Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/og2S8T7snwmIfxqWVsKnAziyqjw.roa
File: og2S8T7snwmIfxqWVsKnAziyqjw.roa (raw, json)
Hash identifier: nyDnsuqaFzZObVQeI6lulOe/nyo6A3NyWlMKfoM7RSQ=
Subject key identifier: A2:0D:92:F1:3E:EC:9F:09:88:7F:1A:96:56:C2:A7:03:38:B2:AA:3C
Certificate issuer: /CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Certificate serial: 0198C74C0466937DC4D26B0D489CCCB123A0
Authority key identifier: 3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/og2S8T7snwmIfxqWVsKnAziyqjw.roa
Signing time: Wed 20 Aug 2025 11:45:04 +0000
ROA not before: Wed 20 Aug 2025 11:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33915
IP address blocks: 80.112.128.0/18 maxlen: 18
80.112.128.0/19 maxlen: 19
80.112.160.0/19 maxlen: 19
80.114.128.0/18 maxlen: 18
80.114.128.0/19 maxlen: 19
80.114.160.0/19 maxlen: 19
80.115.224.0/19 maxlen: 19
80.115.224.0/20 maxlen: 20
80.115.240.0/20 maxlen: 20
80.242.224.0/19 maxlen: 19
80.242.224.0/20 maxlen: 20
80.242.240.0/20 maxlen: 20
91.221.96.0/23 maxlen: 23
185.130.174.0/23 maxlen: 23
195.35.128.0/17 maxlen: 17
195.35.128.0/18 maxlen: 18
195.35.192.0/18 maxlen: 18
195.85.128.0/18 maxlen: 18
195.85.128.0/19 maxlen: 19
195.85.160.0/19 maxlen: 19
212.178.64.0/18 maxlen: 18
212.178.64.0/19 maxlen: 19
212.178.96.0/19 maxlen: 19
212.178.128.0/19 maxlen: 19
212.178.128.0/20 maxlen: 20
212.178.144.0/20 maxlen: 20
212.178.192.0/19 maxlen: 19
212.178.192.0/20 maxlen: 20
212.178.208.0/20 maxlen: 20
212.203.0.0/19 maxlen: 19
212.203.0.0/20 maxlen: 20
212.203.16.0/20 maxlen: 20
213.34.64.0/19 maxlen: 19
213.34.64.0/20 maxlen: 20
213.34.80.0/20 maxlen: 20
213.34.160.0/19 maxlen: 19
213.34.160.0/20 maxlen: 20
213.34.176.0/20 maxlen: 20
213.124.0.0/17 maxlen: 17
213.124.0.0/18 maxlen: 18
213.124.64.0/18 maxlen: 18
213.124.128.0/19 maxlen: 19
213.124.128.0/20 maxlen: 20
213.124.144.0/20 maxlen: 20
213.125.0.0/16 maxlen: 16
213.125.0.0/17 maxlen: 17
213.125.128.0/17 maxlen: 17
213.126.0.0/17 maxlen: 17
213.126.0.0/18 maxlen: 18
213.126.64.0/18 maxlen: 18
213.132.160.0/19 maxlen: 19
213.132.160.0/20 maxlen: 20
213.132.176.0/20 maxlen: 20
217.100.0.0/16 maxlen: 16
217.100.0.0/17 maxlen: 17
217.100.128.0/17 maxlen: 17
217.102.224.0/21 maxlen: 21
217.102.224.0/22 maxlen: 22
217.102.228.0/22 maxlen: 22
217.105.192.0/19 maxlen: 19
217.105.192.0/20 maxlen: 20
217.105.208.0/20 maxlen: 20
2001:41f0::/32 maxlen: 32
2001:41f0::/33 maxlen: 33
2001:41f0:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:4c:04:66:93:7d:c4:d2:6b:0d:48:9c:cc:b1:23:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Validity
Not Before: Aug 20 11:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a20d92f13eec9f09887f1a9656c2a70338b2aa3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ef:01:f0:28:56:2a:a8:1c:c5:49:cb:ef:a3:
37:14:ce:a5:af:d8:8f:20:5a:8d:df:20:55:2c:dd:
57:7c:9f:40:09:5a:74:e1:25:4b:3a:a0:b8:e9:a1:
6a:2c:62:f6:da:9a:81:33:0f:c9:ed:81:01:05:fc:
85:ce:aa:f6:f8:3f:8d:df:74:4f:c0:81:e7:ec:aa:
49:a2:52:22:22:4f:b2:d2:4b:85:39:d8:f6:8e:ff:
62:0c:ca:e7:99:f2:6a:d5:d9:11:b2:1a:fd:0c:e6:
e1:24:c4:cf:11:44:33:7a:e3:ff:ac:c6:a9:0f:ed:
14:47:c4:dd:44:f6:c8:fe:a4:1d:b6:23:a6:e6:bd:
5e:40:e1:0f:c1:e2:9e:c4:56:aa:4a:65:f1:a4:03:
25:fa:7a:88:80:c7:06:79:68:a2:43:f2:f0:6a:a0:
fc:04:10:2e:51:86:dc:77:33:7d:91:9f:6a:63:0e:
63:c5:03:06:1e:0c:e9:97:a4:c7:3b:49:f8:9e:fe:
