Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/A_OQJ88bcYgcsjIcwJCOxewRMg8.roa
File: A_OQJ88bcYgcsjIcwJCOxewRMg8.roa (raw, json)
Hash identifier: JsIzJGkiQIIUy+vP0PZYtJ7LTu3SBkRUq53MCZhXjvA=
Subject key identifier: 03:F3:90:27:CF:1B:71:88:1C:B2:32:1C:C0:90:8E:C5:EC:11:32:0F
Certificate issuer: /CN=8db49baf17f06c364a00f8e64c891c53729f7a2f
Certificate serial: 01983CA68CED97ABD29D6D243220308BF1E2
Authority key identifier: 8D:B4:9B:AF:17:F0:6C:36:4A:00:F8:E6:4C:89:1C:53:72:9F:7A:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jbSbrxfwbDZKAPjmTIkcU3Kfei8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/A_OQJ88bcYgcsjIcwJCOxewRMg8.roa
Signing time: Thu 24 Jul 2025 13:36:44 +0000
ROA not before: Thu 24 Jul 2025 13:36:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 680
IP address blocks: 131.188.0.0/16 maxlen: 16
192.44.81.0/24 maxlen: 24
192.44.82.0/23 maxlen: 23
192.44.84.0/22 maxlen: 22
192.44.88.0/23 maxlen: 23
192.44.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/jbSbrxfwbDZKAPjmTIkcU3Kfei8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/jbSbrxfwbDZKAPjmTIkcU3Kfei8.mft
rsync://rpki.ripe.net/repository/DEFAULT/jbSbrxfwbDZKAPjmTIkcU3Kfei8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:a6:8c:ed:97:ab:d2:9d:6d:24:32:20:30:8b:f1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8db49baf17f06c364a00f8e64c891c53729f7a2f
Validity
Not Before: Jul 24 13:36:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03f39027cf1b71881cb2321cc0908ec5ec11320f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:22:b9:fa:90:98:9e:e6:0f:3a:8c:f0:57:a1:
1e:e2:bf:68:d0:45:be:55:6c:a6:e1:9f:97:ec:2d:
bb:9c:ad:d3:3f:03:2d:dc:bb:b2:c4:c0:61:4d:11:
bb:2b:86:ba:15:d0:9e:89:b9:62:e9:1f:5d:e7:ec:
8c:3c:5d:bf:88:bb:59:7d:f5:16:a9:c0:ca:8a:30:
0a:ea:79:c8:db:38:d4:20:e4:bd:79:ea:ff:82:de:
a0:88:58:18:ad:cc:fd:80:36:03:c1:66:f2:9a:05:
32:42:91:cd:47:e4:26:5b:d4:0d:6f:55:51:fe:bd:
00:96:7a:2b:98:8f:2c:d7:e5:2a:d9:10:07:7f:f3:
4d:bf:76:c2:6b:ae:e2:ef:52:75:ab:c8:61:9f:1c:
eb:8c:b9:8c:d3:f7:07:98:01:0a:66:b9:ba:e3:5e:
74:6d:1a:73:8d:a1:f0:f4:20:a3:d5:c4:7a:55:68:
c1:f5:7a:03:d2:2a:4b:7a:a5:31:d2:9b:6f:52:97:
85:76:b4:ea:2c:fd:0c:58:b2:f4:f2:f1:14:40:3c:
e4:25:b6:ce:a6:82:b1:04:c0:0a:90:7c:7f:ab:98:
70:8f:24:4b:c8:63:2c:6c:ab:aa:ad:a9:66:d6:c4:
c4:18:b0:05:bc:b8:af:01:29:f3:8c:9b:a7:65:2a:
43:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F3:90:27:CF:1B:71:88:1C:B2:32:1C:C0:90:8E:C5:EC:11:32:0F
X509v3 Authority Key Identifier:
keyid:8D:B4:9B:AF:17:F0:6C:36:4A:00:F8:E6:4C:89:1C:53:72:9F:7A:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jbSbrxfwbDZKAPjmTIkcU3Kfei8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/A_OQJ88bcYgcsjIcwJCOxewRMg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/9c1ec8-cc39-4389-8584-85173e57eb52/1/jbSbrxfwbDZKAPjmTIkcU3Kfei8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.188.0.0/16
