Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OYrVr5kw4et8uhaEZ8VwQzkeYB4.roa
File: OYrVr5kw4et8uhaEZ8VwQzkeYB4.roa (raw, json)
Hash identifier: NpQ1lKS5Avh90ZFGIapPAsKnyGXCoOi4nJyHyt+hdqs=
Subject key identifier: 39:8A:D5:AF:99:30:E1:EB:7C:BA:16:84:67:C5:70:43:39:1E:60:1E
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 019687CE5D232B0709C78CFD3107DA011A72
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OYrVr5kw4et8uhaEZ8VwQzkeYB4.roa
Signing time: Wed 30 Apr 2025 17:46:10 +0000
ROA not before: Wed 30 Apr 2025 17:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 132892
IP address blocks: 141.101.88.0/24 maxlen: 24
141.101.89.0/24 maxlen: 24
2a06:98c0:3600::/48 maxlen: 48
2a06:98c0:3601::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:3608::/48 maxlen: 48
2a06:98c0:3609::/48 maxlen: 48
2a06:98c0:360a::/48 maxlen: 48
2a06:98c0:360b::/48 maxlen: 48
2a06:98c0:360c::/48 maxlen: 48
2a06:98c0:360d::/48 maxlen: 48
2a06:98c0:360f::/48 maxlen: 48
2a06:98c0:3610::/48 maxlen: 48
2a06:98c0:3611::/48 maxlen: 48
2a06:98c0:3613::/48 maxlen: 48
2a06:98c0:3614::/48 maxlen: 48
2a06:98c0:3615::/48 maxlen: 48
2a06:98c0:3617::/48 maxlen: 48
2a06:98c0:361c::/48 maxlen: 48
2a06:98c0:361d::/48 maxlen: 48
2a06:98c0:361f::/48 maxlen: 48
2a06:98c0:3620::/48 maxlen: 48
2a06:98c0:3621::/48 maxlen: 48
2a06:98c0:3622::/48 maxlen: 48
2a06:98c0:3623::/48 maxlen: 48
2a06:98c0:3624::/48 maxlen: 48
2a06:98c0:3625::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 17 May 2025 20:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:ce:5d:23:2b:07:09:c7:8c:fd:31:07:da:01:1a:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Apr 30 17:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=398ad5af9930e1eb7cba168467c57043391e601e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1b:67:5a:79:fc:11:6b:27:68:e5:2a:5a:a5:
a0:64:c9:e8:3c:7b:6f:e7:e4:28:5d:6c:00:f1:c8:
eb:17:6f:31:ae:73:21:17:45:85:7f:4b:ec:ec:db:
b6:eb:ba:bf:80:48:8d:1e:cc:e3:24:14:f7:55:64:
31:8b:d3:e5:3d:59:0b:46:04:a5:52:d0:82:dd:b6:
72:ab:c2:60:5e:c0:bb:ad:d1:a1:bb:cc:25:20:ee:
f9:74:20:4a:88:2d:0a:45:08:da:f5:8e:2b:52:29:
fc:50:42:0d:fd:20:f6:b9:ea:77:ee:ef:53:2f:ac:
d6:18:61:14:cc:ad:d8:80:0a:40:04:ef:a7:c2:72:
fa:b7:eb:19:93:6a:31:e9:cb:b2:77:ed:12:51:1d:
55:a6:eb:c2:1c:be:33:15:f1:57:91:56:e4:2e:74:
66:72:d2:73:25:ad:48:31:d0:5d:69:57:fe:d6:01:
5e:c3:fc:ae:4c:13:b7:de:87:2d:a2:a9:74:b1:e4:
54:81:cf:d2:f3:20:1f:9c:bb:c0:ec:05:fb:48:83:
8a:b9:26:d7:71:ed:6e:f5:cd:4c:c6:fe:7d:fb:e0:
22:b6:8e:b5:41:f8:08:3b:ac:8c:45:ba:7d:1b:d1:
03:9a:14:e2:21:a7:7c:f8:f5:b0:49:34:9f:1c:43:
21:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8A:D5:AF:99:30:E1:EB:7C:BA:16:84:67:C5:70:43:39:1E:60:1E
