Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/OlMMJhOrULR3z98uQeY6b3VXgEc.roa
File: OlMMJhOrULR3z98uQeY6b3VXgEc.roa (raw, json)
Hash identifier: q6ZWYT2ZC6QfyvSsdsgx8ZD0lu2+Rk8uJl+vD5jnyPs=
Subject key identifier: 3A:53:0C:26:13:AB:50:B4:77:CF:DF:2E:41:E6:3A:6F:75:57:80:47
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 0197408BE0F53C9B94CC6C4424EC95CF19A8
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/OlMMJhOrULR3z98uQeY6b3VXgEc.roa
Signing time: Thu 05 Jun 2025 14:43:18 +0000
ROA not before: Thu 05 Jun 2025 14:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197927
IP address blocks: 130.255.174.0/24 maxlen: 24
146.19.85.0/24 maxlen: 24
193.42.214.0/24 maxlen: 24
193.42.217.0/24 maxlen: 24
2a09:a740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:8b:e0:f5:3c:9b:94:cc:6c:44:24:ec:95:cf:19:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jun 5 14:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a530c2613ab50b477cfdf2e41e63a6f75578047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:ce:9a:5c:3a:e0:ec:a3:87:13:68:ff:7b:6a:
3d:c3:e8:f2:c3:e9:6c:bc:8f:72:b2:77:0d:9a:ee:
41:c1:93:ad:d8:e6:59:8d:22:ff:7a:7d:c6:94:55:
32:a7:2d:34:cb:a7:39:28:ae:d6:c3:0f:00:a5:60:
1a:1b:47:81:bb:d4:96:cf:5a:1d:69:e2:53:a0:45:
56:ac:a5:1a:11:47:33:4e:c9:a5:bf:c3:1e:f4:b3:
6a:bb:92:f2:bc:e8:d8:56:52:9d:2f:ef:55:68:0c:
ca:91:80:20:30:0f:fc:69:86:50:f1:c9:37:32:9b:
49:5a:34:5a:9d:96:73:22:67:26:65:2a:37:b5:0f:
7f:e7:78:37:67:83:78:3c:df:c0:a7:c2:89:d9:16:
3f:ef:57:df:78:e2:37:b1:af:f7:75:05:9e:33:61:
56:61:8c:17:1b:5b:66:0e:37:f9:ca:50:04:67:47:
2a:27:04:f9:92:03:23:33:13:d7:a3:4a:ce:22:6a:
15:54:5b:36:5d:fa:58:20:9f:99:54:6c:7d:27:f5:
26:0f:cc:b7:24:ed:9d:4b:bd:1c:d2:a4:70:1f:c8:
cf:b6:c7:7e:23:6b:ec:c6:2f:74:2d:62:05:73:6d:
ec:13:b5:c4:48:17:e5:d7:e1:80:43:9b:9b:e5:80:
63:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:53:0C:26:13:AB:50:B4:77:CF:DF:2E:41:E6:3A:6F:75:57:80:47
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/OlMMJhOrULR3z98uQeY6b3VXgEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.174.0/24
146.19.85.0/24
193.42.214.0/24
193.42.217.0/24
IPv6:
2a09:a740::/32
Signature Algorithm: sha256WithRSAEncryption
72:d5:1e:00:82:43:30:43:eb:5e:73:09:dd:a6:37:0f:7d:e9:
4d:2c:4c:18:a5:e9:76:92:cf:52:8e:d6:38:0a:be:90:8f:cf:
9b:ad:9b:be:e1:5c:27:b4:07:c4:69:a3:69:c2:e0:93:81:f1:
3c:dd:cd:23:98:89:bc:3a:4a:d1:9c:d3:17:ef:ca:10:c1:e2:
e1:39:4c:96:9a:44:b2:b1:f7:bd:9a:dc:99:5b:f4:47:7b:2b:
6e:10:dd:15:19:63:a0:fd:49:4e:f5:f9:a7:14:77:23:0e:25:
f6:21:0c:7e:86:84:70:db:f2:15:3a:fd:26:ba:b2:02:fe:69:
61:30:24:7b:68:9e:b5:3e:e9:ff:b5:8d:11:51:15:fb:3e:19:
27:08:54:bf:0d:b2:e0:27:f8:c7:6a:05:b1:1b:5f:43:ed:1d:
6d:a5:cc:a3:f0:a9:7a:ce:ff:e2:4f:04:6d:e6:67:f9:82:15:
5a:22:0f:10:1b:95:2d:e8:f3:4c:ff:eb:01:3c:0d:c1:26:44:
d5:9c:6d:44:7d:ec:49:71:26:3b:b1:d3:be:be:9d:5d:1f:20:
22:68:24:60:be:58:5d:74:5f:89:4a:e5:d9:08:3c:1f:3e:6f:
3f:b6:93:d2:08:44:9d:78:bd:65:c1:e5:5c:46:86:97:cc:67:
e3:53:48:31
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZdAi+D1PJuUzGxEJOyVzxmoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjUwNjA1MTQ0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTUzMGMyNjEzYWI1MGI0NzdjZmRmMmU0MWU2M2E2Zjc1NTc4MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws6aXDrg7KOHE2j/e2o9w+jyw+ls
vI9ysncNmu5BwZOt2OZZjSL/en3GlFUypy00y6c5KK7Www8ApWAaG0eBu9SWz1od
aeJToEVWrKUaEUczTsmlv8Me9LNqu5LyvOjYVlKdL+9VaAzKkYAgMA/8aYZQ8ck3
MptJWjRanZZzImcmZSo3tQ9/53g3Z4N4PN/Ap8KJ2RY/71ffeOI3sa/3dQWeM2FW
YYwXG1tmDjf5ylAEZ0cqJwT5kgMjMxPXo0rOImoVVFs2XfpYIJ+ZVGx9J/UmD8y3
JO2dS70c0qRwH8jPtsd+I2vsxi90LWIFc23sE7XESBfl1+GAQ5ub5YBjNwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDpTDCYTq1C0d8/fLkHmOm91V4BHMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvT2xNTUpoT3JVTFIzejk4dVFlWTZiM1ZYZ0VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAgv+uAwQA
khNVAwQAwSrWAwQAwSrZMA0EAgACMAcDBQAqCadAMA0GCSqGSIb3DQEBCwUAA4IB
AQBy1R4AgkMwQ+tecwndpjcPfelNLEwYpel2ks9SjtY4Cr6Qj8+brZu+4VwntAfE
aaNpwuCTgfE83c0jmIm8OkrRnNMX78oQweLhOUyWmkSysfe9mtyZW/RHeytuEN0V
GWOg/UlO9fmnFHcjDiX2IQx+hoRw2/IVOv0murIC/mlhMCR7aJ61Pun/tY0RURX7
PhknCFS/DbLgJ/jHagWxG19D7R1tpcyj8Kl6zv/iTwRt5mf5ghVaIg8QG5Ut6PNM
/+sBPA3BJkTVnG1EfexJcSY7sdO+vp1dHyAiaCRgvlhddF+JSuXZCDwfPm8/tpPS
CESdeL1lweVcRoaXzGfjU0gx
-----END CERTIFICATE-----
Generated at Mon Jun 9 06:41:33 2025 by rpki-client