Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/o6gIOFd94HWkz0C7qKDElB9ddLg.roa
File: o6gIOFd94HWkz0C7qKDElB9ddLg.roa (raw, json)
Hash identifier: O6hiQL5dtUMOxfO7I5/Qs8GG3APxd+JEX/g4sJbBrHE=
Subject key identifier: A3:A8:08:38:57:7D:E0:75:A4:CF:40:BB:A8:A0:C4:94:1F:5D:74:B8
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 019A2C47057BF02F26A66EE31E7947B9CE26
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/o6gIOFd94HWkz0C7qKDElB9ddLg.roa
Signing time: Tue 28 Oct 2025 19:24:03 +0000
ROA not before: Tue 28 Oct 2025 19:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35793
IP address blocks: 45.11.129.0/24 maxlen: 24
45.11.130.0/24 maxlen: 24
45.11.131.0/24 maxlen: 24
45.95.100.0/24 maxlen: 24
45.95.101.0/24 maxlen: 24
45.95.102.0/24 maxlen: 24
45.95.103.0/24 maxlen: 24
91.221.209.0/24 maxlen: 24
185.151.160.0/24 maxlen: 24
185.151.161.0/24 maxlen: 24
185.151.162.0/24 maxlen: 24
185.151.163.0/24 maxlen: 24
185.174.140.0/24 maxlen: 24
185.174.141.0/24 maxlen: 24
185.174.142.0/24 maxlen: 24
185.174.143.0/24 maxlen: 24
2a07:7940:12::/48 maxlen: 48
2a07:7940:14::/48 maxlen: 48
2a07:7940:16::/48 maxlen: 48
2a07:7940:18::/48 maxlen: 48
2a07:7940:41::/48 maxlen: 48
2a07:7940:45::/48 maxlen: 48
2a07:7940:46::/48 maxlen: 48
2a07:7940:47::/48 maxlen: 48
2a07:7940:48::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:47:05:7b:f0:2f:26:a6:6e:e3:1e:79:47:b9:ce:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Oct 28 19:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3a80838577de075a4cf40bba8a0c4941f5d74b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:87:33:af:b3:d7:ab:13:ab:c5:2d:0a:26:61:
e2:ee:61:90:3b:6f:fc:37:8a:1f:85:91:25:90:d1:
dc:a4:a2:aa:1a:cf:ee:7d:16:75:cb:48:f1:73:12:
2f:06:15:d2:06:05:2d:e8:bf:9b:34:29:cd:eb:7f:
19:3b:40:a9:7c:3e:84:f6:8f:6b:87:65:97:15:74:
64:da:65:aa:8d:fe:a0:d1:85:33:70:a2:7d:ea:b8:
e9:51:08:1a:9c:36:71:8d:f2:43:94:7b:1d:fe:df:
e8:73:69:3c:07:9b:f7:d3:b6:d4:37:e9:41:82:bf:
ce:1b:5c:3d:a0:16:80:8f:70:e8:da:9d:14:5f:b9:
4c:48:6e:86:8a:1e:27:73:69:f8:30:36:cf:dd:63:
e2:e2:3c:66:31:7e:be:73:b2:a5:76:9e:e6:cb:0a:
a4:74:dc:0b:38:3f:8b:62:2e:08:36:13:cb:25:9d:
bf:0a:7d:44:1b:9c:db:95:5c:85:f5:7e:60:dd:3f:
a5:57:f4:38:0e:87:5a:c2:90:c5:f4:3f:d2:73:84:
92:f4:b9:f5:74:a8:53:ff:1d:af:28:9e:b0:06:16:
b7:00:d3:49:8d:3b:5e:9b:d3:9a:31:b4:99:dc:3e:
ad:ea:20:12:8e:cd:b5:bc:20:93:f8:cd:cb:96:29:
9c:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A8:08:38:57:7D:E0:75:A4:CF:40:BB:A8:A0:C4:94:1F:5D:74:B8
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/o6gIOFd94HWkz0C7qKDElB9ddLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.129.0-45.11.131.255
