
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/ONL3PQ4OeKj9GolWXDmn2ruNHnw.roa
File: ONL3PQ4OeKj9GolWXDmn2ruNHnw.roa (raw, json)
Hash identifier: rXKbdPmJw7wfX0tqsu5yb+15Jpu2GS0eUYlTZU0/zCs=
Subject key identifier: 38:D2:F7:3D:0E:0E:78:A8:FD:1A:89:56:5C:39:A7:DA:BB:8D:1E:7C
Certificate issuer: /CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Certificate serial: 0199CE1A0ED1CDE53F2B213F29B19C39B18F
Authority key identifier: F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/ONL3PQ4OeKj9GolWXDmn2ruNHnw.roa
Signing time: Fri 10 Oct 2025 12:30:38 +0000
ROA not before: Fri 10 Oct 2025 12:30:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397630
IP address blocks: 83.136.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:1a:0e:d1:cd:e5:3f:2b:21:3f:29:b1:9c:39:b1:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f879988e0f49971a326f419e5cfacbfddcc993e7
Validity
Not Before: Oct 10 12:30:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d2f73d0e0e78a8fd1a89565c39a7dabb8d1e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f0:77:02:c9:06:76:dd:3c:c3:34:d4:74:b9:
32:f2:cb:a3:17:00:dd:e8:ae:f0:45:89:69:e7:96:
58:ec:c2:fc:03:e3:4e:be:ed:3c:62:7c:ef:ad:6c:
02:9a:b5:fc:8c:60:1f:66:aa:5f:7f:da:60:b1:c9:
f8:93:5d:9a:61:5d:12:a8:2a:35:f5:97:b0:ca:0e:
02:51:d9:1f:37:e4:76:2c:41:84:7d:47:41:ca:4a:
17:02:80:bd:97:4c:1e:1d:8e:76:e5:41:0b:97:2c:
88:90:02:fe:9c:57:7a:2a:7d:21:54:cf:04:6c:e7:
2b:14:7b:da:85:47:9b:ad:46:38:ec:25:b7:90:cf:
6a:42:06:f8:d2:95:96:e6:51:e0:88:0c:99:c5:f2:
05:0a:8e:60:67:99:d9:ba:6c:c0:03:02:55:cb:32:
50:df:b1:09:da:c6:1b:70:04:2d:e7:a4:26:66:c7:
f3:e6:91:e5:0a:e6:aa:49:ca:89:3d:55:74:e0:31:
81:4c:6c:40:4a:dd:c9:48:5b:0f:49:59:33:61:3b:
91:5b:80:fe:eb:41:dc:70:7b:58:f2:b3:6d:1a:0c:
73:b3:ce:34:51:cc:53:7c:54:ae:4f:c7:7b:c6:28:
6b:03:bd:01:12:52:fc:37:7a:7f:7b:c2:13:42:0b:
c7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:F7:3D:0E:0E:78:A8:FD:1A:89:56:5C:39:A7:DA:BB:8D:1E:7C
X509v3 Authority Key Identifier:
keyid:F8:79:98:8E:0F:49:97:1A:32:6F:41:9E:5C:FA:CB:FD:DC:C9:93:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/ONL3PQ4OeKj9GolWXDmn2ruNHnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/af3d81-0047-413c-91f4-0470b4bb30db/1/1-HmYjg9Jlxoyb0GeXPrL_dzJk-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f5:52:73:81:0c:5b:a9:79:22:7d:93:d5:cb:22:83:b2:bf:
4e:66:6a:4a:c4:dc:24:5e:fe:11:6f:d8:2f:a1:b5:79:d7:03:
