Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oWSXGiNhuWw57-kdKaoUI11k040.roa
File: oWSXGiNhuWw57-kdKaoUI11k040.roa (raw, json)
Hash identifier: gWTD6GdXJrpgmU0Bc3iajvMJmZIfWzFvV9ah9V8kv+w=
Subject key identifier: A1:64:97:1A:23:61:B9:6C:39:EF:E9:1D:29:AA:14:23:5D:64:D3:8D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0197BDA827273D2A5C1CC038B959DDFFCDE2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oWSXGiNhuWw57-kdKaoUI11k040.roa
Signing time: Sun 29 Jun 2025 21:46:43 +0000
ROA not before: Sun 29 Jun 2025 21:46:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 77.93.138.0/23 maxlen: 24
82.152.52.0/23 maxlen: 24
213.130.150.0/24 maxlen: 24
213.210.48.0/23 maxlen: 24
213.218.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bd:a8:27:27:3d:2a:5c:1c:c0:38:b9:59:dd:ff:cd:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 29 21:46:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a164971a2361b96c39efe91d29aa14235d64d38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6f:40:14:88:52:07:41:3d:6a:a8:16:35:1d:
29:6a:08:45:cb:e0:a7:1f:6d:38:2c:46:05:5f:85:
a1:54:d8:be:3c:b3:07:9e:8a:2a:07:46:7d:63:6e:
15:cf:f6:09:ec:f2:22:69:54:2d:b2:69:61:42:c8:
ae:3c:5c:14:98:1a:65:07:09:68:32:76:bc:4a:a7:
52:2d:b9:ae:5c:5b:bc:e1:75:40:3e:44:91:1c:09:
4c:0a:bf:c4:52:20:55:c8:4a:37:c3:d9:ca:f1:73:
33:31:32:68:cd:ab:c3:c8:c0:28:14:d8:e8:dd:c0:
08:aa:b0:7b:80:00:ff:26:18:f2:ec:52:d6:b1:e9:
79:a3:38:92:ea:e3:c8:43:0d:6c:61:ad:f2:90:73:
08:a8:c4:ea:60:60:b0:a1:1c:a8:2b:4b:0d:22:24:
f6:2b:20:8b:a5:96:59:b5:14:fa:e2:04:c6:d3:60:
17:19:63:ec:25:e1:7e:57:8f:5a:72:b3:ba:8b:57:
b9:0c:9d:88:98:86:d1:2d:1b:b6:1d:30:37:7c:85:
ae:bb:df:e6:fc:de:a1:ff:99:22:5b:10:40:07:3a:
ca:44:7d:74:0b:e6:e1:5e:f3:29:32:15:bb:17:89:
e0:fa:31:af:a2:bb:a6:2c:f1:21:d4:44:31:44:40:
fa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:64:97:1A:23:61:B9:6C:39:EF:E9:1D:29:AA:14:23:5D:64:D3:8D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oWSXGiNhuWw57-kdKaoUI11k040.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.138.0/23
82.152.52.0/23
213.130.150.0/24
213.210.48.0/23
213.218.226.0/24
Signature Algorithm: sha256WithRSAEncryption
85:0e:84:52:56:e4:b0:de:2e:b9:83:26:b8:e4:dd:88:7f:e1:
e4:b3:3f:e7:ab:0d:a3:99:fa:c3:cf:c1:bb:3e:c3:a9:b6:0a:
46:e5:6e:fc:ba:c4:36:23:64:87:ae:59:c4:8e:0c:f5:ec:40:
8c:7a:4d:c9:0d:e6:f4:2f:5a:b5:9c:74:6a:85:aa:b5:67:b8:
79:d5:09:18:fb:89:bd:66:47:41:95:37:c8:65:28:14:1d:fc:
8e:ff:dd:03:90:77:e0:0a:16:32:aa:dd:57:b1:94:44:c3:ff:
65:32:54:17:ab:cd:7f:77:ac:93:9e:81:cf:1a:75:e9:83:8a:
de:3b:41:8f:2a:c3:59:b0:98:c8:9d:b7:9d:59:58:bf:72:26:
52:1d:f4:97:f2:e0:5f:e3:31:02:92:91:8e:b8:f8:2a:d3:44:
c7:98:4f:bf:98:41:07:92:dd:39:fb:ce:3b:3e:b4:d7:d1:fe:
30:3b:9c:67:1a:5e:ff:bb:29:d7:f2:c5:1d:1b:d0:e6:03:3c:
27:12:5c:dd:a4:da:a3:5b:78:a6:45:b3:f8:a4:13:5e:f6:b8:
d6:3c:af:e3:48:70:b2:7f:5a:cb:2d:86:91:8a:78:b3:e1:a8:
62:ad:44:cd:8a:e7:04:67:11:52:a6:71:94:8d:a4:fe:bf:5b:
5e:51:fc:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZe9qCcnPSpcHMA4uVnd/83iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjI5MjE0NjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY0OTcxYTIzNjFiOTZjMzllZmU5MWQyOWFhMTQyMzVkNjRkMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG9AFIhSB0E9aqgWNR0paghFy+Cn
H204LEYFX4WhVNi+PLMHnooqB0Z9Y24Vz/YJ7PIiaVQtsmlhQsiuPFwUmBplBwlo
Mna8SqdSLbmuXFu84XVAPkSRHAlMCr/EUiBVyEo3w9nK8XMzMTJozavDyMAoFNjo
3cAIqrB7gAD/Jhjy7FLWsel5oziS6uPIQw1sYa3ykHMIqMTqYGCwoRyoK0sNIiT2
KyCLpZZZtRT64gTG02AXGWPsJeF+V49acrO6i1e5DJ2ImIbRLRu2HTA3fIWuu9/m
/N6h/5kiWxBABzrKRH10C+bhXvMpMhW7F4ng+jGvorumLPEh1EQxRED66QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKFklxojYblsOe/pHSmqFCNdZNONMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1dTWEdpTmh1V3c1Ny1rZEthb1VJMTFrMDQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTV2KAwQB
Upg0AwQA1YKWAwQB1dIwAwQA1driMA0GCSqGSIb3DQEBCwUAA4IBAQCFDoRSVuSw
3i65gya45N2If+Hksz/nqw2jmfrDz8G7PsOptgpG5W78usQ2I2SHrlnEjgz17ECM
ek3JDeb0L1q1nHRqhaq1Z7h51QkY+4m9ZkdBlTfIZSgUHfyO/90DkHfgChYyqt1X
sZREw/9lMlQXq81/d6yTnoHPGnXpg4reO0GPKsNZsJjInbedWVi/ciZSHfSX8uBf
4zECkpGOuPgq00THmE+/mEEHkt05+847PrTX0f4wO5xnGl7/uynX8sUdG9DmAzwn
ElzdpNqjW3imRbP4pBNe9rjWPK/jSHCyf1rLLYaRiniz4ahirUTNiucEZxFSpnGU
jaT+v1teUfxO
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:29:36 2025 by rpki-client