Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/m0n-EeeEBvd94sdHj2oT-Qvcf9M.roa
File: m0n-EeeEBvd94sdHj2oT-Qvcf9M.roa (raw, json)
Hash identifier: thErL0hsxuW8JBkWuUQgnCtldZunPMy1NfMos+CWV7s=
Subject key identifier: 9B:49:FE:11:E7:84:06:F7:7D:E2:C7:47:8F:6A:13:F9:0B:DC:7F:D3
Certificate issuer: /CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Certificate serial: 01977D15EB594D08B956C775E5EC230D3324
Authority key identifier: 35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/m0n-EeeEBvd94sdHj2oT-Qvcf9M.roa
Signing time: Tue 17 Jun 2025 08:51:17 +0000
ROA not before: Tue 17 Jun 2025 08:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203985
IP address blocks: 94.240.12.0/24 maxlen: 24
94.240.28.0/24 maxlen: 24
94.240.29.0/24 maxlen: 24
94.240.30.0/24 maxlen: 24
94.240.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:15:eb:59:4d:08:b9:56:c7:75:e5:ec:23:0d:33:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=351a2fd6f5e5af87d5cea095066fbcc3d3e546a4
Validity
Not Before: Jun 17 08:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b49fe11e78406f77de2c7478f6a13f90bdc7fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1e:b7:9f:f8:29:2e:06:cc:f1:a4:91:88:3e:
b3:4e:fb:fb:30:f8:a8:27:ad:73:a1:c9:75:80:c0:
02:ec:7e:81:14:ce:06:69:dc:97:9e:30:6f:19:c6:
7e:69:bf:bc:f9:77:75:f3:7d:fb:c7:84:5c:bf:74:
87:ab:4e:17:60:60:7d:31:bf:5d:f1:3e:fd:e6:ce:
54:cc:1d:97:31:9d:a2:86:53:e9:ec:bd:47:24:ad:
fb:74:95:5c:16:53:1d:78:d0:e4:43:02:a1:af:f8:
b7:11:17:ce:49:7f:1e:01:74:13:13:4c:3a:f2:6d:
ba:e4:1a:07:9a:3f:6a:42:80:a2:1b:34:d6:48:7c:
ff:cd:42:b6:52:af:a5:c2:06:74:be:18:ac:f2:83:
2e:bf:7d:e1:8a:39:6e:13:98:d4:d0:4c:68:c7:57:
53:79:50:19:63:28:90:65:62:19:fe:cd:77:94:3a:
5e:17:a0:5c:2d:b9:cc:02:3d:bd:80:20:c6:25:9a:
cf:33:a8:d8:b3:a9:8f:9d:ae:05:be:dc:c7:e1:71:
cf:0d:32:24:e0:ba:af:fc:4a:7e:bb:36:37:c3:4d:
2f:fb:ca:77:2b:00:82:c5:d9:d0:68:46:c7:6e:4c:
05:94:79:d5:32:9e:e1:cf:cd:13:06:b9:cc:86:3d:
f6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:49:FE:11:E7:84:06:F7:7D:E2:C7:47:8F:6A:13:F9:0B:DC:7F:D3
X509v3 Authority Key Identifier:
keyid:35:1A:2F:D6:F5:E5:AF:87:D5:CE:A0:95:06:6F:BC:C3:D3:E5:46:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRov1vXlr4fVzqCVBm-8w9PlRqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/m0n-EeeEBvd94sdHj2oT-Qvcf9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/cdddd5-817a-4113-8b82-23049e4d2f12/1/NRov1vXlr4fVzqCVBm-8w9PlRqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.240.12.0/24
