Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/oekYTvLkFDyI1-Z9odG0JNjeqaA.roa
File: oekYTvLkFDyI1-Z9odG0JNjeqaA.roa (raw, json)
Hash identifier: gtbCujk1N6fS9mJbVtdHPJFcwUbT4eB3P4aPqB6tlBE=
Subject key identifier: A1:E9:18:4E:F2:E4:14:3C:88:D7:E6:7D:A1:D1:B4:24:D8:DE:A9:A0
Certificate issuer: /CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Certificate serial: 019782A2D13ED2E481BB7E11A21125B0B894
Authority key identifier: C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/oekYTvLkFDyI1-Z9odG0JNjeqaA.roa
Signing time: Wed 18 Jun 2025 10:43:17 +0000
ROA not before: Wed 18 Jun 2025 10:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 93.127.160.0/24 maxlen: 24
93.127.161.0/24 maxlen: 24
93.127.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:a2:d1:3e:d2:e4:81:bb:7e:11:a2:11:25:b0:b8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c378bc3bd350eedc4f377c224556b250da6dde6f
Validity
Not Before: Jun 18 10:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1e9184ef2e4143c88d7e67da1d1b424d8dea9a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b0:ec:46:bb:b9:27:fc:6d:c5:fb:fa:d1:15:
6b:82:a8:c3:ee:ed:7c:9b:9c:5f:01:45:a2:82:8f:
7f:87:a4:1d:76:29:fe:de:c5:40:b0:a2:bb:63:38:
87:48:53:98:f5:d9:09:e7:68:e0:ff:07:bf:8d:d2:
de:4c:c8:cf:cc:4e:81:91:b0:33:bc:33:7d:60:be:
54:4c:fc:a7:e5:77:d0:d0:ca:ac:66:39:ca:d2:45:
29:ed:69:b6:4e:91:37:ce:8f:0e:de:c2:38:05:30:
9b:f0:db:05:50:f7:7b:16:49:7c:0f:2b:c9:65:84:
d5:09:5d:c2:3f:bd:51:92:42:13:52:f0:cb:bf:b0:
f6:41:54:2c:27:69:c4:20:4f:56:c3:30:21:59:b2:
7b:e6:f4:bb:63:8b:89:ca:45:95:4d:34:bf:6a:f9:
29:39:d7:7d:12:08:88:52:85:5e:5a:66:b3:a9:ac:
fb:7c:cc:02:ed:21:49:e3:d3:79:89:e9:cb:43:70:
bd:31:b6:6b:18:11:28:68:86:0d:18:17:1d:22:f9:
51:96:d0:5b:19:6e:b2:b9:2f:ff:5b:c6:45:16:3c:
e0:ed:13:52:50:54:32:c2:1a:73:68:59:08:4b:e9:
3b:26:f8:47:06:fd:d8:26:bf:7b:f9:e9:ad:4b:38:
6c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:E9:18:4E:F2:E4:14:3C:88:D7:E6:7D:A1:D1:B4:24:D8:DE:A9:A0
X509v3 Authority Key Identifier:
keyid:C3:78:BC:3B:D3:50:EE:DC:4F:37:7C:22:45:56:B2:50:DA:6D:DE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3i8O9NQ7txPN3wiRVayUNpt3m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/oekYTvLkFDyI1-Z9odG0JNjeqaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/be66e4-f14b-4b31-bdaf-4414558fdcbb/1/w3i8O9NQ7txPN3wiRVayUNpt3m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.127.160.0/23
93.127.184.0/24