37:89:42:46:34:80:1a:16:6f:65:b0:c6:3d:23:c5:cc:66:d6:
5c:46:ff:e7:1c:e0:ce:a1:b6:81:0d:af:1e:cc:ae:0e:72:2a:
3b:20:56:74:be:20:e2:ec:fc:01:0c:2a:92:d7:dc:33:32:5b:
a0:57:b7:2a:51:95:e0:c3:d4:9e:65:7c:2c:cc:eb:dc:26:a0:
42:99:7c:83:5d:76:97:15:43:3d:97:9f:4b:56:88:be:c0:da:
6a:03:58:bc:1b:94:61:88:e8:ba:28:08:10:2d:92:3b:b0:fa:
0e:7a:96:e1:86:f2:23:d9:45:d4:f3:ac:46:d7:8d:1a:52:63:
e6:98:31:67:90:25:d3:a6:dd:4c:1e:f6:00:b2:f6:61:23:39:
dd:48:fa:51:53:bf:4a:c8:75:63:38:d2:35:e4:17:e4:26:fa:
a9:36:54:d7:98:3a:dc:c5:01:dc:14:28:33:32:59:b5:c9:a5:
4f:f6:90:09:02:6d:d1:07:02:4f:6f:4d:2d:c9:c4:65:47:3a:
22:6a:63:bc:d9:ea:f5:be:11:66:1b:32:20:b9:c4:63:75:73:
83:0a:b6:07
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZnOGg7RzeU/KyE/KbGcObGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4Nzk5ODhlMGY0OTk3MWEzMjZmNDE5ZTVjZmFjYmZkZGNj
OTkzZTcwHhcNMjUxMDEwMTIzMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQyZjczZDBlMGU3OGE4ZmQxYTg5NTY1YzM5YTdkYWJiOGQxZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfB3AskGdt08wzTUdLky8sujFwDd
6K7wRYlp55ZY7ML8A+NOvu08YnzvrWwCmrX8jGAfZqpff9pgscn4k12aYV0SqCo1
9Zewyg4CUdkfN+R2LEGEfUdBykoXAoC9l0weHY525UELlyyIkAL+nFd6Kn0hVM8E
bOcrFHvahUebrUY47CW3kM9qQgb40pWW5lHgiAyZxfIFCo5gZ5nZumzAAwJVyzJQ
37EJ2sYbcAQt56QmZsfz5pHlCuaqScqJPVV04DGBTGxASt3JSFsPSVkzYTuRW4D+
60HccHtY8rNtGgxzs840UcxTfFSuT8d7xihrA70BElL8N3p/e8ITQgvH4QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFDjS9z0ODnio/RqJVlw5p9q7jR58MB8GA1UdIwQY
MBaAFPh5mI4PSZcaMm9Bnlz6y/3cyZPnMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1IbVlqZzlKbHhveWIwR2VYUHJMX2R6SmstYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0
LTA0NzBiNGJiMzBkYi8xL09OTDNQUTRPZUtqOUdvbFdYRG1uMnJ1Tkhudy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDUvYWYzZDgxLTAwNDctNDEzYy05MWY0LTA0NzBiNGJiMzBk
Yi8xLzEtSG1Zamc5Smx4b3liMEdlWFByTF9kekprLWMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABTiNUw
DQYJKoZIhvcNAQELBQADggEBAE/1UnOBDFupeSJ9k9XLIoOyv05makrE3CRe/hFv
2C+htXnXAzeJQkY0gBoWb2Wwxj0jxcxm1lxG/+cc4M6htoENrx7Mrg5yKjsgVnS+
IOLs/AEMKpLX3DMyW6BXtypRleDD1J5lfCzM69wmoEKZfINddpcVQz2Xn0tWiL7A
2moDWLwblGGI6LooCBAtkjuw+g56luGG8iPZRdTzrEbXjRpSY+aYMWeQJdOm3Uwe
9gCy9mEjOd1I+lFTv0rIdWM40jXkF+Qm+qk2VNeYOtzFAdwUKDMyWbXJpU/2kAkC
bdEHAk9vTS3JxGVHOiJqY7zZ6vW+EWYbMiC5xGN1c4MKtgc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:15 2025 by rpki-client