Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/OYGnF03A3bgtWH3mxyGD5weKG3I.roa
File: OYGnF03A3bgtWH3mxyGD5weKG3I.roa (raw, json)
Hash identifier: xs/GZnRpuAOGciOhZWNiC2EdvZlXrkdfaex6+Wzxm1k=
Subject key identifier: 39:81:A7:17:4D:C0:DD:B8:2D:58:7D:E6:C7:21:83:E7:07:8A:1B:72
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0197A105D5E75FD14F5974EE904FE1F3D081
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/OYGnF03A3bgtWH3mxyGD5weKG3I.roa
Signing time: Tue 24 Jun 2025 08:20:03 +0000
ROA not before: Tue 24 Jun 2025 08:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 80.97.128.0/20 maxlen: 20
85.121.149.0/24 maxlen: 24
194.102.105.0/24 maxlen: 24
217.156.64.0/24 maxlen: 24
217.156.65.0/24 maxlen: 24
217.156.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:05:d5:e7:5f:d1:4f:59:74:ee:90:4f:e1:f3:d0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jun 24 08:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3981a7174dc0ddb82d587de6c72183e7078a1b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:05:13:4a:1f:e6:3c:1e:7e:3a:32:c1:91:8a:
e4:a2:09:c2:1a:2f:fa:c4:13:be:50:2a:86:42:c6:
af:06:42:3e:ae:77:85:ce:69:07:c7:ec:49:ef:97:
a5:f3:e0:33:ca:89:67:2e:47:9e:44:ec:27:99:4b:
e1:65:da:b2:35:fc:d7:f6:27:d1:28:93:44:91:b9:
8f:70:1e:5b:97:f9:90:ac:af:26:9b:c2:1a:e8:40:
33:c3:e6:95:25:0e:c9:ba:68:70:26:ed:11:f5:f3:
07:e1:ec:bc:9c:1f:ca:47:56:b0:a6:5a:3e:f5:7d:
83:19:3d:c0:16:4f:d0:51:1f:bb:d6:b5:33:ba:26:
c9:47:5a:6c:e8:55:5c:da:cf:34:1e:0d:13:13:7f:
02:0b:9f:b1:d3:be:86:12:c2:9a:b1:30:f5:ff:7f:
9b:49:c7:65:42:16:38:54:bb:cc:b9:6a:5c:7f:9d:
bc:8b:0a:43:14:9f:6c:f4:dc:54:27:16:96:e9:7f:
89:d7:30:49:57:8e:61:d1:a3:a1:6e:02:f6:f3:00:
95:c3:7a:12:d7:34:55:94:0c:00:a2:33:43:89:da:
2d:d4:bd:a5:37:da:2d:68:01:c0:44:b5:a2:26:db:
85:80:de:fc:4a:a1:49:08:aa:1d:88:44:9f:2d:a6:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:81:A7:17:4D:C0:DD:B8:2D:58:7D:E6:C7:21:83:E7:07:8A:1B:72
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/OYGnF03A3bgtWH3mxyGD5weKG3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.128.0/20
85.121.149.0/24
194.102.105.0/24
217.156.64.0/23
217.156.123.0/24
Signature Algorithm: sha256WithRSAEncryption
44:72:8b:cd:a7:20:69:4d:f3:5d:34:64:22:ea:8f:a7:44:b9:
a0:12:41:6d:f8:db:2a:1e:1e:60:2f:ac:78:5e:0f:34:d6:35:
76:72:5b:30:be:58:0c:68:d7:38:82:24:1a:28:f5:d5:91:cd:
b6:f7:2d:98:26:56:70:54:c4:5d:19:6c:3f:96:73:b8:0b:db:
50:b4:b3:4b:57:8d:ff:a5:16:7d:f1:e9:ba:84:1b:00:2a:d9:
39:da:e5:ac:c0:fb:a1:39:00:7e:57:04:51:46:af:38:64:85:
c6:12:37:77:e0:70:b6:29:9a:07:13:0b:47:eb:a3:e2:40:96:
cb:ca:bd:cc:5c:5a:35:24:11:7e:a1:af:31:64:6b:e5:9e:88:
8e:d8:ec:03:86:4f:5a:d3:60:ec:be:16:b3:52:2b:7e:7d:66:
fa:1c:9e:4f:57:db:09:6b:d8:36:95:46:53:84:5f:cb:36:ec:
c2:1d:8a:f8:2e:73:78:70:95:02:d4:79:c5:62:5f:c9:d4:c9:
f8:c3:a2:2f:4b:6b:7d:ab:97:bd:97:85:ad:1b:34:e0:9f:d6:
4b:e1:2a:3d:cc:2a:bb:98:ae:0d:8e:ff:d8:1b:04:1e:47:7e:
94:37:09:38:c4:6f:4a:65:47:3c:5c:28:13:57:13:79:f9:ff:
a1:4f:a3:c3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZehBdXnX9FPWXTukE/h89CBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNjI0MDgyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTgxYTcxNzRkYzBkZGI4MmQ1ODdkZTZjNzIxODNlNzA3OGExYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwUTSh/mPB5+OjLBkYrkognCGi/6
xBO+UCqGQsavBkI+rneFzmkHx+xJ75el8+AzyolnLkeeROwnmUvhZdqyNfzX9ifR
KJNEkbmPcB5bl/mQrK8mm8Ia6EAzw+aVJQ7JumhwJu0R9fMH4ey8nB/KR1awplo+
9X2DGT3AFk/QUR+71rUzuibJR1ps6FVc2s80Hg0TE38CC5+x076GEsKasTD1/3+b
ScdlQhY4VLvMuWpcf528iwpDFJ9s9NxUJxaW6X+J1zBJV45h0aOhbgL28wCVw3oS
1zRVlAwAojNDidot1L2lN9otaAHARLWiJtuFgN78SqFJCKodiESfLab1iwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDmBpxdNwN24LVh95schg+cHihtyMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvT1lHbkYwM0EzYmd0V0gzbXh5R0Q1d2VLRzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEUGGAAwQA
VXmVAwQAwmZpAwQB2ZxAAwQA2Zx7MA0GCSqGSIb3DQEBCwUAA4IBAQBEcovNpyBp
TfNdNGQi6o+nRLmgEkFt+NsqHh5gL6x4Xg801jV2clswvlgMaNc4giQaKPXVkc22
9y2YJlZwVMRdGWw/lnO4C9tQtLNLV43/pRZ98em6hBsAKtk52uWswPuhOQB+VwRR
Rq84ZIXGEjd34HC2KZoHEwtH66PiQJbLyr3MXFo1JBF+oa8xZGvlnoiO2OwDhk9a
02DsvhazUit+fWb6HJ5PV9sJa9g2lUZThF/LNuzCHYr4LnN4cJUC1HnFYl/J1Mn4
w6IvS2t9q5e9l4WtGzTgn9ZL4So9zCq7mK4Njv/YGwQeR36UNwk4xG9KZUc8XCgT
VxN5+f+hT6PD
-----END CERTIFICATE-----
Generated at Sun Jun 29 01:23:00 2025 by rpki-client