Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OqaKikryTNrm88EyTiNcKMhC2Zk.roa
File: OqaKikryTNrm88EyTiNcKMhC2Zk.roa (raw, json)
Hash identifier: Ax4ySn4Z2ARJOEyDa5vwC+qFdT9T2ZL5SzlVyjtgQMk=
Subject key identifier: 3A:A6:8A:8A:4A:F2:4C:DA:E6:F3:C1:32:4E:23:5C:28:C8:42:D9:99
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 01983C70DA7C986C52BFCC528A264D95D88F
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OqaKikryTNrm88EyTiNcKMhC2Zk.roa
Signing time: Thu 24 Jul 2025 12:38:05 +0000
ROA not before: Thu 24 Jul 2025 12:38:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140224
IP address blocks: 2.58.244.0/22 maxlen: 24
5.183.116.0/22 maxlen: 24
5.183.120.0/22 maxlen: 24
45.8.32.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:70:da:7c:98:6c:52:bf:cc:52:8a:26:4d:95:d8:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jul 24 12:38:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa68a8a4af24cdae6f3c1324e235c28c842d999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:25:c0:0c:99:f2:44:b7:fe:07:8d:8e:00:bf:
80:be:0e:33:e7:79:a4:06:06:f1:08:80:57:d9:77:
75:ba:30:49:03:fa:35:61:63:a5:5d:18:24:02:6c:
ab:ea:de:46:c1:28:99:e4:ed:d8:9f:6f:1b:f7:40:
60:e8:37:3d:91:0a:e2:38:4a:29:e0:d2:a6:2e:b4:
11:25:0e:13:47:33:99:32:50:c9:3a:b4:5d:2c:a3:
c1:dd:0c:28:df:69:e9:ea:e9:4c:45:ef:f8:68:ff:
62:04:13:bd:72:c9:b8:67:c8:09:84:cf:cd:3c:81:
8e:15:ed:32:c0:f1:c8:4e:eb:c6:60:d1:6c:b1:d0:
ae:02:fe:3b:cd:1e:72:5c:ae:25:b7:40:15:33:b8:
d4:a3:a6:a7:22:c5:2a:51:4c:bb:86:0f:bb:0e:13:
0c:78:53:d6:b6:d1:33:25:76:c6:b0:ae:e9:57:74:
77:09:8a:de:ed:db:21:48:ac:cc:92:74:8d:73:04:
7b:80:c0:b7:60:b3:7b:ae:aa:ce:7f:39:7f:05:2d:
b3:af:b0:76:55:99:60:01:99:89:6d:20:99:c3:4a:
c7:e6:e1:d4:ec:8d:39:63:e6:64:c1:69:ef:06:d1:
8c:f6:a4:b8:fa:d6:cb:ca:23:7f:53:b6:20:ce:66:
61:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A6:8A:8A:4A:F2:4C:DA:E6:F3:C1:32:4E:23:5C:28:C8:42:D9:99
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/OqaKikryTNrm88EyTiNcKMhC2Zk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.244.0/22
5.183.116.0-5.183.123.255
45.8.32.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:d1:48:f0:8a:c7:d3:74:ed:f4:2c:1e:43:af:6d:22:c0:1e:
b7:1e:0c:d7:f5:d2:0e:2a:0f:76:92:3f:96:0a:14:3f:c9:3c:
36:44:8d:85:71:b7:eb:9c:79:bb:6e:ee:de:6d:62:83:94:ca:
12:69:54:f9:81:ac:95:82:90:58:20:59:57:2f:42:52:e3:aa:
16:5f:87:5d:5b:a2:57:17:34:b4:b8:47:0f:69:2e:05:92:26:
7c:15:e9:b4:80:57:a1:41:1a:4a:36:13:45:92:ef:d4:5b:f9:
8b:32:43:5a:ad:2f:5f:08:5d:45:d8:7a:97:11:d5:7a:39:ef:
44:10:a5:ed:6b:7e:8e:73:10:4e:5f:d4:5d:9b:d6:56:91:4f:
b7:8f:9f:0f:26:90:da:b2:d8:53:77:9c:75:ab:9e:49:8a:d2:
a4:fa:7c:7a:67:15:6d:df:71:a0:b5:e0:7e:3c:68:f2:e3:59:
29:3e:06:16:08:79:ff:59:cb:45:a4:9b:13:1f:a6:9f:a3:5e:
47:6a:90:83:9e:8a:53:92:0e:9b:58:d0:b8:20:db:7e:74:a7:
98:1d:e9:63:9e:92:b2:9a:33:8d:3d:9a:9f:5d:d5:6a:0c:70:
a5:12:cf:e5:3c:fe:17:f1:ff:eb:c2:71:9e:cd:db:aa:1e:96:
55:ce:0f:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZg8cNp8mGxSv8xSiiZNldiPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwNzI0MTIzODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWE2OGE4YTRhZjI0Y2RhZTZmM2MxMzI0ZTIzNWMyOGM4NDJkOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCXADJnyRLf+B42OAL+Avg4z53mk
BgbxCIBX2Xd1ujBJA/o1YWOlXRgkAmyr6t5GwSiZ5O3Yn28b90Bg6Dc9kQriOEop
4NKmLrQRJQ4TRzOZMlDJOrRdLKPB3Qwo32np6ulMRe/4aP9iBBO9csm4Z8gJhM/N
PIGOFe0ywPHITuvGYNFssdCuAv47zR5yXK4lt0AVM7jUo6anIsUqUUy7hg+7DhMM
eFPWttEzJXbGsK7pV3R3CYre7dshSKzMknSNcwR7gMC3YLN7rqrOfzl/BS2zr7B2
VZlgAZmJbSCZw0rH5uHU7I05Y+ZkwWnvBtGM9qS4+tbLyiN/U7YgzmZhyQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDqmiopK8kza5vPBMk4jXCjIQtmZMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvT3FhS2lrcnlUTnJtODhFeVRpTmNLTWhDMlprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCAjr0MAwD
BAIFt3QDBAIFt3gDBAItCCAwDQYJKoZIhvcNAQELBQADggEBAB7RSPCKx9N07fQs
HkOvbSLAHrceDNf10g4qD3aSP5YKFD/JPDZEjYVxt+ucebtu7t5tYoOUyhJpVPmB
rJWCkFggWVcvQlLjqhZfh11bolcXNLS4Rw9pLgWSJnwV6bSAV6FBGko2E0WS79Rb
+YsyQ1qtL18IXUXYepcR1Xo570QQpe1rfo5zEE5f1F2b1laRT7ePnw8mkNqy2FN3
nHWrnkmK0qT6fHpnFW3fcaC14H48aPLjWSk+BhYIef9Zy0WkmxMfpp+jXkdqkIOe
ilOSDptY0Lgg2350p5gd6WOekrKaM409mp9d1WoMcKUSz+U8/hfx/+vCcZ7N26oe
llXOD6k=
-----END CERTIFICATE-----
Generated at Sat Jul 26 04:00:58 2025 by rpki-client