Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1OPAOSK7XI2PXkMWLZC__kR6e7o.roa
File: 1OPAOSK7XI2PXkMWLZC__kR6e7o.roa (raw, json)
Hash identifier: zgqjLOdmhIKV08eKyZe0XmQH3UqGhIzXdKtUIZFpvvE=
Subject key identifier: D4:E3:C0:39:22:BB:5C:8D:8F:5E:43:16:2D:90:BF:FE:44:7A:7B:BA
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0197ED70E70B804501E626ACD7E55D9E5EB5
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1OPAOSK7XI2PXkMWLZC__kR6e7o.roa
Signing time: Wed 09 Jul 2025 04:28:08 +0000
ROA not before: Wed 09 Jul 2025 04:28:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.11.189.0/24 maxlen: 24
45.11.190.0/24 maxlen: 24
45.11.191.0/24 maxlen: 24
188.209.137.0/24 maxlen: 24
188.209.139.0/24 maxlen: 24
194.15.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ed:70:e7:0b:80:45:01:e6:26:ac:d7:e5:5d:9e:5e:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Jul 9 04:28:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4e3c03922bb5c8d8f5e43162d90bffe447a7bba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ca:27:58:42:d3:7d:ac:12:12:92:6a:2e:ae:
24:53:1e:cc:8e:26:6a:6b:61:c9:bd:1a:0c:b5:de:
b3:e9:be:8b:a7:2d:e8:96:1c:6c:af:29:52:a0:bf:
26:7d:6d:be:b7:b0:14:1d:16:cd:14:d1:2d:86:77:
e2:79:4b:79:2b:1c:19:4b:dd:88:64:3e:86:5c:82:
cd:9a:6e:f9:33:eb:f6:f8:54:5e:fc:2f:c5:ab:6a:
02:b8:68:b0:45:d8:a8:45:d9:47:7b:a6:01:1c:ae:
7d:93:83:7b:17:f5:7b:dc:ca:68:54:ef:ce:a1:5c:
3c:ae:21:b8:5e:fc:74:ea:46:d8:81:f7:59:4d:bd:
8c:b5:97:9e:a9:f3:26:d8:2c:e5:51:37:90:4d:3b:
30:e5:64:f6:f0:67:8c:90:15:25:22:59:cb:f5:5c:
35:ea:d8:9e:c2:0e:fd:10:81:e6:59:00:52:4c:2a:
1a:42:e6:9a:db:cb:7f:39:94:0f:51:5c:8e:38:6e:
c2:58:8b:ee:79:7a:12:90:cc:74:aa:51:2e:7f:83:
b6:d7:de:30:b0:f3:6a:f8:94:e8:f3:f9:93:37:df:
bb:97:40:6d:9a:e3:34:2f:f5:da:07:6f:f5:63:ad:
cc:40:ae:d5:d8:26:7f:6d:43:fc:50:f9:02:f2:c8:
bc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E3:C0:39:22:BB:5C:8D:8F:5E:43:16:2D:90:BF:FE:44:7A:7B:BA
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1OPAOSK7XI2PXkMWLZC__kR6e7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.189.0-45.11.191.255
188.209.137.0/24
188.209.139.0/24
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:78:9c:a2:36:6e:0d:73:d3:4d:28:3a:22:eb:26:e1:cf:f4:
04:95:5f:c3:94:3f:6c:25:69:e3:82:6e:d8:88:d7:f7:a1:d5:
90:e7:44:de:f5:04:e4:49:fc:5d:2e:ca:3b:63:4b:34:87:d6:
d7:9b:d5:7a:d8:c7:96:f9:a2:69:0e:3a:aa:ba:3f:09:46:57:
7e:12:49:bc:67:95:93:9d:f8:1b:6a:fe:74:fb:85:10:5a:97:
a2:6e:8c:f3:db:bb:a4:bb:a8:40:11:72:a0:9e:8d:5e:61:af:
89:66:a0:bd:15:f6:7e:5e:11:ea:16:3e:30:ed:6d:81:dc:d3:
31:de:e5:b1:84:6c:48:6e:cc:ee:7a:bf:a3:8c:bd:e3:6f:4d:
df:ec:af:64:e1:07:e2:d9:82:e2:e9:70:5f:72:9a:32:5f:2b:
c1:c8:f4:dd:89:25:61:d3:55:01:be:6b:60:18:40:45:3c:7b:
58:9e:d7:e3:96:87:22:7a:0f:a2:38:b0:f8:30:da:0f:fa:00:
6d:95:b5:75:59:d3:fc:a5:4e:fe:13:75:a2:61:35:a0:a3:b2:
7b:7a:40:54:76:a3:27:f8:95:11:da:4a:51:f4:fd:fc:3b:e9:
7b:3e:5d:5b:5a:fd:ff:70:b4:4d:ff:d7:ed:33:29:e1:61:83:
a4:e9:3e:ff
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZftcOcLgEUB5ias1+Vdnl61MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNzA5MDQyODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGUzYzAzOTIyYmI1YzhkOGY1ZTQzMTYyZDkwYmZmZTQ0N2E3YmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4conWELTfawSEpJqLq4kUx7MjiZq
a2HJvRoMtd6z6b6Lpy3olhxsrylSoL8mfW2+t7AUHRbNFNEthnfieUt5KxwZS92I
ZD6GXILNmm75M+v2+FRe/C/Fq2oCuGiwRdioRdlHe6YBHK59k4N7F/V73MpoVO/O
oVw8riG4Xvx06kbYgfdZTb2MtZeeqfMm2CzlUTeQTTsw5WT28GeMkBUlIlnL9Vw1
6tiewg79EIHmWQBSTCoaQuaa28t/OZQPUVyOOG7CWIvueXoSkMx0qlEuf4O2194w
sPNq+JTo8/mTN9+7l0BtmuM0L/XaB2/1Y63MQK7V2CZ/bUP8UPkC8si8NwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNTjwDkiu1yNj15DFi2Qv/5Eenu6MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvMU9QQU9TSzdYSTJQWGtNV0xaQ19fa1I2ZTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAAtC70D
BAYtC4ADBAC80YkDBAC80YsDBADCD2AwDQYJKoZIhvcNAQELBQADggEBALB4nKI2
bg1z000oOiLrJuHP9ASVX8OUP2wlaeOCbtiI1/eh1ZDnRN71BORJ/F0uyjtjSzSH
1teb1XrYx5b5omkOOqq6PwlGV34SSbxnlZOd+Btq/nT7hRBal6JujPPbu6S7qEAR
cqCejV5hr4lmoL0V9n5eEeoWPjDtbYHc0zHe5bGEbEhuzO56v6OMveNvTd/sr2Th
B+LZguLpcF9ymjJfK8HI9N2JJWHTVQG+a2AYQEU8e1ie1+OWhyJ6D6I4sPgw2g/6
AG2VtXVZ0/ylTv4TdaJhNaCjsnt6QFR2oyf4lRHaSlH0/fw76Xs+XVta/f9wtE3/
1+0zKeFhg6TpPv8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:20:19 2025 by rpki-client