Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0qO4O1iuPzCMlLlUt1HamKiYOoA.roa
File: 0qO4O1iuPzCMlLlUt1HamKiYOoA.roa (raw, json)
Hash identifier: cgE/JK3sVjQnbjv1N0QFg9l7ug/Hstmhscf6qZhJ3xA=
Subject key identifier: D2:A3:B8:3B:58:AE:3F:30:8C:94:B9:54:B7:51:DA:98:A8:98:3A:80
Certificate issuer: /CN=4ad467f16d0951e430713832c6c759561e76041f
Certificate serial: 0197353A3B3D66CB67DD89449AA251A6DBCA
Authority key identifier: 4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0qO4O1iuPzCMlLlUt1HamKiYOoA.roa
Signing time: Tue 03 Jun 2025 09:58:18 +0000
ROA not before: Tue 03 Jun 2025 09:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9074
IP address blocks: 37.131.248.0/24 maxlen: 24
37.131.249.0/24 maxlen: 24
37.131.250.0/24 maxlen: 24
37.131.251.0/24 maxlen: 24
37.131.252.0/24 maxlen: 24
37.131.253.0/24 maxlen: 24
37.131.254.0/24 maxlen: 24
37.131.255.0/24 maxlen: 24
185.248.108.0/24 maxlen: 24
185.248.109.0/24 maxlen: 24
185.248.110.0/24 maxlen: 24
185.248.111.0/24 maxlen: 24
2a0b:9bc0:1::/48 maxlen: 48
2a0b:9bc0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.mft
rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:3a:3b:3d:66:cb:67:dd:89:44:9a:a2:51:a6:db:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ad467f16d0951e430713832c6c759561e76041f
Validity
Not Before: Jun 3 09:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2a3b83b58ae3f308c94b954b751da98a8983a80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b0:95:a6:f6:18:8f:b8:fd:a0:c6:60:b7:1a:
3e:95:00:91:03:93:aa:0b:69:38:d3:d0:8c:82:9c:
cf:a5:99:bd:80:be:f8:cb:63:45:2d:e7:75:22:bd:
c0:0c:56:ea:e5:b3:26:a3:e4:d6:98:f5:68:02:90:
e2:69:91:1c:5c:31:04:a6:bd:b8:f5:e6:99:39:f4:
35:5b:3f:7c:a5:69:93:a0:0e:25:78:c8:d2:a8:9e:
d4:c8:ed:c6:3e:fc:73:a7:9a:69:70:57:85:90:52:
7f:d0:89:11:93:68:3f:3d:eb:2b:1e:ba:14:5e:78:
7c:f4:c8:1c:9c:b9:c0:70:55:7b:9e:16:a0:b5:e7:
1f:11:57:b8:62:b3:69:68:6e:20:c9:f7:0f:37:c6:
6c:67:56:02:75:d0:20:c4:d2:13:c9:91:d1:17:19:
77:ab:30:c5:82:14:54:ea:61:68:0f:ff:c9:08:db:
e1:f7:54:43:ad:28:6d:1f:1b:9c:dd:90:86:a9:2b:
30:f4:df:d4:aa:69:9c:82:fc:2d:ff:09:75:2d:29:
57:ba:4f:49:0b:9f:fb:e3:16:23:a0:cb:2a:07:9a:
9c:fa:5f:30:5b:e2:21:99:86:99:cc:4a:bd:ed:f5:
bc:56:0d:a8:58:fc:cf:50:86:95:e8:0d:75:5e:fe:
f2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A3:B8:3B:58:AE:3F:30:8C:94:B9:54:B7:51:DA:98:A8:98:3A:80
X509v3 Authority Key Identifier:
keyid:4A:D4:67:F1:6D:09:51:E4:30:71:38:32:C6:C7:59:56:1E:76:04:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/StRn8W0JUeQwcTgyxsdZVh52BB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/0qO4O1iuPzCMlLlUt1HamKiYOoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/338605-4db4-4ede-a310-5642353d431a/1/StRn8W0JUeQwcTgyxsdZVh52BB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.248.0/21
