Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/DOzJON1bs3hiZ3VHnEmsvsi0zBQ.roa
File: DOzJON1bs3hiZ3VHnEmsvsi0zBQ.roa (raw, json)
Hash identifier: 0UphDOF22C9mcUTv3cPQJDc8LIXIF1k+LyuIOSGCS50=
Subject key identifier: 0C:EC:C9:38:DD:5B:B3:78:62:67:75:47:9C:49:AC:BE:C8:B4:CC:14
Certificate issuer: /CN=e0c5bb3da53435bf41e17f7dec47d4484e7f3129
Certificate serial: 0198AE3B17758CB6A8708BAA1D410D5F5E96
Authority key identifier: E0:C5:BB:3D:A5:34:35:BF:41:E1:7F:7D:EC:47:D4:48:4E:7F:31:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/DOzJON1bs3hiZ3VHnEmsvsi0zBQ.roa
Signing time: Fri 15 Aug 2025 14:56:04 +0000
ROA not before: Fri 15 Aug 2025 14:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 91.246.46.0/24 maxlen: 24
185.108.84.0/23 maxlen: 23
185.108.85.0/24 maxlen: 24
194.56.235.0/24 maxlen: 24
194.56.240.0/24 maxlen: 24
194.56.245.0/24 maxlen: 24
2a04:88c0::/30 maxlen: 30
2a04:88c0::/48 maxlen: 48
2a04:88c0:2::/48 maxlen: 48
2a04:88c0:3::/48 maxlen: 48
2a04:88c0:4::/48 maxlen: 48
2a04:88c0:5::/48 maxlen: 48
2a04:88c0:6::/48 maxlen: 48
2a04:88c0:7::/48 maxlen: 48
2a04:88c0:8::/48 maxlen: 48
2a04:88c0:9::/48 maxlen: 48
2a04:88c0:10::/48 maxlen: 48
2a04:88c0:11::/48 maxlen: 48
2a04:88c0:12::/48 maxlen: 48
2a04:88c0:13::/48 maxlen: 48
2a04:88c1::/32 maxlen: 32
2a04:88c2::/32 maxlen: 32
2a0d:6100::/29 maxlen: 29
2a0f:48c0::/29 maxlen: 29
2a0f:8680::/29 maxlen: 29
2a0f:a940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ae:3b:17:75:8c:b6:a8:70:8b:aa:1d:41:0d:5f:5e:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c5bb3da53435bf41e17f7dec47d4484e7f3129
Validity
Not Before: Aug 15 14:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cecc938dd5bb378626775479c49acbec8b4cc14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:27:63:55:ea:d3:79:91:5a:0b:ff:26:cd:
a5:0d:92:b2:0b:1f:bc:96:d0:65:8f:ae:34:22:8e:
66:86:ee:ad:1a:7c:09:ef:32:62:6b:d4:69:24:29:
af:00:e4:e2:b4:67:c4:ca:e5:f6:41:2b:f8:22:f3:
80:e0:c8:3c:00:cd:0d:ea:ea:c9:a6:b3:fc:37:79:
95:8f:4d:e7:0d:21:7d:6d:41:02:d8:87:24:3f:7a:
e3:49:f7:d7:be:04:bd:2e:37:95:7e:e5:a9:b3:4c:
b0:f3:51:3b:94:cc:6f:a6:02:cb:8e:8f:78:66:38:
5a:21:c9:52:bc:38:6d:ec:22:89:f6:78:d8:50:0c:
f6:09:ab:ce:a9:ce:de:38:01:1d:5c:2a:09:3b:62:
a1:a6:d2:83:62:75:2b:3f:c9:8a:3b:6e:e5:8f:2e:
c8:f5:b7:bf:52:8a:db:a5:b5:60:48:53:f7:60:55:
86:80:4e:8c:01:99:be:f5:f4:a2:c6:5a:c3:34:79:
80:c6:3f:49:fd:8f:47:4e:1c:8d:47:5e:44:80:d9:
c8:cb:13:4f:8b:9f:7d:27:00:c5:58:07:63:92:2b:
a8:ae:eb:f8:d4:05:cf:ec:d1:4d:b8:e2:82:78:ff:
75:cc:f9:99:dd:ee:95:0c:21:98:7c:43:fc:89:da:
84:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:EC:C9:38:DD:5B:B3:78:62:67:75:47:9C:49:AC:BE:C8:B4:CC:14
X509v3 Authority Key Identifier:
keyid:E0:C5:BB:3D:A5:34:35:BF:41:E1:7F:7D:EC:47:D4:48:4E:7F:31:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/DOzJON1bs3hiZ3VHnEmsvsi0zBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.246.46.0/24
