Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/owMuSAzaSSpr7jsUSC0mWrVKDU4.roa
File: owMuSAzaSSpr7jsUSC0mWrVKDU4.roa (raw, json)
Hash identifier: XKmvqtHVDmpyZyY4yBF/VjW7n8WfcDAr9Yhc2CLZYr4=
Subject key identifier: A3:03:2E:48:0C:DA:49:2A:6B:EE:3B:14:48:2D:26:5A:B5:4A:0D:4E
Certificate issuer: /CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Certificate serial: 019A05FD61E5B6C1FAE9623F41440D9E7DEE
Authority key identifier: EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/owMuSAzaSSpr7jsUSC0mWrVKDU4.roa
Signing time: Tue 21 Oct 2025 08:58:03 +0000
ROA not before: Tue 21 Oct 2025 08:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 5.182.22.0/24 maxlen: 24
2a0e:b800:aaaa::/48 maxlen: 48
2a0e:b800:abcd::/48 maxlen: 48
2a0e:b800:baba::/48 maxlen: 48
2a0e:b800:bbaa::/48 maxlen: 48
2a0e:b800:bbbb::/48 maxlen: 48
2a0e:b800:cccc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.mft
rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:fd:61:e5:b6:c1:fa:e9:62:3f:41:44:0d:9e:7d:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9d763b49e024a7b6a19eaf7dfb98911a9c94c8
Validity
Not Before: Oct 21 08:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3032e480cda492a6bee3b14482d265ab54a0d4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:b7:d2:3c:13:a5:62:fd:2e:08:27:37:9e:
ca:ed:67:2d:64:0b:c7:7a:9d:59:ef:18:61:e5:f6:
2a:96:df:d8:fc:7b:e8:21:3b:ce:72:2a:69:d6:5a:
75:4e:9f:32:ae:3e:d4:5a:a1:8f:03:26:39:9c:df:
1a:87:49:52:4f:77:97:7b:91:1c:d9:41:99:67:fb:
1a:9f:21:c4:f4:dc:ba:b8:33:62:4d:b2:62:c1:86:
5e:92:44:2e:32:48:97:b1:c2:75:53:e5:9f:37:d0:
9f:b7:9a:4b:32:fc:55:29:9a:a1:c3:b3:95:7f:75:
65:51:57:1d:4d:b5:b3:32:04:1d:8e:86:8e:3b:1b:
6e:d9:8e:ab:56:36:4a:f2:2a:6e:7c:b1:00:1a:1b:
32:e6:98:35:a0:02:88:4b:83:8c:fc:24:97:56:d7:
3b:9d:4b:b8:e4:9c:14:a4:38:74:c1:0b:e6:c5:9f:
65:fc:09:a5:f7:73:8e:b3:09:71:bb:ae:cb:8e:e2:
82:67:6d:96:b5:ba:97:ce:4b:3f:66:4a:64:41:1a:
a3:af:26:27:dd:8f:7a:17:6e:bc:00:38:17:10:80:
30:bd:eb:13:61:8f:29:0c:fc:f7:28:b3:e3:b8:04:
43:7c:ad:f6:46:af:33:d2:b3:1a:a8:f6:cc:96:2b:
d5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:03:2E:48:0C:DA:49:2A:6B:EE:3B:14:48:2D:26:5A:B5:4A:0D:4E
X509v3 Authority Key Identifier:
keyid:EF:9D:76:3B:49:E0:24:A7:B6:A1:9E:AF:7D:FB:98:91:1A:9C:94:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7512O0ngJKe2oZ6vffuYkRqclMg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/owMuSAzaSSpr7jsUSC0mWrVKDU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/59cf8e-dc67-43fb-bd37-0870e659645b/1/7512O0ngJKe2oZ6vffuYkRqclMg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.22.0/24
IPv6:
