Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/oPKPd-423WF5V15yagK86WwFUVY.roa
File: oPKPd-423WF5V15yagK86WwFUVY.roa (raw, json)
Hash identifier: bGYB3v8kpj4d0uBLYdK9tT6a9KgSd3ApBvwwynLJ+KU=
Subject key identifier: A0:F2:8F:77:EE:36:DD:61:79:57:5E:72:6A:02:BC:E9:6C:05:51:56
Certificate issuer: /CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Certificate serial: 01973F77614511116C47997D027E55E183D8
Authority key identifier: CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/oPKPd-423WF5V15yagK86WwFUVY.roa
Signing time: Thu 05 Jun 2025 09:41:17 +0000
ROA not before: Thu 05 Jun 2025 09:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200200
IP address blocks: 185.124.149.0/24 maxlen: 24
193.58.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:77:61:45:11:11:6c:47:99:7d:02:7e:55:e1:83:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Validity
Not Before: Jun 5 09:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0f28f77ee36dd6179575e726a02bce96c055156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:75:c0:ad:89:71:63:8b:51:e2:81:46:75:b9:
c2:9f:09:2f:4e:d3:0c:07:20:f3:1e:33:f6:41:1e:
90:c9:f5:f1:ff:ef:da:39:fd:85:38:dd:48:0f:0e:
85:e3:3d:f9:d2:f4:7d:bb:d0:0b:64:59:cb:11:e1:
4c:fb:bc:7e:c0:33:5c:7b:d5:7f:c4:72:b4:c3:10:
ca:25:f4:85:8b:b9:48:7f:e6:d2:a7:fd:fa:58:d3:
03:2a:7c:42:f7:f1:37:03:d8:81:d7:7c:58:a9:7a:
85:f1:25:f2:e3:bc:6e:ab:4c:c0:d8:3f:10:4c:9e:
a5:d4:fe:5d:13:52:d4:3b:b8:85:d6:76:e4:ee:16:
94:aa:e3:42:41:2b:4b:e8:b2:c0:e0:3b:82:dc:79:
41:fe:a3:a5:d5:d6:c1:25:b5:02:be:1b:b9:82:f4:
2d:ae:3a:ff:25:6e:69:25:9a:09:c0:ed:9b:6d:52:
8c:ef:e9:9a:ff:42:26:e5:1c:19:d9:2b:88:fe:5a:
a3:76:24:96:35:54:dc:e6:be:6e:2d:2e:65:50:90:
20:19:84:63:a9:be:b7:97:6f:b4:53:ea:98:49:3f:
88:21:62:30:c5:a9:cd:a8:5f:88:50:70:e8:cc:d7:
56:dd:a8:5c:0f:be:f2:97:29:e7:60:59:4a:1c:b3:
01:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F2:8F:77:EE:36:DD:61:79:57:5E:72:6A:02:BC:E9:6C:05:51:56
X509v3 Authority Key Identifier:
keyid:CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/oPKPd-423WF5V15yagK86WwFUVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.149.0/24
193.58.117.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ef:37:59:6c:b3:85:b8:cb:d5:3a:34:45:65:e5:3d:ca:b7:
7d:ec:ac:41:d8:cd:54:69:b1:c4:35:7b:13:09:83:df:4c:a3:
cd:a6:a9:21:38:81:5c:58:3a:be:6a:9f:ce:e1:45:bc:58:a4:
db:8b:cb:72:fb:63:d3:2f:08:5d:a9:17:1b:f5:0a:af:c6:49:
56:9b:5d:d7:00:5e:a0:d8:9c:0b:2d:1c:4e:92:a0:ab:e0:0a:
b2:7c:55:47:b9:bd:b6:22:34:d2:b9:64:cb:f1:75:10:90:e5:
6e:57:8b:64:39:8d:1e:8b:1d:9f:1f:d2:a7:f4:95:76:40:25:
97:c5:41:c9:ff:0c:c4:45:24:22:ba:7f:0a:78:4a:06:49:82:
c9:1a:4d:85:3f:cc:e7:cb:ca:c2:b1:50:00:69:bd:c2:e4:2e:
f7:1e:0b:0e:19:1a:e5:34:87:fa:02:b4:13:ee:83:16:d9:ff:
22:c8:b2:72:23:5c:af:ef:29:1b:1c:12:86:4e:76:03:d1:b4:
46:30:89:22:ba:fd:c0:1a:7c:56:8a:84:37:80:ce:74:fb:8e:
a8:24:a4:90:9d:0f:f5:cd:cb:32:a7:c4:d5:0b:a6:b6:ba:52:
d5:1b:f3:bc:20:7a:8d:29:b5:a8:f6:2d:23:5d:fa:98:b4:1f:
f7:48:ce:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc/d2FFERFsR5l9An5V4YPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlN2NhY2ZhNzM1Y2VlYWZkZDJhMjE0YzA5ZWU3MjQ2OTQy
NTI1MGUwHhcNMjUwNjA1MDk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGYyOGY3N2VlMzZkZDYxNzk1NzVlNzI2YTAyYmNlOTZjMDU1MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+nXArYlxY4tR4oFGdbnCnwkvTtMM
ByDzHjP2QR6QyfXx/+/aOf2FON1IDw6F4z350vR9u9ALZFnLEeFM+7x+wDNce9V/
xHK0wxDKJfSFi7lIf+bSp/36WNMDKnxC9/E3A9iB13xYqXqF8SXy47xuq0zA2D8Q
TJ6l1P5dE1LUO7iF1nbk7haUquNCQStL6LLA4DuC3HlB/qOl1dbBJbUCvhu5gvQt
rjr/JW5pJZoJwO2bbVKM7+ma/0Im5RwZ2SuI/lqjdiSWNVTc5r5uLS5lUJAgGYRj
qb63l2+0U+qYST+IIWIwxanNqF+IUHDozNdW3ahcD77ylynnYFlKHLMBfQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDyj3fuNt1heVdecmoCvOlsBVFWMB8GA1UdIwQY
MBaAFM58rPpzXO6v3SohTAnuckaUJSUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYt
Yjg0ZWRhMmU4NDZhLzEvb1BLUGQtNDIzV0Y1VjE1eWFnSzg2V3dGVVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYtYjg0ZWRhMmU4NDZh
LzEvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuXyVAwQA
wTp1MA0GCSqGSIb3DQEBCwUAA4IBAQCI7zdZbLOFuMvVOjRFZeU9yrd97KxB2M1U
abHENXsTCYPfTKPNpqkhOIFcWDq+ap/O4UW8WKTbi8ty+2PTLwhdqRcb9QqvxklW
m13XAF6g2JwLLRxOkqCr4AqyfFVHub22IjTSuWTL8XUQkOVuV4tkOY0eix2fH9Kn
9JV2QCWXxUHJ/wzERSQiun8KeEoGSYLJGk2FP8zny8rCsVAAab3C5C73HgsOGRrl
NIf6ArQT7oMW2f8iyLJyI1yv7ykbHBKGTnYD0bRGMIkiuv3AGnxWioQ3gM50+46o
JKSQnQ/1zcsyp8TVC6a2ulLVG/O8IHqNKbWo9i0jXfqYtB/3SM7a
-----END CERTIFICATE-----
Generated at Mon Jun 9 10:07:43 2025 by rpki-client