Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oMYlwSnWK6uPik-ogylklgWprko.roa
File: oMYlwSnWK6uPik-ogylklgWprko.roa (raw, json)
Hash identifier: bn3z21YSv1E9rQu+WAdfxy0yPZJ+K8++ghPX8u1VPlU=
Subject key identifier: A0:C6:25:C1:29:D6:2B:AB:8F:8A:4F:A8:83:29:64:96:05:A9:AE:4A
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 0196EC8C345248B1366B5042446F97203E7D
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oMYlwSnWK6uPik-ogylklgWprko.roa
Signing time: Tue 20 May 2025 07:15:33 +0000
ROA not before: Tue 20 May 2025 07:15:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18046
IP address blocks: 87.192.88.0/21 maxlen: 24
87.192.208.0/21 maxlen: 24
87.232.144.0/20 maxlen: 24
87.232.200.0/21 maxlen: 24
87.232.208.0/20 maxlen: 24
87.232.226.0/23 maxlen: 24
87.232.232.0/21 maxlen: 24
87.232.240.0/21 maxlen: 24
87.232.248.0/23 maxlen: 24
89.124.246.0/23 maxlen: 24
139.84.64.0/19 maxlen: 24
157.239.64.0/18 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ec:8c:34:52:48:b1:36:6b:50:42:44:6f:97:20:3e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: May 20 07:15:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0c625c129d62bab8f8a4fa88329649605a9ae4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:7a:d2:b0:00:e2:90:18:ca:25:00:71:59:
2f:c9:b5:7f:02:7b:ba:b7:41:f9:c8:98:01:d8:c7:
6d:1c:68:3a:49:d6:c6:e7:af:67:25:ea:d2:25:f1:
ad:14:24:74:6b:11:90:25:ea:ec:55:0f:61:b8:c3:
98:9a:81:3c:92:89:b5:06:1b:50:70:98:1c:76:d0:
d5:f5:64:ff:71:d8:dd:3d:ac:da:36:2a:00:bf:ed:
ce:63:38:60:e3:ff:8b:42:7b:2a:82:80:46:78:ca:
b8:39:7c:27:05:e5:b0:54:b4:72:ed:61:92:10:72:
57:09:54:bd:26:20:d8:c6:dd:e1:bb:f0:0a:3b:c2:
34:29:43:c6:91:1b:e2:88:b4:32:fc:8d:a2:50:ec:
98:07:ed:87:9b:28:33:c8:a4:67:e1:12:d4:63:79:
e0:9b:d7:e3:58:15:2d:37:08:2b:08:3e:8a:75:c6:
24:db:b9:21:de:9d:09:3f:5f:19:eb:f4:05:90:2a:
ce:03:ce:2d:db:3c:d5:29:50:07:78:ef:b6:65:33:
1b:00:7b:30:6a:a8:aa:cb:d1:60:70:2c:fe:98:27:
5e:4e:b1:ac:5c:a9:69:93:70:76:91:04:4d:ef:01:
24:1f:1c:fc:8c:2b:14:08:0f:7a:ff:8c:b8:a7:b4:
6c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C6:25:C1:29:D6:2B:AB:8F:8A:4F:A8:83:29:64:96:05:A9:AE:4A
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oMYlwSnWK6uPik-ogylklgWprko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.192.88.0/21
87.192.208.0/21
87.232.144.0/20
87.232.200.0-87.232.223.255
87.232.226.0/23
87.232.232.0-87.232.249.255
89.124.246.0/23
139.84.64.0/19
157.239.64.0/18
Signature Algorithm: sha256WithRSAEncryption
4d:7e:80:b2:15:1a:ad:ff:c3:aa:69:54:24:6e:b4:13:70:98:
a6:ea:68:de:bf:91:1c:58:ba:c4:da:9e:ce:07:b1:90:cb:5f:
f3:45:10:dc:09:31:c6:81:3a:c7:13:e1:07:f5:fa:cc:e5:29:
70:f3:2a:11:34:58:f4:e4:0b:f6:f9:f2:55:36:f9:ff:5f:48:
10:8b:3f:bc:69:dc:97:be:ad:2d:42:67:55:90:7e:e5:94:93:
07:d6:48:cc:03:a3:64:6f:0f:5d:cd:82:b9:32:9f:44:0e:1b:
a9:b4:91:3a:74:47:12:11:66:c6:99:9e:2e:2d:3b:c1:da:da:
40:b7:f7:d0:9c:6f:ed:48:ae:f1:6c:77:29:21:ff:15:67:af:
fb:df:3a:a0:bb:36:9d:93:80:b5:05:71:d4:a2:a3:89:1b:93:
55:96:59:4a:e8:5f:ad:24:89:26:2a:e2:c0:b3:59:4b:22:3e:
6e:d9:92:90:f2:63:f6:1e:28:4f:fc:34:07:76:78:fe:44:64:
b4:c6:fd:82:89:1b:6d:d0:d6:9e:2c:2c:77:40:81:d9:23:59:
c9:42:99:2b:3d:cc:ae:70:3c:22:3c:39:65:3a:15:1d:90:bd:
1c:fc:e7:7a:f9:13:90:55:70:12:2a:15:af:6d:9c:fe:aa:19:
d3:ad:bc:a3
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZbsjDRSSLE2a1BCRG+XID59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjUwNTIwMDcxNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGM2MjVjMTI5ZDYyYmFiOGY4YTRmYTg4MzI5NjQ5NjA1YTlhZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGB60rAA4pAYyiUAcVkvybV/Anu6
t0H5yJgB2MdtHGg6SdbG569nJerSJfGtFCR0axGQJersVQ9huMOYmoE8kom1BhtQ
cJgcdtDV9WT/cdjdPazaNioAv+3OYzhg4/+LQnsqgoBGeMq4OXwnBeWwVLRy7WGS
EHJXCVS9JiDYxt3hu/AKO8I0KUPGkRviiLQy/I2iUOyYB+2HmygzyKRn4RLUY3ng
m9fjWBUtNwgrCD6KdcYk27kh3p0JP18Z6/QFkCrOA84t2zzVKVAHeO+2ZTMbAHsw
aqiqy9FgcCz+mCdeTrGsXKlpk3B2kQRN7wEkHxz8jCsUCA96/4y4p7RsaQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKDGJcEp1iurj4pPqIMpZJYFqa5KMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvb01ZbHdTbldLNnVQaWstb2d5bGtsZ1dwcmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQDV8BYAwQD
V8DQAwQEV+iQMAwDBANX6MgDBAVX6MADBAFX6OIwDAMEA1fo6AMEAVfo+AMEAVl8
9gMEBYtUQAMEBp3vQDANBgkqhkiG9w0BAQsFAAOCAQEATX6AshUarf/DqmlUJG60
E3CYpupo3r+RHFi6xNqezgexkMtf80UQ3AkxxoE6xxPhB/X6zOUpcPMqETRY9OQL
9vnyVTb5/19IEIs/vGncl76tLUJnVZB+5ZSTB9ZIzAOjZG8PXc2CuTKfRA4bqbSR
OnRHEhFmxpmeLi07wdraQLf30Jxv7Uiu8Wx3KSH/FWev+986oLs2nZOAtQVx1KKj
iRuTVZZZSuhfrSSJJiriwLNZSyI+btmSkPJj9h4oT/w0B3Z4/kRktMb9gokbbdDW
niwsd0CB2SNZyUKZKz3MrnA8Ijw5ZToVHZC9HPznevkTkFVwEioVr22c/qoZ0628
ow==
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:23:32 2025 by rpki-client