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/OYrVr5kw4et8uhaEZ8VwQzkeYB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.88.0/23
IPv6:
2a06:98c0:3600::-2a06:98c0:360d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360f::-2a06:98c0:3611:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3613::-2a06:98c0:3615:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3617::/48
2a06:98c0:361c::/47
2a06:98c0:361f::-2a06:98c0:3625:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7d:c8:62:a0:d3:bc:a8:90:b1:cc:2a:6f:10:58:5e:4b:ae:d8:
e0:17:e7:54:be:16:67:c7:4b:94:2c:7c:81:3f:86:89:b9:d9:
3a:e3:c7:b5:fd:f9:a1:88:95:f7:67:06:99:0a:73:32:3b:7a:
d9:e8:43:ac:b8:7b:c6:90:d6:94:0b:64:cf:45:de:22:ac:d4:
91:28:65:5d:58:05:1d:9c:d4:00:fc:a6:18:96:e6:24:ae:92:
a0:1e:d9:10:71:37:75:16:04:50:72:15:0e:1f:a2:c0:54:72:
07:dd:2e:b3:01:ae:96:9d:f9:87:55:82:bb:56:a2:92:a9:82:
b1:b0:6e:31:65:2e:a0:50:64:11:34:ab:75:fb:1b:1d:55:71:
04:c8:58:55:d4:79:12:e1:76:13:95:b3:25:ec:c4:7c:bf:21:
58:53:7b:69:5c:a6:38:ba:4a:99:83:7b:74:b7:29:59:f1:dc:
26:ff:f6:2b:d1:dc:50:50:66:57:87:de:3b:d6:6f:fe:d7:1d:
79:22:40:05:dc:e7:ad:ac:33:f3:b2:65:6b:c2:2c:ed:bb:26:
df:a2:b4:27:b9:a6:49:9f:f1:02:ec:73:8c:f7:44:a3:94:18:
a8:39:97:8b:6b:22:d8:ec:df:6e:21:ee:a8:e1:75:6d:fa:cc:
df:6f:a3:26
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZaHzl0jKwcJx4z9MQfaARpyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjUwNDMwMTc0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThhZDVhZjk5MzBlMWViN2NiYTE2ODQ2N2M1NzA0MzM5MWU2MDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBtnWnn8EWsnaOUqWqWgZMnoPHtv
5+QoXWwA8cjrF28xrnMhF0WFf0vs7Nu267q/gEiNHszjJBT3VWQxi9PlPVkLRgSl
UtCC3bZyq8JgXsC7rdGhu8wlIO75dCBKiC0KRQja9Y4rUin8UEIN/SD2uep37u9T
L6zWGGEUzK3YgApABO+nwnL6t+sZk2ox6cuyd+0SUR1VpuvCHL4zFfFXkVbkLnRm
ctJzJa1IMdBdaVf+1gFew/yuTBO33octoql0seRUgc/S8yAfnLvA7AX7SIOKuSbX
ce1u9c1Mxv59++Aito61QfgIO6yMRbp9G9EDmhTiIad8+PWwSTSfHEMhJwIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFDmK1a+ZMOHrfLoWhGfFcEM5HmAeMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvT1lyVnI1a3c0ZXQ4dWhhRVo4VndRemtlWUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwDAQCAAEwBgMEAY1lWDBn
BAIAAjBhMBEDBgEqBpjANgMHASoGmMA2DDASAwcAKgaYwDYPAwcBKgaYwDYQMBID
BwAqBpjANhMDBwEqBpjANhQDBwAqBpjANhcDBwEqBpjANhwwEgMHACoGmMA2HwMH
ASoGmMA2JDANBgkqhkiG9w0BAQsFAAOCAQEAfchioNO8qJCxzCpvEFheS67Y4Bfn
VL4WZ8dLlCx8gT+GibnZOuPHtf35oYiV92cGmQpzMjt62ehDrLh7xpDWlAtkz0Xe
IqzUkShlXVgFHZzUAPymGJbmJK6SoB7ZEHE3dRYEUHIVDh+iwFRyB90uswGulp35
h1WCu1aikqmCsbBuMWUuoFBkETSrdfsbHVVxBMhYVdR5EuF2E5WzJezEfL8hWFN7
aVymOLpKmYN7dLcpWfHcJv/2K9HcUFBmV4feO9Zv/tcdeSJABdznrawz87Jla8Is
7bsm36K0J7mmSZ/xAuxzjPdEo5QYqDmXi2si2OzfbiHuqOF1bfrM32+jJg==
-----END CERTIFICATE-----
Generated at Sat May 17 06:10:56 2025 by rpki-client