Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/m0cRGc6VWP37mFx44UiSz3IIpIo.roa
File: m0cRGc6VWP37mFx44UiSz3IIpIo.roa (raw, json)
Hash identifier: TTwS8o02F1cM4x9nZzKCJlUGMoLuNxMeTtRWCNHQQ4s=
Subject key identifier: 9B:47:11:19:CE:95:58:FD:FB:98:5C:78:E1:48:92:CF:72:08:A4:8A
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01968789B32C3E1E8EE937645B4499F91A0B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/m0cRGc6VWP37mFx44UiSz3IIpIo.roa
Signing time: Wed 30 Apr 2025 16:31:10 +0000
ROA not before: Wed 30 Apr 2025 16:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.81.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:89:b3:2c:3e:1e:8e:e9:37:64:5b:44:99:f9:1a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 30 16:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b471119ce9558fdfb985c78e14892cf7208a48a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:16:6f:04:fa:66:e7:5b:1d:ca:12:79:eb:85:
18:cb:4c:1b:f3:1a:5a:72:ae:34:fc:1b:d4:dd:eb:
36:5a:34:45:06:58:a2:bf:ea:fd:da:4f:ea:93:6b:
55:88:6a:1e:58:65:ab:4d:14:07:7a:41:56:53:b4:
eb:a1:c5:d4:d2:90:56:a8:c8:ba:55:f6:54:ec:f3:
5d:24:02:f2:e4:7c:fe:f4:0d:a9:a9:4d:fa:81:2e:
ca:7e:b2:b4:68:35:ea:42:91:b1:46:ee:a4:c2:47:
9b:af:d7:87:26:42:de:dd:2f:4e:e6:05:5d:33:fe:
b0:7f:5a:61:ea:76:f3:36:ec:7f:97:36:2a:22:d3:
f1:fa:bd:8f:cc:b2:e1:90:4a:d6:b0:66:a0:79:61:
a4:e9:94:9f:32:cf:fa:78:6f:d0:dc:e4:b3:1e:ee:
a3:15:54:9f:c7:ef:92:c3:59:ab:fb:30:c4:3b:0d:
cd:f0:21:ca:fa:97:64:d9:bc:5b:0e:7d:33:52:70:
c5:f1:39:c5:01:44:40:a5:7e:45:35:b7:61:22:98:
78:7f:cb:1a:23:b3:e3:47:fa:f8:d1:56:b8:7b:f3:
32:82:9c:15:f6:6e:a9:f3:4f:56:5f:f9:92:1e:44:
90:00:f9:ab:d0:59:9a:12:69:70:d6:66:3c:8d:bf:
8e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:47:11:19:CE:95:58:FD:FB:98:5C:78:E1:48:92:CF:72:08:A4:8A
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/m0cRGc6VWP37mFx44UiSz3IIpIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.78.0/24
78.135.81.0/24
78.135.88.0/24
188.132.163.0/24
188.132.188.0/23
188.132.191.0/24
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
9d:00:dc:85:28:62:ae:06:c7:9b:8e:44:6e:d4:5d:9b:48:af:
1e:b6:de:6a:07:e2:dc:02:86:4f:b5:fc:6f:50:81:0b:a8:aa:
33:bb:93:5d:f3:53:9e:01:2d:c4:c5:26:21:11:65:4e:5e:8c:
19:90:f0:bf:36:84:dc:ff:68:73:39:70:88:d5:b7:94:10:3e:
4a:9d:ca:ec:d7:00:8f:ad:68:e5:40:69:23:59:22:d7:e6:98:
20:81:86:0d:f2:64:5a:99:ae:43:03:1d:14:48:fe:91:e1:8f:
d2:34:ae:66:91:45:8f:8f:76:87:98:d9:d0:f3:51:5d:46:2f:
3b:aa:43:2f:92:5c:2d:54:75:e4:68:d9:18:34:3d:d7:37:a9:
29:ce:d2:19:88:38:84:57:10:f9:01:f1:66:6f:c0:7c:fe:d1:
ea:41:e2:c4:ca:45:8f:09:76:c7:5a:35:86:e7:92:2f:d6:9e:
25:07:35:b6:27:dc:6b:14:6d:9a:fb:71:66:dd:e5:40:40:5e:
fd:7d:a2:1d:d3:c8:ae:8f:88:00:87:03:e5:e4:b7:df:24:89:
8c:c9:b6:6e:a6:19:45:3e:f8:48:d0:cd:62:49:a7:72:86:b9:
d8:bb:2b:ee:4d:e6:56:b4:45:f7:58:00:45:8f:11:b1:c8:59:
5c:af:c1:7e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZaHibMsPh6O6TdkW0SZ+RoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNDMwMTYzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ3MTExOWNlOTU1OGZkZmI5ODVjNzhlMTQ4OTJjZjcyMDhhNDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBZvBPpm51sdyhJ564UYy0wb8xpa
cq40/BvU3es2WjRFBliiv+r92k/qk2tViGoeWGWrTRQHekFWU7TrocXU0pBWqMi6
VfZU7PNdJALy5Hz+9A2pqU36gS7KfrK0aDXqQpGxRu6kwkebr9eHJkLe3S9O5gVd
M/6wf1ph6nbzNux/lzYqItPx+r2PzLLhkErWsGageWGk6ZSfMs/6eG/Q3OSzHu6j
FVSfx++Sw1mr+zDEOw3N8CHK+pdk2bxbDn0zUnDF8TnFAURApX5FNbdhIph4f8sa
I7PjR/r40Va4e/MygpwV9m6p809WX/mSHkSQAPmr0FmaEmlw1mY8jb+OHQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJtHERnOlVj9+5hceOFIks9yCKSKMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvbTBjUkdjNlZXUDM3bUZ4NDRVaVN6M0lJcElvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQATodIAwQA
TodOAwQATodRAwQATodYAwQAvISjAwQBvIS8AwQAvIS/AwQAvITlAwQAvITsAwQA
1EQ3MAwDBADURDsDBADURDwwDQYJKoZIhvcNAQELBQADggEBAJ0A3IUoYq4Gx5uO
RG7UXZtIrx623moH4twChk+1/G9QgQuoqjO7k13zU54BLcTFJiERZU5ejBmQ8L82
hNz/aHM5cIjVt5QQPkqdyuzXAI+taOVAaSNZItfmmCCBhg3yZFqZrkMDHRRI/pHh
j9I0rmaRRY+PdoeY2dDzUV1GLzuqQy+SXC1UdeRo2Rg0Pdc3qSnO0hmIOIRXEPkB
8WZvwHz+0epB4sTKRY8JdsdaNYbnki/WniUHNbYn3GsUbZr7cWbd5UBAXv19oh3T
yK6PiACHA+Xkt98kiYzJtm6mGUU++EjQzWJJp3KGudi7K+5N5la0RfdYAEWPEbHI
WVyvwX4=
-----END CERTIFICATE-----
Generated at Tue May 6 09:01:56 2025 by rpki-client