185.248.108.0/22
IPv6:
2a0b:9bc0:1::-2a0b:9bc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:84:ef:97:e5:20:a5:d0:8f:91:02:c5:7e:2c:65:26:44:5d:
6c:e4:86:44:8f:82:cf:8d:da:6d:f7:8d:7d:17:6f:73:cf:df:
6d:65:11:c1:4c:9c:7b:c9:e7:c8:37:0e:a5:c4:aa:55:1f:20:
1b:06:b3:cd:ff:ea:3f:f0:0a:ef:63:5a:ed:f5:38:7e:7b:f2:
25:2d:40:e8:b2:95:5f:f0:0f:d1:60:38:c2:bb:40:d9:c7:33:
fa:7f:e1:25:8c:e9:85:92:e3:be:cc:38:1d:5f:dc:c5:29:af:
6f:32:2b:07:66:24:a4:67:3a:0d:b5:c9:da:1a:3f:80:06:01:
5f:12:f1:da:d4:5a:01:dc:57:a2:6d:e1:fb:28:07:0a:c0:6b:
bf:b4:2c:55:e1:e9:61:e3:b6:8c:2f:13:ac:6e:92:3e:cd:93:
d8:33:a7:d8:f4:4e:7f:0c:6d:16:41:9c:66:e6:c4:7d:50:fe:
5c:0d:3d:d7:b0:1d:61:3d:e5:cc:c2:2b:21:51:21:64:01:0a:
b9:e5:35:b2:14:4b:55:70:72:a0:87:ea:ae:90:29:de:30:2f:
10:2a:d1:96:64:73:32:42:37:e2:b8:a1:75:9c:eb:31:b5:f1:
d7:13:01:d2:83:72:01:e1:cb:c6:90:25:80:58:51:0d:22:bd:
10:52:17:b1
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZc1Ojs9Zstn3YlEmqJRptvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhZDQ2N2YxNmQwOTUxZTQzMDcxMzgzMmM2Yzc1OTU2MWU3
NjA0MWYwHhcNMjUwNjAzMDk1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmEzYjgzYjU4YWUzZjMwOGM5NGI5NTRiNzUxZGE5OGE4OTgzYTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LCVpvYYj7j9oMZgtxo+lQCRA5Oq
C2k409CMgpzPpZm9gL74y2NFLed1Ir3ADFbq5bMmo+TWmPVoApDiaZEcXDEEpr24
9eaZOfQ1Wz98pWmToA4leMjSqJ7UyO3GPvxzp5ppcFeFkFJ/0IkRk2g/PesrHroU
Xnh89MgcnLnAcFV7nhagtecfEVe4YrNpaG4gyfcPN8ZsZ1YCddAgxNITyZHRFxl3
qzDFghRU6mFoD//JCNvh91RDrShtHxuc3ZCGqSsw9N/Uqmmcgvwt/wl1LSlXuk9J
C5/74xYjoMsqB5qc+l8wW+IhmYaZzEq97fW8Vg2oWPzPUIaV6A11Xv7yGwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNKjuDtYrj8wjJS5VLdR2piomDqAMB8GA1UdIwQY
MBaAFErUZ/FtCVHkMHE4MsbHWVYedgQfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAt
NTY0MjM1M2Q0MzFhLzEvMHFPNE8xaXVQekNNbExsVXQxSGFtS2lZT29BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zMzg2MDUtNGRiNC00ZWRlLWEzMTAtNTY0MjM1M2Q0MzFh
LzEvU3RSbjhXMEpVZVF3Y1RneXhzZFpWaDUyQkI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQDJYP4AwQC
ufhsMBoEAgACMBQwEgMHACoLm8AAAQMHACoLm8AAAjANBgkqhkiG9w0BAQsFAAOC
AQEAfITvl+UgpdCPkQLFfixlJkRdbOSGRI+Cz43abfeNfRdvc8/fbWURwUyce8nn
yDcOpcSqVR8gGwazzf/qP/AK72Na7fU4fnvyJS1A6LKVX/AP0WA4wrtA2ccz+n/h
JYzphZLjvsw4HV/cxSmvbzIrB2YkpGc6DbXJ2ho/gAYBXxLx2tRaAdxXom3h+ygH
CsBrv7QsVeHpYeO2jC8TrG6SPs2T2DOn2PROfwxtFkGcZubEfVD+XA0917AdYT3l
zMIrIVEhZAEKueU1shRLVXByoIfqrpAp3jAvECrRlmRzMkI34rihdZzrMbXx1xMB
0oNyAeHLxpAlgFhRDSK9EFIXsQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:57:28 2025 by rpki-client