Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/mo1ZQeGNb6y397AsNPVU_jqzCH8.roa
File: mo1ZQeGNb6y397AsNPVU_jqzCH8.roa (raw, json)
Hash identifier: xvLDiC6sAtB273J1JQ2La6KkENHeWFLQMNh6wUa0JGU=
Subject key identifier: 9A:8D:59:41:E1:8D:6F:AC:B7:F7:B0:2C:34:F5:54:FE:3A:B3:08:7F
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01977FB4FFBD21E9EFD350B58029DF59CA09
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/mo1ZQeGNb6y397AsNPVU_jqzCH8.roa
Signing time: Tue 17 Jun 2025 21:04:17 +0000
ROA not before: Tue 17 Jun 2025 21:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
185.55.241.0/24 maxlen: 24
185.55.243.0/24 maxlen: 24
193.24.208.0/22 maxlen: 22
193.24.208.0/23 maxlen: 23
193.24.208.0/24 maxlen: 24
193.24.209.0/24 maxlen: 24
193.24.210.0/24 maxlen: 24
194.24.160.0/24 maxlen: 24
2a00:1910::/32 maxlen: 32
2a00:1911::/32 maxlen: 32
2a00:1911::/48 maxlen: 48
2a00:1911:1::/48 maxlen: 48
2a00:1911:3::/48 maxlen: 48
2a00:1911:4::/48 maxlen: 48
2a00:1911:5::/48 maxlen: 48
2a00:1911:6::/48 maxlen: 48
2a00:1911:7::/48 maxlen: 48
2a00:1911:8::/48 maxlen: 48
2a00:1911:9::/48 maxlen: 48
2a00:1911:10::/48 maxlen: 48
2a00:1912::/32 maxlen: 32
2a00:1912:1::/48 maxlen: 48
2a00:1913::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
2a09:8700:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 21:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:b4:ff:bd:21:e9:ef:d3:50:b5:80:29:df:59:ca:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Jun 17 21:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a8d5941e18d6facb7f7b02c34f554fe3ab3087f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:52:ed:72:86:5c:5c:0b:8e:7e:79:e6:09:6a:
d4:03:00:77:ca:d4:1e:06:d2:ce:33:21:b1:1e:8c:
9d:e3:6f:10:6b:d8:c8:b9:50:8a:63:32:31:8b:ef:
1f:0a:03:78:6c:6b:db:f6:c9:e6:b2:8f:0b:ce:28:
8b:73:80:5d:fb:94:82:88:4d:02:28:a0:d7:97:36:
31:2d:ef:16:6e:b7:84:80:ac:a0:3c:9a:00:13:8d:
d7:22:86:53:6c:e5:d2:2e:26:91:79:48:7b:41:d0:
40:65:73:1e:92:75:e4:2f:1f:1a:f1:24:ec:a3:93:
d2:2e:45:77:06:24:d8:38:b6:fc:71:37:50:29:05:
f8:ab:ee:a0:90:96:5c:24:94:29:fd:e1:ba:8e:e8:
a3:73:7c:02:91:a7:70:53:da:29:ca:5b:e3:f8:09:
3e:e0:eb:55:7a:23:a3:76:b6:39:64:60:12:49:75:
ac:a7:73:a3:7a:27:d9:b7:a5:6b:cd:d8:ba:af:26:
95:00:13:31:06:29:29:ee:91:5e:48:36:bd:00:91:
d3:a3:e0:d2:67:e4:64:44:73:7e:8d:2f:42:7f:e9:
67:bf:41:33:ad:35:99:e2:e0:3c:d2:68:c7:0c:e8:
f5:3b:8f:41:80:11:df:13:75:a4:a6:c4:07:e8:73:
86:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8D:59:41:E1:8D:6F:AC:B7:F7:B0:2C:34:F5:54:FE:3A:B3:08:7F
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/mo1ZQeGNb6y397AsNPVU_jqzCH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/30
2a09:8700::/32
Signature Algorithm: sha256WithRSAEncryption
57:e1:a7:51:bf:3b:25:a9:76:b8:3b:6b:2a:fb:89:b9:a9:77:
4d:89:87:3b:40:56:38:1b:dc:a0:65:e9:24:60:49:0e:e3:b4:
a1:4b:49:cc:1d:4d:c2:2e:a0:71:d7:42:b2:16:5c:f9:00:d3:
4c:ac:36:b2:db:d9:a9:aa:26:66:84:ad:5d:74:6b:2f:80:16:
c0:94:f3:6e:49:c7:20:d7:29:6f:e6:6a:61:f3:01:a5:77:35:
4d:68:a9:6f:d8:6c:27:d8:a2:03:30:0a:93:0a:2d:ec:14:27:
45:30:6b:5b:0c:8d:d0:76:04:75:ab:b8:7f:73:71:e6:f6:55:
89:fc:65:95:eb:7b:a9:f9:08:66:33:0d:28:1c:7e:e9:7e:5b:
78:c8:d8:43:b1:89:3b:13:c2:92:13:07:ed:70:04:fc:c5:67:
40:0c:ac:db:99:34:9d:f5:32:b6:f5:19:24:00:7d:f6:ef:54:
ed:a5:5b:b4:b3:97:88:64:f3:65:2b:bf:51:ec:29:e3:cd:1e:
62:97:75:5b:27:c9:a4:d8:59:fb:72:7a:3a:3c:f9:32:7d:81:
9d:a8:4e:da:44:45:22:35:0f:c1:8c:16:01:ff:a6:c1:ab:5e:
40:85:9b:55:be:25:0a:18:1f:a8:fd:2f:de:40:79:2b:05:29:
7d:18:0b:b1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZd/tP+9Ienv01C1gCnfWcoJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwNjE3MjEwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YThkNTk0MWUxOGQ2ZmFjYjdmN2IwMmMzNGY1NTRmZTNhYjMwODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplLtcoZcXAuOfnnmCWrUAwB3ytQe
BtLOMyGxHoyd428Qa9jIuVCKYzIxi+8fCgN4bGvb9snmso8LziiLc4Bd+5SCiE0C
KKDXlzYxLe8WbreEgKygPJoAE43XIoZTbOXSLiaReUh7QdBAZXMeknXkLx8a8STs
o5PSLkV3BiTYOLb8cTdQKQX4q+6gkJZcJJQp/eG6juijc3wCkadwU9opylvj+Ak+
4OtVeiOjdrY5ZGASSXWsp3OjeifZt6Vrzdi6ryaVABMxBikp7pFeSDa9AJHTo+DS
Z+RkRHN+jS9Cf+lnv0EzrTWZ4uA80mjHDOj1O49BgBHfE3WkpsQH6HOGlQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFJqNWUHhjW+st/ewLDT1VP46swh/MB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvbW8xWlFlR05iNnkzOTdBc05QVlVfanF6Q0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBQEAgACMA4DBQIqABkQAwUAKgmHADANBgkq
hkiG9w0BAQsFAAOCAQEAV+GnUb87Jal2uDtrKvuJual3TYmHO0BWOBvcoGXpJGBJ
DuO0oUtJzB1Nwi6gcddCshZc+QDTTKw2stvZqaomZoStXXRrL4AWwJTzbknHINcp
b+ZqYfMBpXc1TWipb9hsJ9iiAzAKkwot7BQnRTBrWwyN0HYEdau4f3Nx5vZVifxl
let7qfkIZjMNKBx+6X5beMjYQ7GJOxPCkhMH7XAE/MVnQAys25k0nfUytvUZJAB9
9u9U7aVbtLOXiGTzZSu/Uewp480eYpd1WyfJpNhZ+3J6Ojz5Mn2BnahO2kRFIjUP
wYwWAf+mwateQIWbVb4lChgfqP0v3kB5KwUpfRgLsQ==
-----END CERTIFICATE-----
Generated at Wed Jun 18 07:46:41 2025 by rpki-client