Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oGAN-qdYZCv1jnbn30aPOHF3XnY.roa
File: oGAN-qdYZCv1jnbn30aPOHF3XnY.roa (raw, json)
Hash identifier: AwnPvaCiq2S1Iw7Y9tew2bDgRzQqA5x8pF/iVdnfXyw=
Subject key identifier: A0:60:0D:FA:A7:58:64:2B:F5:8E:76:E7:DF:46:8F:38:71:77:5E:76
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0199F66CF20B8BDD7EA6516B84BE82B483E3
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oGAN-qdYZCv1jnbn30aPOHF3XnY.roa
Signing time: Sat 18 Oct 2025 08:25:58 +0000
ROA not before: Sat 18 Oct 2025 08:25:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48159
IP address blocks: 2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.182.128.0/21 maxlen: 21
2.185.0.0/16 maxlen: 16
2.185.0.0/20 maxlen: 20
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.185.88.0/22 maxlen: 22
2.185.160.0/19 maxlen: 19
2.185.164.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.40.0/23 maxlen: 23
2.189.42.0/23 maxlen: 23
2.189.42.0/24 maxlen: 24
2.189.42.16/29 maxlen: 29
2.189.42.24/30 maxlen: 30
2.189.42.28/30 maxlen: 30
2.189.42.36/30 maxlen: 30
2.189.42.40/30 maxlen: 30
2.189.42.48/29 maxlen: 29
2.189.42.64/30 maxlen: 30
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.79.96/29 maxlen: 29
2.189.187.0/24 maxlen: 24
2.189.188.0/25 maxlen: 25
2.189.188.128/25 maxlen: 25
2.191.0.0/16 maxlen: 16
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
80.191.0.0/16 maxlen: 16
80.191.56.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
217.219.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f6:6c:f2:0b:8b:dd:7e:a6:51:6b:84:be:82:b4:83:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Oct 18 08:25:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0600dfaa758642bf58e76e7df468f3871775e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:7f:c0:c6:12:67:b7:13:6d:7b:3a:0f:4d:b3:
12:ac:1a:01:1f:7d:ac:df:dd:00:d9:72:f6:07:eb:
70:f1:dc:88:5d:9b:99:ff:0c:a9:ad:56:e5:18:c0:
b7:ac:1b:05:5c:c3:b6:c1:1c:6f:3b:c1:2b:fd:03:
78:ab:70:5d:84:7f:0b:39:12:48:cb:54:a8:63:4c:
24:04:b2:9c:e8:0e:81:9e:25:cb:65:f4:fc:04:38:
14:27:58:41:24:dc:7b:de:43:46:08:03:6e:9f:c0:
54:77:0d:dc:d7:fd:50:67:3b:78:48:3a:8c:dd:8b:
04:48:b6:00:8f:08:8c:f6:8b:b7:d5:fb:ed:b2:f3:
6c:ee:75:79:7e:aa:6c:5c:b7:ae:b9:b6:1f:9b:f3:
88:e0:9e:95:bd:d5:26:43:81:69:65:cc:aa:05:d6:
5d:43:45:34:a2:1b:eb:0e:8b:09:51:70:bf:75:d6:
e6:22:54:38:4d:f2:d2:e1:4e:43:72:64:b1:70:ee:
e2:fd:f2:c7:8c:4c:e1:94:69:46:ec:60:83:7e:0d:
29:50:04:b4:67:33:65:67:73:f1:77:9e:f4:e8:b9:
92:45:87:53:a6:14:3a:34:d8:d6:74:f3:97:47:65:
90:c2:ee:95:70:f4:33:5f:d3:92:51:4e:47:49:f5:
7c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:60:0D:FA:A7:58:64:2B:F5:8E:76:E7:DF:46:8F:38:71:77:5E:76
