Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/oJK6kuYy1I9exNffB7ljge9x1SU.roa
File: oJK6kuYy1I9exNffB7ljge9x1SU.roa (raw, json)
Hash identifier: f3vtK7EsdfUWOFqkQWjwwPcgXwPXtKGOU1XAV5aiHlg=
Subject key identifier: A0:92:BA:92:E6:32:D4:8F:5E:C4:D7:DF:07:B9:63:81:EF:71:D5:25
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 0197D493C3482CE63997363622E3AB4C4421
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/oJK6kuYy1I9exNffB7ljge9x1SU.roa
Signing time: Fri 04 Jul 2025 08:35:42 +0000
ROA not before: Fri 04 Jul 2025 08:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3218
IP address blocks: 193.232.2.0/24 maxlen: 24
193.232.3.0/24 maxlen: 24
193.232.4.0/24 maxlen: 24
193.232.6.0/24 maxlen: 24
193.232.8.0/24 maxlen: 24
193.232.9.0/24 maxlen: 24
193.232.10.0/24 maxlen: 24
193.232.11.0/24 maxlen: 24
193.232.12.0/24 maxlen: 24
193.232.13.0/24 maxlen: 24
193.232.17.0/24 maxlen: 24
193.232.19.0/24 maxlen: 24
193.232.27.0/24 maxlen: 24
193.232.28.0/24 maxlen: 24
193.232.31.0/24 maxlen: 24
193.232.192.0/22 maxlen: 24
193.232.196.0/23 maxlen: 24
193.232.207.0/24 maxlen: 24
193.232.212.0/24 maxlen: 24
193.232.218.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:93:c3:48:2c:e6:39:97:36:36:22:e3:ab:4c:44:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jul 4 08:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a092ba92e632d48f5ec4d7df07b96381ef71d525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:6a:75:6b:27:b2:d4:be:69:37:54:29:b9:
53:7c:9b:e4:ef:40:75:58:5d:fb:af:36:22:cd:2d:
ee:45:6d:72:ca:62:7a:12:2f:42:40:df:bc:5b:0f:
10:86:f5:21:d2:40:5c:0a:42:9d:d0:7c:bd:c7:fc:
1f:fa:af:f5:e2:ea:64:d9:60:7b:b1:8c:18:87:bb:
4c:9c:60:f7:af:6c:cd:39:e4:3e:c9:83:5c:8a:14:
ad:88:d1:da:4f:37:79:e9:10:8b:b2:eb:3d:4b:5f:
16:54:a7:9b:e1:c3:de:17:6c:fe:ac:ab:a4:51:6a:
ab:da:69:41:86:68:a8:f2:83:e2:d3:fe:cf:fe:b3:
ad:d9:78:fe:f7:cb:32:d6:dc:48:12:0e:c4:75:a5:
23:e4:b1:ac:74:69:35:9c:29:31:21:4e:53:d4:f9:
a8:98:87:8e:81:e7:83:60:51:a0:b7:48:d3:d2:33:
94:29:ae:44:dc:1d:fb:23:4c:84:79:58:a6:b9:a4:
66:29:b1:d2:69:fc:58:2f:7a:bc:c5:1c:ef:03:df:
1d:9e:c3:0e:ae:2a:98:bc:14:71:f0:a3:44:39:9c:
82:68:54:26:f7:b1:f1:f8:00:96:5b:4d:83:b8:6f:
8c:a6:f7:59:a3:ff:0a:7a:d7:51:80:4d:52:37:ee:
27:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:92:BA:92:E6:32:D4:8F:5E:C4:D7:DF:07:B9:63:81:EF:71:D5:25
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/oJK6kuYy1I9exNffB7ljge9x1SU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.2.0-193.232.4.255
