
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oSPEa0kHD4BJ8hH4pQ-DK8L5IR4.roa
File: oSPEa0kHD4BJ8hH4pQ-DK8L5IR4.roa (raw, json)
Hash identifier: Q8FlBmgfveR3aQS3jtGyEIPKFj2WDSKa4QTCCEi/rWI=
Subject key identifier: A1:23:C4:6B:49:07:0F:80:49:F2:11:F8:A5:0F:83:2B:C2:F9:21:1E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0199E4FD6F3D3477D668670E6F6DA0445685
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oSPEa0kHD4BJ8hH4pQ-DK8L5IR4.roa
Signing time: Tue 14 Oct 2025 23:10:38 +0000
ROA not before: Tue 14 Oct 2025 23:10:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205899
IP address blocks: 46.249.110.0/24 maxlen: 24
89.251.10.0/24 maxlen: 24
185.215.247.0/24 maxlen: 24
185.231.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:fd:6f:3d:34:77:d6:68:67:0e:6f:6d:a0:44:56:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 14 23:10:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a123c46b49070f8049f211f8a50f832bc2f9211e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:68:52:70:90:3a:6a:1c:b2:a5:8d:26:ed:fa:
3b:94:41:63:16:b4:a1:4a:6f:b5:fe:02:b1:6f:c4:
2f:20:64:c7:e8:91:0f:21:ce:7b:5e:86:29:4b:4d:
7d:4e:e3:71:34:43:15:8e:97:00:a6:b5:8d:e8:b7:
c2:f2:7a:1a:9c:14:a0:89:66:93:ec:b5:52:2a:7d:
fd:a8:5c:ce:cc:82:68:b1:98:f0:46:26:7c:44:2a:
fa:2e:c3:d0:17:cc:8a:16:38:fc:b7:8f:fc:af:04:
71:0e:c0:7a:de:25:49:d6:1d:ba:82:84:b3:d6:d9:
c4:38:e5:9a:f8:a6:ce:7c:94:9f:76:a2:3a:7f:90:
1f:e6:ef:5c:18:b7:da:b7:de:5b:84:2e:c6:f7:ae:
7c:3c:38:4e:d5:9a:54:d2:32:cc:70:df:2e:da:68:
50:80:2e:1c:14:f8:93:b0:a4:0b:c2:fd:8f:fc:b0:
a3:83:47:9c:ef:30:40:e4:3a:a1:07:2b:a1:b8:df:
5a:ce:30:ac:d1:1c:77:6e:80:50:24:4d:92:49:34:
d7:1b:5c:5c:18:e1:1a:d9:8e:0f:64:44:bd:e8:48:
78:15:3e:32:af:7e:3b:35:a7:3f:08:41:c3:6e:dc:
25:49:23:ea:5a:ee:78:56:54:a9:71:c2:0e:5f:6d:
b8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:23:C4:6B:49:07:0F:80:49:F2:11:F8:A5:0F:83:2B:C2:F9:21:1E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/oSPEa0kHD4BJ8hH4pQ-DK8L5IR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.110.0/24
89.251.10.0/24
185.215.247.0/24
185.231.173.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:50:df:2f:4d:35:b9:f7:5a:69:99:f6:9d:5d:7f:85:6e:05:
3a:23:5f:39:2d:43:2d:16:13:ef:95:d4:8c:ce:41:a7:03:f1:
60:09:ad:36:96:de:41:f3:52:4f:31:e8:bc:fc:a1:00:a7:06:
4f:7c:42:35:a2:a7:c5:4d:0e:05:50:74:e8:d3:78:0b:a5:ec:
02:46:6e:86:83:69:cb:49:5d:38:aa:1a:9b:2a:ec:e7:a6:49:
99:b2:47:63:22:4b:50:4f:70:b3:a9:e6:6e:76:c7:78:05:e7:
d1:60:15:22:17:d4:61:e8:04:97:bc:74:a0:ef:09:fe:bd:d3:
e4:98:c3:d1:f6:51:90:f4:23:15:ae:c9:c6:8c:2d:67:6f:72:
85:cd:4a:d9:c9:48:ed:3b:47:a6:cd:61:4e:c3:ee:b6:f4:57:
f8:d5:7f:82:7d:51:bc:4e:35:1e:5a:99:d2:e1:cd:80:4d:c3:
3d:06:63:43:16:20:0d:0b:d8:59:a4:72:31:b8:ce:51:ca:e9:
4d:45:4c:b1:14:d1:8f:0f:df:aa:99:07:5d:c6:1b:01:de:bf:
13:d8:2a:c1:fa:99:45:51:28:de:01:62:ed:87:a0:b0:7f:48:
d0:a3:49:c3:ac:a1:77:65:24:4a:3f:19:ec:1b:bb:ec:af:a1:
7c:0e:ed:11
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnk/W89NHfWaGcOb22gRFaFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUxMDE0MjMxMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTIzYzQ2YjQ5MDcwZjgwNDlmMjExZjhhNTBmODMyYmMyZjkyMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2hScJA6ahyypY0m7fo7lEFjFrSh
Sm+1/gKxb8QvIGTH6JEPIc57XoYpS019TuNxNEMVjpcAprWN6LfC8noanBSgiWaT
7LVSKn39qFzOzIJosZjwRiZ8RCr6LsPQF8yKFjj8t4/8rwRxDsB63iVJ1h26goSz
1tnEOOWa+KbOfJSfdqI6f5Af5u9cGLfat95bhC7G9658PDhO1ZpU0jLMcN8u2mhQ
gC4cFPiTsKQLwv2P/LCjg0ec7zBA5DqhByuhuN9azjCs0Rx3boBQJE2SSTTXG1xc
GOEa2Y4PZES96Eh4FT4yr347Nac/CEHDbtwlSSPqWu54VlSpccIOX224owIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKEjxGtJBw+ASfIR+KUPgyvC+SEeMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvb1NQRWEwa0hENEJKOGhINHBRLURLOEw1SVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALvluAwQA
WfsKAwQAudf3AwQAueetMA0GCSqGSIb3DQEBCwUAA4IBAQBdUN8vTTW591ppmfad
XX+FbgU6I185LUMtFhPvldSMzkGnA/FgCa02lt5B81JPMei8/KEApwZPfEI1oqfF
TQ4FUHTo03gLpewCRm6Gg2nLSV04qhqbKuznpkmZskdjIktQT3CzqeZudsd4BefR
YBUiF9Rh6ASXvHSg7wn+vdPkmMPR9lGQ9CMVrsnGjC1nb3KFzUrZyUjtO0emzWFO
w+629Ff41X+CfVG8TjUeWpnS4c2ATcM9BmNDFiANC9hZpHIxuM5RyulNRUyxFNGP
D9+qmQddxhsB3r8T2CrB+plFUSjeAWLth6Cwf0jQo0nDrKF3ZSRKPxnsG7vsr6F8
Du0R
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:16 2025 by rpki-client