Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MoOd3UbtCS1jCqfk4Eq1ESLwwHA.roa
File: MoOd3UbtCS1jCqfk4Eq1ESLwwHA.roa (raw, json)
Hash identifier: IUTY6Kac0RWR6KocRHT3FV3q0t8rT1+uiwnGYkc7UDc=
Subject key identifier: 32:83:9D:DD:46:ED:09:2D:63:0A:A7:E4:E0:4A:B5:11:22:F0:C0:70
Certificate issuer: /CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Certificate serial: 01975EFB02354211F0BDB64454548A4B2E7C
Authority key identifier: 5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MoOd3UbtCS1jCqfk4Eq1ESLwwHA.roa
Signing time: Wed 11 Jun 2025 12:33:17 +0000
ROA not before: Wed 11 Jun 2025 12:33:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60077
IP address blocks: 78.110.112.0/21 maxlen: 32
78.110.112.0/22 maxlen: 32
78.110.116.0/22 maxlen: 32
85.198.8.0/21 maxlen: 32
85.198.8.0/22 maxlen: 32
85.198.12.0/22 maxlen: 32
85.198.16.0/21 maxlen: 32
85.198.16.0/22 maxlen: 32
85.198.16.0/23 maxlen: 32
85.198.18.0/23 maxlen: 32
85.198.20.0/22 maxlen: 32
85.198.20.0/24 maxlen: 24
85.198.21.0/24 maxlen: 24
85.198.22.0/24 maxlen: 24
193.151.128.0/19 maxlen: 32
193.151.128.0/20 maxlen: 32
193.151.128.0/22 maxlen: 32
193.151.132.0/22 maxlen: 32
193.151.136.0/22 maxlen: 32
193.151.140.0/22 maxlen: 32
193.151.144.0/20 maxlen: 32
193.151.144.0/21 maxlen: 32
193.151.144.0/22 maxlen: 32
193.151.148.0/22 maxlen: 32
193.151.152.0/22 maxlen: 32
193.151.156.0/23 maxlen: 32
193.151.156.0/24 maxlen: 32
193.151.157.0/24 maxlen: 32
193.151.158.0/24 maxlen: 32
193.151.159.0/24 maxlen: 32
2a05:1a30::/34 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:fb:02:35:42:11:f0:bd:b6:44:54:54:8a:4b:2e:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b52634a2eb03f8565b5e33dc2b9f49041f7cfb0
Validity
Not Before: Jun 11 12:33:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32839ddd46ed092d630aa7e4e04ab51122f0c070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:c8:ec:27:1d:a2:ab:cb:12:76:9b:83:b4:09:
f7:ab:7d:e7:7c:67:72:d5:9f:56:c7:a1:fe:36:90:
4b:44:88:59:cf:7a:12:65:1e:43:ed:ec:3d:d5:8a:
d9:64:e6:d5:79:c7:3d:e7:aa:bc:69:1c:96:86:1a:
61:85:6b:2a:34:82:b0:a8:f0:ff:19:6e:6f:69:2c:
e1:a7:7a:5d:7d:2d:9d:16:ca:55:17:37:95:ef:ed:
b5:76:c9:5b:32:6d:b7:ad:00:be:87:f1:24:7f:56:
00:e2:f5:0f:7e:2b:7d:00:6e:aa:b9:30:16:5a:a5:
ed:37:13:16:b2:d8:02:00:32:9c:a9:d3:83:e4:80:
aa:b1:a6:04:aa:dd:36:7e:2f:94:74:d9:bd:25:ae:
b3:83:73:85:6f:39:ba:0c:e6:ea:e7:69:39:43:60:
17:f7:ae:43:16:1c:f9:66:60:76:45:41:84:93:27:
3e:bb:28:a0:c2:d8:db:b7:c4:b6:11:97:a7:54:ad:
f3:a8:a7:e0:6b:a5:cc:d6:dc:bd:ce:25:c6:b8:e7:
4e:dc:20:1d:80:d2:6e:a8:bd:d2:96:bd:4e:1c:a2:
f0:22:53:49:62:ce:d9:bf:fc:09:19:e7:19:7a:d8:
57:e1:03:7b:00:f5:24:c2:c7:3e:39:8c:f3:9f:7a:
b5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:83:9D:DD:46:ED:09:2D:63:0A:A7:E4:E0:4A:B5:11:22:F0:C0:70
X509v3 Authority Key Identifier:
keyid:5B:52:63:4A:2E:B0:3F:85:65:B5:E3:3D:C2:B9:F4:90:41:F7:CF:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W1JjSi6wP4VlteM9wrn0kEH3z7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/MoOd3UbtCS1jCqfk4Eq1ESLwwHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7a5b44-6b18-42d3-a8d5-dc6554fd1235/1/W1JjSi6wP4VlteM9wrn0kEH3z7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.112.0/21
85.198.8.0-85.198.23.255
193.151.128.0/19
IPv6:
2a05:1a30::/34
Signature Algorithm: sha256WithRSAEncryption
44:f8:cb:71:af:1d:fd:8c:16:11:af:d0:e9:2e:91:45:c7:81:
c2:41:29:1b:50:8d:dd:ac:ed:48:fc:f7:bf:72:2d:01:ea:25:
5c:70:f4:03:d2:9a:bf:df:f5:ca:f2:6c:4e:81:40:bd:84:00:
d6:44:91:63:4c:a4:c8:30:66:d6:d7:dd:7c:65:0f:99:b9:b6:
3e:18:f8:0b:a3:65:3b:9a:6d:44:95:a1:9c:06:28:e8:39:e2:
e6:46:41:47:c0:1e:9d:ae:76:f4:f6:22:66:af:a3:45:e5:a6:
29:f5:74:42:0c:ee:cf:cd:19:0f:24:fd:d0:77:0e:4b:e3:27:
0b:b5:1d:1b:32:f3:c1:a9:33:99:88:78:cc:16:b5:b5:ed:be:
e6:60:7f:5e:d2:3d:a6:5c:6b:86:a3:1a:44:e3:e5:21:a5:d4:
47:3c:6e:26:cf:d3:e9:53:e6:42:ea:60:91:05:ee:48:4f:14:
00:6b:dc:ff:be:7d:02:4d:57:79:68:7c:9d:f7:c1:47:0d:62:
50:73:13:07:c0:4d:96:21:ed:e0:7c:06:d7:cb:97:01:d0:ab:
b5:23:c7:47:8b:6f:dc:fb:eb:e5:52:23:28:38:a6:35:72:4c:
85:9e:c5:c6:f7:62:92:e5:d8:c0:73:ec:03:ae:42:bc:6f:0f:
78:01:bf:98
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZde+wI1QhHwvbZEVFSKSy58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNTI2MzRhMmViMDNmODU2NWI1ZTMzZGMyYjlmNDkwNDFm
N2NmYjAwHhcNMjUwNjExMTIzMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjgzOWRkZDQ2ZWQwOTJkNjMwYWE3ZTRlMDRhYjUxMTIyZjBjMDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg8jsJx2iq8sSdpuDtAn3q33nfGdy
1Z9Wx6H+NpBLRIhZz3oSZR5D7ew91YrZZObVecc956q8aRyWhhphhWsqNIKwqPD/
GW5vaSzhp3pdfS2dFspVFzeV7+21dslbMm23rQC+h/Ekf1YA4vUPfit9AG6quTAW
WqXtNxMWstgCADKcqdOD5ICqsaYEqt02fi+UdNm9Ja6zg3OFbzm6DObq52k5Q2AX
965DFhz5ZmB2RUGEkyc+uyigwtjbt8S2EZenVK3zqKfga6XM1ty9ziXGuOdO3CAd
gNJuqL3Slr1OHKLwIlNJYs7Zv/wJGecZethX4QN7APUkwsc+OYzzn3q1pwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDKDnd1G7QktYwqn5OBKtREi8MBwMB8GA1UdIwQY
MBaAFFtSY0ousD+FZbXjPcK59JBB98+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUt
ZGM2NTU0ZmQxMjM1LzEvTW9PZDNVYnRDUzFqQ3FmazRFcTFFU0x3d0hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83YTViNDQtNmIxOC00MmQzLWE4ZDUtZGM2NTU0ZmQxMjM1
LzEvVzFKalNpNndQNFZsdGVNOXdybjBrRUgzejdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaAwQDTm5wMAwD
BANVxggDBANVxhADBAXBl4AwDgQCAAIwCAMGBioFGjAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBE+Mtxrx39jBYRr9DpLpFFx4HCQSkbUI3drO1I/Pe/ci0B6iVccPQD0pq/
3/XK8mxOgUC9hADWRJFjTKTIMGbW1918ZQ+ZubY+GPgLo2U7mm1ElaGcBijoOeLm
RkFHwB6drnb09iJmr6NF5aYp9XRCDO7PzRkPJP3Qdw5L4ycLtR0bMvPBqTOZiHjM
FrW17b7mYH9e0j2mXGuGoxpE4+UhpdRHPG4mz9PpU+ZC6mCRBe5ITxQAa9z/vn0C
TVd5aHyd98FHDWJQcxMHwE2WIe3gfAbXy5cB0Ku1I8dHi2/c++vlUiMoOKY1ckyF
nsXG92KS5djAc+wDrkK8bw94Ab+Y
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:54:46 2025 by rpki-client