Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocNoJVQGf4HEXdJvKG0yG_b8svo.roa
File: ocNoJVQGf4HEXdJvKG0yG_b8svo.roa (raw, json)
Hash identifier: VUe1+uFr2yh4Bfu8Whxxrigt30kSe2wHHxGAgFNUVd8=
Subject key identifier: A1:C3:68:25:54:06:7F:81:C4:5D:D2:6F:28:6D:32:1B:F6:FC:B2:FA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A053225D99F7CD45E564F26CEE8109E7D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocNoJVQGf4HEXdJvKG0yG_b8svo.roa
Signing time: Tue 21 Oct 2025 05:16:03 +0000
ROA not before: Tue 21 Oct 2025 05:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214693
IP address blocks: 37.202.197.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:32:25:d9:9f:7c:d4:5e:56:4f:26:ce:e8:10:9e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 21 05:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1c3682554067f81c45dd26f286d321bf6fcb2fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:2b:67:18:43:bd:ef:bf:79:e1:89:f7:ad:
5e:08:3b:a7:bd:87:5d:28:0a:06:23:47:ba:06:c6:
45:2a:21:62:d8:14:75:86:14:dc:a0:fb:9e:70:8e:
d7:63:a0:54:67:e4:9e:75:02:d8:4f:03:3e:65:46:
85:18:dd:5a:d9:a9:c3:00:88:50:7b:30:3c:4f:6f:
f3:39:6a:d4:ca:7e:73:5a:61:73:1d:26:df:05:17:
3e:6c:42:55:cc:3b:63:c9:d2:bc:99:16:68:44:30:
01:43:32:56:48:13:21:ae:ce:3c:3a:49:08:c1:f9:
23:65:68:09:4e:6c:d9:6e:78:b1:19:45:bd:15:71:
6b:ba:94:57:28:d5:77:e2:3d:c7:f5:93:63:e4:cd:
d0:f6:93:39:17:ac:0d:0b:d5:3b:ef:a4:5a:87:a5:
7c:42:d1:5a:dc:20:23:a2:33:20:f7:94:a8:0a:86:
41:c6:40:99:7e:e8:d3:f5:af:d6:9b:f5:ff:3a:6b:
33:c3:58:fc:eb:38:19:90:ac:bf:f1:a0:f5:95:58:
73:d2:34:1e:7c:28:e1:9b:c2:85:b7:27:e6:34:7d:
fd:91:27:f5:30:b6:3a:c8:98:be:d1:7b:8a:03:9a:
d9:61:9f:86:b8:f6:bd:1e:49:1e:51:bb:a1:f2:9b:
42:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C3:68:25:54:06:7F:81:C4:5D:D2:6F:28:6D:32:1B:F6:FC:B2:FA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocNoJVQGf4HEXdJvKG0yG_b8svo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.197.0/24
151.242.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:0c:90:96:74:2b:fc:68:b2:71:ca:b6:4b:ad:1b:3b:f9:ab:
e7:1b:37:ee:24:9c:36:5c:b1:3c:37:3a:45:98:b5:07:0d:42:
c7:2a:d1:7f:89:df:98:bf:88:2c:37:37:37:9f:f4:59:3d:b2:
78:ff:c7:4e:34:02:92:5c:7e:62:44:0c:6b:02:55:7f:35:13:
44:72:38:8f:02:a1:72:ea:46:94:21:da:96:79:c3:fb:50:fd:
0c:bd:12:0e:15:9b:33:be:95:83:8a:72:e1:88:ef:5f:c2:6b:
70:0e:4f:78:48:af:33:1c:7e:52:7f:bd:1b:1e:c4:72:7c:80:
20:87:b4:eb:ef:92:aa:e2:aa:df:a4:96:3b:4e:55:30:84:ce:
85:ac:10:4d:2e:71:04:f6:b6:29:ac:3d:2a:e5:61:19:ec:8b:
11:b2:f7:f5:57:07:14:bb:fc:30:aa:05:a6:ee:e6:6e:db:0b:
6a:1f:af:50:d5:dc:1f:35:ad:9b:42:85:75:60:de:05:58:ef:
49:eb:27:97:2e:1e:31:8f:9e:9b:c4:e2:58:1c:ce:66:61:23:
8e:fc:60:b8:67:4f:e2:ad:70:bb:55:ce:16:a4:bd:af:41:2a:
99:e3:52:03:b4:be:b5:ec:78:ba:cb:72:ba:8a:c9:8e:1b:f0:
34:7f:ab:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoFMiXZn3zUXlZPJs7oEJ59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDIxMDUxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWMzNjgyNTU0MDY3ZjgxYzQ1ZGQyNmYyODZkMzIxYmY2ZmNiMmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYsrZxhDve+/eeGJ961eCDunvYdd
KAoGI0e6BsZFKiFi2BR1hhTcoPuecI7XY6BUZ+SedQLYTwM+ZUaFGN1a2anDAIhQ
ezA8T2/zOWrUyn5zWmFzHSbfBRc+bEJVzDtjydK8mRZoRDABQzJWSBMhrs48OkkI
wfkjZWgJTmzZbnixGUW9FXFrupRXKNV34j3H9ZNj5M3Q9pM5F6wNC9U776Rah6V8
QtFa3CAjojMg95SoCoZBxkCZfujT9a/Wm/X/Omszw1j86zgZkKy/8aD1lVhz0jQe
fCjhm8KFtyfmNH39kSf1MLY6yJi+0XuKA5rZYZ+GuPa9HkkeUbuh8ptC/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHDaCVUBn+BxF3SbyhtMhv2/LL6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb2NOb0pWUUdmNEhFWGRKdktHMHlHX2I4c3ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJcrFAwQA
l/LCMA0GCSqGSIb3DQEBCwUAA4IBAQANDJCWdCv8aLJxyrZLrRs7+avnGzfuJJw2
XLE8NzpFmLUHDULHKtF/id+Yv4gsNzc3n/RZPbJ4/8dONAKSXH5iRAxrAlV/NRNE
cjiPAqFy6kaUIdqWecP7UP0MvRIOFZszvpWDinLhiO9fwmtwDk94SK8zHH5Sf70b
HsRyfIAgh7Tr75Kq4qrfpJY7TlUwhM6FrBBNLnEE9rYprD0q5WEZ7IsRsvf1VwcU
u/wwqgWm7uZu2wtqH69Q1dwfNa2bQoV1YN4FWO9J6yeXLh4xj56bxOJYHM5mYSOO
/GC4Z0/irXC7Vc4WpL2vQSqZ41IDtL617Hi6y3K6ismOG/A0f6tq
-----END CERTIFICATE-----
Generated at Fri Oct 24 08:38:43 2025 by rpki-client