Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OJRKFrAGazOzJ40gSGoefwXYAYk.roa
File: OJRKFrAGazOzJ40gSGoefwXYAYk.roa (raw, json)
Hash identifier: PYjRffHLN9ZeR3WG+z3kihL+ssNvEEg9dtGsRN0k3fI=
Subject key identifier: 38:94:4A:16:B0:06:6B:33:B3:27:8D:20:48:6A:1E:7F:05:D8:01:89
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0195F5261A9BDD5D75059140B87BD8D6789C
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OJRKFrAGazOzJ40gSGoefwXYAYk.roa
Signing time: Wed 02 Apr 2025 06:17:49 +0000
ROA not before: Wed 02 Apr 2025 06:17:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f5:26:1a:9b:dd:5d:75:05:91:40:b8:7b:d8:d6:78:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Apr 2 06:17:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38944a16b0066b33b3278d20486a1e7f05d80189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5f:47:e8:3f:29:25:6c:55:73:2f:71:84:87:
f7:c1:53:67:35:89:a7:7c:7c:dc:41:99:91:38:af:
53:31:b4:c7:92:34:01:f4:a4:23:4e:ed:fd:02:ff:
80:3d:aa:6a:1a:f5:2d:82:aa:37:66:36:9b:40:f5:
57:57:66:e4:a1:39:5a:58:bd:93:cd:4c:e6:31:06:
32:de:ff:15:3c:8c:e6:9b:04:69:d7:92:35:75:d0:
63:d6:13:a7:36:9c:b1:2e:10:c8:b2:17:45:d9:59:
82:ae:87:65:8a:14:fd:10:37:c0:59:0b:c7:58:6b:
d6:a2:b3:2b:ad:32:31:15:a7:16:ed:b8:7f:fb:2f:
ed:37:56:43:96:41:9e:2a:09:cb:6e:47:b9:81:06:
d6:4d:cd:01:d1:d7:4d:09:db:db:5e:0e:91:ad:24:
f8:97:10:4c:55:35:85:f3:56:d6:1a:94:e3:d3:c1:
de:85:51:56:4d:f6:c9:da:7d:d2:db:43:7b:9b:92:
38:4b:c5:7a:0f:29:80:cc:81:8e:6d:e0:b9:9f:ee:
49:0c:18:e1:23:13:b3:36:ba:9b:67:85:7b:75:88:
e3:0b:d0:52:97:3f:56:e6:e9:ce:4c:ed:d9:66:b8:
7e:b3:d1:d7:72:c0:cd:87:d1:62:18:e8:45:1e:28:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:94:4A:16:B0:06:6B:33:B3:27:8D:20:48:6A:1E:7F:05:D8:01:89
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OJRKFrAGazOzJ40gSGoefwXYAYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.153.127.0/24
46.183.187.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.214.32.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::/47
2a03:f80:47::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
97:1c:a9:54:40:24:cd:75:ff:76:4b:5c:82:fc:85:e6:64:20:
05:66:ae:34:a4:0b:92:8d:80:98:2a:7f:0b:87:05:06:23:a7:
ce:8f:8d:fd:ad:d8:15:19:30:cd:28:12:88:39:a0:92:41:01:
7d:8f:f5:ee:35:8f:88:78:55:c4:98:f0:0d:e3:56:90:f7:5c:
5c:9a:3a:03:2a:53:09:c2:dc:f9:f2:7e:ed:a9:41:71:52:84:
75:4f:1a:c3:99:79:a7:8d:a1:40:0e:d4:50:87:6e:1b:3e:41:
