Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oesqmmJPK6TenMK59Izh-PTrjQI.roa
File: oesqmmJPK6TenMK59Izh-PTrjQI.roa (raw, json)
Hash identifier: 3a81J7V4OXRfNvBRc8fr9Sr4De6AZGIFq09/t+K9UHA=
Subject key identifier: A1:EB:2A:9A:62:4F:2B:A4:DE:9C:C2:B9:F4:8C:E1:F8:F4:EB:8D:02
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0196D4165EF68B0A31E1BDE02CEDC57139B9
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oesqmmJPK6TenMK59Izh-PTrjQI.roa
Signing time: Thu 15 May 2025 13:15:57 +0000
ROA not before: Thu 15 May 2025 13:15:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3269
IP address blocks: 193.207.192.0/20 maxlen: 20
193.207.208.0/20 maxlen: 20
193.207.224.0/21 maxlen: 21
193.207.232.0/21 maxlen: 21
193.207.240.0/22 maxlen: 22
193.207.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:16:5e:f6:8b:0a:31:e1:bd:e0:2c:ed:c5:71:39:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: May 15 13:15:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1eb2a9a624f2ba4de9cc2b9f48ce1f8f4eb8d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:20:f8:cc:f5:d6:2c:76:6c:11:ad:27:b7:f9:
ca:a8:63:4c:e5:9e:e7:50:e6:14:58:44:3f:4c:fe:
1e:73:d1:79:cd:22:8b:19:af:41:08:b4:f3:02:59:
5b:65:7a:eb:cb:de:b9:91:4b:72:7f:a3:35:bb:4a:
ec:c6:e7:e0:f8:61:eb:4e:43:ea:fa:5d:37:6a:b1:
8d:03:27:88:64:f8:01:c8:bc:8f:0c:35:29:20:91:
45:47:8a:1e:6e:73:45:45:32:9b:1d:58:16:16:95:
be:c2:b4:36:97:64:96:ee:79:66:db:52:8a:ea:12:
11:50:9a:23:83:fc:56:e8:1e:aa:da:50:20:3a:cc:
17:8c:26:68:a2:d1:b0:48:52:f6:7a:1c:ab:88:5d:
49:a9:c0:96:ba:39:5b:e8:c3:f0:c1:51:68:8a:12:
40:a4:ab:db:51:10:2e:b3:d4:82:03:10:90:52:cf:
f0:bd:0e:b9:41:72:32:c3:f0:07:4c:45:5e:a0:9f:
60:c2:72:00:f1:83:5a:44:43:09:63:32:26:03:26:
56:33:c3:89:c9:30:18:f8:c6:6b:dd:c8:c2:35:7b:
c5:05:f3:f9:02:07:ea:37:15:d4:2f:46:64:b7:b3:
52:a1:3b:53:f9:38:08:07:d7:9a:c2:b6:1a:da:8d:
e5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:EB:2A:9A:62:4F:2B:A4:DE:9C:C2:B9:F4:8C:E1:F8:F4:EB:8D:02
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/oesqmmJPK6TenMK59Izh-PTrjQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.207.192.0-193.207.247.255
Signature Algorithm: sha256WithRSAEncryption
96:58:b3:13:e2:29:07:67:dd:a0:7f:85:05:2a:73:22:b3:b5:
c6:b9:a7:96:32:d6:ce:e1:c9:91:b7:37:30:4e:25:cf:10:c4:
b5:ff:75:a5:2f:4e:0a:32:fe:14:5c:6a:14:cd:11:ac:9d:39:
38:d2:91:cd:c4:8e:75:b3:dd:19:1e:de:85:f3:64:13:29:30:
4d:5b:37:04:b7:1c:dd:5f:c3:27:7c:cf:66:da:13:95:18:05:
3e:6f:bb:7f:ad:11:95:f1:e6:a7:80:a3:14:a5:ec:bc:68:f8:
6b:7e:86:8e:42:63:ab:bf:98:2c:77:c4:15:b8:18:8e:c6:0a:
01:a8:c6:77:e0:ba:e5:a0:54:2c:f3:9e:d2:f4:fe:a6:ba:95:
aa:16:77:88:da:3a:6c:2b:40:bd:2d:8b:30:37:15:7a:e2:62:
d2:59:a9:f4:43:02:5a:c4:17:82:81:b8:0c:8d:7e:ef:4f:f8:
c9:0e:88:b1:3f:94:46:2c:bb:d7:c9:c9:bd:8c:63:d8:f6:b4:
72:75:2d:a7:e1:24:ee:34:9a:88:c4:4e:11:51:cb:0b:da:9c:
d8:79:02:0c:8a:7c:45:3a:8a:db:1b:6a:c3:2a:5a:82:c9:78:
17:01:33:6e:f0:75:a0:0b:40:ac:88:8e:47:83:e4:42:71:b8:
63:80:59:91
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZbUFl72iwox4b3gLO3FcTm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwNTE1MTMxNTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWViMmE5YTYyNGYyYmE0ZGU5Y2MyYjlmNDhjZTFmOGY0ZWI4ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSD4zPXWLHZsEa0nt/nKqGNM5Z7n
UOYUWEQ/TP4ec9F5zSKLGa9BCLTzAllbZXrry965kUtyf6M1u0rsxufg+GHrTkPq
+l03arGNAyeIZPgByLyPDDUpIJFFR4oebnNFRTKbHVgWFpW+wrQ2l2SW7nlm21KK
6hIRUJojg/xW6B6q2lAgOswXjCZootGwSFL2ehyriF1JqcCWujlb6MPwwVFoihJA
pKvbURAus9SCAxCQUs/wvQ65QXIyw/AHTEVeoJ9gwnIA8YNaREMJYzImAyZWM8OJ
yTAY+MZr3cjCNXvFBfP5AgfqNxXUL0Zkt7NSoTtT+TgIB9eawrYa2o3lhwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKHrKppiTyuk3pzCufSM4fj0640CMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvb2VzcW1tSlBLNlRlbk1LNTlJemgtUFRyalFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbBz8AD
BAPBz/AwDQYJKoZIhvcNAQELBQADggEBAJZYsxPiKQdn3aB/hQUqcyKztca5p5Yy
1s7hyZG3NzBOJc8QxLX/daUvTgoy/hRcahTNEaydOTjSkc3EjnWz3Rke3oXzZBMp
ME1bNwS3HN1fwyd8z2baE5UYBT5vu3+tEZXx5qeAoxSl7Lxo+Gt+ho5CY6u/mCx3
xBW4GI7GCgGoxnfguuWgVCzzntL0/qa6laoWd4jaOmwrQL0tizA3FXriYtJZqfRD
AlrEF4KBuAyNfu9P+MkOiLE/lEYsu9fJyb2MY9j2tHJ1LafhJO40mojEThFRywva
nNh5AgyKfEU6itsbasMqWoLJeBcBM27wdaALQKyIjkeD5EJxuGOAWZE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:21:31 2025 by rpki-client