Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/oiBEvO2p29cLUYapByjoEoYyzDg.roa
File: oiBEvO2p29cLUYapByjoEoYyzDg.roa (raw, json)
Hash identifier: vhwwgY7QGbDe4OWAOvjloCFsUXviJLu/e8Pkbh7LI2o=
Subject key identifier: A2:20:44:BC:ED:A9:DB:D7:0B:51:86:A9:07:28:E8:12:86:32:CC:38
Certificate issuer: /CN=a63c7f29b883f4b3c2436d963dc8532a1a634cca
Certificate serial: 0197EA362EF1B7D3A6BB8AE321DE3F50E8D6
Authority key identifier: A6:3C:7F:29:B8:83:F4:B3:C2:43:6D:96:3D:C8:53:2A:1A:63:4C:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/oiBEvO2p29cLUYapByjoEoYyzDg.roa
Signing time: Tue 08 Jul 2025 13:25:08 +0000
ROA not before: Tue 08 Jul 2025 13:25:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42130
IP address blocks: 185.192.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:36:2e:f1:b7:d3:a6:bb:8a:e3:21:de:3f:50:e8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63c7f29b883f4b3c2436d963dc8532a1a634cca
Validity
Not Before: Jul 8 13:25:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a22044bceda9dbd70b5186a90728e8128632cc38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:91:e4:ad:7e:4a:46:04:7f:b9:03:ec:1a:07:
28:9c:a2:40:fb:4c:cd:fc:9b:76:d0:3f:ec:64:bb:
8e:4e:38:b8:84:7b:43:95:88:e7:00:03:08:76:b0:
90:e9:e7:e1:62:42:5e:2b:e3:81:e7:5d:98:fa:85:
4e:93:95:6f:df:b4:b9:95:1d:74:8c:74:cf:23:9a:
07:fd:e9:c1:26:78:ed:b0:66:96:40:0c:85:d4:28:
73:52:49:18:26:d0:f2:fd:60:11:90:16:bf:e2:b3:
52:bc:0d:80:f7:25:78:3e:38:53:ac:8e:21:6b:09:
79:2c:1d:2b:e0:f3:1c:3f:a5:a0:5f:db:58:77:d8:
53:0f:ae:01:fa:47:7b:52:dd:64:67:8f:3f:ef:cc:
4b:ef:06:e7:d7:19:ad:51:ee:c7:0b:a3:89:d2:a4:
b3:0d:e1:1d:4d:30:9d:23:93:b3:a7:c3:49:29:bc:
c2:33:c0:0b:a9:1b:06:05:1e:78:6f:03:0c:f2:70:
f1:ea:33:05:87:b5:f0:7f:12:8c:c7:4f:cf:8c:a1:
73:4c:a0:07:d4:20:54:89:89:9a:2a:54:fc:af:77:
00:98:b9:59:a3:93:0d:6c:dd:3a:00:62:46:c2:26:
01:c7:9d:6a:a7:2c:b6:98:71:00:43:a9:2a:99:ad:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:20:44:BC:ED:A9:DB:D7:0B:51:86:A9:07:28:E8:12:86:32:CC:38
X509v3 Authority Key Identifier:
keyid:A6:3C:7F:29:B8:83:F4:B3:C2:43:6D:96:3D:C8:53:2A:1A:63:4C:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjx_KbiD9LPCQ22WPchTKhpjTMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/oiBEvO2p29cLUYapByjoEoYyzDg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/304d73-65ba-4bbe-9fde-dc26e9ee8410/1/pjx_KbiD9LPCQ22WPchTKhpjTMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.208.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:ff:1f:ee:f1:a2:e1:a6:91:f2:5e:a0:df:2a:b5:db:b9:a5:
