Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/gOF-xzAEKX1O-x2b-Oj9o4YnCvs.roa
File: gOF-xzAEKX1O-x2b-Oj9o4YnCvs.roa (raw, json)
Hash identifier: MQeq/rmEp9bKHzBoxXf16f7fykVrPrRjmB+U1KsVgUo=
Subject key identifier: 80:E1:7E:C7:30:04:29:7D:4E:FB:1D:9B:F8:E8:FD:A3:86:27:0A:FB
Certificate issuer: /CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Certificate serial: 019712466DFF5C860EF63FDD8A282521B53E
Authority key identifier: 2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/gOF-xzAEKX1O-x2b-Oj9o4YnCvs.roa
Signing time: Tue 27 May 2025 15:04:54 +0000
ROA not before: Tue 27 May 2025 15:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209671
IP address blocks: 46.174.140.0/24 maxlen: 24
185.104.208.0/22 maxlen: 24
2a06:3340::/32 maxlen: 32
2a09:de80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:12:46:6d:ff:5c:86:0e:f6:3f:dd:8a:28:25:21:b5:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2f9339fbb8cb33c522751c530f3a20a753547c
Validity
Not Before: May 27 15:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80e17ec73004297d4efb1d9bf8e8fda386270afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:d6:a2:12:86:c9:44:da:cf:a2:2a:23:85:
bf:c5:24:ad:52:57:17:da:76:b5:59:8a:75:23:83:
d8:fa:8d:3a:75:3c:9f:fd:04:1c:1d:7a:77:c7:5c:
c4:a3:66:39:5d:7d:66:e9:c7:a3:5c:34:e1:e5:6a:
a8:ee:69:85:0d:09:da:2a:85:61:82:41:fc:12:14:
bc:e6:c8:3f:54:ef:54:8a:ec:b3:22:9a:29:5c:e6:
bc:82:ad:8a:35:27:36:2d:59:7f:aa:8b:84:19:fa:
05:d4:b7:34:d2:58:14:5d:42:be:59:67:a7:ca:19:
ea:66:94:ca:ec:ce:d7:c0:f5:05:94:b0:ce:b3:bb:
ea:52:44:4f:a4:91:be:ba:63:79:3d:3e:a2:12:52:
7b:0c:55:db:71:b6:6b:2c:42:28:35:44:8f:d4:fc:
e6:8d:97:c2:ae:f1:1e:5f:0b:18:44:ce:5c:c1:60:
d4:a5:76:e5:8f:1b:85:45:28:4f:a6:70:18:45:4b:
f2:9e:cf:e9:b6:6a:e9:cc:26:67:bd:72:b8:89:fd:
5e:2a:09:e6:4a:f6:f0:12:1b:a3:d0:b9:83:0c:5c:
f6:fb:ab:a8:73:8f:17:1f:35:d9:e9:b4:56:e7:a7:
bc:fb:63:9b:7a:14:9b:7b:63:31:24:0a:2b:28:20:
4f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E1:7E:C7:30:04:29:7D:4E:FB:1D:9B:F8:E8:FD:A3:86:27:0A:FB
X509v3 Authority Key Identifier:
keyid:2D:2F:93:39:FB:B8:CB:33:C5:22:75:1C:53:0F:3A:20:A7:53:54:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LS-TOfu4yzPFInUcUw86IKdTVHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/gOF-xzAEKX1O-x2b-Oj9o4YnCvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/95fa61-17fb-4890-9598-1d3a1e9b7545/1/LS-TOfu4yzPFInUcUw86IKdTVHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.140.0/24
185.104.208.0/22
IPv6:
