Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/OMJBBrbct5lJ3NPYQmwZDQfwPtI.roa
File: OMJBBrbct5lJ3NPYQmwZDQfwPtI.roa (raw, json)
Hash identifier: P3SI0RFFQoE5StxjZVsTtoH382rKU+KGYXsOJugHreU=
Subject key identifier: 38:C2:41:06:B6:DC:B7:99:49:DC:D3:D8:42:6C:19:0D:07:F0:3E:D2
Certificate issuer: /CN=a04845af1dc0087b274cee52a4a9e0880335435d
Certificate serial: 0199C2B1F764FFC8E32D67C75DE601716CD0
Authority key identifier: A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/OMJBBrbct5lJ3NPYQmwZDQfwPtI.roa
Signing time: Wed 08 Oct 2025 07:21:07 +0000
ROA not before: Wed 08 Oct 2025 07:21:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 178.210.160.0/24 maxlen: 24
178.210.161.0/24 maxlen: 24
178.210.162.0/24 maxlen: 24
178.210.163.0/24 maxlen: 24
178.210.165.0/24 maxlen: 24
178.210.166.0/24 maxlen: 24
178.210.168.0/24 maxlen: 24
178.210.170.0/24 maxlen: 24
178.210.171.0/24 maxlen: 24
178.210.172.0/24 maxlen: 24
178.210.173.0/24 maxlen: 24
178.210.174.0/24 maxlen: 24
178.210.175.0/24 maxlen: 24
178.210.176.0/24 maxlen: 24
178.210.177.0/24 maxlen: 24
178.210.178.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.mft
rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:b1:f7:64:ff:c8:e3:2d:67:c7:5d:e6:01:71:6c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a04845af1dc0087b274cee52a4a9e0880335435d
Validity
Not Before: Oct 8 07:21:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38c24106b6dcb79949dcd3d8426c190d07f03ed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:7f:f3:17:c0:3e:e9:4d:48:c7:29:b0:58:26:
2b:ea:fe:0b:c8:94:6a:93:4d:75:08:37:87:99:b4:
11:0d:b6:e7:a2:d9:e6:e2:87:1a:b9:6c:67:d5:ed:
20:0d:19:8b:5d:1b:ba:73:07:38:2f:8a:59:57:3b:
78:6d:21:37:79:ef:03:96:d4:1e:b5:04:f0:76:ea:
20:14:69:4c:14:0f:4f:2c:e8:fd:02:1f:5f:78:62:
0a:0c:ec:90:b0:b7:a1:ac:4a:22:2a:05:54:cc:e7:
43:30:11:08:8f:26:aa:bb:50:fd:91:1d:48:80:48:
83:e6:e5:d1:08:31:98:cc:4a:fd:a2:c8:6f:88:2c:
76:ad:b1:05:50:36:c2:c5:fb:02:9d:e6:71:14:b9:
76:20:5b:7d:dd:9b:d8:fd:1f:6f:da:9d:cc:72:60:
94:c0:d4:a4:15:40:42:d7:36:48:63:9d:16:c8:21:
29:f4:6f:a6:86:06:9a:d0:4b:82:64:ae:5b:c7:28:
da:10:1a:ea:05:cb:16:2a:5f:1b:77:bb:d3:5f:a3:
8b:6c:72:ea:66:91:38:24:a6:ab:41:e1:a2:18:7a:
f9:07:70:23:de:40:4b:4a:7f:0d:ff:e8:46:de:c0:
5f:d5:72:b5:83:75:d3:55:32:b8:b0:a3:3f:da:0f:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C2:41:06:B6:DC:B7:99:49:DC:D3:D8:42:6C:19:0D:07:F0:3E:D2
X509v3 Authority Key Identifier:
keyid:A0:48:45:AF:1D:C0:08:7B:27:4C:EE:52:A4:A9:E0:88:03:35:43:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oEhFrx3ACHsnTO5SpKngiAM1Q10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/OMJBBrbct5lJ3NPYQmwZDQfwPtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/e55e30-97c6-40e6-81b7-507011570ee6/1/oEhFrx3ACHsnTO5SpKngiAM1Q10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.210.160.0/22
