Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/OCbmP2iMJt0_XPXBB5jaqEMkU2c.roa
File: OCbmP2iMJt0_XPXBB5jaqEMkU2c.roa (raw, json)
Hash identifier: Xv4eg71BjP19EHxS0bLmkPXFLa/G9u+oGKVTqmz32C8=
Subject key identifier: 38:26:E6:3F:68:8C:26:DD:3F:5C:F5:C1:07:98:DA:A8:43:24:53:67
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 0196C47873F9643EE600ED376B456B945221
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/OCbmP2iMJt0_XPXBB5jaqEMkU2c.roa
Signing time: Mon 12 May 2025 12:29:10 +0000
ROA not before: Mon 12 May 2025 12:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202678
IP address blocks: 185.174.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 17:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:78:73:f9:64:3e:e6:00:ed:37:6b:45:6b:94:52:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 12 12:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3826e63f688c26dd3f5cf5c10798daa843245367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:03:d0:80:3a:d0:a7:b9:0d:c8:8b:2c:da:f4:
a5:e2:3f:a1:b5:c4:6c:42:07:4c:39:90:84:aa:c4:
80:86:01:bd:3e:a0:bf:42:cd:f6:fc:fd:6e:9e:15:
66:18:35:90:91:08:57:5e:31:ac:43:b8:54:9e:d9:
39:62:79:59:1c:61:83:31:eb:ff:23:98:25:d4:64:
d5:07:14:ce:d3:f6:cf:7a:22:e3:9b:9a:3a:e5:d9:
01:8c:99:a0:2b:06:48:65:2c:2f:11:5e:dd:a6:2f:
aa:5e:a4:8c:02:30:48:90:3e:a8:0d:10:2f:5c:89:
e2:69:ad:4d:1f:37:a4:8d:3c:cd:cf:7f:31:5a:6f:
d8:6b:36:d7:ce:63:aa:2e:3a:8c:37:ba:c1:ec:7f:
38:a0:bf:1c:be:ad:a8:89:72:46:2c:df:a1:46:63:
03:f4:f0:29:66:15:be:48:dc:9d:35:6e:eb:ff:3a:
42:1b:a1:bb:70:ad:91:8c:2e:9d:8e:ec:60:6c:96:
00:31:c9:1d:e4:ee:4c:93:eb:97:87:91:3b:65:1f:
31:3b:9a:a8:54:cd:bb:d5:3d:85:4d:b4:8a:69:c2:
71:93:a1:21:1f:2b:99:8a:de:bf:b9:7f:cf:ef:0b:
76:3a:47:29:f1:53:10:a6:3b:22:7a:79:e8:ca:46:
41:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:26:E6:3F:68:8C:26:DD:3F:5C:F5:C1:07:98:DA:A8:43:24:53:67
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/OCbmP2iMJt0_XPXBB5jaqEMkU2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
18:d1:0a:e7:5f:b5:ba:e6:4a:70:fa:d6:c6:e2:01:a5:6a:39:
b0:9e:d5:75:7d:b0:e5:14:57:d8:2c:fb:0d:18:a7:c1:b1:42:
26:37:b2:0e:6b:42:fe:b9:72:6a:29:21:dd:12:a1:1b:ff:71:
95:f0:d2:75:cb:7b:5e:25:d2:f4:8d:d8:65:ee:05:48:17:47:
91:71:d8:9c:e5:02:79:3b:1b:d5:b3:7e:e6:49:59:00:69:e7:
e7:13:33:84:3e:02:01:b8:65:e1:ac:db:fc:31:e7:8d:f7:81:
f3:f3:06:37:14:49:9a:25:02:c5:84:35:d5:f4:4e:b5:61:89:
e8:41:24:4c:b8:6e:46:87:6a:5f:42:3d:d6:86:47:52:7f:86:
7d:b1:31:c7:e3:d1:20:ba:0c:ac:06:f0:33:9e:a2:74:3f:e5:
a8:96:0b:4a:39:e5:83:39:e5:6a:a9:ee:10:50:bc:87:17:ae:
b2:7b:31:71:66:3d:00:b7:0e:7e:44:dc:69:b8:42:2b:05:e7:
1c:4c:55:70:de:f2:7b:dd:15:ea:87:12:b3:97:6d:d1:f5:69:
07:fa:a1:08:38:2b:d6:b6:8d:d5:79:1b:64:1f:71:97:30:e9:
cc:26:fb:16:e2:0a:ff:d0:ee:80:d2:e5:31:9f:12:a3:b6:71:
a0:d8:96:5c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbEeHP5ZD7mAO03a0VrlFIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwNTEyMTIyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI2ZTYzZjY4OGMyNmRkM2Y1Y2Y1YzEwNzk4ZGFhODQzMjQ1MzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3APQgDrQp7kNyIss2vSl4j+htcRs
QgdMOZCEqsSAhgG9PqC/Qs32/P1unhVmGDWQkQhXXjGsQ7hUntk5YnlZHGGDMev/
I5gl1GTVBxTO0/bPeiLjm5o65dkBjJmgKwZIZSwvEV7dpi+qXqSMAjBIkD6oDRAv
XIniaa1NHzekjTzNz38xWm/YazbXzmOqLjqMN7rB7H84oL8cvq2oiXJGLN+hRmMD
9PApZhW+SNydNW7r/zpCG6G7cK2RjC6djuxgbJYAMckd5O5Mk+uXh5E7ZR8xO5qo
VM271T2FTbSKacJxk6EhHyuZit6/uX/P7wt2Okcp8VMQpjsiennoykZBswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgm5j9ojCbdP1z1wQeY2qhDJFNnMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvT0NibVAyaU1KdDBfWFBYQkI1amFxRU1rVTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAua4UMA0G
CSqGSIb3DQEBCwUAA4IBAQAY0QrnX7W65kpw+tbG4gGlajmwntV1fbDlFFfYLPsN
GKfBsUImN7IOa0L+uXJqKSHdEqEb/3GV8NJ1y3teJdL0jdhl7gVIF0eRcdic5QJ5
OxvVs37mSVkAaefnEzOEPgIBuGXhrNv8MeeN94Hz8wY3FEmaJQLFhDXV9E61YYno
QSRMuG5Gh2pfQj3WhkdSf4Z9sTHH49EgugysBvAznqJ0P+WolgtKOeWDOeVqqe4Q
ULyHF66yezFxZj0Atw5+RNxpuEIrBeccTFVw3vJ73RXqhxKzl23R9WkH+qEIOCvW
to3VeRtkH3GXMOnMJvsW4gr/0O6A0uUxnxKjtnGg2JZc
-----END CERTIFICATE-----
Generated at Mon Jun 9 01:30:33 2025 by rpki-client