192.44.81.0-192.44.90.255
Signature Algorithm: sha256WithRSAEncryption
2c:0b:6d:5f:59:59:d2:9d:74:d4:50:0c:2d:44:c0:6c:ec:30:
a4:c9:ee:e8:79:2f:55:e8:25:c0:70:2f:19:0b:11:7f:82:98:
91:51:7f:a7:06:76:6d:eb:2d:21:68:37:be:84:e1:05:59:ce:
0f:1e:30:aa:30:7d:e9:70:c8:fb:4b:61:e5:d9:3c:7a:d9:9f:
ce:02:44:f3:a7:42:2d:f4:b1:64:b9:fe:59:cd:bc:d8:38:c4:
91:53:c8:9d:ef:d3:63:b9:9d:b6:3a:03:63:20:c6:b9:f4:d2:
00:7a:e3:4a:1b:68:e0:44:e6:32:de:f6:b7:b5:65:19:b0:9b:
14:28:57:ab:fb:7f:07:e8:bb:28:17:d3:70:57:c8:22:d2:e0:
1c:9a:60:9d:1f:e1:f3:25:8a:c2:13:58:f1:ad:01:dd:93:98:
c8:e9:b9:e4:42:cd:71:a9:e5:da:8c:f8:4e:4c:60:2a:e6:8a:
cc:de:90:32:17:be:55:80:d3:a9:30:7c:06:68:a1:28:30:a3:
2b:67:0c:79:86:1a:e8:5d:a5:73:e4:e6:b7:b6:5f:e0:12:c1:
73:91:c6:89:ed:ef:c8:76:ec:d7:b7:a6:f1:35:59:50:1e:e1:
4a:69:d2:db:11:11:da:6c:b0:49:ff:14:c3:ea:fa:f1:12:87:
27:14:54:16
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZg8poztl6vSnW0kMiAwi/HiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYjQ5YmFmMTdmMDZjMzY0YTAwZjhlNjRjODkxYzUzNzI5
ZjdhMmYwHhcNMjUwNzI0MTMzNjQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2YzOTAyN2NmMWI3MTg4MWNiMjMyMWNjMDkwOGVjNWVjMTEzMjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSK5+pCYnuYPOozwV6Ee4r9o0EW+
VWym4Z+X7C27nK3TPwMt3LuyxMBhTRG7K4a6FdCeibli6R9d5+yMPF2/iLtZffUW
qcDKijAK6nnI2zjUIOS9eer/gt6giFgYrcz9gDYDwWbymgUyQpHNR+QmW9QNb1VR
/r0AlnormI8s1+Uq2RAHf/NNv3bCa67i71J1q8hhnxzrjLmM0/cHmAEKZrm64150
bRpzjaHw9CCj1cR6VWjB9XoD0ipLeqUx0ptvUpeFdrTqLP0MWLL08vEUQDzkJbbO
poKxBMAKkHx/q5hwjyRLyGMsbKuqralm1sTEGLAFvLivASnzjJunZSpDDQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFAPzkCfPG3GIHLIyHMCQjsXsETIPMB8GA1UdIwQY
MBaAFI20m68X8Gw2SgD45kyJHFNyn3ovMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamJTYnJ4ZndiRFpLQVBqbVRJa2NVM0tmZWk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85YzFlYzgtY2MzOS00Mzg5LTg1ODQt
ODUxNzNlNTdlYjUyLzEvQV9PUUo4OGJjWWdjc2pJY3dKQ094ZXdSTWc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85YzFlYzgtY2MzOS00Mzg5LTg1ODQtODUxNzNlNTdlYjUy
LzEvamJTYnJ4ZndiRFpLQVBqbVRJa2NVM0tmZWk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATAwMAg7wwDAME
AMAsUQMEAMAsWjANBgkqhkiG9w0BAQsFAAOCAQEALAttX1lZ0p101FAMLUTAbOww
pMnu6HkvVeglwHAvGQsRf4KYkVF/pwZ2bestIWg3voThBVnODx4wqjB96XDI+0th
5dk8etmfzgJE86dCLfSxZLn+Wc282DjEkVPIne/TY7mdtjoDYyDGufTSAHrjShto
4ETmMt72t7VlGbCbFChXq/t/B+i7KBfTcFfIItLgHJpgnR/h8yWKwhNY8a0B3ZOY
yOm55ELNcanl2oz4TkxgKuaKzN6QMhe+VYDTqTB8BmihKDCjK2cMeYYa6F2lc+Tm
t7Zf4BLBc5HGie3vyHbs17em8TVZUB7hSmnS2xER2mywSf8Uw+r68RKHJxRUFg==
-----END CERTIFICATE-----
Generated at Sat Jul 26 15:22:57 2025 by rpki-client