4f:8a:28:5f:1a:e4:40:92:c6:10:10:a5:af:0c:c1:
94:f2:6c:aa:cd:b2:a3:2e:6d:be:76:ea:94:6d:17:
c2:e6:a6:86:0c:b2:43:a5:4f:c3:ea:b3:9b:18:76:
c5:a2:d5:41:7d:6d:84:35:ee:6b:be:8d:dd:1a:e8:
5e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:0D:92:F1:3E:EC:9F:09:88:7F:1A:96:56:C2:A7:03:38:B2:AA:3C
X509v3 Authority Key Identifier:
keyid:3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/og2S8T7snwmIfxqWVsKnAziyqjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.112.128.0/18
80.114.128.0/18
80.115.224.0/19
80.242.224.0/19
91.221.96.0/23
185.130.174.0/23
195.35.128.0/17
195.85.128.0/18
212.178.64.0-212.178.159.255
212.178.192.0/19
212.203.0.0/19
213.34.64.0/19
213.34.160.0/19
213.124.0.0-213.124.159.255
213.125.0.0-213.126.127.255
213.132.160.0/19
217.100.0.0/16
217.102.224.0/21
217.105.192.0/19
IPv6:
2001:41f0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:b5:56:ef:ef:7e:13:e6:1a:4f:9a:70:dd:85:47:0e:f7:bb:
a8:ca:d6:f6:f6:69:d9:c1:0e:ec:75:81:7b:22:67:18:6b:39:
ae:b8:90:53:45:de:a9:f7:64:35:f2:af:6d:92:d0:1b:f1:55:
28:94:98:29:40:62:65:83:68:ed:38:ef:a3:9e:0c:7a:c2:26:
c7:67:c2:b9:d9:7d:78:0e:88:11:25:fc:04:cd:67:38:a8:2f:
c7:dd:41:2a:9a:ce:60:e8:d0:0a:20:6b:a4:d3:6f:95:25:d1:
31:23:6a:aa:03:fd:3d:5a:97:a0:72:56:d7:19:5d:70:25:61:
02:36:8b:40:2e:e3:05:29:8e:3a:ad:a2:ed:a2:f6:c2:52:9e:
bb:73:9e:36:22:1f:2b:e3:74:fb:ed:df:67:af:37:33:ab:d4:
13:3e:bb:c3:ec:a5:ff:10:60:df:20:03:70:82:93:61:c6:f8:
42:cd:52:17:41:c7:1c:44:cf:2d:07:b0:f1:78:bd:b5:3f:19:
49:67:3e:df:ac:e3:2c:63:30:0a:f7:f7:b9:8e:19:a4:7d:de:
31:25:b3:00:2b:e6:01:40:11:14:f2:d3:7d:b6:08:74:20:02:
8b:16:66:43:ac:20:fd:2f:1e:5c:b9:ce:b9:3c:fb:d9:b8:b0:
21:33:0d:41
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZjHTARmk33E0msNSJzMsSOgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGUyY2Q1MjE1ZTkzYmZhMGNhNmRmOGIyYzFmNWVkMmM5
NGFmNzQwHhcNMjUwODIwMTE0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjBkOTJmMTNlZWM5ZjA5ODg3ZjFhOTY1NmMyYTcwMzM4YjJhYTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO8B8ChWKqgcxUnL76M3FM6lr9iP
IFqN3yBVLN1XfJ9ACVp04SVLOqC46aFqLGL22pqBMw/J7YEBBfyFzqr2+D+N33RP
wIHn7KpJolIiIk+y0kuFOdj2jv9iDMrnmfJq1dkRshr9DObhJMTPEUQzeuP/rMap
D+0UR8TdRPbI/qQdtiOm5r1eQOEPweKexFaqSmXxpAMl+nqIgMcGeWiiQ/LwaqD8
BBAuUYbcdzN9kZ9qYw5jxQMGHgzpl6THO0n4nv5PiihfGuRAksYQEKWvDMGU8myq
zbKjLm2+duqUbRfC5qaGDLJDpU/D6rObGHbFotVBfW2ENe5rvo3dGuherwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFKINkvE+7J8JiH8allbCpwM4sqo8MB8GA1UdIwQY
MBaAFDveLNUhXpO/oMpt+LLB9e0slK90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmIt
ZGIzMTlhMzFiZGY3LzEvb2cyUzhUN3Nud21JZnhxV1ZzS25Beml5cWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmItZGIzMTlhMzFiZGY3
LzEvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBjgQCAAEwgYcDBAZQ
cIADBAZQcoADBAVQc+ADBAVQ8uADBAFb3WADBAG5gq4DBAfDI4ADBAbDVYAwDAME
BtSyQAMEBdSygAMEBdSywAMEBdTLAAMEBdUiQAMEBdUioDALAwMC1XwDBAXVfIAw
CwMDANV9AwQH1X4AAwQF1YSgAwMA2WQDBAPZZuADBAXZacAwDQQCAAIwBwMFACAB
QfAwDQYJKoZIhvcNAQELBQADggEBACq1Vu/vfhPmGk+acN2FRw73u6jK1vb2adnB
Dux1gXsiZxhrOa64kFNF3qn3ZDXyr22S0BvxVSiUmClAYmWDaO0476OeDHrCJsdn
wrnZfXgOiBEl/ATNZzioL8fdQSqazmDo0Aoga6TTb5Ul0TEjaqoD/T1al6ByVtcZ
XXAlYQI2i0Au4wUpjjqtou2i9sJSnrtznjYiHyvjdPvt32evNzOr1BM+u8Pspf8Q
YN8gA3CCk2HG+ELNUhdBxxxEzy0HsPF4vbU/GUlnPt+s4yxjMAr397mOGaR93jEl
swAr5gFAERTy0322CHQgAosWZkOsIP0vHly5zrk8+9m4sCEzDUE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:30:36 2025 by rpki-client