Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/oTTFl9FHxLAZ8JiSJdPGimoCQHM.roa
File: oTTFl9FHxLAZ8JiSJdPGimoCQHM.roa (raw, json)
Hash identifier: 45Ta1xYJRmd1UM8tpaggP68jmIJqaROOKMXNUEmi1b0=
Subject key identifier: A1:34:C5:97:D1:47:C4:B0:19:F0:98:92:25:D3:C6:8A:6A:02:40:73
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 01998D430121BF734CACC85A920E2B8ED418
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/oTTFl9FHxLAZ8JiSJdPGimoCQHM.roa
Signing time: Sat 27 Sep 2025 22:20:02 +0000
ROA not before: Sat 27 Sep 2025 22:20:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213301
IP address blocks: 5.255.57.0/24 maxlen: 24
5.255.61.0/24 maxlen: 24
5.255.62.0/23 maxlen: 23
23.252.66.0/23 maxlen: 23
23.252.68.0/24 maxlen: 24
23.252.71.0/24 maxlen: 24
23.252.75.0/24 maxlen: 24
23.252.76.0/24 maxlen: 24
23.252.79.0/24 maxlen: 24
91.92.112.0/23 maxlen: 23
107.150.162.0/23 maxlen: 23
107.150.171.0/24 maxlen: 24
107.150.175.0/24 maxlen: 24
107.150.177.0/24 maxlen: 24
162.222.88.0/23 maxlen: 23
162.222.90.0/24 maxlen: 24
167.160.4.0/24 maxlen: 24
167.160.11.0/24 maxlen: 24
167.160.27.0/24 maxlen: 24
176.126.101.0/24 maxlen: 24
185.4.224.0/23 maxlen: 23
185.252.210.0/24 maxlen: 24
212.52.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:8d:43:01:21:bf:73:4c:ac:c8:5a:92:0e:2b:8e:d4:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Sep 27 22:20:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a134c597d147c4b019f0989225d3c68a6a024073
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:4e:f5:64:d5:f4:2a:7e:9c:25:57:1f:d2:26:
65:85:61:f6:af:61:30:9a:01:91:75:f6:9e:9c:21:
41:f6:85:3f:4c:f4:0e:4e:6b:90:a9:d5:48:5d:64:
bb:df:8c:3e:be:2c:2a:c6:ad:ba:a4:7e:19:71:15:
a6:0a:fa:75:d5:a4:15:12:ee:05:22:d1:97:9d:0c:
d1:3e:7d:f7:7d:0c:2b:2d:74:99:e0:04:79:de:38:
9c:6e:56:c0:4c:52:46:54:14:5b:c5:74:8e:44:7c:
1c:a9:8c:99:bf:20:5a:16:a6:2d:db:7d:7a:da:db:
12:84:30:23:55:1d:cb:f4:fb:73:2b:1c:15:01:69:
b5:e5:09:d3:78:65:f0:2f:b2:3f:9b:af:3d:bb:9f:
00:f4:9d:e3:65:f2:5f:55:b6:db:dd:3d:a5:38:76:
da:cc:97:53:64:37:9d:fa:ff:5f:24:e1:7a:e8:ba:
af:f6:11:be:50:d0:22:88:2d:18:0b:98:12:f0:63:
0c:a0:2b:e2:4f:3d:a4:4a:63:a0:40:8b:e1:ca:0c:
67:ef:b4:a0:1e:7f:3d:90:56:4b:f2:53:27:9b:52:
9d:5e:ff:5b:e6:dd:d8:67:e4:e0:2e:8d:c0:0a:6f:
5c:00:2d:68:84:41:e6:d2:59:15:4f:51:2e:f4:b8:
a4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:34:C5:97:D1:47:C4:B0:19:F0:98:92:25:D3:C6:8A:6A:02:40:73
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/oTTFl9FHxLAZ8JiSJdPGimoCQHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.255.57.0/24
5.255.61.0-5.255.63.255
23.252.66.0-23.252.68.255