178.210.165.0-178.210.166.255
178.210.168.0/24
178.210.170.0-178.210.178.255
Signature Algorithm: sha256WithRSAEncryption
2b:35:70:8d:0e:44:44:06:c6:7c:c4:a1:94:3c:d6:28:fb:49:
55:2e:87:a5:7f:18:52:88:ca:27:5f:25:65:02:3e:c0:26:3a:
42:60:0d:b4:77:ac:d6:31:d2:d4:95:47:7a:e0:cf:cb:1e:74:
8e:a0:3a:1d:2b:92:17:2c:2f:ac:80:dc:d5:e5:58:c9:95:42:
06:59:35:69:7f:15:46:17:af:53:b1:1a:b5:49:4e:b0:63:be:
57:81:51:c0:7f:0d:da:8c:3a:57:95:ab:03:75:a6:ef:9b:5e:
f7:9b:69:1a:42:16:9c:67:4f:be:c3:69:87:c1:f0:d8:ee:0c:
7d:46:1a:e6:e7:a4:59:96:6a:d6:56:70:bf:df:d9:f1:94:30:
95:0a:28:7e:ca:d5:2a:58:34:10:2d:b1:36:e6:24:e7:8a:d1:
f1:fe:2c:e6:0d:1c:b2:6b:7a:bb:f0:63:1d:b4:98:b2:e8:ab:
a3:66:1f:85:ec:d3:ba:87:fc:78:bc:07:78:61:ce:4d:93:25:
2e:28:2d:48:3e:d0:db:a2:ed:bf:16:64:f8:c9:61:a1:e5:c2:
9d:6d:6b:0f:09:56:a7:60:34:60:14:44:8d:ca:e8:fa:c6:03:
1b:27:bb:5b:f7:14:8b:c4:68:ff:81:c6:12:1a:07:f6:99:2b:
40:c9:a6:dd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZnCsfdk/8jjLWfHXeYBcWzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDg0NWFmMWRjMDA4N2IyNzRjZWU1MmE0YTllMDg4MDMz
NTQzNWQwHhcNMjUxMDA4MDcyMTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGMyNDEwNmI2ZGNiNzk5NDlkY2QzZDg0MjZjMTkwZDA3ZjAzZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53/zF8A+6U1IxymwWCYr6v4LyJRq
k011CDeHmbQRDbbnotnm4ocauWxn1e0gDRmLXRu6cwc4L4pZVzt4bSE3ee8DltQe
tQTwduogFGlMFA9PLOj9Ah9feGIKDOyQsLehrEoiKgVUzOdDMBEIjyaqu1D9kR1I
gEiD5uXRCDGYzEr9oshviCx2rbEFUDbCxfsCneZxFLl2IFt93ZvY/R9v2p3McmCU
wNSkFUBC1zZIY50WyCEp9G+mhgaa0EuCZK5bxyjaEBrqBcsWKl8bd7vTX6OLbHLq
ZpE4JKarQeGiGHr5B3Aj3kBLSn8N/+hG3sBf1XK1g3XTVTK4sKM/2g9iNwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDjCQQa23LeZSdzT2EJsGQ0H8D7SMB8GA1UdIwQY
MBaAFKBIRa8dwAh7J0zuUqSp4IgDNUNdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjct
NTA3MDExNTcwZWU2LzEvT01KQkJyYmN0NWxKM05QWVFtd1pEUWZ3UHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9lNTVlMzAtOTdjNi00MGU2LTgxYjctNTA3MDExNTcwZWU2
LzEvb0VoRnJ4M0FDSHNuVE81U3BLbmdpQU0xUTEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCstKgMAwD
BACy0qUDBACy0qYDBACy0qgwDAMEAbLSqgMEALLSsjANBgkqhkiG9w0BAQsFAAOC
AQEAKzVwjQ5ERAbGfMShlDzWKPtJVS6HpX8YUojKJ18lZQI+wCY6QmANtHes1jHS
1JVHeuDPyx50jqA6HSuSFywvrIDc1eVYyZVCBlk1aX8VRhevU7EatUlOsGO+V4FR
wH8N2ow6V5WrA3Wm75te95tpGkIWnGdPvsNph8Hw2O4MfUYa5uekWZZq1lZwv9/Z
8ZQwlQoofsrVKlg0EC2xNuYk54rR8f4s5g0csmt6u/BjHbSYsuiro2YfhezTuof8
eLwHeGHOTZMlLigtSD7Q26LtvxZk+MlhoeXCnW1rDwlWp2A0YBREjcro+sYDGye7
W/cUi8Ro/4HGEhoH9pkrQMmm3Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:00:08 2025 by rpki-client