Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OXDburmqsWp39gpmUTOgbVXHVBs.roa
File: OXDburmqsWp39gpmUTOgbVXHVBs.roa (raw, json)
Hash identifier: mNS+LGMav0ddJkfNmtmb58edob24sZRzDSDw0sXgGL0=
Subject key identifier: 39:70:DB:BA:B9:AA:B1:6A:77:F6:0A:66:51:33:A0:6D:55:C7:54:1B
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 019934FE2799BCE4AC2746AA6401DF62A4EA
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OXDburmqsWp39gpmUTOgbVXHVBs.roa
Signing time: Wed 10 Sep 2025 18:58:15 +0000
ROA not before: Wed 10 Sep 2025 18:58:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.144.176.0/21 maxlen: 24
5.178.97.0/24 maxlen: 24
31.192.240.0/21 maxlen: 24
45.12.216.0/22 maxlen: 24
45.12.216.0/24 maxlen: 24
103.136.68.0/22 maxlen: 24
185.5.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:fe:27:99:bc:e4:ac:27:46:aa:64:01:df:62:a4:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Sep 10 18:58:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3970dbbab9aab16a77f60a665133a06d55c7541b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:18:75:5c:23:f6:97:10:06:9d:11:3a:c8:37:
e7:14:37:36:52:8f:1e:e4:82:9c:3f:3b:d0:62:b5:
a8:d0:7e:ee:86:ed:0a:51:0f:6a:34:6f:50:a3:1d:
29:8a:9f:a9:24:03:8d:ab:c5:cd:9c:be:0e:32:b1:
6c:d2:96:1b:9c:b7:c1:90:6d:af:22:c6:15:84:d5:
05:8d:f2:0d:a9:b8:13:64:a5:2e:9a:4b:7f:ce:64:
49:02:66:86:29:0b:7f:48:8f:cb:14:18:6a:1c:46:
42:e6:43:02:ea:9d:64:31:d7:80:64:e3:a2:00:9d:
af:e3:3d:8a:35:3b:c8:2b:a9:64:fa:7e:c2:98:d6:
12:80:2e:55:b4:29:a7:a2:65:41:3d:ce:19:0c:99:
12:c8:9b:13:2c:1e:9f:e2:c0:e3:f4:99:ca:b5:ca:
4f:34:1d:df:8f:83:c7:aa:1a:cd:5e:3e:35:80:c3:
9f:35:d7:87:42:dd:13:1c:c4:62:15:76:ef:a0:94:
5d:3a:65:a8:10:51:91:51:9b:55:b3:9c:49:9d:16:
7b:4b:ac:3d:70:0f:2a:af:fb:42:6d:fd:0f:75:45:
18:e0:94:ba:02:fd:9c:6a:3d:9e:53:b7:b6:5e:ce:
d1:1c:e3:c8:00:7a:77:5e:2c:fe:c8:0a:b1:a4:24:
8c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:70:DB:BA:B9:AA:B1:6A:77:F6:0A:66:51:33:A0:6D:55:C7:54:1B
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/OXDburmqsWp39gpmUTOgbVXHVBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.144.176.0/21
5.178.97.0/24
31.192.240.0/21
45.12.216.0/22
103.136.68.0/22
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:c8:4e:ca:dd:44:d3:82:51:c7:2a:92:fb:57:ea:a1:c7:c3:
18:b7:c7:e9:b4:73:2c:d1:30:de:71:f1:5f:f0:09:86:7f:e7:
1f:56:1e:99:b7:d7:99:d8:12:4d:2d:92:da:45:f7:66:a3:1c:
f8:fa:9a:8c:fe:4c:39:41:96:46:15:f3:7c:cf:0d:03:de:51:
9c:74:a1:09:2f:63:cb:b5:8a:03:ed:77:f0:ec:24:96:7e:9d:
6b:b4:2d:c3:a8:64:7b:3b:0c:2e:96:35:cd:8e:03:b4:40:8c:
e2:6a:84:5c:d4:75:07:ee:33:a1:cd:3f:0a:9b:1a:37:49:22:
d0:41:c4:c0:ff:4a:9c:f4:15:a4:5b:79:51:48:17:5c:bb:ed:
24:a0:11:8e:e5:6b:df:76:de:1a:67:65:dd:20:70:cd:df:ac:
c6:2a:1b:8e:36:d2:ea:b4:0d:6f:72:ed:77:6c:b5:ca:2e:fc:
93:8b:51:49:b4:1c:76:35:58:74:f1:f2:c8:ee:52:b1:ee:64:
22:0b:c9:1a:7a:c7:db:56:4e:ce:d6:d7:19:c5:43:bc:72:c1:
e6:8e:be:b3:4b:a8:59:d7:2c:5d:ac:24:13:f0:af:57:a0:db:
13:ae:ff:13:27:12:98:80:f6:77:8b:db:c8:80:fe:35:0e:26:
9b:05:ee:b2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZk0/ieZvOSsJ0aqZAHfYqTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjUwOTEwMTg1ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTcwZGJiYWI5YWFiMTZhNzdmNjBhNjY1MTMzYTA2ZDU1Yzc1NDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hh1XCP2lxAGnRE6yDfnFDc2Uo8e
5IKcPzvQYrWo0H7uhu0KUQ9qNG9Qox0pip+pJAONq8XNnL4OMrFs0pYbnLfBkG2v
IsYVhNUFjfINqbgTZKUumkt/zmRJAmaGKQt/SI/LFBhqHEZC5kMC6p1kMdeAZOOi
AJ2v4z2KNTvIK6lk+n7CmNYSgC5VtCmnomVBPc4ZDJkSyJsTLB6f4sDj9JnKtcpP
NB3fj4PHqhrNXj41gMOfNdeHQt0THMRiFXbvoJRdOmWoEFGRUZtVs5xJnRZ7S6w9
cA8qr/tCbf0PdUUY4JS6Av2caj2eU7e2Xs7RHOPIAHp3Xiz+yAqxpCSMhwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDlw27q5qrFqd/YKZlEzoG1Vx1QbMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvT1hEYnVybXFzV3AzOWdwbVVUT2diVlhIVkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQABSf4AwQD
BZCwAwQABbJhAwQDH8DwAwQCLQzYAwQCZ4hEAwQCuQUkMA0GCSqGSIb3DQEBCwUA
A4IBAQAvyE7K3UTTglHHKpL7V+qhx8MYt8fptHMs0TDecfFf8AmGf+cfVh6Zt9eZ
2BJNLZLaRfdmoxz4+pqM/kw5QZZGFfN8zw0D3lGcdKEJL2PLtYoD7Xfw7CSWfp1r
tC3DqGR7OwwuljXNjgO0QIziaoRc1HUH7jOhzT8Kmxo3SSLQQcTA/0qc9BWkW3lR
SBdcu+0koBGO5Wvfdt4aZ2XdIHDN36zGKhuONtLqtA1vcu13bLXKLvyTi1FJtBx2
NVh08fLI7lKx7mQiC8kaesfbVk7O1tcZxUO8csHmjr6zS6hZ1yxdrCQT8K9XoNsT
rv8TJxKYgPZ3i9vIgP41DiabBe6y
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:09:44 2025 by rpki-client