Signature Algorithm: sha256WithRSAEncryption
39:17:a1:b9:6b:a1:7f:05:d5:70:38:68:21:36:a5:2d:46:8e:
90:e3:6e:66:2c:cf:7e:dc:15:dc:63:f8:2f:44:4d:d4:81:94:
04:2d:cc:a2:b5:cf:bb:2f:d0:fc:b3:9c:16:fb:d5:73:20:35:
17:6d:2e:8b:6e:3d:41:1b:22:b2:95:0b:0e:22:74:25:a6:58:
e1:f9:c4:3a:b2:7a:8c:1c:46:20:65:10:3d:f8:4a:55:3b:50:
99:12:b9:7f:4d:7c:60:c5:e9:ef:d7:34:cf:62:f8:69:3c:08:
1e:1d:69:cc:64:f7:21:aa:b1:35:dc:98:48:f7:37:40:a4:40:
97:b8:d7:57:c4:b4:38:5e:ea:2e:bc:56:08:e2:5c:b8:70:f3:
29:f5:50:66:4c:79:53:b9:2f:b8:6d:64:a2:7d:12:64:34:02:
50:fb:00:f5:ba:63:a9:81:58:49:00:a4:de:0d:f2:51:d8:5c:
ac:4b:ac:9e:99:a7:c0:96:80:35:88:1b:1f:fb:98:85:91:92:
d7:9d:3b:05:45:7c:34:9e:80:50:9f:2b:9d:79:f6:b0:91:c0:
f4:b3:b0:89:96:79:c2:95:61:78:5c:e1:36:91:8d:f0:84:f5:
22:3c:e8:99:91:5b:fc:2b:e6:97:e0:9f:a5:4b:0d:e1:a2:a9:
4a:91:4b:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeCotE+0uSBu34RohElsLiUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzhiYzNiZDM1MGVlZGM0ZjM3N2MyMjQ1NTZiMjUwZGE2
ZGRlNmYwHhcNMjUwNjE4MTA0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWU5MTg0ZWYyZTQxNDNjODhkN2U2N2RhMWQxYjQyNGQ4ZGVhOWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybDsRru5J/xtxfv60RVrgqjD7u18
m5xfAUWigo9/h6Qddin+3sVAsKK7YziHSFOY9dkJ52jg/we/jdLeTMjPzE6BkbAz
vDN9YL5UTPyn5XfQ0MqsZjnK0kUp7Wm2TpE3zo8O3sI4BTCb8NsFUPd7Fkl8DyvJ
ZYTVCV3CP71RkkITUvDLv7D2QVQsJ2nEIE9WwzAhWbJ75vS7Y4uJykWVTTS/avkp
Odd9EgiIUoVeWmazqaz7fMwC7SFJ49N5ienLQ3C9MbZrGBEoaIYNGBcdIvlRltBb
GW6yuS//W8ZFFjzg7RNSUFQywhpzaFkIS+k7JvhHBv3YJr97+emtSzhswQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHpGE7y5BQ8iNfmfaHRtCTY3qmgMB8GA1UdIwQY
MBaAFMN4vDvTUO7cTzd8IkVWslDabd5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYt
NDQxNDU1OGZkY2JiLzEvb2VrWVR2TGtGRHlJMS1aOW9kRzBKTmplcWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iZTY2ZTQtZjE0Yi00YjMxLWJkYWYtNDQxNDU1OGZkY2Ji
LzEvdzNpOE85TlE3dHhQTjN3aVJWYXlVTnB0M204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBXX+gAwQA
XX+4MA0GCSqGSIb3DQEBCwUAA4IBAQA5F6G5a6F/BdVwOGghNqUtRo6Q425mLM9+
3BXcY/gvRE3UgZQELcyitc+7L9D8s5wW+9VzIDUXbS6Lbj1BGyKylQsOInQlpljh
+cQ6snqMHEYgZRA9+EpVO1CZErl/TXxgxenv1zTPYvhpPAgeHWnMZPchqrE13JhI
9zdApECXuNdXxLQ4XuouvFYI4ly4cPMp9VBmTHlTuS+4bWSifRJkNAJQ+wD1umOp
gVhJAKTeDfJR2FysS6yemafAloA1iBsf+5iFkZLXnTsFRXw0noBQnyudefawkcD0
s7CJlnnClWF4XOE2kY3whPUiPOiZkVv8K+aX4J+lSw3hoqlKkUvO
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:29:39 2025 by rpki-client