Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oIgTn5Wn9ig1kGT3_v5Bj22EoE0.roa
File: oIgTn5Wn9ig1kGT3_v5Bj22EoE0.roa (raw, json)
Hash identifier: 9WBkSy8UvwQp/kNgarpwp5AMLZN6BX67FCvxzXTS+zo=
Subject key identifier: A0:88:13:9F:95:A7:F6:28:35:90:64:F7:FE:FE:41:8F:6D:84:A0:4D
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01991F1A579B3581FB8B0E4BC6716075CD01
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oIgTn5Wn9ig1kGT3_v5Bj22EoE0.roa
Signing time: Sat 06 Sep 2025 12:57:24 +0000
ROA not before: Sat 06 Sep 2025 12:57:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1f:1a:57:9b:35:81:fb:8b:0e:4b:c6:71:60:75:cd:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 6 12:57:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a088139f95a7f628359064f7fefe418f6d84a04d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4c:23:83:6c:ec:ff:f7:41:2f:e0:f0:94:31:
a8:40:89:d5:5c:a4:e4:95:57:ac:3f:b5:43:e8:81:
5d:09:57:d0:22:96:ba:1c:25:91:fa:9d:27:e3:f1:
51:e0:62:a7:55:4a:4b:88:ff:27:ca:89:47:25:28:
6c:37:b1:96:a7:ef:01:9c:7b:6a:f9:23:e4:7d:b1:
c2:b9:e5:2f:53:87:de:0e:41:89:52:0b:5c:91:04:
7f:a1:60:2e:8e:e2:ec:a1:70:18:d7:0e:90:eb:19:
98:6f:15:f6:c6:03:41:a4:55:20:92:6e:45:a1:2f:
b9:1f:b0:7c:43:42:49:92:50:d4:7d:44:94:8c:5d:
2d:69:d8:fe:ac:66:03:27:c0:80:cf:28:d4:6c:17:
ce:3b:4c:2a:28:0c:1b:1d:41:42:6e:69:c8:27:07:
18:e7:db:7f:84:11:b7:8a:8a:f2:e9:83:aa:9f:84:
a2:9c:aa:2a:7e:52:60:72:a6:39:50:66:b3:19:af:
18:98:21:7c:51:cd:d9:97:aa:09:ed:6f:e2:b9:19:
c8:61:f7:8b:aa:78:bb:fc:bc:a1:af:9f:d4:de:25:
35:f7:41:8c:15:c1:8f:02:6f:37:9a:63:c4:04:1d:
04:71:55:a6:3a:cc:5c:08:cf:eb:3f:a1:b4:3c:89:
0b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:88:13:9F:95:A7:F6:28:35:90:64:F7:FE:FE:41:8F:6D:84:A0:4D
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/oIgTn5Wn9ig1kGT3_v5Bj22EoE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.137.0/24
94.74.156.0/24
94.74.159.0/24
94.74.171.0/24
109.203.163.0/24
176.46.136.0/24
176.46.139.0/24
176.46.142.0/24
176.46.144.0/24
176.46.150.0/24
176.46.155.0/24
Signature Algorithm: sha256WithRSAEncryption
43:51:d7:70:22:7d:a5:6e:52:b9:13:c4:f5:43:f9:b7:80:97:
48:50:7c:dc:b2:31:2a:1b:7e:a7:86:3f:11:c9:86:b6:67:f8:
ed:08:46:1c:ce:fb:c7:bc:34:e3:b6:af:db:4f:06:ad:e3:a2:
89:f3:b7:5b:59:00:b5:18:f6:53:53:f8:d6:ea:e8:8e:5d:bf:
7e:76:eb:54:5d:81:29:f2:78:65:61:e3:da:f1:93:76:32:3a:
c0:91:85:00:76:dd:cf:57:2a:31:0b:42:47:dd:98:7d:c2:0a:
42:f5:8c:c6:5b:a6:ed:cd:5a:ce:fd:0a:c8:05:c0:27:41:61:
d7:d3:52:89:a6:e7:96:1d:b3:96:42:ad:e5:d6:63:d7:3b:34:
48:91:54:e5:24:c6:f8:8f:f2:38:bc:83:8c:94:1c:d3:38:95:
e7:dd:c2:5c:dd:9e:16:1c:9a:d8:cb:0e:ee:78:15:a3:57:97:
8e:31:7e:6e:36:a5:15:b3:ad:54:c8:c6:21:6b:e1:0b:93:0c:
ad:4a:2e:00:4f:0f:34:34:16:22:9e:1f:af:47:12:96:9c:25:
c0:ce:df:a6:f1:5b:d4:02:e6:6d:b5:f2:cf:03:53:44:58:96:
e7:69:7f:d6:f0:da:9f:50:63:a9:9e:1a:33:ce:eb:b9:b3:fe:
dc:dc:08:4a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZkfGlebNYH7iw5LxnFgdc0BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwOTA2MTI1NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg4MTM5Zjk1YTdmNjI4MzU5MDY0ZjdmZWZlNDE4ZjZkODRhMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEwjg2zs//dBL+DwlDGoQInVXKTk
lVesP7VD6IFdCVfQIpa6HCWR+p0n4/FR4GKnVUpLiP8nyolHJShsN7GWp+8BnHtq
+SPkfbHCueUvU4feDkGJUgtckQR/oWAujuLsoXAY1w6Q6xmYbxX2xgNBpFUgkm5F
oS+5H7B8Q0JJklDUfUSUjF0tadj+rGYDJ8CAzyjUbBfOO0wqKAwbHUFCbmnIJwcY
59t/hBG3iory6YOqn4SinKoqflJgcqY5UGazGa8YmCF8Uc3Zl6oJ7W/iuRnIYfeL
qni7/Lyhr5/U3iU190GMFcGPAm83mmPEBB0EcVWmOsxcCM/rP6G0PIkLawIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFKCIE5+Vp/YoNZBk9/7+QY9thKBNMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvb0lnVG41V245aWcxa0dUM192NUJqMjJFb0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAXkqJAwQA
XkqcAwQAXkqfAwQAXkqrAwQAbcujAwQAsC6IAwQAsC6LAwQAsC6OAwQAsC6QAwQA
sC6WAwQAsC6bMA0GCSqGSIb3DQEBCwUAA4IBAQBDUddwIn2lblK5E8T1Q/m3gJdI
UHzcsjEqG36nhj8RyYa2Z/jtCEYczvvHvDTjtq/bTwat46KJ87dbWQC1GPZTU/jW
6uiOXb9+dutUXYEp8nhlYePa8ZN2MjrAkYUAdt3PVyoxC0JH3Zh9wgpC9YzGW6bt
zVrO/QrIBcAnQWHX01KJpueWHbOWQq3l1mPXOzRIkVTlJMb4j/I4vIOMlBzTOJXn
3cJc3Z4WHJrYyw7ueBWjV5eOMX5uNqUVs61UyMYha+ELkwytSi4ATw80NBYinh+v
RxKWnCXAzt+m8VvUAuZttfLPA1NEWJbnaX/W8NqfUGOpnhozzuu5s/7c3AhK
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:56:58 2025 by rpki-client