Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Mo-GiiM2sNe-eBz_JyMl4sLvpMo.roa
File: Mo-GiiM2sNe-eBz_JyMl4sLvpMo.roa (raw, json)
Hash identifier: S6ZzEosIiFeiJ1KKDxx2F81o6c+HfdnMbY4tAkCKBFE=
Subject key identifier: 32:8F:86:8A:23:36:B0:D7:BE:78:1C:FF:27:23:25:E2:C2:EF:A4:CA
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 01978D9507E110426E8707240F2AEB2CB297
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Mo-GiiM2sNe-eBz_JyMl4sLvpMo.roa
Signing time: Fri 20 Jun 2025 13:44:03 +0000
ROA not before: Fri 20 Jun 2025 13:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215672
IP address blocks: 80.93.193.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.203.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:95:07:e1:10:42:6e:87:07:24:0f:2a:eb:2c:b2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Jun 20 13:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=328f868a2336b0d7be781cff272325e2c2efa4ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:39:09:a3:a6:a3:8e:6f:31:75:67:11:69:85:
8a:2c:38:34:92:4a:58:c2:06:a2:73:48:e3:09:7d:
1d:37:fe:a3:e4:64:26:ee:a8:9b:10:f7:6f:79:2c:
f2:88:6d:6e:9c:21:28:d8:cf:68:6a:d6:d5:b9:38:
06:25:a0:95:d6:73:26:f7:56:d6:06:10:f8:03:d4:
a1:d8:76:d5:0d:ce:13:04:0e:72:09:af:9f:60:b2:
e0:87:29:bd:86:a8:33:77:12:bc:30:41:82:08:b7:
9e:69:7b:05:39:04:2b:44:28:05:ad:a3:a0:02:fb:
0e:b7:51:0d:a6:ac:9d:e5:90:0d:43:4c:60:02:ec:
db:68:d6:23:1a:3a:a5:51:86:66:eb:b2:0d:94:9e:
e7:60:5a:f0:bb:f1:93:a4:02:0e:f2:9f:48:83:21:
b3:42:f1:ab:23:50:a1:81:56:f3:a7:d6:71:4d:aa:
e0:2f:08:6c:5a:60:85:a9:93:90:4e:b2:9f:c2:10:
12:a8:56:f2:ca:83:41:df:4f:f4:cd:d6:b2:e7:fd:
a3:b9:2f:92:ec:c3:fb:9e:05:38:e6:2e:54:9b:a2:
d5:05:9d:56:54:b0:07:0a:a0:18:df:c4:05:fc:04:
57:99:99:29:e4:10:03:25:61:fd:67:69:f4:5c:a5:
a2:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:8F:86:8A:23:36:B0:D7:BE:78:1C:FF:27:23:25:E2:C2:EF:A4:CA
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/Mo-GiiM2sNe-eBz_JyMl4sLvpMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.193.0/24
80.93.199.0/24
80.93.203.0-80.93.205.255
Signature Algorithm: sha256WithRSAEncryption
0a:48:fe:69:b4:24:fa:20:60:10:e4:2f:ee:a5:94:a9:92:41:
c7:c7:37:36:8e:b4:b0:73:a6:7c:dd:c4:56:bd:4b:6f:bb:a5:
1a:76:e4:4b:27:48:b5:df:74:4f:56:07:e7:9c:28:87:3f:17:
31:35:8d:e6:db:72:33:d9:0c:a2:38:0c:be:ab:af:93:3c:8b:
3f:88:7c:4d:75:f3:ca:3f:fa:75:29:16:dc:98:15:e0:0e:a2:
3d:d8:14:29:a2:c3:f6:bf:04:7f:18:e5:0e:bf:1e:db:dc:b8:
9d:95:8c:42:e9:f8:cf:bc:45:9b:0d:5b:06:53:9c:38:93:97:
cb:d0:6d:16:13:10:ad:1b:c4:2a:51:cb:77:c5:b6:32:fa:9f:
d8:a2:83:61:6b:1b:d9:9c:92:e7:26:af:83:85:26:c0:0a:61:
6c:df:f8:5f:f5:61:e0:a6:8b:70:51:b6:ef:80:24:e9:5b:01:
72:41:af:f7:35:88:54:71:3b:bb:5c:ef:cb:2d:65:e6:6f:eb:
7f:a6:b2:ba:74:4f:b0:36:fe:17:97:9d:93:f1:d8:5d:ae:64:
ee:37:f8:b5:f7:61:a8:61:ce:93:ea:cd:a0:9a:7d:b2:05:80:
f6:75:60:65:95:10:c4:89:b7:36:22:de:46:38:17:17:07:84:
11:39:3e:90
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeNlQfhEEJuhwckDyrrLLKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwNjIwMTM0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjhmODY4YTIzMzZiMGQ3YmU3ODFjZmYyNzIzMjVlMmMyZWZhNGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzjkJo6ajjm8xdWcRaYWKLDg0kkpY
wgaic0jjCX0dN/6j5GQm7qibEPdveSzyiG1unCEo2M9oatbVuTgGJaCV1nMm91bW
BhD4A9Sh2HbVDc4TBA5yCa+fYLLghym9hqgzdxK8MEGCCLeeaXsFOQQrRCgFraOg
AvsOt1ENpqyd5ZANQ0xgAuzbaNYjGjqlUYZm67INlJ7nYFrwu/GTpAIO8p9IgyGz
QvGrI1ChgVbzp9ZxTargLwhsWmCFqZOQTrKfwhASqFbyyoNB30/0zday5/2juS+S
7MP7ngU45i5Um6LVBZ1WVLAHCqAY38QF/ARXmZkp5BADJWH9Z2n0XKWi/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDKPhoojNrDXvngc/ycjJeLC76TKMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvTW8tR2lpTTJzTmUtZUJ6X0p5TWw0c0x2cE1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3BAwQA
UF3HMAwDBABQXcsDBAFQXcwwDQYJKoZIhvcNAQELBQADggEBAApI/mm0JPogYBDk
L+6llKmSQcfHNzaOtLBzpnzdxFa9S2+7pRp25EsnSLXfdE9WB+ecKIc/FzE1jebb
cjPZDKI4DL6rr5M8iz+IfE1188o/+nUpFtyYFeAOoj3YFCmiw/a/BH8Y5Q6/Htvc
uJ2VjELp+M+8RZsNWwZTnDiTl8vQbRYTEK0bxCpRy3fFtjL6n9iig2FrG9mckucm
r4OFJsAKYWzf+F/1YeCmi3BRtu+AJOlbAXJBr/c1iFRxO7tc78stZeZv63+msrp0
T7A2/heXnZPx2F2uZO43+LX3YahhzpPqzaCafbIFgPZ1YGWVEMSJtzYi3kY4FxcH
hBE5PpA=
-----END CERTIFICATE-----
Generated at Sun Jun 29 00:58:02 2025 by rpki-client