Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/mOjdcIu2BlDS20XDZ7cdmtuYdO0.roa
File: mOjdcIu2BlDS20XDZ7cdmtuYdO0.roa (raw, json)
Hash identifier: KiJxzqYwZVngrheebaPLTly7mDpF6/pmTDX4Y/LyHCY=
Subject key identifier: 98:E8:DD:70:8B:B6:06:50:D2:DB:45:C3:67:B7:1D:9A:DB:98:74:ED
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01999AE32B21CEF3940C2398B096EB7B4A53
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/mOjdcIu2BlDS20XDZ7cdmtuYdO0.roa
Signing time: Tue 30 Sep 2025 13:50:02 +0000
ROA not before: Tue 30 Sep 2025 13:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33659
IP address blocks: 9.142.0.0/19 maxlen: 19
138.226.0.0/20 maxlen: 20
138.226.88.0/21 maxlen: 21
170.100.128.0/22 maxlen: 22
170.100.152.0/21 maxlen: 21
170.100.192.0/21 maxlen: 21
170.100.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:e3:2b:21:ce:f3:94:0c:23:98:b0:96:eb:7b:4a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Sep 30 13:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=98e8dd708bb60650d2db45c367b71d9adb9874ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:91:dc:02:a3:14:3b:33:60:01:75:2a:48:31:
dd:8e:30:f2:99:67:c0:8a:b7:fa:a0:bb:53:4f:99:
76:c8:70:e3:45:b3:ed:8e:81:55:cf:41:b1:ee:4e:
bc:c1:da:01:87:02:f3:6d:ec:89:d8:7f:d9:cb:0d:
d3:53:fc:df:da:cb:9f:7e:11:74:4c:09:e2:a3:a5:
6c:be:a5:e4:8d:a9:b1:54:cc:b1:1a:42:62:83:1f:
27:f1:47:1f:a3:64:b0:2d:01:02:62:ac:6d:2f:07:
d2:e7:9f:17:6c:2e:6f:5c:6a:89:a7:3b:e7:bc:5c:
6a:20:b6:99:15:42:29:15:89:da:a7:d2:71:88:20:
74:2d:4c:9e:d0:d1:bc:48:89:d3:6f:2a:37:4c:4c:
5d:db:dd:90:72:0c:69:75:f6:ea:e1:22:ad:38:76:
08:9f:2a:1a:a0:d3:64:1d:d2:01:8b:63:40:48:9a:
e6:0a:e0:88:70:49:d1:76:8e:6e:aa:c9:57:ed:5e:
ee:dc:e6:c3:8d:89:10:02:37:1b:28:90:8d:9a:35:
67:51:bc:be:b2:75:05:96:31:60:65:b0:72:ba:d7:
8b:43:82:f2:83:96:d8:50:bc:17:12:06:da:d3:c4:
8d:fe:53:9e:b5:5f:aa:0b:c1:a5:d5:19:f4:60:6e:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:E8:DD:70:8B:B6:06:50:D2:DB:45:C3:67:B7:1D:9A:DB:98:74:ED
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/mOjdcIu2BlDS20XDZ7cdmtuYdO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
9.142.0.0/19
138.226.0.0/20
138.226.88.0/21
170.100.128.0/22
170.100.152.0/21
170.100.192.0-170.100.203.255
Signature Algorithm: sha256WithRSAEncryption
48:09:57:1a:c0:ad:0a:26:0e:79:53:1c:8a:6a:42:4b:30:a9:
f9:60:9e:a6:ee:1a:67:f2:ba:83:66:71:f7:cf:53:3b:f0:56:
2e:98:51:13:ee:1a:db:e3:ea:be:92:14:22:47:fd:2c:23:0c:
ee:d0:43:b0:e2:48:41:9b:ea:1b:96:8b:3a:9f:2b:c0:34:96:
e6:01:d3:2a:a8:53:65:cb:dc:f4:8f:fe:6a:4c:22:6b:a8:e6:
59:03:7d:8e:c8:a2:8b:8c:1a:d5:a0:b4:86:a8:51:fb:31:f5:
93:6a:85:36:4c:f9:e0:83:35:9c:87:35:52:16:cb:f6:dd:5d:
09:60:13:a7:f5:2e:2d:08:f7:92:ec:63:b3:ac:d0:ad:de:30:
06:39:6c:20:39:3d:90:f3:cc:9f:7b:1b:72:41:c9:54:e9:e2:
3e:76:c9:9f:cb:dd:ac:84:60:86:8d:89:d7:b1:20:38:9f:8f:
fb:41:b0:bd:26:f2:47:7f:6f:70:3b:72:3a:e2:68:bd:dc:60:
43:8a:15:ce:e9:8d:a1:11:53:28:a0:c9:e1:c4:17:68:f3:32:
21:cf:6d:b7:25:c1:4b:83:c6:a6:41:c3:a3:63:72:7a:71:42:
1c:91:45:11:6c:f0:da:94:29:07:0a:ad:28:78:b9:dd:59:eb:
07:cd:6d:47
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZma4yshzvOUDCOYsJbre0pTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwOTMwMTM1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGU4ZGQ3MDhiYjYwNjUwZDJkYjQ1YzM2N2I3MWQ5YWRiOTg3NGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJHcAqMUOzNgAXUqSDHdjjDymWfA
irf6oLtTT5l2yHDjRbPtjoFVz0Gx7k68wdoBhwLzbeyJ2H/Zyw3TU/zf2suffhF0
TAnio6VsvqXkjamxVMyxGkJigx8n8Ucfo2SwLQECYqxtLwfS558XbC5vXGqJpzvn
vFxqILaZFUIpFYnap9JxiCB0LUye0NG8SInTbyo3TExd292Qcgxpdfbq4SKtOHYI
nyoaoNNkHdIBi2NASJrmCuCIcEnRdo5uqslX7V7u3ObDjYkQAjcbKJCNmjVnUby+
snUFljFgZbByuteLQ4Lyg5bYULwXEgba08SN/lOetV+qC8Gl1Rn0YG7DdwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJjo3XCLtgZQ0ttFw2e3HZrbmHTtMB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvbU9qZGNJdTJCbERTMjBYRFo3Y2RtdHVZZE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQFCY4AAwQE
iuIAAwQDiuJYAwQCqmSAAwQDqmSYMAwDBAaqZMADBAKqZMgwDQYJKoZIhvcNAQEL
BQADggEBAEgJVxrArQomDnlTHIpqQkswqflgnqbuGmfyuoNmcffPUzvwVi6YURPu
Gtvj6r6SFCJH/SwjDO7QQ7DiSEGb6huWizqfK8A0luYB0yqoU2XL3PSP/mpMImuo
5lkDfY7IoouMGtWgtIaoUfsx9ZNqhTZM+eCDNZyHNVIWy/bdXQlgE6f1Li0I95Ls
Y7Os0K3eMAY5bCA5PZDzzJ97G3JByVTp4j52yZ/L3ayEYIaNidexIDifj/tBsL0m
8kd/b3A7cjriaL3cYEOKFc7pjaERUyigyeHEF2jzMiHPbbclwUuDxqZBw6Njcnpx
QhyRRRFs8NqUKQcKrSh4ud1Z6wfNbUc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:40 2025 by rpki-client