Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OUQrWWn5H1qYMGMIAIliNORx0hU.roa
File: OUQrWWn5H1qYMGMIAIliNORx0hU.roa (raw, json)
Hash identifier: zLP92CTOPDiORVO89qYB8K5eqWzfOTdCCWxe3k7J7T4=
Subject key identifier: 39:44:2B:59:69:F9:1F:5A:98:30:63:08:00:89:62:34:E4:71:D2:15
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019807805EAC41E37E0A598BD98B07CFC115
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OUQrWWn5H1qYMGMIAIliNORx0hU.roa
Signing time: Mon 14 Jul 2025 05:55:10 +0000
ROA not before: Mon 14 Jul 2025 05:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401075
IP address blocks: 37.202.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Jul 2025 20:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:80:5e:ac:41:e3:7e:0a:59:8b:d9:8b:07:cf:c1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 14 05:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39442b5969f91f5a9830630800896234e471d215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d5:8a:ad:e9:c6:1a:e9:f9:f2:a3:64:98:ec:
a5:05:0b:ef:7a:48:77:91:ed:c2:17:c9:73:9e:d9:
3d:e8:35:9d:07:76:47:89:4e:6a:6a:ff:87:b0:84:
60:6b:66:78:2b:55:f6:85:80:c6:7f:e5:a4:e7:da:
df:a5:af:a8:00:e4:be:e9:fd:0b:46:41:33:b1:ed:
ed:e1:bc:38:fa:bb:a6:cf:d7:09:c3:88:63:90:6c:
b9:14:93:fc:4b:e4:71:f5:a7:c9:ee:ee:16:35:3e:
6b:37:54:96:76:1d:9e:8d:59:dc:b9:d9:66:47:4a:
3b:24:fe:1e:e9:f6:d1:0a:c9:1d:6d:2b:e1:90:f2:
0f:07:40:9a:59:6d:29:9b:4c:f7:36:c1:95:74:b4:
d8:6e:22:f4:eb:7c:47:98:34:73:e6:b9:9c:50:e0:
7d:bb:e2:c3:b7:a1:0a:5e:07:44:df:df:eb:0c:46:
93:85:d8:53:52:b9:e5:ff:52:d1:be:16:5d:6b:b7:
e5:86:ee:18:75:56:af:f2:7d:10:69:a8:cf:ad:1f:
de:2e:cf:bc:12:e8:cc:0e:95:75:79:af:1a:aa:31:
e3:aa:69:3b:dc:4a:a1:63:b2:91:66:de:81:18:a9:
d9:e7:8e:73:1f:6c:35:ef:be:4d:4e:0a:35:0a:21:
bc:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:44:2B:59:69:F9:1F:5A:98:30:63:08:00:89:62:34:E4:71:D2:15
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OUQrWWn5H1qYMGMIAIliNORx0hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.200.0/24
Signature Algorithm: sha256WithRSAEncryption
96:fd:83:7d:b6:1f:5c:8d:d1:4a:5e:be:f1:75:08:f6:1e:a5:
34:84:15:17:a2:25:e4:1f:67:66:4f:98:a5:fb:2e:bd:d0:05:
b5:2f:a1:a1:1f:a6:0c:91:2e:03:3c:91:3c:f6:ac:fe:23:d9:
90:9d:4a:9b:ac:cc:f3:c4:15:6c:f0:88:ae:79:21:a1:d0:8b:
08:09:e3:ed:5b:74:d3:97:6d:60:c7:2d:2c:13:9a:0d:c3:18:
b6:4b:6a:d8:4a:71:ee:cb:f6:1f:9b:c4:da:57:a9:23:2c:5f:
db:fb:a0:de:4e:05:56:e6:29:b4:57:75:70:21:18:aa:dc:5f:
d0:81:e7:64:6c:a8:d1:fb:27:a1:3e:1f:22:71:70:b0:ae:0e:
87:4e:5d:20:4c:50:76:d7:e2:0f:ab:9b:6c:db:52:4e:6d:bf:
43:1a:73:15:ba:ab:35:d9:5c:d9:3d:5e:29:2a:48:a2:d7:14:
13:e0:d2:6e:32:4a:26:44:fd:3f:1b:84:bf:6d:39:ba:41:42:
04:3e:9a:f0:36:42:d1:9b:0d:e6:ab:67:49:5b:6b:a8:c9:65:
40:22:70:cd:dc:3c:be:ce:e6:e2:2c:9e:80:fc:a4:26:fb:7b:
1f:84:55:cd:f8:51:a7:58:7d:9f:9d:09:f8:09:f6:98:ec:77:
56:ab:bf:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgHgF6sQeN+ClmL2YsHz8EVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE0MDU1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ0MmI1OTY5ZjkxZjVhOTgzMDYzMDgwMDg5NjIzNGU0NzFkMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNWKrenGGun58qNkmOylBQvvekh3
ke3CF8lzntk96DWdB3ZHiU5qav+HsIRga2Z4K1X2hYDGf+Wk59rfpa+oAOS+6f0L
RkEzse3t4bw4+rumz9cJw4hjkGy5FJP8S+Rx9afJ7u4WNT5rN1SWdh2ejVncudlm
R0o7JP4e6fbRCskdbSvhkPIPB0CaWW0pm0z3NsGVdLTYbiL063xHmDRz5rmcUOB9
u+LDt6EKXgdE39/rDEaThdhTUrnl/1LRvhZda7flhu4YdVav8n0QaajPrR/eLs+8
EujMDpV1ea8aqjHjqmk73EqhY7KRZt6BGKnZ545zH2w1775NTgo1CiG89QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlEK1lp+R9amDBjCACJYjTkcdIVMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT1VRcldXbjVIMXFZTUdNSUFJbGlOT1J4MGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrIMA0G
CSqGSIb3DQEBCwUAA4IBAQCW/YN9th9cjdFKXr7xdQj2HqU0hBUXoiXkH2dmT5il
+y690AW1L6GhH6YMkS4DPJE89qz+I9mQnUqbrMzzxBVs8IiueSGh0IsICePtW3TT
l21gxy0sE5oNwxi2S2rYSnHuy/Yfm8TaV6kjLF/b+6DeTgVW5im0V3VwIRiq3F/Q
gedkbKjR+yehPh8icXCwrg6HTl0gTFB21+IPq5ts21JObb9DGnMVuqs12VzZPV4p
Kkii1xQT4NJuMkomRP0/G4S/bTm6QUIEPprwNkLRmw3mq2dJW2uoyWVAInDN3Dy+
zubiLJ6A/KQm+3sfhFXN+FGnWH2fnQn4CfaY7HdWq787
-----END CERTIFICATE-----
Generated at Thu Jul 17 05:14:45 2025 by rpki-client