Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oH0vZIQmNJRP8J1TIiv2iyUXIrc.roa
File: oH0vZIQmNJRP8J1TIiv2iyUXIrc.roa (raw, json)
Hash identifier: Y9WWlwULiOy0NrR9bnbGJdmdpE1qNau6e3p812SX5SU=
Subject key identifier: A0:7D:2F:64:84:26:34:94:4F:F0:9D:53:22:2B:F6:8B:25:17:22:B7
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0197AC76832735BE7EA1BB8E1F417D3B5315
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oH0vZIQmNJRP8J1TIiv2iyUXIrc.roa
Signing time: Thu 26 Jun 2025 13:38:57 +0000
ROA not before: Thu 26 Jun 2025 13:38:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
82.115.2.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
82.115.10.0/23 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
185.231.172.0/22 maxlen: 24
188.209.156.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
212.90.100.0/22 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Jul 2025 02:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:76:83:27:35:be:7e:a1:bb:8e:1f:41:7d:3b:53:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jun 26 13:38:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a07d2f64842634944ff09d53222bf68b251722b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a8:3b:89:9f:08:bd:3e:1f:a0:fb:6b:fd:48:
5e:41:bf:36:09:c3:3f:1c:7d:d0:a0:f8:74:48:21:
51:02:af:4d:20:32:84:2c:b8:ca:b7:96:d3:fb:64:
da:4c:56:bc:29:2e:4d:90:70:9d:a6:0c:9c:b2:9b:
46:03:3c:cf:cb:e5:66:c2:0c:a8:a1:82:d8:86:b1:
68:23:f7:0e:e2:b5:49:78:93:b7:3d:47:79:77:44:
8f:27:63:49:81:4b:d7:c9:98:61:48:20:b4:c5:8d:
79:f4:37:49:69:01:90:fd:9c:17:62:f0:88:7f:89:
5c:3f:5d:17:fd:80:ad:3d:16:7a:14:52:45:57:01:
7e:40:c4:03:94:92:7e:e1:11:ac:c9:1f:06:4a:dd:
39:90:c3:77:15:80:c6:b6:cc:24:93:fc:1c:e9:d6:
70:80:b9:0f:17:7a:3d:03:9e:f3:88:68:22:ef:40:
b4:c8:2e:95:a6:b6:76:9b:81:4d:1e:64:e1:00:bd:
59:93:9d:2a:83:8e:a2:3b:e8:da:ef:93:cb:36:a3:
05:45:f1:37:09:98:cf:0d:f5:cf:24:36:a6:b3:28:
be:69:95:02:8c:4f:5b:d5:56:b6:b1:c5:d1:8a:4c:
f0:44:7c:38:d7:4e:90:96:40:f7:f5:eb:6f:20:15:
a7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:7D:2F:64:84:26:34:94:4F:F0:9D:53:22:2B:F6:8B:25:17:22:B7
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oH0vZIQmNJRP8J1TIiv2iyUXIrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
82.115.2.0/24
82.115.9.0-82.115.11.255
82.115.28.0/23
89.251.10.0/24
159.255.32.0/21
185.231.172.0/22
188.209.156.0/22
188.253.8.0/21
202.133.90.0/23
212.90.100.0/22
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
27:f0:01:c0:44:e8:58:f5:d6:b9:f3:af:c1:8f:a5:01:3e:d2:
9d:64:c9:dd:9c:38:ee:ef:cd:8f:b2:a3:3d:ba:8e:7b:c3:2a:
b5:1d:06:ea:93:a8:82:67:f3:53:5c:c3:d8:49:b8:3b:c8:da:
96:a9:1e:11:49:6d:1c:e6:c6:2b:7f:bf:e9:e8:a2:22:6f:5c:
0d:a1:11:cc:06:34:94:89:d0:5b:ef:95:81:fc:d7:63:27:04:
29:4f:a7:d8:c7:ee:bf:86:4f:f2:bf:36:1b:10:55:bb:dc:9d:
88:2e:c5:3b:15:f0:14:8b:04:4b:f7:ab:5e:d9:5c:58:b5:d8:
34:dc:8e:97:98:50:64:24:db:d4:e2:c7:08:76:ed:d8:40:8e:
a9:70:7e:0c:81:54:c8:e0:f0:65:64:00:6e:61:f0:d2:55:39:
bc:cc:41:7d:92:99:d3:b8:4e:3a:a7:2a:9d:e7:a5:51:ce:51:
d6:f3:a1:b6:99:72:5c:99:95:1f:22:75:84:27:ae:76:46:65:
ed:7f:13:fb:b5:f6:81:80:0e:b9:f5:3a:80:ff:9c:58:e5:97:
32:5c:1e:03:ee:2a:87:cb:e7:b0:7e:4f:e2:5f:3c:57:88:a9:
0c:9a:69:d2:a1:9e:06:fb:a4:12:ca:d6:02:a6:ee:e0:15:63:
cb:ed:af:71
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZesdoMnNb5+obuOH0F9O1MVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNjI2MTMzODU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDdkMmY2NDg0MjYzNDk0NGZmMDlkNTMyMjJiZjY4YjI1MTcyMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6g7iZ8IvT4foPtr/UheQb82CcM/
HH3QoPh0SCFRAq9NIDKELLjKt5bT+2TaTFa8KS5NkHCdpgycsptGAzzPy+Vmwgyo
oYLYhrFoI/cO4rVJeJO3PUd5d0SPJ2NJgUvXyZhhSCC0xY159DdJaQGQ/ZwXYvCI
f4lcP10X/YCtPRZ6FFJFVwF+QMQDlJJ+4RGsyR8GSt05kMN3FYDGtswkk/wc6dZw
gLkPF3o9A57ziGgi70C0yC6VprZ2m4FNHmThAL1Zk50qg46iO+ja75PLNqMFRfE3
CZjPDfXPJDamsyi+aZUCjE9b1Va2scXRikzwRHw4106QlkD39etvIBWnzQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKB9L2SEJjSUT/CdUyIr9oslFyK3MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvb0gwdlpJUW1OSlJQOEoxVElpdjJpeVVYSXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQBLYsGAwQA
UnMCMAwDBABScwkDBAJScwgDBAFScxwDBABZ+woDBAOf/yADBAK556wDBAK80ZwD
BAO8/QgDBAHKhVoDBALUWmQDBALVrSAwDQYJKoZIhvcNAQELBQADggEBACfwAcBE
6Fj11rnzr8GPpQE+0p1kyd2cOO7vzY+yoz26jnvDKrUdBuqTqIJn81Ncw9hJuDvI
2papHhFJbRzmxit/v+nooiJvXA2hEcwGNJSJ0FvvlYH812MnBClPp9jH7r+GT/K/
NhsQVbvcnYguxTsV8BSLBEv3q17ZXFi12DTcjpeYUGQk29Tixwh27dhAjqlwfgyB
VMjg8GVkAG5h8NJVObzMQX2SmdO4TjqnKp3npVHOUdbzobaZclyZlR8idYQnrnZG
Ze1/E/u19oGADrn1OoD/nFjllzJcHgPuKofL57B+T+JfPFeIqQyaadKhngb7pBLK
1gKm7uAVY8vtr3E=
-----END CERTIFICATE-----
Generated at Sun Jul 6 09:11:10 2025 by rpki-client