Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/oWp27mBOrz7MXkN3QVP_5A9gnvU.roa
File: oWp27mBOrz7MXkN3QVP_5A9gnvU.roa (raw, json)
Hash identifier: /+rul4/RODDQhUqBM7ZwYOoIISVCxzBmGSNg7RYrmUA=
Subject key identifier: A1:6A:76:EE:60:4E:AF:3E:CC:5E:43:77:41:53:FF:E4:0F:60:9E:F5
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 01997315AA055D7832B94AB08248DF6C3C0A
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/oWp27mBOrz7MXkN3QVP_5A9gnvU.roa
Signing time: Mon 22 Sep 2025 20:20:23 +0000
ROA not before: Mon 22 Sep 2025 20:20:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211680
IP address blocks: 45.156.128.0/24 maxlen: 24
45.156.129.0/24 maxlen: 24
45.156.130.0/24 maxlen: 24
185.180.140.0/24 maxlen: 24
185.180.143.0/24 maxlen: 24
185.226.198.0/24 maxlen: 24
2a10:3c0:1::/48 maxlen: 48
2a10:3c0:2::/48 maxlen: 48
2a10:3c0:100::/48 maxlen: 48
2a10:3c0:101::/48 maxlen: 48
2a10:3c0:102::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:73:15:aa:05:5d:78:32:b9:4a:b0:82:48:df:6c:3c:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Sep 22 20:20:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a16a76ee604eaf3ecc5e43774153ffe40f609ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6c:1c:e9:dc:93:97:4a:70:1d:a0:fa:76:49:
7d:a0:7a:94:0f:02:03:36:a0:91:7e:d4:86:33:17:
76:16:c3:05:54:f1:0a:91:78:72:1a:e0:1d:09:e1:
fc:19:3c:d1:f8:dc:f6:f8:6e:f4:6c:7a:eb:d0:a4:
8f:b7:db:6e:a4:1d:90:e2:a5:41:a7:c1:1d:a0:11:
13:26:25:aa:fe:f3:da:2f:87:f8:cb:24:2a:fd:05:
6b:d6:68:0f:f1:30:cc:d4:a6:40:b9:61:5a:cd:86:
3d:c2:a6:f0:cd:a1:37:d7:23:ff:cb:2c:0c:cb:fa:
b4:f6:8e:87:8d:57:d1:bc:f6:73:09:0a:99:0a:36:
8d:59:8c:ea:16:59:f2:53:d0:05:fe:ef:ea:71:74:
87:b2:c8:0d:94:d1:83:20:54:91:60:54:2f:a5:0d:
66:c6:db:3e:25:69:ff:58:8b:8b:12:53:bb:77:66:
18:9f:c1:c0:91:19:02:33:97:12:91:85:15:a5:5c:
a5:71:a2:f3:d1:bd:db:c9:67:ad:1e:79:c9:ba:f1:
12:ba:ef:5c:d0:f5:17:10:86:03:ff:a2:26:e8:42:
5c:66:fe:50:dc:6c:45:f7:37:e1:18:c3:d5:20:f5:
87:26:de:2c:14:1f:84:71:36:5d:a2:e2:55:0c:a5:
85:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6A:76:EE:60:4E:AF:3E:CC:5E:43:77:41:53:FF:E4:0F:60:9E:F5
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/oWp27mBOrz7MXkN3QVP_5A9gnvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.128.0-45.156.130.255
185.180.140.0/24
185.180.143.0/24
185.226.198.0/24
IPv6:
