Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/OqwJALcrvdGuqMuiUcU6zqsW4N4.roa
File: OqwJALcrvdGuqMuiUcU6zqsW4N4.roa (raw, json)
Hash identifier: WRR6mJj3kerHokaDGtvMoRIWOA703MHG8etcq24MW+g=
Subject key identifier: 3A:AC:09:00:B7:2B:BD:D1:AE:A8:CB:A2:51:C5:3A:CE:AB:16:E0:DE
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01982DDBA433029D92CDB31D98F0FF14FCBE
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/OqwJALcrvdGuqMuiUcU6zqsW4N4.roa
Signing time: Mon 21 Jul 2025 16:40:25 +0000
ROA not before: Mon 21 Jul 2025 16:40:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215645
IP address blocks: 185.243.181.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:db:a4:33:02:9d:92:cd:b3:1d:98:f0:ff:14:fc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jul 21 16:40:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aac0900b72bbdd1aea8cba251c53aceab16e0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5e:43:42:98:f4:40:19:8e:b8:67:dc:89:73:
3b:4c:0b:8d:cf:51:a6:20:05:08:d2:68:90:d3:f9:
a1:3f:29:15:b8:0c:88:ff:fd:5a:1d:5f:a6:b1:c8:
92:6e:43:b6:09:d4:52:c0:c1:5c:6a:20:82:30:52:
cc:38:fb:9f:a9:00:fd:82:6d:4e:95:91:2a:b4:c3:
61:47:94:59:f8:3e:32:9f:12:64:5b:f2:d5:ce:e4:
86:03:b0:87:b0:29:d7:c7:48:1c:5a:5e:e5:0b:84:
1c:ce:9b:47:14:24:5e:63:63:de:2c:68:e3:7d:68:
19:f3:4e:b4:c9:20:8e:db:55:65:d5:69:47:a3:6e:
bd:13:58:ed:69:d2:67:72:f6:c3:70:3c:92:30:ce:
2f:72:a3:6a:a7:2d:96:7f:38:3d:5f:d1:e4:29:9b:
72:6a:93:fd:92:1c:18:f3:e8:95:77:ab:99:86:a3:
f0:e5:74:1f:8c:13:0b:61:23:a5:98:6f:06:8a:21:
0c:41:72:da:1d:e4:84:4b:09:24:da:9b:ec:ea:30:
90:06:07:0c:ee:82:63:46:ec:66:14:d7:ba:2e:6f:
ad:64:ff:12:a1:ab:df:2c:f7:90:67:ad:9b:73:0a:
47:e8:0e:ca:f2:a3:60:21:fe:7d:9c:7e:df:5a:04:
ce:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AC:09:00:B7:2B:BD:D1:AE:A8:CB:A2:51:C5:3A:CE:AB:16:E0:DE
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/OqwJALcrvdGuqMuiUcU6zqsW4N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.181.0/24
185.254.28.0/24
193.35.153.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
63:39:e1:ea:74:fb:15:d0:84:a8:a0:80:4a:58:21:8a:a5:52:
3d:34:1b:21:ad:e0:20:d6:79:e0:49:98:1f:05:80:f6:f2:a9:
c6:8f:30:2b:84:ea:00:3e:68:21:8e:ae:28:52:9e:6b:ef:09:
2a:e6:bc:f0:bf:cc:c7:a0:91:13:2d:4e:17:f1:d8:dd:3f:4a:
00:b5:1a:e5:3a:40:79:91:2d:b6:45:04:1f:4b:f8:c3:3c:a1:
b8:e0:48:52:5a:5f:76:b6:7a:b9:97:a3:3e:ba:88:12:e4:09:
2d:4c:88:c2:ab:67:73:e6:36:c5:80:5a:1d:d2:a4:47:8f:f0:
83:92:fc:2c:df:53:72:99:6a:73:6b:1e:3f:7b:1e:1f:d6:dd:
09:0f:19:ea:28:0c:51:d7:08:84:99:19:1a:ab:97:0e:56:c4:
1f:78:72:c6:37:4e:6f:b7:9b:90:5e:cb:20:ab:82:98:a4:2e:
6e:a9:f7:05:e7:f5:eb:56:47:d9:30:e9:a7:0b:0e:64:75:0f:
dc:ca:ef:49:b8:5a:94:d7:71:1a:3d:db:4e:74:68:0c:d7:e7:
5b:6a:f8:66:72:60:01:57:a4:d6:2e:a6:af:5e:31:32:d8:ef:
97:0a:da:35:84:ea:26:0f:1c:88:01:c9:b2:36:32:c7:b0:fd:
cd:3c:a9:65
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgt26QzAp2SzbMdmPD/FPy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNzIxMTY0MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFjMDkwMGI3MmJiZGQxYWVhOGNiYTI1MWM1M2FjZWFiMTZlMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA315DQpj0QBmOuGfciXM7TAuNz1Gm
IAUI0miQ0/mhPykVuAyI//1aHV+msciSbkO2CdRSwMFcaiCCMFLMOPufqQD9gm1O
lZEqtMNhR5RZ+D4ynxJkW/LVzuSGA7CHsCnXx0gcWl7lC4QczptHFCReY2PeLGjj
fWgZ8060ySCO21Vl1WlHo269E1jtadJncvbDcDySMM4vcqNqpy2Wfzg9X9HkKZty
apP9khwY8+iVd6uZhqPw5XQfjBMLYSOlmG8GiiEMQXLaHeSESwkk2pvs6jCQBgcM
7oJjRuxmFNe6Lm+tZP8SoavfLPeQZ62bcwpH6A7K8qNgIf59nH7fWgTOVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDqsCQC3K73RrqjLolHFOs6rFuDeMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvT3F3SkFMY3J2ZEd1cU11aVVjVTZ6cXNXNE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAufO1AwQA
uf4cAwQAwSOZAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQBjOeHqdPsV0ISooIBK
WCGKpVI9NBshreAg1nngSZgfBYD28qnGjzArhOoAPmghjq4oUp5r7wkq5rzwv8zH
oJETLU4X8djdP0oAtRrlOkB5kS22RQQfS/jDPKG44EhSWl92tnq5l6M+uogS5Akt
TIjCq2dz5jbFgFod0qRHj/CDkvws31NymWpzax4/ex4f1t0JDxnqKAxR1wiEmRka
q5cOVsQfeHLGN05vt5uQXssgq4KYpC5uqfcF5/XrVkfZMOmnCw5kdQ/cyu9JuFqU
13EaPdtOdGgM1+dbavhmcmABV6TWLqavXjEy2O+XCto1hOomDxyIAcmyNjLHsP3N
PKll
-----END CERTIFICATE-----
Generated at Wed Jul 23 11:57:59 2025 by rpki-client