
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OB_oVuUaUAQ7W4RQ74LopVDeEhg.roa
File: OB_oVuUaUAQ7W4RQ74LopVDeEhg.roa (raw, json)
Hash identifier: 3/3eElkgAQmQYyO/cS1ImYS5pgz/1W8Ltmyasrek5j8=
Subject key identifier: 38:1F:E8:56:E5:1A:50:04:3B:5B:84:50:EF:82:E8:A5:50:DE:12:18
Certificate issuer: /CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Certificate serial: 0199CA59AB52D070AC5704F67481D6FDFDE3
Authority key identifier: 1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OB_oVuUaUAQ7W4RQ74LopVDeEhg.roa
Signing time: Thu 09 Oct 2025 19:01:37 +0000
ROA not before: Thu 09 Oct 2025 19:01:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207957
IP address blocks: 2a01:ecc0:2c1::/48 maxlen: 48
2a01:ecc0:340::/42 maxlen: 42
2a01:ecc0:380::/42 maxlen: 42
2a01:ecc0:3c0::/42 maxlen: 42
2a01:ecc0:400::/42 maxlen: 42
2a01:ecc0:440::/42 maxlen: 42
2a01:ecc0:480::/42 maxlen: 42
2a01:ecc0:4c0::/42 maxlen: 42
2a01:ecc0:500::/42 maxlen: 42
2a01:ecc0:540::/42 maxlen: 42
2a01:ecc0:a00::/40 maxlen: 42
2a01:ecc0:b00::/40 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:59:ab:52:d0:70:ac:57:04:f6:74:81:d6:fd:fd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d43a2484569d20e3f53c17be7b9fb29c34ee5be
Validity
Not Before: Oct 9 19:01:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=381fe856e51a50043b5b8450ef82e8a550de1218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:28:1e:5d:7d:5b:2b:94:f0:1f:cf:cd:5c:85:
87:92:d1:d7:89:47:26:bb:82:a4:e8:77:c5:f7:6f:
59:43:bd:c3:b0:be:2e:5c:fc:68:4c:b7:fd:b4:ba:
9b:3d:da:1c:c7:4a:b3:b7:c4:e5:9b:7f:b7:c8:8e:
f8:98:ec:51:e7:bc:73:ea:8e:b9:5b:39:7f:ea:92:
07:a6:35:a0:1a:4e:d8:c7:14:ef:3d:bb:05:83:be:
b0:ee:ec:b5:30:b6:cc:57:a2:d5:db:87:f9:97:07:
97:cb:76:a9:13:73:57:1a:a0:e2:7c:4e:1a:7e:82:
7a:e5:19:ba:d5:aa:a7:fc:65:54:61:2f:77:be:5a:
8d:6a:98:80:65:0b:40:0c:e6:3d:99:1a:2d:5e:30:
ed:06:d8:bd:ac:03:56:a2:88:02:6d:c3:fc:db:ce:
c3:36:98:bd:20:51:40:ad:52:12:92:b1:fc:30:eb:
fb:8b:be:1b:51:b5:ca:c2:e9:ec:a0:4e:b7:a5:4f:
08:e7:40:87:81:6a:a9:e6:45:8a:96:cc:86:79:fa:
d8:cb:ca:27:04:0b:c3:df:bd:9a:d6:4e:17:c6:f4:
d9:5f:a1:13:c0:65:54:61:bd:0e:9b:2a:93:30:93:
09:93:b4:a8:5d:93:c9:7f:8d:0c:c4:8e:81:ac:e6:
3e:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:1F:E8:56:E5:1A:50:04:3B:5B:84:50:EF:82:E8:A5:50:DE:12:18
X509v3 Authority Key Identifier:
keyid:1D:43:A2:48:45:69:D2:0E:3F:53:C1:7B:E7:B9:FB:29:C3:4E:E5:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HUOiSEVp0g4_U8F757n7KcNO5b4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/OB_oVuUaUAQ7W4RQ74LopVDeEhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c93d87-32e0-46f1-9fb9-63451548979d/1/HUOiSEVp0g4_U8F757n7KcNO5b4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:ecc0:2c1::/48