2a06:3340::/32
2a09:de80::/32
Signature Algorithm: sha256WithRSAEncryption
0f:fe:04:df:12:58:fe:1f:d3:4a:fe:a4:db:64:80:f0:77:8c:
99:21:01:25:4f:4e:ce:22:10:5f:6b:f8:56:59:58:5e:43:2e:
a6:63:c7:0d:21:f5:a3:bd:13:da:05:a0:01:a7:35:87:0a:25:
49:68:53:88:b7:8f:8c:ce:6c:69:9c:29:e9:11:e2:20:1d:f2:
28:53:ac:34:c5:db:51:b2:9c:be:a2:d5:99:58:9f:41:38:e2:
1d:9d:02:87:d6:f6:e5:fc:a9:95:88:68:23:84:41:df:9a:61:
c7:92:68:e8:ac:20:2e:52:b9:dc:69:39:50:62:02:1e:49:c4:
3b:c6:79:03:ab:af:62:1a:95:84:32:5c:2e:1c:0e:8d:74:9f:
8b:53:7f:64:1a:21:bc:3f:69:81:4d:d6:d6:1e:19:12:52:9b:
2a:1a:b4:c2:bd:0d:2c:74:a5:37:bf:a7:74:19:9a:8f:a5:03:
6a:9a:ea:02:f8:16:c0:f8:f5:85:72:09:09:03:7a:1c:6b:7e:
6a:f6:72:ea:eb:66:d9:51:19:dc:a1:a6:55:83:d2:95:b3:b2:
a6:58:ca:18:a2:7c:52:1e:ef:a1:c6:ec:31:e9:b5:2a:d0:da:
92:d4:5f:a5:14:46:35:8d:29:92:f6:8b:d8:dc:66:2a:a6:ed:
d5:f6:e0:19
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZcSRm3/XIYO9j/diiglIbU+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmY5MzM5ZmJiOGNiMzNjNTIyNzUxYzUzMGYzYTIwYTc1
MzU0N2MwHhcNMjUwNTI3MTUwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGUxN2VjNzMwMDQyOTdkNGVmYjFkOWJmOGU4ZmRhMzg2MjcwYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqg/WohKGyUTaz6IqI4W/xSStUlcX
2na1WYp1I4PY+o06dTyf/QQcHXp3x1zEo2Y5XX1m6cejXDTh5Wqo7mmFDQnaKoVh
gkH8EhS85sg/VO9UiuyzIpopXOa8gq2KNSc2LVl/qouEGfoF1Lc00lgUXUK+WWen
yhnqZpTK7M7XwPUFlLDOs7vqUkRPpJG+umN5PT6iElJ7DFXbcbZrLEIoNUSP1Pzm
jZfCrvEeXwsYRM5cwWDUpXbljxuFRShPpnAYRUvyns/ptmrpzCZnvXK4if1eKgnm
SvbwEhuj0LmDDFz2+6uoc48XHzXZ6bRW56e8+2ObehSbe2MxJAorKCBPWQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIDhfscwBCl9Tvsdm/jo/aOGJwr7MB8GA1UdIwQY
MBaAFC0vkzn7uMszxSJ1HFMPOiCnU1R8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgt
MWQzYTFlOWI3NTQ1LzEvZ09GLXh6QUVLWDFPLXgyYi1PajlvNFluQ3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi85NWZhNjEtMTdmYi00ODkwLTk1OTgtMWQzYTFlOWI3NTQ1
LzEvTFMtVE9mdTR5elBGSW5VY1V3ODZJS2RUVkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQALq6MAwQC
uWjQMBQEAgACMA4DBQAqBjNAAwUAKgnegDANBgkqhkiG9w0BAQsFAAOCAQEAD/4E
3xJY/h/TSv6k22SA8HeMmSEBJU9OziIQX2v4VllYXkMupmPHDSH1o70T2gWgAac1
hwolSWhTiLePjM5saZwp6RHiIB3yKFOsNMXbUbKcvqLVmVifQTjiHZ0Ch9b25fyp
lYhoI4RB35phx5Jo6KwgLlK53Gk5UGICHknEO8Z5A6uvYhqVhDJcLhwOjXSfi1N/
ZBohvD9pgU3W1h4ZElKbKhq0wr0NLHSlN7+ndBmaj6UDaprqAvgWwPj1hXIJCQN6
HGt+avZy6utm2VEZ3KGmVYPSlbOypljKGKJ8Uh7vocbsMem1KtDaktRfpRRGNY0p
kvaL2NxmKqbt1fbgGQ==
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:31:26 2025 by rpki-client