Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/oOSVGz-lQ6vIUBzKyOG7f87voLE.roa
File: oOSVGz-lQ6vIUBzKyOG7f87voLE.roa (raw, json)
Hash identifier: 35ws12+7zflfNIPckOxiSxE1IEtJ0udwzAAqCDOK85k=
Subject key identifier: A0:E4:95:1B:3F:A5:43:AB:C8:50:1C:CA:C8:E1:BB:7F:CE:EF:A0:B1
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0196C4DA6BDF8E7BC4D493C1DFF539FF267C
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/oOSVGz-lQ6vIUBzKyOG7f87voLE.roa
Signing time: Mon 12 May 2025 14:16:10 +0000
ROA not before: Mon 12 May 2025 14:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.140.58.0/24 maxlen: 24
212.81.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:da:6b:df:8e:7b:c4:d4:93:c1:df:f5:39:ff:26:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: May 12 14:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0e4951b3fa543abc8501ccac8e1bb7fceefa0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:81:3d:9c:32:0b:39:e1:be:fd:cd:a3:62:21:
8a:f3:04:3b:3d:bf:f1:5c:36:2b:9c:61:33:b4:4e:
15:53:d5:2d:b1:0c:df:7d:fc:fa:93:9c:33:ca:af:
e7:a4:3d:f8:e1:43:a3:a4:19:69:d7:c4:2a:40:8d:
a8:8c:a3:1a:3e:84:a3:27:d3:4f:2e:93:9b:d2:d0:
b6:6f:2b:d8:bb:0a:44:ca:ef:98:56:94:b8:6a:39:
bb:a9:20:da:80:e2:d3:1a:f4:b9:aa:99:1f:80:6a:
37:1e:3d:0c:cd:47:c2:72:fb:c5:2e:7b:90:22:06:
50:9c:73:f7:45:82:94:30:dc:de:98:38:64:70:d6:
f7:4a:5f:a7:88:88:29:f2:e9:c4:b3:e0:e6:4a:13:
b2:59:b7:de:2e:05:ad:24:5d:b4:e4:60:28:83:3a:
4e:51:18:d5:6d:65:b4:0a:5d:ef:93:53:df:42:90:
a3:12:28:9b:b2:29:06:6a:20:c3:68:c1:86:c8:db:
83:59:64:f0:25:ad:cd:83:5a:96:d8:3d:1e:17:f8:
0e:65:4b:0c:db:36:f0:8f:54:27:c5:a2:aa:68:ef:
7e:9a:68:83:91:a1:7f:1b:5e:6a:85:ba:f0:db:64:
35:37:eb:ed:66:b6:cc:32:7d:6d:6f:aa:a4:ce:d3:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E4:95:1B:3F:A5:43:AB:C8:50:1C:CA:C8:E1:BB:7F:CE:EF:A0:B1
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/oOSVGz-lQ6vIUBzKyOG7f87voLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.58.0/24
212.81.47.0/24
Signature Algorithm: sha256WithRSAEncryption
32:9c:aa:70:7d:5b:e0:a8:bf:9f:b1:f5:69:44:d2:ec:ae:3a:
3a:f0:63:14:c3:44:01:91:a3:73:65:25:c9:1c:25:e9:da:e4:
c5:46:85:0b:8c:b3:d5:e1:e6:10:84:65:79:8d:e0:fb:51:5c:
d8:32:6f:d1:83:21:a9:72:03:a5:13:d3:ef:30:dd:3e:ed:cb:
f7:80:8b:73:61:69:c4:43:74:13:e4:49:9d:d2:11:1f:6d:28:
f8:83:8b:71:96:63:e1:b7:54:ee:54:3f:7e:07:c0:b5:fd:b4:
0f:a6:52:50:31:d2:85:72:9f:07:0e:4c:18:df:78:31:da:95:
14:ce:b0:56:8b:73:b0:06:63:26:f3:89:a0:e2:1c:f8:e2:f8:
7b:81:a9:33:ce:17:9a:a0:83:2c:0f:84:5f:ce:f2:c4:c1:ef:
4d:bf:9b:9b:1a:a4:15:18:84:82:ff:ca:d9:b2:8f:53:35:33:
51:fe:66:1a:a6:2d:74:7e:6b:f9:c4:a6:cf:87:70:ac:53:d4:
70:ea:01:84:d0:6b:01:16:71:92:ae:b2:ff:68:0b:a4:11:7c:
ae:e7:1e:07:f1:d4:94:f1:74:6c:bb:c9:63:d7:8e:6a:62:67:
dd:16:90:e1:82:ac:d0:b5:fd:a5:44:ad:e4:71:36:78:a5:73:
45:55:1c:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbE2mvfjnvE1JPB3/U5/yZ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUwNTEyMTQxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGU0OTUxYjNmYTU0M2FiYzg1MDFjY2FjOGUxYmI3ZmNlZWZhMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YE9nDILOeG+/c2jYiGK8wQ7Pb/x
XDYrnGEztE4VU9UtsQzfffz6k5wzyq/npD344UOjpBlp18QqQI2ojKMaPoSjJ9NP
LpOb0tC2byvYuwpEyu+YVpS4ajm7qSDagOLTGvS5qpkfgGo3Hj0MzUfCcvvFLnuQ
IgZQnHP3RYKUMNzemDhkcNb3Sl+niIgp8unEs+DmShOyWbfeLgWtJF205GAogzpO
URjVbWW0Cl3vk1PfQpCjEiibsikGaiDDaMGGyNuDWWTwJa3Ng1qW2D0eF/gOZUsM
2zbwj1QnxaKqaO9+mmiDkaF/G15qhbrw22Q1N+vtZrbMMn1tb6qkztMJ8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDklRs/pUOryFAcysjhu3/O76CxMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvb09TVkd6LWxRNnZJVUJ6S3lPRzdmODd2b0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYw6AwQA
1FEvMA0GCSqGSIb3DQEBCwUAA4IBAQAynKpwfVvgqL+fsfVpRNLsrjo68GMUw0QB
kaNzZSXJHCXp2uTFRoULjLPV4eYQhGV5jeD7UVzYMm/RgyGpcgOlE9PvMN0+7cv3
gItzYWnEQ3QT5Emd0hEfbSj4g4txlmPht1TuVD9+B8C1/bQPplJQMdKFcp8HDkwY
33gx2pUUzrBWi3OwBmMm84mg4hz44vh7gakzzheaoIMsD4RfzvLEwe9Nv5ubGqQV
GISC/8rZso9TNTNR/mYapi10fmv5xKbPh3CsU9Rw6gGE0GsBFnGSrrL/aAukEXyu
5x4H8dSU8XRsu8lj145qYmfdFpDhgqzQtf2lRK3kcTZ4pXNFVRwP
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:16:17 2025 by rpki-client