b4:f5:41:5f:78:a2:91:10:27:d5:ff:da:6e:9f:12:21:4d:ae:
8f:b9:ed:c1:b3:56:86:a1:6d:c7:73:4d:c7:a3:b7:a9:c9:27:
a7:90:88:89:aa:ed:e4:06:24:d6:5a:a2:0c:22:c6:fc:52:3c:
9d:aa:e5:49:fa:69:57:e7:f2:96:37:02:21:d0:a4:06:cf:41:
82:01:bc:1c:40:2a:93:97:6e:ff:db:b8:c1:c3:cb:a0:8c:45:
d5:c5:8f:70:89:f4:35:83:42:64:0e:a7:dd:b8:7f:bc:eb:51:
45:65:95:f7:76:5f:90:97:f3:83:79:ab:2e:a3:5e:dc:fc:0f:
ff:41:54:b9:2f:93:59:1f:36:67:97:7b:9b:d2:00:38:bd:a8:
12:39:6a:5a
-----BEGIN CERTIFICATE-----
MIIGhjCCBW6gAwIBAgISAZX1Jhqb3V11BZFAuHvY1nicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNDAyMDYxNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk0NGExNmIwMDY2YjMzYjMyNzhkMjA0ODZhMWU3ZjA1ZDgwMTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l9H6D8pJWxVcy9xhIf3wVNnNYmn
fHzcQZmROK9TMbTHkjQB9KQjTu39Av+APapqGvUtgqo3ZjabQPVXV2bkoTlaWL2T
zUzmMQYy3v8VPIzmmwRp15I1ddBj1hOnNpyxLhDIshdF2VmCrodlihT9EDfAWQvH
WGvWorMrrTIxFacW7bh/+y/tN1ZDlkGeKgnLbke5gQbWTc0B0ddNCdvbXg6RrST4
lxBMVTWF81bWGpTj08HehVFWTfbJ2n3S20N7m5I4S8V6DymAzIGObeC5n+5JDBjh
IxOzNrqbZ4V7dYjjC9BSlz9W5unOTO3ZZrh+s9HXcsDNh9FiGOhFHigyuwIDAQAB
o4IDkjCCA44wHQYDVR0OBBYEFDiUShawBmszsyeNIEhqHn8F2AGJMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvT0pSS0ZyQUdhek96SjQwZ1NHb2Vmd1hZQVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpgYIKwYBBQUHAQcBAf8EggGVMIIBkTCB+wQCAAEwgfQD
BAAFuyEDBAAl6zADBAAl6zMDBAAtmX8DBAAut7sDBAFT83gDBAFZH3gDBABZH3sw
DAMEA1ku6AMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF+czAMEAF+czwMEAWc5
+AMEAGc5+wMEAIb/0zAMAwQAlZqdAwQFlZqAAwQAl+wEMAwDBACX7A8DBACX7BIw
DAMEApfsFAMEAJfsFgMEAJfsGQMEAJ7/0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQA
uRrsAwQBuRruAwQBuUxOAwQAuXq7AwQAucEwAwQAucNAAwQAucNCAwQAvNYgAwQA
1bc3MIGQBAIAAjCBiQMHASoDD4AAMgMHACoDD4AAOQMHASoDD4AAQAMHASoDD4AA
RDASAwcAKgMPgABHAwcBKgMPgABIAwcAKgMPgABhAwcAKgMPgABlAwcAKgMPgACB
AwcAKgMPgANYAwcAKgMPgAOBAwcAKgMPgAhSAwcAKgMPgAlxAwcAKgMPgEQWAwcA
KgMPgO1RMA0GCSqGSIb3DQEBCwUAA4IBAQCXHKlUQCTNdf92S1yC/IXmZCAFZq40
pAuSjYCYKn8LhwUGI6fOj439rdgVGTDNKBKIOaCSQQF9j/XuNY+IeFXEmPAN41aQ
91xcmjoDKlMJwtz58n7tqUFxUoR1TxrDmXmnjaFADtRQh24bPkG09UFfeKKRECfV
/9punxIhTa6Pue3Bs1aGoW3Hc03Ho7epySenkIiJqu3kBiTWWqIMIsb8UjydquVJ
+mlX5/KWNwIh0KQGz0GCAbwcQCqTl27/27jBw8ugjEXVxY9wifQ1g0JkDqfduH+8
61FFZZX3dl+Ql/ODeasuo17c/A//QVS5L5NZHzZnl3ub0gA4vagSOWpa
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:56:33 2025 by rpki-client