Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/dMoy1ocOmEzk4dYBdRWtDeFZXh0.roa
File: dMoy1ocOmEzk4dYBdRWtDeFZXh0.roa (raw, json)
Hash identifier: VXtb1jeW1jL5ZIe+3y/JZP2SrUZOEss2tqQVUdmb0N4=
Subject key identifier: 74:CA:32:D6:87:0E:98:4C:E4:E1:D6:01:75:15:AD:0D:E1:59:5E:1D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019672E19DD35450EFDDC15CFE860BB3E2D0
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/dMoy1ocOmEzk4dYBdRWtDeFZXh0.roa
Signing time: Sat 26 Apr 2025 16:15:10 +0000
ROA not before: Sat 26 Apr 2025 16:15:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12679
IP address blocks: 37.49.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 14:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:72:e1:9d:d3:54:50:ef:dd:c1:5c:fe:86:0b:b3:e2:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Apr 26 16:15:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=74ca32d6870e984ce4e1d6017515ad0de1595e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f3:6c:e5:02:36:32:e3:fd:2d:40:fc:28:88:
90:1a:6b:c7:32:48:dd:b5:13:f7:ea:ad:69:6c:a4:
19:2c:2d:02:44:5c:c5:d5:36:18:cd:b8:0b:88:e4:
67:75:c2:d2:e0:d4:e9:ca:f9:2a:92:5e:9d:25:dd:
7d:55:fd:c3:f3:05:d6:ce:fc:6a:53:36:18:76:17:
f9:23:29:33:cc:24:d9:a9:eb:93:62:37:98:68:66:
11:4c:7c:2c:82:e8:34:4d:4c:0a:d2:6d:73:7a:ef:
64:d8:ec:8c:3f:73:79:a6:32:14:bc:6a:6c:f5:f6:
d8:fc:62:fa:91:0f:c4:e0:99:11:e4:2c:8c:62:fc:
bf:56:23:ff:7d:68:19:9e:85:7f:94:09:f7:40:6e:
bd:bc:60:83:27:6a:f3:b1:d2:1b:f1:e2:6d:b7:c7:
c6:aa:5b:f0:fc:0e:7c:90:5a:5b:2a:66:b2:84:cb:
5b:f6:8a:32:86:f9:fb:21:ed:7f:d3:c2:c8:33:0f:
c9:95:37:e9:cc:00:07:26:1a:5b:ea:01:84:eb:c6:
d9:8e:9d:e3:c3:b1:aa:2c:c6:22:43:ea:59:20:30:
55:76:4f:fd:ec:db:c1:90:89:d9:90:80:f3:c8:71:
41:a9:62:e5:aa:4a:9f:c0:50:f8:82:f2:39:17:54:
dd:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CA:32:D6:87:0E:98:4C:E4:E1:D6:01:75:15:AD:0D:E1:59:5E:1D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/dMoy1ocOmEzk4dYBdRWtDeFZXh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.151.0/24
Signature Algorithm: sha256WithRSAEncryption
98:0f:53:fc:b7:92:8e:85:ee:98:19:54:22:03:98:66:5e:c5:
9a:31:42:c1:3f:60:b4:3c:44:d4:4b:ea:76:7b:c7:da:0f:4d:
64:d0:0c:f2:84:50:a2:0f:ce:e9:0e:1c:56:b4:58:fc:8d:c6:
23:00:c8:78:42:1f:62:e1:dc:b0:26:0e:f0:19:16:0a:11:3a:
e8:92:9b:0c:63:ce:0d:a0:a5:a8:38:35:a0:83:55:45:72:a1:
50:2f:56:9d:b4:b9:7c:51:7b:aa:d4:b5:1f:f8:a7:72:1f:51:
95:a1:e0:d0:cf:93:1d:1e:62:61:cf:f3:b0:ae:cc:82:05:8c:
df:94:70:94:29:b0:ae:35:fe:71:1f:f7:9e:23:0b:95:da:16:
76:bc:e4:75:7d:01:e2:29:07:3e:1c:1d:02:33:e9:4b:9d:cf:
63:5f:5f:02:ad:32:31:4f:ea:30:81:2d:a3:c7:13:11:e2:2c:
f4:dd:3d:41:03:96:ba:84:b9:49:61:26:4e:5a:43:73:bc:c6:
35:7e:22:3b:11:4a:6c:d0:27:b6:4d:49:ae:db:1e:44:c6:b7:
3a:73:b7:18:b0:5e:79:18:6c:89:3f:60:c1:d8:f5:94:7d:a2:
49:b8:35:5d:c9:bc:0a:7b:a0:78:e6:85:1c:ef:7f:17:56:86:
01:97:a3:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZy4Z3TVFDv3cFc/oYLs+LQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwNDI2MTYxNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGNhMzJkNjg3MGU5ODRjZTRlMWQ2MDE3NTE1YWQwZGUxNTk1ZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/Ns5QI2MuP9LUD8KIiQGmvHMkjd
tRP36q1pbKQZLC0CRFzF1TYYzbgLiORndcLS4NTpyvkqkl6dJd19Vf3D8wXWzvxq
UzYYdhf5IykzzCTZqeuTYjeYaGYRTHwsgug0TUwK0m1zeu9k2OyMP3N5pjIUvGps
9fbY/GL6kQ/E4JkR5CyMYvy/ViP/fWgZnoV/lAn3QG69vGCDJ2rzsdIb8eJtt8fG
qlvw/A58kFpbKmayhMtb9ooyhvn7Ie1/08LIMw/JlTfpzAAHJhpb6gGE68bZjp3j
w7GqLMYiQ+pZIDBVdk/97NvBkInZkIDzyHFBqWLlqkqfwFD4gvI5F1TdIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHTKMtaHDphM5OHWAXUVrQ3hWV4dMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZE1veTFvY09tRXprNGRZQmRSV3REZUZaWGgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJTGXMA0G
CSqGSIb3DQEBCwUAA4IBAQCYD1P8t5KOhe6YGVQiA5hmXsWaMULBP2C0PETUS+p2
e8faD01k0AzyhFCiD87pDhxWtFj8jcYjAMh4Qh9i4dywJg7wGRYKETrokpsMY84N
oKWoODWgg1VFcqFQL1adtLl8UXuq1LUf+KdyH1GVoeDQz5MdHmJhz/OwrsyCBYzf
lHCUKbCuNf5xH/eeIwuV2hZ2vOR1fQHiKQc+HB0CM+lLnc9jX18CrTIxT+owgS2j
xxMR4iz03T1BA5a6hLlJYSZOWkNzvMY1fiI7EUps0Ce2TUmu2x5Exrc6c7cYsF55
GGyJP2DB2PWUfaJJuDVdybwKe6B45oUc738XVoYBl6NC
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:17:27 2025 by rpki-client