23.252.71.0/24
23.252.75.0-23.252.76.255
23.252.79.0/24
91.92.112.0/23
107.150.162.0/23
107.150.171.0/24
107.150.175.0/24
107.150.177.0/24
162.222.88.0-162.222.90.255
167.160.4.0/24
167.160.11.0/24
167.160.27.0/24
176.126.101.0/24
185.4.224.0/23
185.252.210.0/24
212.52.14.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:df:c7:f4:c0:d5:0c:87:07:ae:a9:78:44:f3:5a:08:0e:62:
df:6b:7b:99:1d:5c:d1:b6:22:e8:2e:2d:e6:78:e5:e5:a8:b6:
42:a0:c6:70:17:84:5b:96:72:87:c0:fc:af:1a:be:b5:60:11:
6e:a0:09:a4:88:c6:fd:cf:16:3c:e0:f8:9b:e2:1f:56:dd:c5:
bc:d0:ba:a6:18:33:99:9a:ff:9a:11:1b:40:4c:78:e3:e6:9b:
bb:d1:57:46:f9:f8:ce:ed:be:a0:13:23:e9:ca:b3:3b:13:7a:
1e:be:5e:a4:44:e9:0a:a9:2c:b4:52:20:29:56:ba:87:2d:3b:
56:a9:e5:1c:7d:43:3c:0b:07:62:d5:96:a4:98:5f:7b:b9:88:
ae:70:f3:21:81:31:5b:f4:6d:99:9a:41:b4:3b:24:32:76:9a:
fd:84:db:f6:65:50:2c:f8:aa:46:4b:9a:1c:c3:be:cd:5d:74:
fe:32:d4:60:17:08:f3:5e:51:81:08:c2:3d:ed:c1:14:46:29:
b9:e5:97:22:bb:48:a5:39:02:eb:83:a5:e2:d7:df:f9:62:f9:
4e:f6:cd:b7:b6:55:fd:ad:8a:98:18:61:28:45:1c:8e:e7:81:
30:56:1f:28:b3:0f:5a:22:17:44:e7:b4:09:45:03:0a:8f:a4:
12:23:77:16
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZmNQwEhv3NMrMhakg4rjtQYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjUwOTI3MjIyMDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM0YzU5N2QxNDdjNGIwMTlmMDk4OTIyNWQzYzY4YTZhMDI0MDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzU71ZNX0Kn6cJVcf0iZlhWH2r2Ew
mgGRdfaenCFB9oU/TPQOTmuQqdVIXWS734w+viwqxq26pH4ZcRWmCvp11aQVEu4F
ItGXnQzRPn33fQwrLXSZ4AR53jicblbATFJGVBRbxXSORHwcqYyZvyBaFqYt2316
2tsShDAjVR3L9PtzKxwVAWm15QnTeGXwL7I/m689u58A9J3jZfJfVbbb3T2lOHba
zJdTZDed+v9fJOF66Lqv9hG+UNAiiC0YC5gS8GMMoCviTz2kSmOgQIvhygxn77Sg
Hn89kFZL8lMnm1KdXv9b5t3YZ+TgLo3ACm9cAC1ohEHm0lkVT1Eu9LikmQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFKE0xZfRR8SwGfCYkiXTxopqAkBzMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvb1RURmw5Rkh4TEFaOEppU0pkUEdpbW9DUUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAF
/zkwDAMEAAX/PQMEBgX/ADAMAwQBF/xCAwQAF/xEAwQAF/xHMAwDBAAX/EsDBAAX
/EwDBAAX/E8DBAFbXHADBAFrlqIDBABrlqsDBABrlq8DBABrlrEwDAMEA6LeWAME
AKLeWgMEAKegBAMEAKegCwMEAKegGwMEALB+ZQMEAbkE4AMEALn80gMEANQ0DjAN
BgkqhkiG9w0BAQsFAAOCAQEAK9/H9MDVDIcHrql4RPNaCA5i32t7mR1c0bYi6C4t
5njl5ai2QqDGcBeEW5Zyh8D8rxq+tWARbqAJpIjG/c8WPOD4m+IfVt3FvNC6phgz
mZr/mhEbQEx44+abu9FXRvn4zu2+oBMj6cqzOxN6Hr5epETpCqkstFIgKVa6hy07
VqnlHH1DPAsHYtWWpJhfe7mIrnDzIYExW/RtmZpBtDskMnaa/YTb9mVQLPiqRkua
HMO+zV10/jLUYBcI815RgQjCPe3BFEYpueWXIrtIpTkC64Ol4tff+WL5TvbNt7ZV
/a2KmBhhKEUcjueBMFYfKLMPWiIXROe0CUUDCo+kEiN3Fg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:53 2025 by rpki-client