9e:47:a2:3f:1a:53:ad:64:a1:42:60:f2:05:e4:fe:f5:10:13:
4c:50:6a:b8:73:bb:54:4b:05:cb:6c:9d:87:7e:21:3d:a1:81:
e1:67:1e:e8:71:52:7f:13:4e:0d:56:74:d9:4a:2d:82:55:6c:
f8:fd:9b:62:0b:2f:3d:30:4c:88:86:23:19:ea:1a:7b:e9:bf:
de:57:11:19:95:b5:3d:4a:00:8c:22:75:98:73:76:97:59:7b:
95:be:64:74:a3:73:01:43:53:14:5a:f8:a1:ed:6e:bb:ac:ca:
1d:5d:ee:5b:9e:85:2c:27:bf:af:d1:84:1f:73:ab:4b:39:a5:
76:94:12:a0:fa:dd:4f:fb:65:6c:b0:78:64:de:73:b8:55:ea:
14:14:40:7e:33:18:c4:4d:af:13:96:a4:31:91:a8:56:c1:90:
29:4d:c1:e6:a3:30:1b:01:dc:03:c1:49:13:4b:62:dc:9e:0c:
27:ce:38:95:eb:b0:a8:7e:82:e3:54:8e:af:af:40:ac:e0:1b:
95:62:f9:9f:01:c9:63:85:e1:c6:5c:75:33:ea:2d:9a:a5:b0:
bf:7d:d1:85:7c:9f:23:ce:3d:2c:e6:64:3c:80:4f:4c:4d:96:
fd:28:f5:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfqNi7xt9Omu4rjId4/UOjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2M3ZjI5Yjg4M2Y0YjNjMjQzNmQ5NjNkYzg1MzJhMWE2
MzRjY2EwHhcNMjUwNzA4MTMyNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIwNDRiY2VkYTlkYmQ3MGI1MTg2YTkwNzI4ZTgxMjg2MzJjYzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJHkrX5KRgR/uQPsGgconKJA+0zN
/Jt20D/sZLuOTji4hHtDlYjnAAMIdrCQ6efhYkJeK+OB512Y+oVOk5Vv37S5lR10
jHTPI5oH/enBJnjtsGaWQAyF1ChzUkkYJtDy/WARkBa/4rNSvA2A9yV4PjhTrI4h
awl5LB0r4PMcP6WgX9tYd9hTD64B+kd7Ut1kZ48/78xL7wbn1xmtUe7HC6OJ0qSz
DeEdTTCdI5Ozp8NJKbzCM8ALqRsGBR54bwMM8nDx6jMFh7XwfxKMx0/PjKFzTKAH
1CBUiYmaKlT8r3cAmLlZo5MNbN06AGJGwiYBx51qpyy2mHEAQ6kqma0VNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIgRLztqdvXC1GGqQco6BKGMsw4MB8GA1UdIwQY
MBaAFKY8fym4g/SzwkNtlj3IUyoaY0zKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp4X0tiaUQ5TFBDUTIyV1BjaFRLaHBqVE1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8zMDRkNzMtNjViYS00YmJlLTlmZGUt
ZGMyNmU5ZWU4NDEwLzEvb2lCRXZPMnAyOWNMVVlhcEJ5am9Fb1l5ekRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8zMDRkNzMtNjViYS00YmJlLTlmZGUtZGMyNmU5ZWU4NDEw
LzEvcGp4X0tiaUQ5TFBDUTIyV1BjaFRLaHBqVE1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucDQMA0G
CSqGSIb3DQEBCwUAA4IBAQDU/x/u8aLhppHyXqDfKrXbuaWeR6I/GlOtZKFCYPIF
5P71EBNMUGq4c7tUSwXLbJ2HfiE9oYHhZx7ocVJ/E04NVnTZSi2CVWz4/ZtiCy89
MEyIhiMZ6hp76b/eVxEZlbU9SgCMInWYc3aXWXuVvmR0o3MBQ1MUWvih7W67rMod
Xe5bnoUsJ7+v0YQfc6tLOaV2lBKg+t1P+2VssHhk3nO4VeoUFEB+MxjETa8TlqQx
kahWwZApTcHmozAbAdwDwUkTS2LcngwnzjiV67CofoLjVI6vr0Cs4BuVYvmfAclj
heHGXHUz6i2apbC/fdGFfJ8jzj0s5mQ8gE9MTZb9KPW6
-----END CERTIFICATE-----
Generated at Wed Jul 23 06:10:25 2025 by rpki-client