Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/OtQ48GIqhoV8BbHUJtSPHtzr3bM.roa
File: OtQ48GIqhoV8BbHUJtSPHtzr3bM.roa (raw, json)
Hash identifier: Qd9IkkyUrKLcvFwMqdzhvX7YcnKe2XLSIuFWdUOxwyk=
Subject key identifier: 3A:D4:38:F0:62:2A:86:85:7C:05:B1:D4:26:D4:8F:1E:DC:EB:DD:B3
Certificate issuer: /CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Certificate serial: 0198EB28012C8A2D998BB81ABB74536E6805
Authority key identifier: F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/OtQ48GIqhoV8BbHUJtSPHtzr3bM.roa
Signing time: Wed 27 Aug 2025 10:52:04 +0000
ROA not before: Wed 27 Aug 2025 10:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 192.115.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:28:01:2c:8a:2d:99:8b:b8:1a:bb:74:53:6e:68:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9856d674f0e9dbf6012d5b5d3d96b43afd76473
Validity
Not Before: Aug 27 10:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ad438f0622a86857c05b1d426d48f1edcebddb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d6:a3:92:36:41:6e:67:a1:72:04:86:db:ae:
fc:ea:bc:2e:c8:dc:39:5e:2a:e5:14:8a:89:84:45:
f9:32:94:bb:99:23:a6:19:39:b6:ba:15:a8:f1:0d:
82:ec:6f:d3:d0:85:80:71:47:d5:d5:98:5a:21:5f:
1e:a5:f6:dc:b8:76:8b:b9:1c:9d:90:71:ea:a3:c1:
3d:ee:bd:6c:ad:ce:ec:ba:cc:2c:7a:f2:6b:30:0b:
b8:d1:73:6d:52:5a:4d:59:19:e6:e6:41:59:e8:0f:
44:93:35:57:3a:08:bc:13:87:4e:e6:12:7d:f2:78:
3d:ae:18:fc:69:0e:e3:80:7b:da:95:99:14:5a:68:
f4:29:a5:75:f4:b9:fc:6c:ee:ed:a5:fe:a7:5a:b2:
5c:a3:9b:1f:01:23:41:9f:ff:c3:b4:be:5c:af:7c:
5a:44:11:48:fc:d3:12:2f:ef:7a:fe:b8:fd:40:31:
ed:a2:08:2a:00:d9:b4:2f:05:ce:c3:a4:c8:98:d7:
19:d2:b1:bc:d8:28:ab:cc:85:ac:ba:ad:1b:03:f2:
33:aa:f5:f2:62:47:8b:1e:ff:e1:4e:5c:f9:02:f8:
4d:e1:1a:ef:83:60:9d:a1:03:80:e1:93:18:7a:e1:
3f:48:9c:a5:a8:db:30:4c:f9:6b:2e:75:3d:c7:d6:
ff:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D4:38:F0:62:2A:86:85:7C:05:B1:D4:26:D4:8F:1E:DC:EB:DD:B3
X509v3 Authority Key Identifier:
keyid:F9:85:6D:67:4F:0E:9D:BF:60:12:D5:B5:D3:D9:6B:43:AF:D7:64:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YVtZ08Onb9gEtW109lrQ6_XZHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/OtQ48GIqhoV8BbHUJtSPHtzr3bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/9f9590-7f0a-41b3-ac4f-efd14db957fb/1/1-YVtZ08Onb9gEtW109lrQ6_XZHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.115.232.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:cd:9a:4d:0e:0b:b2:40:1a:b5:fc:ec:74:79:a6:66:66:23:
