Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/o5MQ_aMK7jefmZE6oPWihY-kiig.roa
File: o5MQ_aMK7jefmZE6oPWihY-kiig.roa (raw, json)
Hash identifier: GwxLFOZ2rnFVptkhZAQW3B9urbn7oWI6excYOIPPHzg=
Subject key identifier: A3:93:10:FD:A3:0A:EE:37:9F:99:91:3A:A0:F5:A2:85:8F:A4:8A:28
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 0198847F87B0225026E8E5E68D3288C6B9DA
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/o5MQ_aMK7jefmZE6oPWihY-kiig.roa
Signing time: Thu 07 Aug 2025 12:26:47 +0000
ROA not before: Thu 07 Aug 2025 12:26:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.173.144.0/23 maxlen: 23
217.173.148.0/22 maxlen: 22
217.173.152.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:7f:87:b0:22:50:26:e8:e5:e6:8d:32:88:c6:b9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Aug 7 12:26:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a39310fda30aee379f99913aa0f5a2858fa48a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:72:34:1b:0a:b9:d7:ae:8d:65:55:45:2a:56:
df:3c:0f:cc:c8:4a:42:0e:b3:df:86:b5:a8:5a:a4:
0c:7f:b7:0c:29:2b:55:09:28:53:5e:38:43:62:1c:
be:f0:d8:a9:39:f2:38:e6:23:08:41:e1:e2:44:90:
ea:e7:b9:41:45:33:bb:67:a8:b0:19:a6:27:5d:23:
50:d1:e3:21:ab:e6:fb:3f:41:94:9a:01:a6:42:e7:
d5:d9:ac:1b:87:10:3e:bb:90:e1:b3:29:17:ce:e2:
09:2d:a7:f7:20:64:3f:c8:2f:70:41:3b:62:61:30:
bc:20:c9:5c:12:e3:85:e2:73:a5:3a:e5:86:5d:02:
c2:cf:af:d6:75:5c:d2:b7:69:a0:6b:8f:09:26:9d:
40:9b:be:15:ac:8d:12:c0:a1:24:c9:93:91:a2:80:
ba:6d:00:4d:83:da:82:09:92:85:18:0c:96:c1:b4:
d2:45:3a:1d:e0:1e:fa:0c:e8:1a:d6:b5:ce:67:41:
0e:b0:50:0f:34:c4:3d:12:41:e9:4a:a7:bd:45:aa:
4d:75:8f:e9:ce:c2:57:5c:e0:58:a0:6f:74:98:24:
72:a1:88:05:35:87:5d:01:c5:2c:56:70:bb:69:11:
f5:17:a5:70:ba:ea:83:77:25:8c:fb:ea:7d:57:8c:
15:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:93:10:FD:A3:0A:EE:37:9F:99:91:3A:A0:F5:A2:85:8F:A4:8A:28
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/o5MQ_aMK7jefmZE6oPWihY-kiig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.144.0/23
217.173.148.0-217.173.159.255
Signature Algorithm: sha256WithRSAEncryption
75:7d:37:30:1b:ad:b4:a4:b5:e3:d4:58:e2:b5:3a:ce:17:6f:
06:31:23:f4:ae:5e:f9:03:8f:21:75:5f:7b:42:2e:f3:60:7b:
dd:52:79:ca:d6:59:3b:8e:48:2a:db:4c:6d:31:04:bb:96:11:
59:0b:35:86:9e:8e:74:cc:e5:39:63:33:59:06:e1:43:67:11:
b7:a4:e2:29:af:0b:88:45:bd:66:77:c9:20:6e:d6:bc:de:9d:
14:64:6f:86:92:bb:b6:21:36:6f:a4:34:6f:52:92:6c:58:eb:
ca:78:aa:38:be:7a:9d:39:d0:bf:96:44:18:a3:aa:40:2a:a7:
c0:31:01:a5:cb:a1:7a:3f:d8:e7:54:18:e3:77:00:f5:fd:9c:
4a:0a:65:78:15:e8:cb:e7:5d:68:4c:07:84:53:b4:04:e4:86:
30:d3:98:0b:ed:09:fd:60:5d:70:bb:7f:fa:17:a8:90:b7:ea:
ce:e5:40:39:0e:ff:71:b7:00:1c:43:fa:23:a0:0f:0f:d7:44:
4f:78:36:36:86:4f:8c:03:46:a2:36:5e:41:70:ab:96:cb:c3:
62:45:f4:35:1b:92:c9:15:a7:bc:65:c3:81:a1:dd:84:ec:aa:
3f:4f:4e:56:b0:a5:d4:3e:d6:fb:36:9a:9f:4b:78:e5:56:40:
03:8e:51:94
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZiEf4ewIlAm6OXmjTKIxrnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjUwODA3MTIyNjQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzkzMTBmZGEzMGFlZTM3OWY5OTkxM2FhMGY1YTI4NThmYTQ4YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHI0Gwq5166NZVVFKlbfPA/MyEpC
DrPfhrWoWqQMf7cMKStVCShTXjhDYhy+8NipOfI45iMIQeHiRJDq57lBRTO7Z6iw
GaYnXSNQ0eMhq+b7P0GUmgGmQufV2awbhxA+u5DhsykXzuIJLaf3IGQ/yC9wQTti
YTC8IMlcEuOF4nOlOuWGXQLCz6/WdVzSt2mga48JJp1Am74VrI0SwKEkyZORooC6
bQBNg9qCCZKFGAyWwbTSRTod4B76DOga1rXOZ0EOsFAPNMQ9EkHpSqe9RapNdY/p
zsJXXOBYoG90mCRyoYgFNYddAcUsVnC7aRH1F6VwuuqDdyWM++p9V4wVPwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKOTEP2jCu43n5mROqD1ooWPpIooMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvbzVNUV9hTUs3amVmbVpFNm9QV2loWS1raWlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQB2a2QMAwD
BALZrZQDBAXZrYAwDQYJKoZIhvcNAQELBQADggEBAHV9NzAbrbSktePUWOK1Os4X
bwYxI/SuXvkDjyF1X3tCLvNge91SecrWWTuOSCrbTG0xBLuWEVkLNYaejnTM5Tlj
M1kG4UNnEbek4imvC4hFvWZ3ySBu1rzenRRkb4aSu7YhNm+kNG9SkmxY68p4qji+
ep050L+WRBijqkAqp8AxAaXLoXo/2OdUGON3APX9nEoKZXgV6MvnXWhMB4RTtATk
hjDTmAvtCf1gXXC7f/oXqJC36s7lQDkO/3G3ABxD+iOgDw/XRE94NjaGT4wDRqI2
XkFwq5bLw2JF9DUbkskVp7xlw4Gh3YTsqj9PTlawpdQ+1vs2mp9LeOVWQAOOUZQ=
-----END CERTIFICATE-----
Generated at Sat Aug 23 07:03:04 2025 by rpki-client