193.232.6.0/24
193.232.8.0-193.232.13.255
193.232.17.0/24
193.232.19.0/24
193.232.27.0-193.232.28.255
193.232.31.0/24
193.232.192.0-193.232.197.255
193.232.207.0/24
193.232.212.0/24
193.232.218.0/23
Signature Algorithm: sha256WithRSAEncryption
16:ac:66:38:e3:ed:b4:6e:6d:57:4e:e1:ff:04:8f:b8:8f:b1:
ac:d7:79:28:db:0b:db:90:98:ed:6a:87:46:80:a7:6b:d6:3a:
f4:95:af:dd:13:1e:e1:28:bb:7a:df:f2:e4:0c:c2:e4:f3:b6:
6f:e1:2a:77:11:ab:c3:74:66:5e:77:e7:6b:4e:44:12:e9:e9:
f4:f3:cf:0d:43:a3:85:24:10:b4:ac:c0:73:df:07:24:96:97:
8a:37:07:86:92:1f:8f:04:9a:d7:1d:c0:4c:e6:6e:c4:f0:f3:
b0:66:46:2b:a7:e8:9b:e3:b8:7d:66:ee:14:9a:74:38:5a:4a:
2e:b7:7d:74:70:ea:40:d7:1b:d3:0f:e6:87:f0:28:0d:02:bc:
b4:21:06:96:f2:82:de:ba:2a:0b:55:9f:87:2e:01:68:ce:d4:
81:45:7c:13:ec:fa:8d:7c:36:c8:de:7f:58:2a:4a:50:80:da:
1a:b7:36:38:99:14:31:8f:36:b8:5f:78:6b:de:5a:52:00:6b:
65:8c:19:86:d5:25:56:5a:2d:c4:d9:65:2d:7e:f0:b3:1c:ea:
9f:23:11:e9:75:4e:c0:df:4b:e7:1d:c5:7c:cb:d4:a3:38:37:
86:53:8c:df:b1:ec:ba:ba:c5:a6:ab:a6:26:f0:c8:68:cf:7d:
a3:c0:3c:4f
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZfUk8NILOY5lzY2IuOrTEQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjUwNzA0MDgzNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDkyYmE5MmU2MzJkNDhmNWVjNGQ3ZGYwN2I5NjM4MWVmNzFkNTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv+JqdWsnstS+aTdUKblTfJvk70B1
WF37rzYizS3uRW1yymJ6Ei9CQN+8Ww8QhvUh0kBcCkKd0Hy9x/wf+q/14upk2WB7
sYwYh7tMnGD3r2zNOeQ+yYNcihStiNHaTzd56RCLsus9S18WVKeb4cPeF2z+rKuk
UWqr2mlBhmio8oPi0/7P/rOt2Xj+98sy1txIEg7EdaUj5LGsdGk1nCkxIU5T1Pmo
mIeOgeeDYFGgt0jT0jOUKa5E3B37I0yEeVimuaRmKbHSafxYL3q8xRzvA98dnsMO
riqYvBRx8KNEOZyCaFQm97Hx+ACWW02DuG+MpvdZo/8KetdRgE1SN+4nPwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFKCSupLmMtSPXsTX3we5Y4HvcdUlMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvb0pLNmt1WXkxSTlleE5mZkI3bGpnZTl4MVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAHB6AID
BADB6AQDBADB6AYwDAMEA8HoCAMEAcHoDAMEAMHoEQMEAMHoEzAMAwQAwegbAwQA
wegcAwQAwegfMAwDBAbB6MADBAHB6MQDBADB6M8DBADB6NQDBAHB6NowDQYJKoZI
hvcNAQELBQADggEBABasZjjj7bRubVdO4f8Ej7iPsazXeSjbC9uQmO1qh0aAp2vW
OvSVr90THuEou3rf8uQMwuTztm/hKncRq8N0Zl5352tORBLp6fTzzw1Do4UkELSs
wHPfBySWl4o3B4aSH48EmtcdwEzmbsTw87BmRiun6JvjuH1m7hSadDhaSi63fXRw
6kDXG9MP5ofwKA0CvLQhBpbygt66KgtVn4cuAWjO1IFFfBPs+o18Nsjef1gqSlCA
2hq3NjiZFDGPNrhfeGveWlIAa2WMGYbVJVZaLcTZZS1+8LMc6p8jEel1TsDfS+cd
xXzL1KM4N4ZTjN+x7Lq6xaarpibwyGjPfaPAPE8=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:40:24 2025 by rpki-client