Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/moLoq-ZnX0DHmtoINVmzdq2krIs.roa
File: moLoq-ZnX0DHmtoINVmzdq2krIs.roa (raw, json)
Hash identifier: ZAbGJ5x8iZDTtFC2XPGZNOH3hGxFpQabMwAG+hJ1z7I=
Subject key identifier: 9A:82:E8:AB:E6:67:5F:40:C7:9A:DA:08:35:59:B3:76:AD:A4:AC:8B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196A5037C1130A2279EA23880C7D65352BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/moLoq-ZnX0DHmtoINVmzdq2krIs.roa
Signing time: Tue 06 May 2025 09:53:11 +0000
ROA not before: Tue 06 May 2025 09:53:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.76.0/23 maxlen: 24
82.152.79.0/24 maxlen: 24
82.152.86.0/23 maxlen: 24
82.152.88.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.38.0/24 maxlen: 24
82.153.56.0/24 maxlen: 24
82.153.61.0/24 maxlen: 24
82.153.83.0/24 maxlen: 24
82.153.84.0/24 maxlen: 24
82.153.152.0/24 maxlen: 24
82.153.186.0/24 maxlen: 24
82.153.201.0/24 maxlen: 24
82.153.239.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.54.0/24 maxlen: 24
89.213.98.0/24 maxlen: 24
89.213.161.0/24 maxlen: 24
89.213.232.0/23 maxlen: 24
89.213.234.0/23 maxlen: 24
89.213.236.0/23 maxlen: 24
109.176.27.0/24 maxlen: 24
109.176.32.0/21 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.56.0/21 maxlen: 24
109.176.201.0/24 maxlen: 24
109.176.235.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 20:47:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:03:7c:11:30:a2:27:9e:a2:38:80:c7:d6:53:52:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 6 09:53:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a82e8abe6675f40c79ada083559b376ada4ac8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ca:93:a5:34:ff:03:20:1a:b7:b2:4b:e7:cb:
8b:74:e9:7e:d2:5d:8a:a9:76:dc:4e:09:7b:02:0f:
0c:51:cd:c7:3f:3c:ce:f4:7e:73:eb:59:fe:08:90:
7b:b8:6b:f9:d0:05:71:b9:7e:cb:11:83:46:b1:bf:
55:3a:c9:06:30:84:d8:63:0f:24:3d:7e:4e:d4:e6:
99:d5:fb:72:5e:02:2e:e6:35:18:ed:97:28:af:09:
a5:77:14:70:e4:d9:52:fc:ca:04:55:4d:ce:74:1a:
a2:77:f0:77:70:65:c0:39:70:ab:48:f2:aa:7f:e6:
7f:ac:34:96:8b:b7:78:bd:4d:f0:91:e3:e8:5f:94:
ea:f8:ae:00:50:64:13:ec:56:a1:0d:40:30:49:de:
8e:f3:d6:39:ab:29:32:98:22:df:9b:46:ad:8c:ab:
d5:ef:c7:62:c1:de:e2:68:52:85:1f:03:d7:7d:d8:
be:f1:82:6f:45:e7:96:22:bb:1e:51:8d:e7:8c:17:
6c:06:b3:a2:5f:ed:66:14:20:f9:6d:bf:5d:29:8e:
5c:ba:3e:1c:f8:17:80:bf:c7:fd:89:58:6e:32:32:
f8:5a:77:fe:d3:45:93:48:6c:2f:fc:b5:a6:66:53:
33:a1:68:0d:24:d9:cb:da:e1:b0:f0:ed:e0:e3:bc:
6c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:82:E8:AB:E6:67:5F:40:C7:9A:DA:08:35:59:B3:76:AD:A4:AC:8B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/moLoq-ZnX0DHmtoINVmzdq2krIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0-82.152.77.255
82.152.79.0/24
82.152.86.0-82.152.88.255
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.38.0/24