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/oGAN-qdYZCv1jnbn30aPOHF3XnY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.0.0/16
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.40.0/22
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.189.79.96/29
2.189.187.0-2.189.188.255
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a5:2f:f9:a8:8b:ad:e4:e2:15:d6:6b:c3:c2:7b:ae:75:f9:e0:
f3:cc:d9:2a:0d:65:0c:38:d5:d4:dc:fa:69:ef:1c:42:94:f1:
70:f7:4d:b9:46:2f:40:3b:27:51:99:bd:f9:ed:d8:ec:a2:b2:
48:d7:18:31:37:f5:e0:a2:53:c9:95:a9:84:fe:79:2d:ef:fd:
0f:ed:58:fd:8a:fc:de:38:17:d0:42:6b:db:39:94:c9:a7:9b:
49:4d:c7:20:51:73:6a:7f:c2:67:ff:dc:bf:e9:eb:9e:94:ec:
f2:a9:74:d9:70:11:98:b8:d6:39:1f:1e:2a:ff:25:34:19:35:
ab:dc:65:b5:df:88:c6:f8:51:55:27:f0:1b:4c:e8:f7:10:f9:
8a:6f:f4:70:3b:a8:a4:93:96:fe:4f:f2:cb:90:fc:f7:63:74:
8a:3a:f2:c8:c9:1a:bd:e1:2d:8a:b4:bb:96:6d:05:f6:8a:4c:
1b:67:92:32:96:23:6f:37:44:a4:9f:a2:32:44:ed:71:ac:ba:
71:fa:09:d4:fc:31:58:fe:7f:16:ef:c7:5e:d7:ae:7b:86:fb:
4d:b5:89:9e:0f:0e:f4:d5:77:5f:ff:33:35:63:38:2b:a5:3c:
ec:4a:10:06:36:76:1c:66:4e:5b:3b:9a:ca:da:77:41:38:e1:
4c:b1:d4:08
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZn2bPILi91+plFrhL6CtIPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUxMDE4MDgyNTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDYwMGRmYWE3NTg2NDJiZjU4ZTc2ZTdkZjQ2OGYzODcxNzc1ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA93/AxhJntxNtezoPTbMSrBoBH32s
390A2XL2B+tw8dyIXZuZ/wyprVblGMC3rBsFXMO2wRxvO8Er/QN4q3BdhH8LORJI
y1SoY0wkBLKc6A6BniXLZfT8BDgUJ1hBJNx73kNGCANun8BUdw3c1/1QZzt4SDqM
3YsESLYAjwiM9ou31fvtsvNs7nV5fqpsXLeuubYfm/OI4J6VvdUmQ4FpZcyqBdZd
Q0U0ohvrDosJUXC/ddbmIlQ4TfLS4U5DcmSxcO7i/fLHjEzhlGlG7GCDfg0pUAS0
ZzNlZ3Pxd5706LmSRYdTphQ6NNjWdPOXR2WQwu6VcPQzX9OSUU5HSfV8SQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFKBgDfqnWGQr9Y52599Gjzhxd152MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvb0dBTi1xZFlaQ3Yxam5ibjMwYVBPSEYzWG5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wCwME
BwKwgAMDAQKwAwMAArYDAwACuQMEAQK8AAMEAAK8FgMEAAK8HAMEAwK8QAMEAAK8
TAMEAAK8swMEAQK8uAMEAAK8uwMEAgK9KAMEAAK9OAMEAAK9OgMEAAK9RAMEAAK9
SAMFAwK9T2AwDAMEAAK9uwMEAAK9vAMDAAK/AwMBTiYDAwBQvwMDAdnaMA0GCSqG
SIb3DQEBCwUAA4IBAQClL/moi63k4hXWa8PCe651+eDzzNkqDWUMONXU3Ppp7xxC
lPFw9025Ri9AOydRmb357djsorJI1xgxN/XgolPJlamE/nkt7/0P7Vj9ivzeOBfQ
QmvbOZTJp5tJTccgUXNqf8Jn/9y/6euelOzyqXTZcBGYuNY5Hx4q/yU0GTWr3GW1
34jG+FFVJ/AbTOj3EPmKb/RwO6ikk5b+T/LLkPz3Y3SKOvLIyRq94S2KtLuWbQX2
ikwbZ5IyliNvN0Skn6IyRO1xrLpx+gnU/DFY/n8W78de1657hvtNtYmeDw701Xdf
/zM1YzgrpTzsShAGNnYcZk5bO5rK2ndBOOFMsdQI
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:06 2025 by rpki-client