185.108.84.0/23
194.56.235.0/24
194.56.240.0/24
194.56.245.0/24
IPv6:
2a04:88c0::/30
2a0d:6100::/29
2a0f:48c0::/29
2a0f:8680::/29
2a0f:a940::/29
Signature Algorithm: sha256WithRSAEncryption
e2:75:45:74:8a:93:b7:6e:c1:cb:08:96:fd:35:c8:18:56:ed:
d4:06:80:76:10:ef:de:da:6b:94:8a:6b:c5:3b:a1:d0:6d:3c:
7d:d5:cd:05:90:e8:c3:25:56:c2:ec:a0:43:dc:55:c1:71:8a:
66:bf:aa:d4:ed:5d:4f:4f:be:15:42:ce:32:f1:bd:4e:f4:38:
3b:6c:85:be:a8:82:c6:cf:36:e7:91:c2:49:b7:03:95:f3:3d:
24:4e:c6:30:6b:d5:c7:b4:5e:2d:91:ac:b2:23:84:e1:13:c9:
74:01:e9:99:db:cb:91:d1:65:44:5b:4c:7a:67:56:69:db:a3:
e1:f1:ea:76:8f:f1:fd:b8:6d:bc:b0:0d:8f:37:af:03:94:f9:
34:b3:87:bf:b7:2c:80:1a:6d:c0:4d:7f:3f:18:7f:d4:f6:1a:
bd:31:b9:83:d9:92:dc:0f:a8:82:33:04:cc:a0:03:1b:5a:d4:
cd:4d:68:d2:c8:72:91:53:e4:08:fd:b2:32:62:6d:c4:2c:c5:
a6:1a:a0:da:95:6a:37:55:67:8f:08:f9:e1:b2:a4:19:3a:92:
e6:49:0f:2f:11:0a:1a:a7:db:d7:39:11:28:56:0a:9a:11:65:
ac:73:3c:6b:cc:8e:71:7a:27:f5:60:e0:35:b8:4a:ad:d8:3e:
b3:89:e6:02
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZiuOxd1jLaocIuqHUENX16WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzViYjNkYTUzNDM1YmY0MWUxN2Y3ZGVjNDdkNDQ4NGU3
ZjMxMjkwHhcNMjUwODE1MTQ1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VjYzkzOGRkNWJiMzc4NjI2Nzc1NDc5YzQ5YWNiZWM4YjRjYzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq0nY1Xq03mRWgv/Js2lDZKyCx+8
ltBlj640Io5mhu6tGnwJ7zJia9RpJCmvAOTitGfEyuX2QSv4IvOA4Mg8AM0N6urJ
prP8N3mVj03nDSF9bUEC2IckP3rjSffXvgS9LjeVfuWps0yw81E7lMxvpgLLjo94
ZjhaIclSvDht7CKJ9njYUAz2CavOqc7eOAEdXCoJO2KhptKDYnUrP8mKO27ljy7I
9be/UorbpbVgSFP3YFWGgE6MAZm+9fSixlrDNHmAxj9J/Y9HThyNR15EgNnIyxNP
i599JwDFWAdjkiuoruv41AXP7NFNuOKCeP91zPmZ3e6VDCGYfEP8idqEEwIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFAzsyTjdW7N4Ymd1R5xJrL7ItMwUMB8GA1UdIwQY
MBaAFODFuz2lNDW/QeF/fexH1EhOfzEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1XN1BhVTBOYjlCNFg5OTdFZlVTRTVfTVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83ZjdkOGYtMGRjOC00NWEyLWJjMTYt
ODBhZGQ5ZWEzZTVjLzEvRE96Sk9OMWJzM2hpWjNWSG5FbXN2c2kwekJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83ZjdkOGYtMGRjOC00NWEyLWJjMTYtODBhZGQ5ZWEzZTVj
LzEvNE1XN1BhVTBOYjlCNFg5OTdFZlVTRTVfTVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQAW/YuAwQB
uWxUAwQAwjjrAwQAwjjwAwQAwjj1MCkEAgACMCMDBQIqBIjAAwUDKg1hAAMFAyoP
SMADBQMqD4aAAwUDKg+pQDANBgkqhkiG9w0BAQsFAAOCAQEA4nVFdIqTt27BywiW
/TXIGFbt1AaAdhDv3tprlIprxTuh0G08fdXNBZDowyVWwuygQ9xVwXGKZr+q1O1d
T0++FULOMvG9TvQ4O2yFvqiCxs8255HCSbcDlfM9JE7GMGvVx7ReLZGssiOE4RPJ
dAHpmdvLkdFlRFtMemdWaduj4fHqdo/x/bhtvLANjzevA5T5NLOHv7csgBptwE1/
Pxh/1PYavTG5g9mS3A+ogjMEzKADG1rUzU1o0shykVPkCP2yMmJtxCzFphqg2pVq
N1Vnjwj54bKkGTqS5kkPLxEKGqfb1zkRKFYKmhFlrHM8a8yOcXon9WDgNbhKrdg+
s4nmAg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:34:02 2025 by rpki-client