94.240.28.0/22
Signature Algorithm: sha256WithRSAEncryption
47:ed:f5:57:e6:34:ac:78:7b:0a:83:5e:c3:5e:4e:7a:28:87:
d1:05:d4:c4:03:74:43:ab:68:ac:fc:1b:ea:8d:e2:d6:3b:bc:
64:d5:61:2a:dc:df:96:46:7e:da:c4:72:e2:ac:98:cb:5a:d3:
d5:f9:ce:a9:c4:40:6a:80:ce:67:f0:cb:67:a9:7c:0d:0a:49:
64:29:4c:2f:5a:5f:3f:af:aa:06:6a:d0:55:3f:d6:83:a8:a7:
0c:2e:24:a1:90:c2:71:63:3e:49:56:aa:70:64:94:00:10:af:
a4:1a:56:f1:31:75:95:78:7a:d6:46:b9:56:df:31:18:16:44:
79:52:9c:6f:a6:48:10:ef:7f:ff:7d:ea:fc:b3:aa:36:e0:7a:
3f:ec:39:0b:08:80:3c:f3:bf:67:34:c9:86:e8:76:53:2d:d8:
92:d6:47:03:65:2a:88:ff:61:74:a0:b4:8a:93:05:08:42:30:
56:96:36:68:36:d2:32:c1:b5:82:a0:5c:3c:ed:34:4f:62:6a:
05:56:2d:60:26:a8:76:a4:38:ca:df:e2:74:46:e1:80:04:c0:
91:62:3c:fc:07:33:e4:67:79:0b:a3:7a:38:21:7f:fa:b9:8a:
78:f0:6e:11:7f:a6:e3:73:b7:40:5a:1c:cb:4e:5e:00:70:17:
d2:44:18:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd9FetZTQi5Vsd15ewjDTMkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MWEyZmQ2ZjVlNWFmODdkNWNlYTA5NTA2NmZiY2MzZDNl
NTQ2YTQwHhcNMjUwNjE3MDg1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ5ZmUxMWU3ODQwNmY3N2RlMmM3NDc4ZjZhMTNmOTBiZGM3ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx63n/gpLgbM8aSRiD6zTvv7MPio
J61zocl1gMAC7H6BFM4GadyXnjBvGcZ+ab+8+Xd18337x4Rcv3SHq04XYGB9Mb9d
8T795s5UzB2XMZ2ihlPp7L1HJK37dJVcFlMdeNDkQwKhr/i3ERfOSX8eAXQTE0w6
8m265BoHmj9qQoCiGzTWSHz/zUK2Uq+lwgZ0vhis8oMuv33hijluE5jU0Exox1dT
eVAZYyiQZWIZ/s13lDpeF6BcLbnMAj29gCDGJZrPM6jYs6mPna4FvtzH4XHPDTIk
4Lqv/Ep+uzY3w00v+8p3KwCCxdnQaEbHbkwFlHnVMp7hz80TBrnMhj32vwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtJ/hHnhAb3feLHR49qE/kL3H/TMB8GA1UdIwQY
MBaAFDUaL9b15a+H1c6glQZvvMPT5UakMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODIt
MjMwNDllNGQyZjEyLzEvbTBuLUVlZUVCdmQ5NHNkSGoyb1QtUXZjZjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9jZGRkZDUtODE3YS00MTEzLThiODItMjMwNDllNGQyZjEy
LzEvTlJvdjF2WGxyNGZWenFDVkJtLTh3OVBsUnFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXvAMAwQC
XvAcMA0GCSqGSIb3DQEBCwUAA4IBAQBH7fVX5jSseHsKg17DXk56KIfRBdTEA3RD
q2is/BvqjeLWO7xk1WEq3N+WRn7axHLirJjLWtPV+c6pxEBqgM5n8MtnqXwNCklk
KUwvWl8/r6oGatBVP9aDqKcMLiShkMJxYz5JVqpwZJQAEK+kGlbxMXWVeHrWRrlW
3zEYFkR5UpxvpkgQ73//fer8s6o24Ho/7DkLCIA8879nNMmG6HZTLdiS1kcDZSqI
/2F0oLSKkwUIQjBWljZoNtIywbWCoFw87TRPYmoFVi1gJqh2pDjK3+J0RuGABMCR
Yjz8BzPkZ3kLo3o4IX/6uYp48G4Rf6bjc7dAWhzLTl4AcBfSRBhA
-----END CERTIFICATE-----
Generated at Sun Jun 29 03:04:21 2025 by rpki-client