45.95.100.0/22
91.221.209.0/24
185.151.160.0/22
185.174.140.0/22
IPv6:
2a07:7940:12::/48
2a07:7940:14::/48
2a07:7940:16::/48
2a07:7940:18::/48
2a07:7940:41::/48
2a07:7940:45::-2a07:7940:48:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
9d:76:f2:a4:4f:48:31:91:49:af:1a:02:b7:af:d5:5a:38:1d:
13:04:de:7a:e1:fe:17:da:d3:31:cd:9e:71:d3:5e:51:ef:2e:
9c:f2:f6:a9:55:8c:26:bf:ae:b8:96:2f:de:ce:39:51:53:ce:
c4:28:36:42:ca:cc:b9:4e:7c:23:ce:5a:5a:12:c6:5d:40:96:
12:ff:55:73:5b:9d:c7:60:08:42:ef:54:76:ab:b2:d0:72:30:
83:10:4b:25:84:7a:c1:ac:b1:4b:e8:2b:5f:19:d9:9c:8d:7e:
ff:68:ef:68:ee:ec:9b:c2:11:af:e9:5f:ef:f1:13:a7:c7:6a:
09:f7:1b:fe:8b:af:f8:d1:cb:53:65:eb:84:f7:57:09:cb:19:
bf:30:3f:68:69:d7:30:9f:d6:af:ba:d9:6a:09:85:38:76:ab:
d7:3e:b0:a6:4c:f5:94:cb:d2:c6:97:ee:c4:6d:22:ec:a2:58:
a6:5a:c5:85:b8:bc:8d:4b:ca:0b:f2:81:4b:d9:c7:9a:c3:b1:
84:1f:36:61:62:06:bc:76:95:66:0e:e2:1f:7a:ae:7c:8c:df:
7d:5a:f2:08:f2:7f:99:91:79:8b:62:48:47:66:fb:75:73:39:
3c:b2:f7:6b:76:5c:e8:79:ff:31:d4:a8:44:db:db:7e:f3:81:
76:db:7d:3b
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZosRwV78C8mpm7jHnlHuc4mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUxMDI4MTkyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2E4MDgzODU3N2RlMDc1YTRjZjQwYmJhOGEwYzQ5NDFmNWQ3NGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroczr7PXqxOrxS0KJmHi7mGQO2/8
N4ofhZElkNHcpKKqGs/ufRZ1y0jxcxIvBhXSBgUt6L+bNCnN638ZO0CpfD6E9o9r
h2WXFXRk2mWqjf6g0YUzcKJ96rjpUQganDZxjfJDlHsd/t/oc2k8B5v307bUN+lB
gr/OG1w9oBaAj3Do2p0UX7lMSG6Gih4nc2n4MDbP3WPi4jxmMX6+c7Kldp7mywqk
dNwLOD+LYi4INhPLJZ2/Cn1EG5zblVyF9X5g3T+lV/Q4DodawpDF9D/Sc4SS9Ln1
dKhT/x2vKJ6wBha3ANNJjTtem9OaMbSZ3D6t6iASjs21vCCT+M3LlimcAwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFKOoCDhXfeB1pM9Au6igxJQfXXS4MB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvbzZnSU9GZDk0SFdrejBDN3FLREVsQjlkZExnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwLAQCAAEwJjAMAwQALQuB
AwQCLQuAAwQCLV9kAwQAW93RAwQCuZegAwQCua6MMEcEAgACMEEDBwAqB3lAABID
BwAqB3lAABQDBwAqB3lAABYDBwAqB3lAABgDBwAqB3lAAEEwEgMHACoHeUAARQMH
ACoHeUAASDANBgkqhkiG9w0BAQsFAAOCAQEAnXbypE9IMZFJrxoCt6/VWjgdEwTe
euH+F9rTMc2ecdNeUe8unPL2qVWMJr+uuJYv3s45UVPOxCg2QsrMuU58I85aWhLG
XUCWEv9Vc1udx2AIQu9Udquy0HIwgxBLJYR6wayxS+grXxnZnI1+/2jvaO7sm8IR
r+lf7/ETp8dqCfcb/ouv+NHLU2XrhPdXCcsZvzA/aGnXMJ/Wr7rZagmFOHar1z6w
pkz1lMvSxpfuxG0i7KJYplrFhbi8jUvKC/KBS9nHmsOxhB82YWIGvHaVZg7iH3qu
fIzffVryCPJ/mZF5i2JIR2b7dXM5PLL3a3Zc6Hn/MdSoRNvbfvOBdtt9Ow==
-----END CERTIFICATE-----
Generated at Mon Nov 3 09:42:08 2025 by rpki-client