Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ohR12qV3YhwWzvyvvRFfjsTfW3I.roa
File: ohR12qV3YhwWzvyvvRFfjsTfW3I.roa (raw, json)
Hash identifier: /Itg9xPIRRo/oOwoFitB3haSxIqbmv1Hy1qpYEx48YA=
Subject key identifier: A2:14:75:DA:A5:77:62:1C:16:CE:FC:AF:BD:11:5F:8E:C4:DF:5B:72
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 01972646F9652D59964AB62AA342D6C3385F
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ohR12qV3YhwWzvyvvRFfjsTfW3I.roa
Signing time: Sat 31 May 2025 12:17:54 +0000
ROA not before: Sat 31 May 2025 12:17:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213787
IP address blocks: 212.22.64.0/24 maxlen: 24
212.22.68.0/24 maxlen: 24
212.22.83.0/24 maxlen: 24
2a09:d001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:26:46:f9:65:2d:59:96:4a:b6:2a:a3:42:d6:c3:38:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: May 31 12:17:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a21475daa577621c16cefcafbd115f8ec4df5b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1b:d9:67:62:3f:21:fc:c2:b5:10:79:14:ef:
04:a9:df:a7:5a:ea:b5:97:37:7a:0d:7f:6b:cc:90:
e1:b0:63:46:c0:52:54:5e:da:68:08:8a:9c:e3:1d:
6f:68:00:e4:7a:93:02:ef:7a:ab:55:c2:82:be:ac:
89:85:2e:19:03:ae:8f:07:2e:f6:05:1e:af:74:63:
38:6d:a9:34:8a:b2:17:c9:9f:78:48:14:8c:48:7a:
11:d1:8d:a6:d6:18:02:41:46:1f:4e:af:40:24:8c:
d0:a7:03:f5:e5:25:f6:3e:f8:90:22:33:58:09:70:
1e:f3:08:3e:e0:33:3d:75:9a:e8:4c:34:78:d5:05:
fc:aa:cb:00:19:a8:f8:9b:85:88:b1:be:aa:c8:13:
d6:64:20:55:60:65:5e:71:f6:95:53:18:4b:fc:70:
de:26:2b:4f:4f:71:a6:47:ac:6a:c0:8d:54:5d:c9:
92:94:f7:64:31:d6:7f:48:eb:f3:0c:bd:f8:54:8e:
6a:73:0c:1c:01:0e:8c:04:24:85:23:19:f6:17:8b:
9a:17:62:b6:84:7c:64:1f:7d:fd:26:81:33:8e:51:
64:40:ba:0b:93:a6:49:7d:30:df:77:31:4b:04:bb:
3d:14:f3:72:b8:0e:05:8a:d3:34:86:0a:b5:da:f2:
c5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:14:75:DA:A5:77:62:1C:16:CE:FC:AF:BD:11:5F:8E:C4:DF:5B:72
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/ohR12qV3YhwWzvyvvRFfjsTfW3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.22.64.0/24
212.22.68.0/24
212.22.83.0/24
IPv6:
2a09:d001::/48
Signature Algorithm: sha256WithRSAEncryption
8c:04:ff:5c:2e:a2:ef:6b:7f:b1:58:3a:10:eb:52:77:b2:42:
7f:cf:c6:d8:ec:0b:9c:2c:a5:60:5b:35:3f:48:4c:39:ac:53:
31:39:49:52:43:9a:be:62:d4:4b:6b:ce:16:22:15:5a:2c:d0:
cc:2c:49:5b:55:de:5a:b5:15:d8:c7:1f:e0:d0:08:83:6b:30:
36:7d:1f:d0:0d:5c:4f:4d:c4:38:63:ce:c2:49:69:b3:d3:b2:
a5:a8:04:04:a8:cd:c9:b2:ca:58:2f:0e:08:b0:59:1d:06:0d:
1c:cf:80:19:11:0c:4e:07:3e:a0:c3:41:3f:5b:ad:7d:10:c9:
90:53:5a:6b:6b:ac:5b:fa:30:51:84:c0:2d:d1:88:23:c2:56:
29:d0:9e:90:29:d5:86:2f:f2:6e:88:97:43:3f:7a:ba:f7:91:
60:9c:1e:d8:d4:96:6e:c1:ad:6f:7a:6c:60:11:01:6b:b5:9d:
68:e7:5e:6b:a0:5e:5f:aa:cd:cf:a0:2f:b3:3c:cb:d4:47:c8:
63:e0:c3:39:af:fe:25:0c:12:8b:8c:bb:84:4b:9a:c4:45:3f:
6c:a5:e5:8c:9e:b8:10:8f:e7:1b:5a:c0:3d:3d:3d:ba:95:61:
f9:9e:b0:93:b6:fd:2f:ca:73:4b:2d:a7:fc:6d:c7:50:a1:16:
74:40:ee:99
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZcmRvllLVmWSrYqo0LWwzhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjUwNTMxMTIxNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE0NzVkYWE1Nzc2MjFjMTZjZWZjYWZiZDExNWY4ZWM0ZGY1YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hvZZ2I/IfzCtRB5FO8Eqd+nWuq1
lzd6DX9rzJDhsGNGwFJUXtpoCIqc4x1vaADkepMC73qrVcKCvqyJhS4ZA66PBy72
BR6vdGM4bak0irIXyZ94SBSMSHoR0Y2m1hgCQUYfTq9AJIzQpwP15SX2PviQIjNY
CXAe8wg+4DM9dZroTDR41QX8qssAGaj4m4WIsb6qyBPWZCBVYGVecfaVUxhL/HDe
JitPT3GmR6xqwI1UXcmSlPdkMdZ/SOvzDL34VI5qcwwcAQ6MBCSFIxn2F4uaF2K2
hHxkH339JoEzjlFkQLoLk6ZJfTDfdzFLBLs9FPNyuA4FitM0hgq12vLF9wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFKIUddqld2IcFs78r70RX47E31tyMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvb2hSMTJxVjNZaHdXenZ5dnZSRmZqc1RmVzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQA1BZAAwQA
1BZEAwQA1BZTMA8EAgACMAkDBwAqCdABAAAwDQYJKoZIhvcNAQELBQADggEBAIwE
/1wuou9rf7FYOhDrUneyQn/PxtjsC5wspWBbNT9ITDmsUzE5SVJDmr5i1EtrzhYi
FVos0MwsSVtV3lq1FdjHH+DQCINrMDZ9H9ANXE9NxDhjzsJJabPTsqWoBASozcmy
ylgvDgiwWR0GDRzPgBkRDE4HPqDDQT9brX0QyZBTWmtrrFv6MFGEwC3RiCPCVinQ
npAp1YYv8m6Il0M/err3kWCcHtjUlm7BrW96bGARAWu1nWjnXmugXl+qzc+gL7M8
y9RHyGPgwzmv/iUMEouMu4RLmsRFP2yl5YyeuBCP5xtawD09PbqVYfmesJO2/S/K
c0stp/xtx1ChFnRA7pk=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:40:48 2025 by rpki-client