb6FnfWL33
2jJCneXvW2NMZX1AWpf7aa12JtL9tBaATGMklaoGh0cVmeHdd5yqRIH2iwIDAQAB
o4IEQDCCBDwwHQYDVR0OBBYEFKAjND0DwEExXmYx/27q98BrAZ32MB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvb0NNMFBRUEFRVEZlWmpIX2J1cjN3R3NCbmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICVAYIKwYBBQUHAQcBAf8EggJDMIICPzApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggIQBAIAAjCCAggwEgMH
ACoDUAAAAQMHACoDUAAAAjASAwcAKgNQAAARAwcAKgNQAAASMBIDBwUqA1AAACAD
BwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABBAwcAKgNQAABC
MBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAAYjASAwcAKgNQ
AABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoDUAAAkQMHACoD
UAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAqA1AAARIwEgMH
ACoDUAABIQMHACoDUAABIjASAwcAKgNQAAExAwcAKgNQAAEyMBIDBwAqA1AAAUED
BwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjASAwcAKgNQAAFhAwcAKgNQAAFi
MBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAABgQMHACoDUAABgjASAwcAKgNQ
AAGRAwcAKgNQAAGSMBIDBwAqA1AAAgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoD
UAACEjASAwcAKgNQAAIhAwcAKgNQAAIiMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMH
ACoDUAACQQMHACoDUAACQjASAwcAKgNQAAJRAwcAKgNQAAJSMA0GCSqGSIb3DQEB
CwUAA4IBAQBe0v1yprBPCZF5XeTMrDfo29f7+8O+nSnlxUiBJegOoDUp9s7NQ/bf
uIiUqkZV5CbgnHSM/qZy8tSikbwW2EV+764RPZAmHJ596cu1VT0MTyJ+qtFatfMD
I4Q9v8BGlr9DspJ2PCq2QMpThSRR5DG7Nn2mnu/fsmL2399UlSPTYwbjjdI3zrDi
iu5YWRZnew6rHFxl3i0lRBv6IW/oue9Q23LAgJottRljtbjx7JX7G2D065MBSN27
/qJQOATKjMzmAWFQbMAIj9L5bqTnUPnab1I0ddU226jmvA8ErCGyLHGpWEkfsj8X
pmkA1hU+JIktU9hTNB95UvUM4HkaGnsT
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:55:57 2025 by rpki-client