Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/mOZNGctp3EsvRu4hpTryr_uaewA.roa
File: mOZNGctp3EsvRu4hpTryr_uaewA.roa (raw, json)
Hash identifier: puhCKO+m+eBOV3k1DR7imdSPzQ9zEzyyXVrCFpI9spg=
Subject key identifier: 98:E6:4D:19:CB:69:DC:4B:2F:46:EE:21:A5:3A:F2:AF:FB:9A:7B:00
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0196684194603F874B4B24D0BEF80B830D06
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/mOZNGctp3EsvRu4hpTryr_uaewA.roa
Signing time: Thu 24 Apr 2025 14:44:10 +0000
ROA not before: Thu 24 Apr 2025 14:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209813
IP address blocks: 91.192.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 12 May 2025 23:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:68:41:94:60:3f:87:4b:4b:24:d0:be:f8:0b:83:0d:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Apr 24 14:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98e64d19cb69dc4b2f46ee21a53af2affb9a7b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:96:3d:16:89:7c:92:49:7a:34:81:71:59:e3:
7a:d0:25:0a:c5:90:35:0c:32:94:a6:34:1a:9b:28:
10:7b:14:b6:f3:f0:b2:c2:37:7c:bc:01:d5:22:97:
0d:56:55:0a:8c:10:e0:b8:00:86:e4:57:db:59:46:
92:55:15:00:30:78:03:97:d2:aa:4a:8d:43:9e:fc:
1b:ed:c1:13:d5:1e:fd:a8:95:af:27:f5:c1:1b:90:
6c:8d:b0:3b:51:07:93:40:c9:1c:bd:a6:ce:d6:f9:
cf:bb:f5:45:48:65:b9:9e:2c:3c:71:76:70:92:bd:
7d:b7:51:92:e7:db:61:fc:99:4f:36:cc:6e:36:5e:
10:2d:95:74:95:06:43:8f:50:8a:54:00:a8:5d:69:
e4:af:39:17:b0:a3:04:d2:eb:7d:77:64:ae:4e:92:
70:99:ff:b2:48:f1:b8:9e:b2:5b:7c:ae:66:a2:99:
b2:5f:b2:3f:8f:49:91:4e:6a:8b:61:9d:10:f3:82:
5e:57:08:d8:9d:f8:b7:f5:e0:73:b8:52:8d:c6:e9:
b4:c5:e9:e7:2b:4e:d1:aa:e6:e2:12:01:64:af:d0:
d2:9c:df:09:53:30:d2:d9:5c:e9:6e:7c:1d:6e:7b:
9e:02:ea:41:2a:71:62:57:17:31:8d:29:84:d2:62:
5f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E6:4D:19:CB:69:DC:4B:2F:46:EE:21:A5:3A:F2:AF:FB:9A:7B:00
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/mOZNGctp3EsvRu4hpTryr_uaewA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:55:ad:83:11:49:79:99:a3:06:ee:c6:ac:9b:2e:b5:b8:90:
fb:a4:14:ea:d0:0b:48:05:4f:90:20:b7:81:f7:64:f4:b9:7d:
1b:1c:54:10:a9:9d:16:46:f3:0d:5c:ec:b5:b4:e0:0c:06:a7:
05:d8:b3:90:42:1c:a6:6d:7e:b6:c9:ca:3f:3b:32:1d:f9:87:
b1:13:e7:fa:52:b9:97:7b:8b:7c:af:1f:e2:ef:78:10:fc:c0:
4e:8c:21:b9:19:41:c1:55:4d:f1:91:28:87:ff:6f:05:3c:0a:
65:e4:e3:c6:c5:51:a8:58:3b:ba:3e:52:d3:2e:45:1a:54:c1:
9c:3b:51:9b:71:a1:92:d5:db:f0:24:76:d7:e7:07:4a:c3:1f:
78:16:8d:f7:2d:0a:27:47:aa:9e:6a:48:fc:f7:8f:12:e5:f0:
3f:fc:81:b1:05:23:30:cc:32:01:9e:9b:80:04:34:63:05:99:
f3:75:f8:4d:b2:e0:2b:a0:65:85:fb:a6:11:c0:25:3a:e2:1a:
d2:49:59:9e:d6:1c:4c:3b:82:b6:4a:5a:c0:af:7e:41:e8:2f:
04:be:c8:b4:aa:7b:09:de:10:82:98:2e:f6:0f:03:2f:87:5f:
d9:02:25:89:bc:bd:9b:de:95:13:6d:0d:47:f4:32:18:60:01:
91:59:f2:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZoQZRgP4dLSyTQvvgLgw0GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwNDI0MTQ0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU2NGQxOWNiNjlkYzRiMmY0NmVlMjFhNTNhZjJhZmZiOWE3YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpY9Fol8kkl6NIFxWeN60CUKxZA1
DDKUpjQamygQexS28/Cywjd8vAHVIpcNVlUKjBDguACG5FfbWUaSVRUAMHgDl9Kq
So1Dnvwb7cET1R79qJWvJ/XBG5BsjbA7UQeTQMkcvabO1vnPu/VFSGW5niw8cXZw
kr19t1GS59th/JlPNsxuNl4QLZV0lQZDj1CKVACoXWnkrzkXsKME0ut9d2SuTpJw
mf+ySPG4nrJbfK5mopmyX7I/j0mRTmqLYZ0Q84JeVwjYnfi39eBzuFKNxum0xenn
K07RqubiEgFkr9DSnN8JUzDS2VzpbnwdbnueAupBKnFiVxcxjSmE0mJfDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJjmTRnLadxLL0buIaU68q/7mnsAMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvbU9aTkdjdHAzRXN2UnU0aHBUcnlyX3VhZXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8BfMA0G
CSqGSIb3DQEBCwUAA4IBAQAOVa2DEUl5maMG7sasmy61uJD7pBTq0AtIBU+QILeB
92T0uX0bHFQQqZ0WRvMNXOy1tOAMBqcF2LOQQhymbX62yco/OzId+YexE+f6UrmX
e4t8rx/i73gQ/MBOjCG5GUHBVU3xkSiH/28FPApl5OPGxVGoWDu6PlLTLkUaVMGc
O1GbcaGS1dvwJHbX5wdKwx94Fo33LQonR6qeakj8948S5fA//IGxBSMwzDIBnpuA
BDRjBZnzdfhNsuAroGWF+6YRwCU64hrSSVme1hxMO4K2SlrAr35B6C8Evsi0qnsJ
3hCCmC72DwMvh1/ZAiWJvL2b3pUTbQ1H9DIYYAGRWfKa
-----END CERTIFICATE-----
Generated at Mon May 12 05:20:35 2025 by rpki-client