
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/O4gR5xOTs4Ka7RxFw5S-suo9Yt4.roa
File: O4gR5xOTs4Ka7RxFw5S-suo9Yt4.roa (raw, json)
Hash identifier: cOb09Q56rNsrHJDt4uCS16lJBMq8eR81lrUaHpUt4e0=
Subject key identifier: 3B:88:11:E7:13:93:B3:82:9A:ED:1C:45:C3:94:BE:B2:EA:3D:62:DE
Certificate issuer: /CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Certificate serial: 01974008F426DAB4F38E1D7FDD38E2D7D1F4
Authority key identifier: BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/O4gR5xOTs4Ka7RxFw5S-suo9Yt4.roa
Signing time: Thu 05 Jun 2025 12:20:17 +0000
ROA not before: Thu 05 Jun 2025 12:20:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60633
IP address blocks: 91.230.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:08:f4:26:da:b4:f3:8e:1d:7f:dd:38:e2:d7:d1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba838f1ca8bdcd81c04b6b678e79be614e51b111
Validity
Not Before: Jun 5 12:20:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b8811e71393b3829aed1c45c394beb2ea3d62de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d4:39:70:8f:a9:0c:2d:5a:67:25:eb:f9:13:
48:5b:db:82:f6:4f:46:de:57:fa:8c:84:14:60:51:
bf:96:e6:ad:ba:6f:8e:80:1c:0f:f2:a7:08:60:24:
c7:3b:4a:e7:97:9a:f9:64:9e:1a:f1:0a:57:1e:d8:
aa:d3:62:18:45:8c:08:0a:c5:b9:2b:2d:35:68:73:
14:93:06:ac:f8:a6:ae:b7:24:2d:9f:83:56:ae:fe:
89:65:75:c7:4b:c0:d3:ba:f6:df:db:07:f1:37:38:
3a:49:3c:bd:bd:37:99:98:27:f2:19:04:73:6c:d7:
8a:56:a8:4f:01:e6:87:43:7c:6d:ff:5b:d3:d8:f3:
af:30:5a:07:c3:83:83:fe:c4:05:3e:9b:42:90:57:
13:9b:f0:cd:aa:d8:2f:5f:91:9a:c8:b0:ae:7b:dd:
88:8b:d6:5a:59:5e:33:c7:28:16:76:77:0c:1f:e1:
a4:ac:ed:0d:20:58:8f:e8:40:03:3d:e1:8e:15:17:
82:6b:4d:0f:f6:13:a0:e6:07:d3:ac:55:e7:9c:b8:
0b:f1:97:ed:1e:12:71:09:6e:fc:ba:a5:4a:54:1e:
c0:60:44:91:4a:52:9f:8f:6d:5b:b1:a7:65:ad:1d:
ec:eb:20:1e:44:df:22:75:9e:ed:d5:e7:a9:d9:f8:
ca:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:88:11:E7:13:93:B3:82:9A:ED:1C:45:C3:94:BE:B2:EA:3D:62:DE
X509v3 Authority Key Identifier:
keyid:BA:83:8F:1C:A8:BD:CD:81:C0:4B:6B:67:8E:79:BE:61:4E:51:B1:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uoOPHKi9zYHAS2tnjnm-YU5RsRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/O4gR5xOTs4Ka7RxFw5S-suo9Yt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/db4e88-e58d-4345-80c7-093eb9a9aa8b/1/uoOPHKi9zYHAS2tnjnm-YU5RsRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.249.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f9:ff:56:5f:e5:68:3a:26:fd:ab:23:9a:50:df:48:1b:bf:
ba:33:0f:8d:12:8b:63:b5:fb:fc:72:93:3d:a5:fe:80:1c:41:
cf:14:91:b4:ec:44:24:2c:7a:f2:06:40:c3:04:9b:b8:47:d2:
92:a1:3a:b4:ea:a3:3a:0f:ac:2b:20:b9:e2:17:c1:35:5f:3c:
1e:5f:db:d3:e4:a0:00:7a:11:6c:01:ed:80:9a:8e:33:8e:5b:
8b:73:f3:a6:be:4e:cd:71:fb:12:70:e0:3c:56:02:c2:aa:86:
8c:e8:a1:69:10:90:6e:30:11:fd:b8:8f:b4:00:69:9d:c3:1c:
87:ef:0b:4c:6b:b0:2a:dd:b8:e7:dc:51:78:97:a6:27:ee:d8:
dc:8b:ca:cc:53:67:2b:27:38:de:4c:ff:4f:c0:37:ff:66:89:
96:05:da:6e:7e:ea:e2:64:99:f0:40:4d:88:f0:13:f4:c0:de:
00:a6:cc:ae:a2:f9:ff:e4:1a:d2:13:87:c6:72:b1:58:5f:c2:
e3:3c:2a:a4:40:bb:30:30:22:28:a4:b0:7e:df:4c:d5:29:a5:
3c:15:b9:c4:c3:3c:fe:6f:fe:18:15:74:3e:4a:3c:36:a7:f3:
8c:ad:78:02:87:3b:c3:27:06:38:ce:8c:d0:96:e3:06:8f:b2:
ab:b4:7e:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdACPQm2rTzjh1/3Tji19H0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhODM4ZjFjYThiZGNkODFjMDRiNmI2NzhlNzliZTYxNGU1
MWIxMTEwHhcNMjUwNjA1MTIyMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg4MTFlNzEzOTNiMzgyOWFlZDFjNDVjMzk0YmViMmVhM2Q2MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19Q5cI+pDC1aZyXr+RNIW9uC9k9G
3lf6jIQUYFG/luatum+OgBwP8qcIYCTHO0rnl5r5ZJ4a8QpXHtiq02IYRYwICsW5
Ky01aHMUkwas+KautyQtn4NWrv6JZXXHS8DTuvbf2wfxNzg6STy9vTeZmCfyGQRz
bNeKVqhPAeaHQ3xt/1vT2POvMFoHw4OD/sQFPptCkFcTm/DNqtgvX5GayLCue92I
i9ZaWV4zxygWdncMH+GkrO0NIFiP6EADPeGOFReCa00P9hOg5gfTrFXnnLgL8Zft
HhJxCW78uqVKVB7AYESRSlKfj21bsadlrR3s6yAeRN8idZ7t1eep2fjK6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuIEecTk7OCmu0cRcOUvrLqPWLeMB8GA1UdIwQY
MBaAFLqDjxyovc2BwEtrZ455vmFOUbERMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzct
MDkzZWI5YTlhYThiLzEvTzRnUjV4T1RzNEthN1J4Rnc1Uy1zdW85WXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9kYjRlODgtZTU4ZC00MzQ1LTgwYzctMDkzZWI5YTlhYThi
LzEvdW9PUEhLaTl6WUhBUzJ0bmpubS1ZVTVSc1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+b5MA0G
CSqGSIb3DQEBCwUAA4IBAQBe+f9WX+VoOib9qyOaUN9IG7+6Mw+NEotjtfv8cpM9
pf6AHEHPFJG07EQkLHryBkDDBJu4R9KSoTq06qM6D6wrILniF8E1XzweX9vT5KAA
ehFsAe2Amo4zjluLc/Omvk7NcfsScOA8VgLCqoaM6KFpEJBuMBH9uI+0AGmdwxyH
7wtMa7Aq3bjn3FF4l6Yn7tjci8rMU2crJzjeTP9PwDf/ZomWBdpufuriZJnwQE2I
8BP0wN4Apsyuovn/5BrSE4fGcrFYX8LjPCqkQLswMCIopLB+30zVKaU8FbnEwzz+
b/4YFXQ+Sjw2p/OMrXgChzvDJwY4zozQluMGj7KrtH45
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:02:30 2025 by rpki-client