2a10:3c0:1::-2a10:3c0:2:ffff:ffff:ffff:ffff:ffff
2a10:3c0:100::-2a10:3c0:102:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
21:58:ff:b0:7c:fb:1e:35:43:9b:3b:0f:1e:e2:15:b9:12:11:
62:45:e4:d3:86:52:9d:96:1e:84:f1:61:84:21:cf:76:3f:ea:
4d:fb:a7:e1:72:5a:66:71:9b:34:10:d5:8a:d4:fa:9a:ca:14:
97:08:20:42:fd:a1:26:b7:b6:0b:33:c8:1d:01:30:d6:ce:28:
98:4a:04:5b:ca:3c:7d:9e:0e:5f:63:bb:59:ba:4f:23:d1:27:
da:f2:f1:74:36:89:f9:25:ae:fa:d4:64:18:41:af:14:90:30:
5a:a8:09:7d:f1:fb:c5:4e:78:4b:7e:07:77:e9:73:df:f8:8d:
4a:14:e6:58:c9:20:f0:8a:08:b6:09:d8:5a:7c:e6:88:ba:1b:
bf:ee:64:84:a4:f1:96:40:f8:c7:25:91:17:c2:31:7c:68:2c:
5e:fa:45:87:fc:cb:59:20:8a:2f:66:cb:b6:d7:b7:f4:5a:27:
b7:02:0b:99:9b:89:5c:e0:3d:e6:7e:4c:c9:6f:4e:bb:4f:e3:
0b:4a:95:91:89:5a:b5:25:8b:13:ac:e2:23:2e:f0:4d:39:01:
51:8f:29:80:d7:f7:3c:2b:68:b5:85:11:91:99:24:d6:57:fa:
fe:f7:7e:7b:e3:53:f6:73:be:83:68:a3:0b:c3:76:98:6d:cd:
ee:d4:4a:83
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZlzFaoFXXgyuUqwgkjfbDwKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwOTIyMjAyMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZhNzZlZTYwNGVhZjNlY2M1ZTQzNzc0MTUzZmZlNDBmNjA5ZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGwc6dyTl0pwHaD6dkl9oHqUDwID
NqCRftSGMxd2FsMFVPEKkXhyGuAdCeH8GTzR+Nz2+G70bHrr0KSPt9tupB2Q4qVB
p8EdoBETJiWq/vPaL4f4yyQq/QVr1mgP8TDM1KZAuWFazYY9wqbwzaE31yP/yywM
y/q09o6HjVfRvPZzCQqZCjaNWYzqFlnyU9AF/u/qcXSHssgNlNGDIFSRYFQvpQ1m
xts+JWn/WIuLElO7d2YYn8HAkRkCM5cSkYUVpVylcaLz0b3byWetHnnJuvESuu9c
0PUXEIYD/6Im6EJcZv5Q3GxF9zfhGMPVIPWHJt4sFB+EcTZdouJVDKWFuwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFKFqdu5gTq8+zF5Dd0FT/+QPYJ71MB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvb1dwMjdtQk9yejdNWGtOM1FWUF81QTlnbnZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAmBAIAATAgMAwDBActnIAD
BAAtnIIDBAC5tIwDBAC5tI8DBAC54sYwLQQCAAIwJzASAwcAKhADwAABAwcAKhAD
wAACMBEDBgAqEAPAAQMHACoQA8ABAjANBgkqhkiG9w0BAQsFAAOCAQEAIVj/sHz7
HjVDmzsPHuIVuRIRYkXk04ZSnZYehPFhhCHPdj/qTfun4XJaZnGbNBDVitT6msoU
lwggQv2hJre2CzPIHQEw1s4omEoEW8o8fZ4OX2O7WbpPI9En2vLxdDaJ+SWu+tRk
GEGvFJAwWqgJffH7xU54S34Hd+lz3/iNShTmWMkg8IoItgnYWnzmiLobv+5khKTx
lkD4xyWRF8IxfGgsXvpFh/zLWSCKL2bLtte39FontwILmZuJXOA95n5MyW9Ou0/j
C0qVkYlatSWLE6ziIy7wTTkBUY8pgNf3PCtotYURkZkk1lf6/vd+e+NT9nO+g2ij
C8N2mG3N7tRKgw==
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:03:57 2025 by rpki-client