Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/OW3nOicLkrmXZdp3r5orx47eGJQ.roa
File: OW3nOicLkrmXZdp3r5orx47eGJQ.roa (raw, json)
Hash identifier: 5EmIochVR6v8ogsSzgwpakcQSlqncNbG0N7JC4GvEpY=
Subject key identifier: 39:6D:E7:3A:27:0B:92:B9:97:65:DA:77:AF:9A:2B:C7:8E:DE:18:94
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 019928FC301EFCEB91EA333570464AA6BAC6
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/OW3nOicLkrmXZdp3r5orx47eGJQ.roa
Signing time: Mon 08 Sep 2025 11:00:39 +0000
ROA not before: Mon 08 Sep 2025 11:00:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51396
IP address blocks: 176.65.132.0/24 maxlen: 24
176.65.148.0/24 maxlen: 24
176.65.149.0/24 maxlen: 24
176.65.150.0/24 maxlen: 24
176.65.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:28:fc:30:1e:fc:eb:91:ea:33:35:70:46:4a:a6:ba:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Sep 8 11:00:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=396de73a270b92b99765da77af9a2bc78ede1894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:8d:35:ad:0e:2c:a6:84:07:82:a8:7f:59:28:
c5:69:91:4a:6e:b0:01:f1:aa:85:7b:f6:10:0c:1f:
8e:3b:c2:c5:71:64:34:7a:4c:31:fc:87:75:d9:fc:
49:43:77:8b:82:d4:7d:e9:e5:14:2c:47:57:69:3e:
7f:0b:76:69:04:0a:95:db:0f:07:cf:85:b3:46:8b:
70:db:c2:2c:57:88:48:e3:0f:69:c9:67:da:ab:87:
ca:f8:87:4a:d1:79:f6:9e:db:dc:18:ce:72:d8:b3:
ac:22:2d:4a:5f:38:f7:b3:49:f3:3a:bc:5f:60:7d:
bc:7e:2f:ee:98:06:ab:59:67:0f:01:5c:ef:b7:71:
99:ae:bb:43:a6:7a:aa:5d:83:71:66:90:d9:f2:e4:
f3:55:5d:7d:49:76:0b:dc:f9:cf:68:63:70:96:30:
98:f9:4e:36:31:cd:cd:21:4a:45:d9:fb:c9:eb:f5:
0a:31:4d:bd:99:c8:41:e0:51:13:48:fd:80:59:d1:
05:2b:6f:7e:9b:0a:7e:47:aa:3c:4e:01:e3:63:e8:
a8:b7:29:16:50:82:ee:b8:a8:8d:4f:d2:84:df:12:
f5:cd:b2:2b:93:6b:27:da:dd:cd:c9:7f:45:e8:db:
53:58:a4:54:53:49:a8:a3:53:76:d7:53:5a:06:2d:
42:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6D:E7:3A:27:0B:92:B9:97:65:DA:77:AF:9A:2B:C7:8E:DE:18:94
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/OW3nOicLkrmXZdp3r5orx47eGJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.132.0/24
176.65.148.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:b6:5c:38:f2:28:e6:68:16:30:06:69:ae:56:49:2d:4f:53:
11:bc:f0:69:47:1c:bb:66:96:0a:1b:7a:8c:f6:1b:23:2b:b0:
40:1e:30:40:84:b7:d2:1d:fd:0c:27:11:f1:8e:13:c9:9d:5d:
7f:fb:fe:9a:24:84:44:0c:bb:2f:2d:c1:a5:db:a4:31:88:6e:
cf:50:fd:96:f2:e2:c6:ff:75:a6:34:f1:41:d4:01:11:6c:22:
1d:07:f6:3f:a4:d9:a0:e1:3a:a1:22:9d:d2:3b:ba:45:ba:84:
8c:f2:ce:3d:0a:b5:76:bf:a6:9f:be:75:80:9c:01:26:1f:79:
ed:fc:39:ab:8e:ee:89:62:0a:1a:02:19:87:53:17:42:c6:d5:
dc:fc:80:50:4c:3e:8b:e3:48:41:c6:87:12:b3:18:fd:66:a7:
db:63:77:75:24:37:55:f6:2d:34:06:86:89:cc:70:2e:87:59:
a0:a2:8c:dc:49:2b:77:39:86:e6:86:42:b5:65:e1:b1:c8:b2:
25:72:e9:fd:7d:28:c8:db:9c:be:08:03:c4:91:c6:34:6b:76:
4f:d3:9b:71:35:f8:a2:3b:a9:9f:04:bf:c1:eb:86:85:2d:2a:
65:0f:db:bb:b4:c6:91:4e:37:2b:a7:d6:14:02:de:57:3d:ae:
81:76:ad:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZko/DAe/OuR6jM1cEZKprrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwOTA4MTEwMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZkZTczYTI3MGI5MmI5OTc2NWRhNzdhZjlhMmJjNzhlZGUxODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Y01rQ4spoQHgqh/WSjFaZFKbrAB
8aqFe/YQDB+OO8LFcWQ0ekwx/Id12fxJQ3eLgtR96eUULEdXaT5/C3ZpBAqV2w8H
z4WzRotw28IsV4hI4w9pyWfaq4fK+IdK0Xn2ntvcGM5y2LOsIi1KXzj3s0nzOrxf
YH28fi/umAarWWcPAVzvt3GZrrtDpnqqXYNxZpDZ8uTzVV19SXYL3PnPaGNwljCY
+U42Mc3NIUpF2fvJ6/UKMU29mchB4FETSP2AWdEFK29+mwp+R6o8TgHjY+iotykW
UILuuKiNT9KE3xL1zbIrk2sn2t3NyX9F6NtTWKRUU0moo1N211NaBi1CWwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDlt5zonC5K5l2Xad6+aK8eO3hiUMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvT1czbk9pY0xrcm1YWmRwM3I1b3J4NDdlR0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsEGEAwQC
sEGUMA0GCSqGSIb3DQEBCwUAA4IBAQAKtlw48ijmaBYwBmmuVkktT1MRvPBpRxy7
ZpYKG3qM9hsjK7BAHjBAhLfSHf0MJxHxjhPJnV1/+/6aJIREDLsvLcGl26QxiG7P
UP2W8uLG/3WmNPFB1AERbCIdB/Y/pNmg4TqhIp3SO7pFuoSM8s49CrV2v6afvnWA
nAEmH3nt/Dmrju6JYgoaAhmHUxdCxtXc/IBQTD6L40hBxocSsxj9ZqfbY3d1JDdV
9i00BoaJzHAuh1mgoozcSSt3OYbmhkK1ZeGxyLIlcun9fSjI25y+CAPEkcY0a3ZP
05txNfiiO6mfBL/B64aFLSplD9u7tMaRTjcrp9YUAt5XPa6Bdq3a
-----END CERTIFICATE-----
Generated at Sun Sep 14 03:40:26 2025 by rpki-client