82.153.56.0/24
82.153.61.0/24
82.153.83.0-82.153.84.255
82.153.152.0/24
82.153.186.0/24
82.153.201.0/24
82.153.239.0/24
89.213.43.0/24
89.213.54.0/24
89.213.98.0/24
89.213.161.0/24
89.213.232.0-89.213.237.255
109.176.27.0/24
109.176.32.0/19
109.176.201.0/24
109.176.235.0/24
213.130.130.0/24
213.130.149.0/24
213.210.41.0/24
213.218.214.0/24
213.218.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:91:5e:e5:70:94:bd:84:06:9f:8c:51:11:fe:2b:0e:54:c8:
b6:44:4e:fc:f4:58:32:09:4f:80:68:8f:d7:4a:43:e6:b6:70:
45:ae:56:a0:be:5d:99:12:c1:9f:5c:e8:77:26:b8:da:2b:be:
2a:1d:d1:2d:1d:45:c1:32:27:01:61:e5:ef:7d:59:69:b6:f2:
f1:b9:46:d0:b4:4e:c2:d4:a6:f2:54:5f:82:b6:c9:2a:26:c6:
28:a0:aa:4b:d4:42:10:d0:d6:31:d3:9a:b8:5d:8e:5c:22:79:
22:c3:fe:b8:c5:34:cf:6f:49:5b:27:3a:d4:2d:2b:49:c2:f5:
1a:66:1e:55:7b:eb:0f:81:69:c7:8f:3e:62:0e:b7:4a:dc:9c:
4f:fa:44:a2:ed:8b:0b:53:72:02:ab:95:ab:4b:b2:68:29:58:
39:6e:4f:d1:cf:f9:a7:31:42:6e:5e:04:06:45:49:6d:96:bf:
37:50:43:d6:38:e7:75:ec:2e:c8:aa:27:d1:ab:d6:7c:50:bf:
d6:26:85:73:1c:6f:52:0c:61:04:d9:d1:d0:76:a3:27:bf:1b:
d8:50:9b:ec:95:43:bc:bb:22:33:58:30:f6:1c:e0:f9:ba:9c:
1e:4a:5e:bc:00:a0:7b:08:4f:28:c3:45:95:c0:14:6e:3f:ba:
ac:85:d3:be
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZalA3wRMKInnqI4gMfWU1K+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTA2MDk1MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTgyZThhYmU2Njc1ZjQwYzc5YWRhMDgzNTU5YjM3NmFkYTRhYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsqTpTT/AyAat7JL58uLdOl+0l2K
qXbcTgl7Ag8MUc3HPzzO9H5z61n+CJB7uGv50AVxuX7LEYNGsb9VOskGMITYYw8k
PX5O1OaZ1ftyXgIu5jUY7ZcorwmldxRw5NlS/MoEVU3OdBqid/B3cGXAOXCrSPKq
f+Z/rDSWi7d4vU3wkePoX5Tq+K4AUGQT7FahDUAwSd6O89Y5qykymCLfm0atjKvV
78diwd7iaFKFHwPXfdi+8YJvReeWIrseUY3njBdsBrOiX+1mFCD5bb9dKY5cuj4c
+BeAv8f9iVhuMjL4Wnf+00WTSGwv/LWmZlMzoWgNJNnL2uGw8O3g47xsUwIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFJqC6KvmZ19Ax5raCDVZs3atpKyLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbW9Mb3EtWm5YMERIbXRvSU5WbXpkcTJrcklzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIwDAME
AFKYOQMEAFKYOgMEAFKYSTAMAwQAUphLAwQBUphMAwQAUphPMAwDBAFSmFYDBABS
mFgDBABSmG0DBABSmOIDBABSmPADBABSmPMDBABSmSYDBABSmTgDBABSmT0wDAME
AFKZUwMEAFKZVAMEAFKZmAMEAFKZugMEAFKZyQMEAFKZ7wMEAFnVKwMEAFnVNgME
AFnVYgMEAFnVoTAMAwQDWdXoAwQBWdXsAwQAbbAbAwQFbbAgAwQAbbDJAwQAbbDr
AwQA1YKCAwQA1YKVAwQA1dIpAwQA1drWAwQA1drnMA0GCSqGSIb3DQEBCwUAA4IB
AQB/kV7lcJS9hAafjFER/isOVMi2RE789FgyCU+AaI/XSkPmtnBFrlagvl2ZEsGf
XOh3JrjaK74qHdEtHUXBMicBYeXvfVlptvLxuUbQtE7C1KbyVF+CtskqJsYooKpL
1EIQ0NYx05q4XY5cInkiw/64xTTPb0lbJzrULStJwvUaZh5Ve+sPgWnHjz5iDrdK
3JxP+kSi7YsLU3ICq5WrS7JoKVg5bk/Rz/mnMUJuXgQGRUltlr83UEPWOOd17C7I
qifRq9Z8UL/WJoVzHG9SDGEE2dHQdqMnvxvYUJvslUO8uyIzWDD2HOD5upweSl68
AKB7CE8ow0WVwBRuP7qshdO+
-----END CERTIFICATE-----
Generated at Tue May 13 02:58:21 2025 by rpki-client