Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/OGR-5RVGrACHFDAcbykuCsmVvis.roa
File: OGR-5RVGrACHFDAcbykuCsmVvis.roa (raw, json)
Hash identifier: PoHcnolilWa6jXDwi1RtKlLtbi/axzSMXkLX6eNkyD8=
Subject key identifier: 38:64:7E:E5:15:46:AC:00:87:14:30:1C:6F:29:2E:0A:C9:95:BE:2B
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01980E273C28EA15FCCDBF0DE329D480802D
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/OGR-5RVGrACHFDAcbykuCsmVvis.roa
Signing time: Tue 15 Jul 2025 12:55:08 +0000
ROA not before: Tue 15 Jul 2025 12:55:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41457
IP address blocks: 95.175.150.0/24 maxlen: 24
185.79.19.0/24 maxlen: 24
192.40.69.0/24 maxlen: 24
2a14:6780::/32 maxlen: 32
2a14:6780:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 16:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:27:3c:28:ea:15:fc:cd:bf:0d:e3:29:d4:80:80:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Jul 15 12:55:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38647ee51546ac008714301c6f292e0ac995be2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c5:80:99:b7:59:21:b0:d3:b1:8c:30:7c:03:
ab:3a:fb:40:b8:ae:4f:f8:47:c0:0e:b3:d4:74:11:
9f:56:4a:89:35:f6:10:62:b3:4a:9a:5a:9c:ad:ce:
42:c7:30:08:8b:4e:d6:4c:7c:8b:ef:c9:4e:cf:b5:
3b:4f:84:fa:6f:c7:fa:f8:8e:b8:41:cd:3b:3d:08:
de:33:d3:00:f6:72:eb:0a:cf:07:0c:ef:14:81:68:
c2:95:36:eb:e3:07:6c:43:fb:d9:ea:7a:cc:e9:2a:
9b:9b:3a:1f:14:2c:c8:3d:9f:bd:c3:38:59:5d:b6:
24:31:9d:2d:01:53:d3:84:5e:d6:43:90:88:d1:83:
b1:67:a3:7a:ed:b1:cb:6e:02:94:c1:dc:6e:fb:04:
13:09:1b:93:96:e2:ee:5b:9b:5b:bc:14:2d:98:bd:
1d:5b:ff:1d:94:ba:ec:4c:a4:c7:a7:93:f0:00:e5:
2a:fc:ab:88:85:db:8f:c6:33:52:13:e7:2d:58:40:
f5:70:2d:56:cf:64:94:d8:4a:ac:e2:38:20:34:cb:
d3:75:0d:f5:25:56:63:08:8e:18:9f:69:2f:44:8c:
30:02:1d:24:45:07:17:fd:14:cd:e4:ee:7b:c6:35:
7f:a2:52:3f:ff:9e:db:5b:31:5b:80:16:e3:55:72:
1b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:64:7E:E5:15:46:AC:00:87:14:30:1C:6F:29:2E:0A:C9:95:BE:2B
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/OGR-5RVGrACHFDAcbykuCsmVvis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.175.150.0/24
185.79.19.0/24
192.40.69.0/24
IPv6:
2a14:6780::/32
Signature Algorithm: sha256WithRSAEncryption
71:cc:f1:d1:11:ca:03:6b:ae:3d:6a:10:6a:bd:91:c6:d7:d2:
6e:42:c2:08:29:c2:70:9f:b1:f0:ce:52:25:a3:d7:f9:88:2f:
0e:11:0d:95:01:cd:4e:ef:74:69:ab:d2:03:ec:26:19:da:f2:
4f:bc:9b:82:70:cd:57:59:3b:e1:24:56:85:eb:b1:42:cf:b7:
96:09:ff:c1:05:a3:9b:3a:a7:8b:25:71:46:eb:0e:00:0c:b2:
3f:e5:9d:93:3f:fe:4d:b6:eb:c6:c1:1b:e7:4c:e5:b4:1b:c2:
2e:51:2e:7b:75:c8:a6:44:1b:26:5e:ef:f3:92:9c:fd:39:33:
2a:e7:73:25:11:77:e3:34:93:a4:3e:ae:b8:5b:fa:fe:1e:2e:
48:9f:28:fc:62:8d:ee:3e:aa:64:8b:ea:76:5c:3a:83:46:c5:
01:a9:09:08:ee:92:77:aa:ae:ae:2c:70:3c:d3:a0:a4:8b:a4:
83:0b:73:f2:1b:d5:9a:92:95:cc:7a:c4:cc:98:dd:af:b1:a6:
8d:0d:3c:64:94:ba:b8:5e:19:71:32:75:12:76:9f:9c:d4:b4:
28:f2:46:86:94:da:43:21:54:73:e3:7a:9b:87:7d:42:e7:a4:
58:af:60:04:f2:2c:de:d1:ea:41:d5:b0:a3:93:ac:84:4d:07:
9c:02:3c:64
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZgOJzwo6hX8zb8N4ynUgIAtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNzE1MTI1NTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODY0N2VlNTE1NDZhYzAwODcxNDMwMWM2ZjI5MmUwYWM5OTViZTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5MWAmbdZIbDTsYwwfAOrOvtAuK5P
+EfADrPUdBGfVkqJNfYQYrNKmlqcrc5CxzAIi07WTHyL78lOz7U7T4T6b8f6+I64
Qc07PQjeM9MA9nLrCs8HDO8UgWjClTbr4wdsQ/vZ6nrM6SqbmzofFCzIPZ+9wzhZ
XbYkMZ0tAVPThF7WQ5CI0YOxZ6N67bHLbgKUwdxu+wQTCRuTluLuW5tbvBQtmL0d
W/8dlLrsTKTHp5PwAOUq/KuIhduPxjNSE+ctWED1cC1Wz2SU2Eqs4jggNMvTdQ31
JVZjCI4Yn2kvRIwwAh0kRQcX/RTN5O57xjV/olI//57bWzFbgBbjVXIbfQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDhkfuUVRqwAhxQwHG8pLgrJlb4rMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvT0dSLTVSVkdyQUNIRkRBY2J5a3VDc21WdmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAX6+WAwQA
uU8TAwQAwChFMA0EAgACMAcDBQAqFGeAMA0GCSqGSIb3DQEBCwUAA4IBAQBxzPHR
EcoDa649ahBqvZHG19JuQsIIKcJwn7HwzlIlo9f5iC8OEQ2VAc1O73Rpq9ID7CYZ
2vJPvJuCcM1XWTvhJFaF67FCz7eWCf/BBaObOqeLJXFG6w4ADLI/5Z2TP/5NtuvG
wRvnTOW0G8IuUS57dcimRBsmXu/zkpz9OTMq53MlEXfjNJOkPq64W/r+Hi5Inyj8
Yo3uPqpki+p2XDqDRsUBqQkI7pJ3qq6uLHA806Cki6SDC3PyG9WakpXMesTMmN2v
saaNDTxklLq4XhlxMnUSdp+c1LQo8kaGlNpDIVRz43qbh31C56RYr2AE8ize0epB
1bCjk6yETQecAjxk
-----END CERTIFICATE-----
Generated at Mon Jul 21 01:35:13 2025 by rpki-client