Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/oNBXrurPgmY0qmcGUUGlDZ34mPg.roa
File: oNBXrurPgmY0qmcGUUGlDZ34mPg.roa (raw, json)
Hash identifier: LRJ/Kvg05H80qD0GkNGfLM5+gHGWathyQ+MYfRyUDec=
Subject key identifier: A0:D0:57:AE:EA:CF:82:66:34:AA:67:06:51:41:A5:0D:9D:F8:98:F8
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 01980E6925502BCC5189BB6B5CAFDDADE56B
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/oNBXrurPgmY0qmcGUUGlDZ34mPg.roa
Signing time: Tue 15 Jul 2025 14:07:08 +0000
ROA not before: Tue 15 Jul 2025 14:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 93.94.32.0/24 maxlen: 24
93.94.33.0/24 maxlen: 24
93.94.38.0/24 maxlen: 24
93.174.64.0/21 maxlen: 24
158.58.136.0/21 maxlen: 24
185.84.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:69:25:50:2b:cc:51:89:bb:6b:5c:af:dd:ad:e5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Jul 15 14:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0d057aeeacf826634aa67065141a50d9df898f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:e6:08:04:ef:d8:be:14:5c:62:ca:ff:e1:
b3:bd:45:e1:cb:2d:90:e8:86:9c:2d:d9:6c:68:f3:
ad:5c:89:72:48:ad:53:cd:a2:65:56:ed:80:37:1a:
81:69:57:7a:89:bb:e2:a2:4a:04:4a:8b:8e:f6:6b:
e8:e1:45:50:15:ea:79:10:7e:d3:e0:02:47:15:58:
08:24:96:e8:b2:5f:df:68:86:63:79:2d:97:c7:57:
be:e3:b9:91:04:5d:fb:37:d1:54:46:40:94:c0:bb:
9c:d8:68:0b:8d:79:57:dd:a4:af:98:60:03:49:5e:
05:f1:25:ef:71:92:df:df:c9:fe:71:4e:58:4c:99:
1e:1b:ac:e0:10:b0:a5:ad:6b:53:0d:ad:9b:8e:d8:
17:37:3e:60:1c:74:1e:a3:98:72:e9:c4:7b:f4:2f:
3c:5a:33:e2:26:b2:1a:27:5e:d1:fa:f5:17:81:ed:
ed:61:77:86:ad:08:8b:4f:b1:51:25:09:47:c1:e6:
17:17:95:a7:c8:85:1c:fb:3e:e2:fc:91:45:1b:51:
75:08:34:b5:44:41:69:d9:51:46:9a:3a:04:7f:ee:
c2:c3:4d:5e:ae:73:37:97:06:c1:f5:c8:36:4d:e7:
fe:de:bb:ae:73:6a:5a:18:ae:08:b4:10:d5:00:fc:
92:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:D0:57:AE:EA:CF:82:66:34:AA:67:06:51:41:A5:0D:9D:F8:98:F8
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/oNBXrurPgmY0qmcGUUGlDZ34mPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.32.0/23
93.94.38.0/24
93.174.64.0/21
158.58.136.0/21
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
43:5b:bd:7a:5f:30:3a:d9:6f:2c:9b:e0:a4:5a:71:00:be:0e:
b3:9c:c8:7c:ab:27:c3:b3:97:34:e6:c0:20:91:2b:77:34:e5:
be:f1:0a:bf:ed:b2:6d:0b:ed:45:7b:07:47:6c:84:2e:47:e6:
f6:46:4b:3b:c1:a8:a9:3b:75:0c:20:f3:54:63:c1:5e:7c:2a:
b1:42:67:9f:cd:41:6e:6a:c0:e6:81:6a:94:00:e9:35:fc:52:
65:81:02:34:76:8d:95:a2:07:1a:e4:f1:1e:8f:47:0c:96:cc:
90:45:d6:51:ec:2d:25:94:c9:97:bb:43:8a:fe:43:6f:5c:7b:
13:86:bf:8b:50:84:25:15:57:3b:8f:47:0b:7d:4e:49:24:dc:
a1:92:e1:ab:36:e5:4c:aa:26:14:1c:36:0e:70:7c:a5:56:de:
af:78:96:41:49:08:5d:e1:da:38:8e:28:9a:ac:df:f2:96:89:
74:cb:3e:fe:2f:fe:cc:98:ba:12:4b:8b:be:9a:af:5b:84:c4:
64:73:8c:0a:9f:36:f0:fb:91:03:db:98:a6:83:bf:01:89:90:
d6:5b:a0:87:3a:39:d5:c9:3d:a1:5f:c6:34:59:98:72:04:39:
76:c1:e7:f2:e6:07:f9:3d:ba:47:de:3b:5b:16:fe:58:0b:c5:
9e:5c:c8:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZgOaSVQK8xRibtrXK/dreVrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwNzE1MTQwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGQwNTdhZWVhY2Y4MjY2MzRhYTY3MDY1MTQxYTUwZDlkZjg5OGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUXmCATv2L4UXGLK/+GzvUXhyy2Q
6IacLdlsaPOtXIlySK1TzaJlVu2ANxqBaVd6ibviokoESouO9mvo4UVQFep5EH7T
4AJHFVgIJJbosl/faIZjeS2Xx1e+47mRBF37N9FURkCUwLuc2GgLjXlX3aSvmGAD
SV4F8SXvcZLf38n+cU5YTJkeG6zgELClrWtTDa2bjtgXNz5gHHQeo5hy6cR79C88
WjPiJrIaJ17R+vUXge3tYXeGrQiLT7FRJQlHweYXF5WnyIUc+z7i/JFFG1F1CDS1
REFp2VFGmjoEf+7Cw01ernM3lwbB9cg2Tef+3ruuc2paGK4ItBDVAPySGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKDQV67qz4JmNKpnBlFBpQ2d+Jj4MB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvb05CWHJ1clBnbVkwcW1jR1VVR2xEWjM0bVBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBXV4gAwQA
XV4mAwQDXa5AAwQDnjqIAwQCuVSwMA0GCSqGSIb3DQEBCwUAA4IBAQBDW716XzA6
2W8sm+CkWnEAvg6znMh8qyfDs5c05sAgkSt3NOW+8Qq/7bJtC+1FewdHbIQuR+b2
Rks7waipO3UMIPNUY8FefCqxQmefzUFuasDmgWqUAOk1/FJlgQI0do2Vogca5PEe
j0cMlsyQRdZR7C0llMmXu0OK/kNvXHsThr+LUIQlFVc7j0cLfU5JJNyhkuGrNuVM
qiYUHDYOcHylVt6veJZBSQhd4do4jiiarN/ylol0yz7+L/7MmLoSS4u+mq9bhMRk
c4wKnzbw+5ED25img78BiZDWW6CHOjnVyT2hX8Y0WZhyBDl2wefy5gf5PbpH3jtb
Fv5YC8WeXMhZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 09:27:52 2025 by rpki-client