Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/o0CQ-6MywHICo_xO6JVYrovLnaI.roa
File: o0CQ-6MywHICo_xO6JVYrovLnaI.roa (raw, json)
Hash identifier: z9rRzR4IXOVwVGTGGEfUd7SIN6ihlxFiSh4at67AG5g=
Subject key identifier: A3:40:90:FB:A3:32:C0:72:02:A3:FC:4E:E8:95:58:AE:8B:CB:9D:A2
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 0198DB8BBAA1753BC52457DAD056F3B16EDE
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/o0CQ-6MywHICo_xO6JVYrovLnaI.roa
Signing time: Sun 24 Aug 2025 10:07:04 +0000
ROA not before: Sun 24 Aug 2025 10:07:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215672
IP address blocks: 80.93.193.0/24 maxlen: 24
80.93.199.0/24 maxlen: 24
80.93.203.0/24 maxlen: 24
80.93.204.0/24 maxlen: 24
80.93.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:db:8b:ba:a1:75:3b:c5:24:57:da:d0:56:f3:b1:6e:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Aug 24 10:07:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a34090fba332c07202a3fc4ee89558ae8bcb9da2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d6:11:be:a3:eb:5f:f9:ea:9f:2f:53:17:07:
d8:a6:9f:4c:17:36:70:81:c5:e2:43:b0:0d:f5:ce:
96:a9:15:8b:ca:7a:5d:5f:fe:68:52:a3:b0:8c:8e:
06:82:df:f0:5e:9e:d8:a3:30:7c:9b:1e:3d:8a:f4:
8f:46:65:39:9c:48:8e:8d:52:61:22:8a:25:e0:b9:
96:4c:d5:0e:1b:f3:cd:7e:0f:96:56:4d:5d:61:dd:
44:8e:4c:fb:01:43:b5:0b:58:50:dd:2c:ac:72:93:
8d:84:db:61:c0:16:1c:51:e0:51:72:31:5f:70:7e:
72:d4:94:53:86:6f:d7:75:61:04:05:6f:ab:f7:a2:
7a:e0:6e:70:df:9b:d7:54:a9:c0:db:ac:56:bb:63:
5c:7a:81:44:c8:e5:2d:ec:62:f0:26:fb:d7:e5:1e:
d2:da:28:aa:b6:01:6f:ef:0b:03:4d:31:ff:73:cf:
41:ca:5f:e0:87:30:91:c3:ca:83:6b:62:1c:64:ad:
3b:39:eb:b9:13:4f:0b:67:53:0d:c0:ac:af:e8:31:
6e:e9:b1:15:64:c7:4a:b1:78:f0:25:e5:db:7d:a8:
53:2c:ab:7c:14:2c:4b:d3:f6:c9:bf:34:99:69:53:
ba:9c:33:00:13:8d:3b:89:50:3d:81:60:ae:b4:3d:
56:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:40:90:FB:A3:32:C0:72:02:A3:FC:4E:E8:95:58:AE:8B:CB:9D:A2
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/o0CQ-6MywHICo_xO6JVYrovLnaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.193.0/24
80.93.199.0/24
80.93.203.0-80.93.205.255
Signature Algorithm: sha256WithRSAEncryption
29:12:f1:fd:a5:9a:df:58:40:58:8a:b7:f2:86:f7:87:fa:4a:
a4:26:6b:83:e4:6c:60:11:e2:e6:2d:ce:7d:e8:53:ba:65:23:
ec:d9:8c:30:d9:78:6c:df:d7:7c:43:0d:1e:9e:cf:d0:05:e3:
45:b0:07:9c:31:01:a5:ab:b6:6f:a8:42:62:3b:0e:ad:49:a0:
b2:0c:53:e8:3f:57:4d:a8:0b:e1:e8:f0:f1:76:b8:5b:fd:78:
c0:fe:58:34:bc:0e:26:51:59:3c:dc:38:17:0e:9d:ce:a6:27:
94:a5:3d:5a:8e:b8:99:28:ff:1b:a8:ac:11:9e:1a:24:a0:49:
1d:f8:d2:b1:d3:fc:8a:43:8f:46:90:fd:13:d1:fc:0b:9a:ce:
07:2d:6c:c9:e0:86:b0:9c:5a:5d:71:78:d2:be:57:54:2b:3c:
10:f6:6d:4c:ff:c2:68:5a:b0:b3:e3:8c:b4:7d:da:45:82:1c:
2d:65:55:81:e8:6c:2b:50:50:90:71:d2:1b:3f:3a:e0:02:92:
97:60:95:f0:dc:71:4e:12:23:4a:7d:a5:62:04:2d:fa:a3:5a:
e8:de:5e:57:ca:55:c0:72:9c:bf:37:3d:60:dc:9b:21:2f:1a:
dc:2b:e1:06:bd:3d:cc:43:c9:59:f9:2a:e5:4f:5d:8f:39:ab:
59:f5:f6:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZjbi7qhdTvFJFfa0FbzsW7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwODI0MTAwNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzQwOTBmYmEzMzJjMDcyMDJhM2ZjNGVlODk1NThhZThiY2I5ZGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9YRvqPrX/nqny9TFwfYpp9MFzZw
gcXiQ7AN9c6WqRWLynpdX/5oUqOwjI4Ggt/wXp7YozB8mx49ivSPRmU5nEiOjVJh
Iool4LmWTNUOG/PNfg+WVk1dYd1Ejkz7AUO1C1hQ3SyscpONhNthwBYcUeBRcjFf
cH5y1JRThm/XdWEEBW+r96J64G5w35vXVKnA26xWu2NceoFEyOUt7GLwJvvX5R7S
2iiqtgFv7wsDTTH/c89Byl/ghzCRw8qDa2IcZK07Oeu5E08LZ1MNwKyv6DFu6bEV
ZMdKsXjwJeXbfahTLKt8FCxL0/bJvzSZaVO6nDMAE407iVA9gWCutD1W5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKNAkPujMsByAqP8TuiVWK6Ly52iMB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvbzBDUS02TXl3SElDb194TzZKVllyb3ZMbmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3BAwQA
UF3HMAwDBABQXcsDBAFQXcwwDQYJKoZIhvcNAQELBQADggEBACkS8f2lmt9YQFiK
t/KG94f6SqQma4PkbGAR4uYtzn3oU7plI+zZjDDZeGzf13xDDR6ez9AF40WwB5wx
AaWrtm+oQmI7Dq1JoLIMU+g/V02oC+Ho8PF2uFv9eMD+WDS8DiZRWTzcOBcOnc6m
J5SlPVqOuJko/xuorBGeGiSgSR340rHT/IpDj0aQ/RPR/AuazgctbMnghrCcWl1x
eNK+V1QrPBD2bUz/wmhasLPjjLR92kWCHC1lVYHobCtQUJBx0hs/OuACkpdglfDc
cU4SI0p9pWIELfqjWujeXlfKVcBynL83PWDcmyEvGtwr4Qa9PcxDyVn5KuVPXY85
q1n19t4=
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:38:39 2025 by rpki-client