2a0e:b800:aaaa::/48
2a0e:b800:abcd::/48
2a0e:b800:baba::/48
2a0e:b800:bbaa::/48
2a0e:b800:bbbb::/48
2a0e:b800:cccc::/48
Signature Algorithm: sha256WithRSAEncryption
11:4c:f6:4e:bd:04:ec:a4:88:50:01:ac:6a:8f:09:0a:d5:98:
5e:6e:d8:f1:9d:74:45:46:e8:59:a1:33:57:e3:5d:c0:69:6e:
9b:e7:a3:66:a0:17:14:5f:ab:7e:5e:4d:86:5a:fb:08:07:00:
2d:be:0a:89:32:57:e6:6a:d4:9b:76:d7:7c:3e:42:94:b2:b7:
cd:c2:b0:50:e1:6f:64:9f:ca:20:f3:cf:5a:d4:5f:e8:53:cb:
f6:95:d1:3a:aa:a7:22:ab:33:d5:29:ab:06:40:e0:4c:56:9c:
45:fc:0b:4a:db:92:10:5d:ae:76:1f:bc:9a:32:5c:4c:d5:74:
ca:2f:d8:35:2b:bf:8c:a6:09:4f:f7:3d:5f:95:a2:d6:72:cd:
5f:c6:b9:ad:6a:5a:0f:6e:b1:6e:7c:bd:1e:1a:a7:ae:53:f1:
6a:38:40:f3:b9:7e:51:c8:16:7e:c1:1d:d4:6b:bb:c2:93:ca:
b6:8b:55:f9:90:1e:24:1c:96:8f:55:dd:8e:63:24:e6:b5:2d:
7a:50:eb:f2:35:47:63:8a:c5:fe:97:27:7f:1e:a9:a6:b4:df:
d7:74:96:1d:f1:f5:5d:a4:3e:ef:12:51:a8:b6:c4:86:13:dd:
93:8f:23:ae:e6:04:74:6a:76:06:6c:d2:c8:6c:ad:39:f3:97:
66:bb:30:d3
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZoF/WHltsH66WI/QUQNnn3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWQ3NjNiNDllMDI0YTdiNmExOWVhZjdkZmI5ODkxMWE5
Yzk0YzgwHhcNMjUxMDIxMDg1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzAzMmU0ODBjZGE0OTJhNmJlZTNiMTQ0ODJkMjY1YWI1NGEwZDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueu30jwTpWL9LggnN57K7WctZAvH
ep1Z7xhh5fYqlt/Y/HvoITvOcipp1lp1Tp8yrj7UWqGPAyY5nN8ah0lST3eXe5Ec
2UGZZ/sanyHE9Ny6uDNiTbJiwYZekkQuMkiXscJ1U+WfN9Cft5pLMvxVKZqhw7OV
f3VlUVcdTbWzMgQdjoaOOxtu2Y6rVjZK8ipufLEAGhsy5pg1oAKIS4OM/CSXVtc7
nUu45JwUpDh0wQvmxZ9l/Aml93OOswlxu67LjuKCZ22WtbqXzks/ZkpkQRqjryYn
3Y96F268ADgXEIAwvesTYY8pDPz3KLPjuARDfK32Rq8z0rMaqPbMlivVGwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKMDLkgM2kkqa+47FEgtJlq1Sg1OMB8GA1UdIwQY
MBaAFO+ddjtJ4CSntqGer337mJEanJTIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzct
MDg3MGU2NTk2NDViLzEvb3dNdVNBemFTU3ByN2pzVVNDMG1XclZLRFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS81OWNmOGUtZGM2Ny00M2ZiLWJkMzctMDg3MGU2NTk2NDVi
LzEvNzUxMk8wbmdKS2Uyb1o2dmZmdVlrUnFjbE1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQABbYWMDwE
AgACMDYDBwAqDrgAqqoDBwAqDrgAq80DBwAqDrgAuroDBwAqDrgAu6oDBwAqDrgA
u7sDBwAqDrgAzMwwDQYJKoZIhvcNAQELBQADggEBABFM9k69BOykiFABrGqPCQrV
mF5u2PGddEVG6FmhM1fjXcBpbpvno2agFxRfq35eTYZa+wgHAC2+CokyV+Zq1Jt2
13w+QpSyt83CsFDhb2SfyiDzz1rUX+hTy/aV0TqqpyKrM9UpqwZA4ExWnEX8C0rb
khBdrnYfvJoyXEzVdMov2DUrv4ymCU/3PV+VotZyzV/Gua1qWg9usW58vR4ap65T
8Wo4QPO5flHIFn7BHdRru8KTyraLVfmQHiQclo9V3Y5jJOa1LXpQ6/I1R2OKxf6X
J38eqaa039d0lh3x9V2kPu8SUai2xIYT3ZOPI67mBHRqdgZs0shsrTnzl2a7MNM=
-----END CERTIFICATE-----
Generated at Tue Oct 28 01:22:48 2025 by rpki-client