b3:d9:dd:05:19:6d:19:b4:73:9a:12:19:fe:de:8f:90:5c:3d:
f3:09:c4:4b:91:85:0c:cc:cd:8c:81:48:08:89:13:23:bd:bc:
e8:8e:09:d2:5a:68:fd:10:da:f3:d4:03:c2:cb:64:8c:3a:eb:
e8:1f:70:ec:c9:74:9f:33:47:70:7f:a9:a6:41:2b:52:50:19:
80:62:07:15:b5:37:b1:52:60:3d:77:a8:25:1f:26:0e:85:64:
2e:b4:33:3a:6b:06:b5:13:74:b6:11:ba:c8:8f:89:3a:7d:8c:
00:55:73:ca:b0:aa:42:d4:91:30:61:03:5f:b0:9b:98:1e:49:
bb:df:67:bb:92:73:a2:28:19:f5:f6:d7:97:a3:17:52:04:c6:
f7:31:dc:45:96:60:e8:c2:1e:f9:8a:4a:f2:55:f9:4e:f5:1b:
97:cf:9e:a2:28:7b:d9:3f:05:d2:40:30:f2:65:73:c0:73:2b:
7e:fb:48:62:f8:61:8f:90:ad:b1:38:ac:60:c9:b3:8b:25:6d:
78:c0:e1:70:6a:7b:2a:d9:46:7b:98:90:cf:0a:5a:07:f9:aa:
cf:08:4e:c3:f4:b6:3b:26:18:98:36:05:87:ad:78:15:ef:f6:
43:00:67:de
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZjrKAEsii2Zi7gau3RTbmgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5ODU2ZDY3NGYwZTlkYmY2MDEyZDViNWQzZDk2YjQzYWZk
NzY0NzMwHhcNMjUwODI3MTA1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWQ0MzhmMDYyMmE4Njg1N2MwNWIxZDQyNmQ0OGYxZWRjZWJkZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNajkjZBbmehcgSG26786rwuyNw5
XirlFIqJhEX5MpS7mSOmGTm2uhWo8Q2C7G/T0IWAcUfV1ZhaIV8epfbcuHaLuRyd
kHHqo8E97r1src7suswsevJrMAu40XNtUlpNWRnm5kFZ6A9EkzVXOgi8E4dO5hJ9
8ng9rhj8aQ7jgHvalZkUWmj0KaV19Ln8bO7tpf6nWrJco5sfASNBn//DtL5cr3xa
RBFI/NMSL+96/rj9QDHtoggqANm0LwXOw6TImNcZ0rG82CirzIWsuq0bA/IzqvXy
YkeLHv/hTlz5AvhN4Rrvg2CdoQOA4ZMYeuE/SJylqNswTPlrLnU9x9b/xQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDrUOPBiKoaFfAWx1CbUjx7c692zMB8GA1UdIwQY
MBaAFPmFbWdPDp2/YBLVtdPZa0Ov12RzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1ZVnRaMDhPbmI5Z0V0VzEwOWxyUTZfWFpITS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRm
LWVmZDE0ZGI5NTdmYi8xL090UTQ4R0lxaG9WOEJiSFVKdFNQSHR6cjNiTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGEvOWY5NTkwLTdmMGEtNDFiMy1hYzRmLWVmZDE0ZGI5NTdm
Yi8xLzEtWVZ0WjA4T25iOWdFdFcxMDlsclE2X1haSE0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAc+gw
DQYJKoZIhvcNAQELBQADggEBADzNmk0OC7JAGrX87HR5pmZmI7PZ3QUZbRm0c5oS
Gf7ej5BcPfMJxEuRhQzMzYyBSAiJEyO9vOiOCdJaaP0Q2vPUA8LLZIw66+gfcOzJ
dJ8zR3B/qaZBK1JQGYBiBxW1N7FSYD13qCUfJg6FZC60MzprBrUTdLYRusiPiTp9
jABVc8qwqkLUkTBhA1+wm5geSbvfZ7uSc6IoGfX215ejF1IExvcx3EWWYOjCHvmK
SvJV+U71G5fPnqIoe9k/BdJAMPJlc8BzK377SGL4YY+QrbE4rGDJs4slbXjA4XBq
eyrZRnuYkM8KWgf5qs8ITsP0tjsmGJg2BYeteBXv9kMAZ94=
-----END CERTIFICATE-----
Generated at Wed Sep 10 00:18:44 2025 by rpki-client