Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oWtKMibiFTPsmEQGFMzECE5UHiw.roa
File: oWtKMibiFTPsmEQGFMzECE5UHiw.roa (raw, json)
Hash identifier: Z5zglLw9W05ND5JEUY4X4umH8SL2gsFyXHtqi9P1iNQ=
Subject key identifier: A1:6B:4A:32:26:E2:15:33:EC:98:44:06:14:CC:C4:08:4E:54:1E:2C
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01972F492F72182D2776B1FF5CC2DA8DB8B8
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oWtKMibiFTPsmEQGFMzECE5UHiw.roa
Signing time: Mon 02 Jun 2025 06:16:54 +0000
ROA not before: Mon 02 Jun 2025 06:16:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.210.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.9.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2f:49:2f:72:18:2d:27:76:b1:ff:5c:c2:da:8d:b8:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 2 06:16:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a16b4a3226e21533ec98440614ccc4084e541e2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:59:57:e3:2a:b9:29:64:dd:91:2a:28:ba:d2:
8a:17:70:dc:e3:f7:b3:86:55:68:86:3e:f6:ec:92:
43:ad:da:18:f7:b2:b1:3d:43:95:e0:93:68:c4:89:
a4:bb:d8:fe:a0:1f:ab:39:e4:a2:f6:20:1b:82:f4:
c5:16:da:fc:25:4e:45:db:2a:02:41:0c:d7:2c:50:
d7:18:ec:65:a9:0a:24:99:08:8d:94:df:2d:8b:3a:
c4:95:e8:cf:16:bf:59:13:1e:27:3a:62:2f:60:8a:
03:6b:f3:cd:4d:8b:44:cb:9f:c1:38:f5:ea:02:7f:
6f:d9:aa:8d:ed:f7:71:27:52:73:13:8f:ac:a3:6c:
61:4d:8b:df:2e:42:ac:65:6c:54:6d:82:28:44:ac:
b1:e1:c5:a5:d4:d3:77:b4:85:47:29:29:ed:a2:d3:
79:f6:0f:6d:3e:45:26:8e:df:23:27:0f:88:bf:05:
88:60:06:ad:9a:60:77:40:8b:f8:0d:1c:9d:8c:22:
f4:aa:9a:46:bf:63:49:ea:d1:d7:0a:5e:67:46:00:
e7:40:1b:02:f9:e0:f6:c6:d3:70:18:3e:27:72:af:
33:f3:8a:9a:7a:ef:d9:83:ca:d4:3c:7f:65:05:ea:
91:7d:1b:68:46:9a:b9:98:a9:ed:9a:45:3c:4a:e1:
d0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:6B:4A:32:26:E2:15:33:EC:98:44:06:14:CC:C4:08:4E:54:1E:2C
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/oWtKMibiFTPsmEQGFMzECE5UHiw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.210.0/24
194.143.217.0-194.143.218.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0/24
195.114.197.0-195.114.198.255
195.114.205.0/24
213.220.2.0/24
213.220.4.0/24
213.220.9.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
59:63:00:a1:9b:2d:2e:b7:c2:40:ee:52:e9:1d:6a:df:d6:a6:
b3:da:af:99:3d:29:a1:80:54:48:88:da:17:03:c3:25:94:1c:
bc:7d:f8:b8:15:82:d7:ae:0f:e7:e3:24:ca:71:7b:4a:92:39:
5a:17:72:d3:ab:1d:61:9f:5c:a3:42:4f:62:e5:51:97:2d:71:
61:19:17:62:c3:73:f5:1a:69:a2:71:76:fe:25:7f:88:4c:f6:
0a:8c:b4:2d:17:25:b7:3d:f2:f5:8a:16:e7:7d:98:25:25:4e:
e6:fb:bd:7c:be:20:b9:76:f7:80:dd:8f:0d:25:f7:22:49:95:
4b:88:91:ad:32:a6:61:d5:06:82:24:74:58:51:b4:1e:49:20:
4f:37:e6:d6:16:11:17:b1:9c:66:c1:0f:2d:39:0c:87:f3:f6:
c6:56:90:90:c3:7d:68:27:d8:13:59:d8:b8:3a:48:91:d1:75:
6b:7e:61:3a:e9:f0:ba:b8:ca:98:76:2d:e7:7e:db:c9:0f:b7:
0e:df:03:24:8c:67:26:69:f5:66:81:14:9f:11:fc:8e:24:e9:
c5:70:9f:8d:89:a1:8f:49:4d:e9:99:c6:d9:38:32:ca:69:3f:
f5:e6:db:c8:dc:c4:44:9b:f2:e2:a3:1d:da:5a:49:b5:18:01:
e1:1d:7a:3e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZcvSS9yGC0ndrH/XMLajbi4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNjAyMDYxNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTZiNGEzMjI2ZTIxNTMzZWM5ODQ0MDYxNGNjYzQwODRlNTQxZTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlllX4yq5KWTdkSooutKKF3Dc4/ez
hlVohj727JJDrdoY97KxPUOV4JNoxImku9j+oB+rOeSi9iAbgvTFFtr8JU5F2yoC
QQzXLFDXGOxlqQokmQiNlN8tizrElejPFr9ZEx4nOmIvYIoDa/PNTYtEy5/BOPXq
An9v2aqN7fdxJ1JzE4+so2xhTYvfLkKsZWxUbYIoRKyx4cWl1NN3tIVHKSntotN5
9g9tPkUmjt8jJw+IvwWIYAatmmB3QIv4DRydjCL0qppGv2NJ6tHXCl5nRgDnQBsC
+eD2xtNwGD4ncq8z84qaeu/Zg8rUPH9lBeqRfRtoRpq5mKntmkU8SuHQKwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFKFrSjIm4hUz7JhEBhTMxAhOVB4sMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvb1d0S01pYmlGVFBzbUVRR0ZNekVDRTVVSGl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdDAMAwQELZvw
AwQALZvyMAwDBADCj80DBATCj8ADBADCj9IwDAMEAMKP2QMEAMKP2gMEAMKP3QME
AMNywAMEAMNywzAMAwQAw3LFAwQAw3LGAwQAw3LNAwQA1dwCAwQA1dwEAwQA1dwJ
AwQA1dwUAwQA1dw+MA0GCSqGSIb3DQEBCwUAA4IBAQBZYwChmy0ut8JA7lLpHWrf
1qaz2q+ZPSmhgFRIiNoXA8MllBy8ffi4FYLXrg/n4yTKcXtKkjlaF3LTqx1hn1yj
Qk9i5VGXLXFhGRdiw3P1GmmicXb+JX+ITPYKjLQtFyW3PfL1ihbnfZglJU7m+718
viC5dveA3Y8NJfciSZVLiJGtMqZh1QaCJHRYUbQeSSBPN+bWFhEXsZxmwQ8tOQyH
8/bGVpCQw31oJ9gTWdi4OkiR0XVrfmE66fC6uMqYdi3nftvJD7cO3wMkjGcmafVm
gRSfEfyOJOnFcJ+NiaGPSU3pmcbZODLKaT/15tvI3MREm/Liox3aWkm1GAHhHXo+
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:16:17 2025 by rpki-client