2a01:ecc0:340::-2a01:ecc0:57f:ffff:ffff:ffff:ffff:ffff
2a01:ecc0:a00::/39
Signature Algorithm: sha256WithRSAEncryption
1f:8a:a8:39:42:de:f7:65:ad:d1:7e:67:23:fc:45:d7:74:48:
56:8e:8d:58:eb:c3:be:91:f2:7b:77:3a:85:90:55:64:44:1c:
5d:b3:09:6c:c1:e8:f6:ef:fd:88:26:c6:7b:eb:25:ff:2d:dd:
f8:eb:3b:c2:5b:e5:fb:38:1e:8a:7b:a8:46:71:c8:40:0d:b5:
a1:eb:5e:08:ee:8b:8f:9d:eb:de:98:f0:2e:6c:b2:89:92:6b:
1a:47:6d:a5:bc:97:ef:62:29:ca:a9:1b:a8:99:78:28:df:5f:
d5:f0:80:54:25:c2:a9:b4:87:b8:c4:a8:cc:e8:d8:6c:8b:32:
23:f5:82:ea:1a:8e:5c:cc:6a:e7:ec:8b:bc:fb:7a:a4:fb:3c:
64:5e:16:d4:57:9f:a3:ce:c6:14:b0:90:39:54:c2:a3:da:7b:
d1:74:24:a3:b9:6b:f7:90:77:0d:5b:db:d5:34:b6:a5:ad:c6:
74:ba:a0:7c:2b:ea:d3:1d:c9:5c:4e:fe:22:2d:6c:8e:3e:db:
f0:67:e9:8f:20:88:a3:96:b2:88:2f:0f:f7:99:4c:96:99:00:
98:d3:dc:9b:0e:78:a7:d9:a9:e3:45:50:55:c8:05:37:95:f1:
aa:33:81:fa:5e:16:6d:21:aa:3d:de:b6:8b:7e:fa:04:b9:ca:
a3:48:c7:71
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZnKWatS0HCsVwT2dIHW/f3jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNDNhMjQ4NDU2OWQyMGUzZjUzYzE3YmU3YjlmYjI5YzM0
ZWU1YmUwHhcNMjUxMDA5MTkwMTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODFmZTg1NmU1MWE1MDA0M2I1Yjg0NTBlZjgyZThhNTUwZGUxMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmygeXX1bK5TwH8/NXIWHktHXiUcm
u4Kk6HfF929ZQ73DsL4uXPxoTLf9tLqbPdocx0qzt8Tlm3+3yI74mOxR57xz6o65
Wzl/6pIHpjWgGk7YxxTvPbsFg76w7uy1MLbMV6LV24f5lweXy3apE3NXGqDifE4a
foJ65Rm61aqn/GVUYS93vlqNapiAZQtADOY9mRotXjDtBti9rANWoogCbcP8287D
Npi9IFFArVISkrH8MOv7i74bUbXKwunsoE63pU8I50CHgWqp5kWKlsyGefrYy8on
BAvD372a1k4XxvTZX6ETwGVUYb0OmyqTMJMJk7SoXZPJf40MxI6BrOY+AQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDgf6FblGlAEO1uEUO+C6KVQ3hIYMB8GA1UdIwQY
MBaAFB1DokhFadIOP1PBe+e5+ynDTuW+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjkt
NjM0NTE1NDg5NzlkLzEvT0Jfb1Z1VWFVQVE3VzRSUTc0TG9wVkRlRWhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOTNkODctMzJlMC00NmYxLTlmYjktNjM0NTE1NDg5Nzlk
LzEvSFVPaVNFVnAwZzRfVThGNzU3bjdLY05PNWI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTArBAIAAjAlAwcAKgHswALB
MBIDBwYqAezAA0ADBwcqAezABQADBgEqAezACjANBgkqhkiG9w0BAQsFAAOCAQEA
H4qoOULe92Wt0X5nI/xF13RIVo6NWOvDvpHye3c6hZBVZEQcXbMJbMHo9u/9iCbG
e+sl/y3d+Os7wlvl+zgeinuoRnHIQA21oeteCO6Lj53r3pjwLmyyiZJrGkdtpbyX
72IpyqkbqJl4KN9f1fCAVCXCqbSHuMSozOjYbIsyI/WC6hqOXMxq5+yLvPt6pPs8
ZF4W1Fefo87GFLCQOVTCo9p70XQko7lr95B3DVvb1TS2pa3GdLqgfCvq0x3JXE7+
Ii1sjj7b8GfpjyCIo5ayiC8P95lMlpkAmNPcmw54p9mp40VQVcgFN5XxqjOB+l4W
bSGqPd62i376BLnKo0jHcQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:48 2025 by rpki-client