Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/inOwk0rr2hBBrYALexzKTS-HXaE.roa
File: inOwk0rr2hBBrYALexzKTS-HXaE.roa (raw, json)
Hash identifier: BGYPbxUWdEW8PUtIUA1rv4TAk1J/uLjxsHUKD6zhw0w=
Subject key identifier: 8A:73:B0:93:4A:EB:DA:10:41:AD:80:0B:7B:1C:CA:4D:2F:87:5D:A1
Certificate issuer: /CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Certificate serial: 019884ADE1D4FA3281B7205B443EAF345CB8
Authority key identifier: A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/inOwk0rr2hBBrYALexzKTS-HXaE.roa
Signing time: Thu 07 Aug 2025 13:17:24 +0000
ROA not before: Thu 07 Aug 2025 13:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56582
IP address blocks: 46.235.14.0/24 maxlen: 24
178.210.180.0/24 maxlen: 24
217.70.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:ad:e1:d4:fa:32:81:b7:20:5b:44:3e:af:34:5c:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Validity
Not Before: Aug 7 13:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a73b0934aebda1041ad800b7b1cca4d2f875da1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:e5:58:9d:a0:5f:8c:2e:fa:15:db:90:87:
4d:47:2b:73:52:45:b5:bc:be:98:6d:a6:b6:3d:9f:
46:00:41:42:7b:f2:11:09:53:2a:a3:c5:68:44:41:
b2:a5:a2:1c:39:6b:f0:95:15:8b:20:32:25:49:9f:
f6:20:eb:f1:bf:73:40:cb:90:9c:7f:cb:1c:be:c7:
ea:38:2c:19:43:9e:d7:20:af:e6:8c:6a:5f:f1:df:
53:9d:44:1d:ab:8a:8d:d0:bf:c1:4f:81:a6:ae:2c:
88:be:90:34:dc:99:32:0b:41:a5:13:0f:d3:ce:61:
8b:d9:d6:07:bd:1e:a1:0e:cc:70:10:d3:88:22:de:
3d:77:d0:27:a5:2a:2c:64:ac:05:8c:4f:be:b4:c9:
9b:ed:23:df:c9:18:87:50:3f:a7:00:b5:78:aa:4c:
f8:21:55:28:fd:e1:e5:90:bc:52:68:8a:23:dc:c9:
78:71:a2:08:7d:f1:f5:e8:dd:cb:36:0c:5c:bd:6d:
e7:c3:4f:c2:3a:9a:a0:0c:7a:5c:2d:48:aa:74:9b:
62:15:9d:ea:ae:94:ad:38:74:6f:86:4f:45:ce:9d:
ea:f3:98:f4:58:cf:2e:a4:aa:6f:7a:f5:a3:2f:7b:
f0:77:7b:1b:14:84:ad:cc:de:25:d5:23:6b:f6:2e:
e7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:73:B0:93:4A:EB:DA:10:41:AD:80:0B:7B:1C:CA:4D:2F:87:5D:A1
X509v3 Authority Key Identifier:
keyid:A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/inOwk0rr2hBBrYALexzKTS-HXaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.14.0/24
178.210.180.0/24
217.70.11.0/24
Signature Algorithm: sha256WithRSAEncryption
06:7b:68:84:0b:8f:1c:5a:99:cd:f9:64:4b:74:05:9e:2b:de:
02:0f:1a:e5:56:fd:87:7a:cb:f3:43:cc:f0:a6:37:c7:1e:fa:
22:6c:62:00:4b:0d:30:cb:d5:0d:94:e0:9c:e3:a5:08:e4:c6:
8d:d9:57:07:2b:35:2e:6b:22:4d:be:6a:69:9a:5b:3e:5b:1d:
08:a2:95:95:a7:ee:ec:d4:db:bd:34:48:2e:78:55:d8:0c:b5:
99:c7:49:ab:2a:ea:6e:3e:6a:d6:5a:6b:1e:ba:da:39:b5:06:
e9:5e:a7:df:25:17:25:db:c9:b7:55:5a:c3:35:cd:ab:32:21:
5c:b8:14:99:5c:cb:21:c1:38:89:f4:31:3c:22:33:af:29:82:
db:a8:ca:2a:cd:6d:68:9b:2a:01:ea:2f:30:83:e6:6c:40:df:
30:b9:93:17:b6:44:be:fd:6f:9b:83:c9:bf:f2:be:2f:20:b3:
02:51:44:16:8e:0b:9a:7a:38:3b:a2:f8:f2:94:9a:a2:e7:b7:
67:ba:7a:38:7b:e0:3d:d7:19:ab:e3:6c:b7:85:00:8f:6f:33:
83:08:5f:71:9a:41:b7:c5:fd:4e:6c:86:90:51:7d:24:c7:90:
83:22:0b:ba:2b:93:26:5b:3a:c2:62:ae:65:99:10:16:2a:45:
09:7d:4d:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiEreHU+jKBtyBbRD6vNFy4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjFiMjJiMjA1NDUwMmJmZDM4ODkxMzgyOTExMDNkODNi
NmE1MGUwHhcNMjUwODA3MTMxNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTczYjA5MzRhZWJkYTEwNDFhZDgwMGI3YjFjY2E0ZDJmODc1ZGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2jlWJ2gX4wu+hXbkIdNRytzUkW1
vL6Ybaa2PZ9GAEFCe/IRCVMqo8VoREGypaIcOWvwlRWLIDIlSZ/2IOvxv3NAy5Cc
f8scvsfqOCwZQ57XIK/mjGpf8d9TnUQdq4qN0L/BT4GmriyIvpA03JkyC0GlEw/T
zmGL2dYHvR6hDsxwENOIIt49d9AnpSosZKwFjE++tMmb7SPfyRiHUD+nALV4qkz4
IVUo/eHlkLxSaIoj3Ml4caIIffH16N3LNgxcvW3nw0/COpqgDHpcLUiqdJtiFZ3q
rpStOHRvhk9Fzp3q85j0WM8upKpvevWjL3vwd3sbFIStzN4l1SNr9i7nBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIpzsJNK69oQQa2AC3scyk0vh12hMB8GA1UdIwQY
MBaAFKPxsisgVFAr/TiJE4KRED2DtqUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQt
MjRkMjcyY2UxMWUzLzEvaW5Pd2swcnIyaEJCcllBTGV4ektUUy1IWGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQtMjRkMjcyY2UxMWUz
LzEvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALusOAwQA
stK0AwQA2UYLMA0GCSqGSIb3DQEBCwUAA4IBAQAGe2iEC48cWpnN+WRLdAWeK94C
DxrlVv2HesvzQ8zwpjfHHvoibGIASw0wy9UNlOCc46UI5MaN2VcHKzUuayJNvmpp
mls+Wx0IopWVp+7s1Nu9NEgueFXYDLWZx0mrKupuPmrWWmseuto5tQbpXqffJRcl
28m3VVrDNc2rMiFcuBSZXMshwTiJ9DE8IjOvKYLbqMoqzW1omyoB6i8wg+ZsQN8w
uZMXtkS+/W+bg8m/8r4vILMCUUQWjguaejg7ovjylJqi57dnuno4e+A91xmr42y3
hQCPbzODCF9xmkG3xf1ObIaQUX0kx5CDIgu6K5MmWzrCYq5lmRAWKkUJfU3j
-----END CERTIFICATE-----
Generated at Sat Aug 23 23:58:39 2025 by rpki-client