Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/ObJObOD6tkIrsjtPit83s8snVBw.roa
File: ObJObOD6tkIrsjtPit83s8snVBw.roa (raw, json)
Hash identifier: GiH6UCNIhz4rfsNfETy7cYwzvEXyf2BHh17DI++1Ies=
Subject key identifier: 39:B2:4E:6C:E0:FA:B6:42:2B:B2:3B:4F:8A:DF:37:B3:CB:27:54:1C
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 01997FD0F121ACA18B2B9A3E3E15A95F4CC5
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/ObJObOD6tkIrsjtPit83s8snVBw.roa
Signing time: Thu 25 Sep 2025 07:40:23 +0000
ROA not before: Thu 25 Sep 2025 07:40:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 88.83.96.0/24 maxlen: 24
88.83.104.0/24 maxlen: 24
88.83.106.0/24 maxlen: 24
88.83.109.0/24 maxlen: 24
88.83.111.0/24 maxlen: 24
88.83.116.0/24 maxlen: 24
88.83.118.0/23 maxlen: 24
88.83.124.0/23 maxlen: 24
88.83.126.0/24 maxlen: 24
195.80.1.0/24 maxlen: 24
195.80.2.0/24 maxlen: 24
195.80.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:d0:f1:21:ac:a1:8b:2b:9a:3e:3e:15:a9:5f:4c:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Sep 25 07:40:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39b24e6ce0fab6422bb23b4f8adf37b3cb27541c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:53:f3:26:c2:c7:45:98:32:56:d0:b0:1f:1a:
64:04:c1:c5:23:97:03:6b:51:1c:a5:db:8e:5f:0e:
62:fe:cf:87:be:a2:38:df:20:d0:f2:4a:32:fd:1b:
43:b3:07:cb:a1:18:42:bf:19:d0:35:09:9d:22:42:
97:06:75:ee:bb:79:55:27:5e:4a:ed:ad:c4:39:51:
58:ab:fd:89:c8:29:7d:ee:5c:05:83:5b:19:4f:a7:
55:5d:49:09:9f:a1:da:ff:87:ad:60:07:0a:c1:cf:
8f:e6:bf:62:7d:52:70:c6:d3:56:5b:58:83:b8:9f:
8d:55:5f:45:87:19:c6:1c:68:ae:61:82:e3:61:21:
5b:eb:d3:d0:85:78:53:f6:ae:a5:36:70:8a:b8:48:
e7:30:a7:2d:62:8b:00:7b:77:da:6c:8b:65:81:44:
6c:82:19:cd:c7:34:87:db:be:d3:1c:13:5a:97:1e:
c4:aa:da:4e:ca:8a:2b:4c:38:6d:da:a6:4b:9c:4b:
37:a7:6d:2a:a1:15:fe:fa:cc:ef:f7:f1:4e:5b:f0:
4c:90:ae:15:9f:13:ec:2e:1d:8e:d4:e3:cc:fa:77:
88:e3:e7:cd:af:8f:57:a1:93:e6:3b:2d:1c:69:05:
21:40:a6:84:06:3e:6f:bc:3d:76:3f:d7:04:80:77:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B2:4E:6C:E0:FA:B6:42:2B:B2:3B:4F:8A:DF:37:B3:CB:27:54:1C
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/ObJObOD6tkIrsjtPit83s8snVBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.83.96.0/24
88.83.104.0/24
88.83.106.0/24
88.83.109.0/24
88.83.111.0/24
88.83.116.0/24
88.83.118.0/23
88.83.124.0-88.83.126.255
195.80.1.0-195.80.2.255
195.80.14.0/23
Signature Algorithm: sha256WithRSAEncryption
07:5f:b0:06:aa:5a:c5:3c:3d:8a:8f:d0:43:64:2a:ef:69:a1:
6e:7d:9a:30:de:0e:f5:ff:27:eb:32:b4:ca:95:72:da:e0:57:
55:66:d5:7b:1d:27:d6:c1:2b:8f:19:7a:cc:73:19:cb:d3:74:
0c:bb:75:41:0d:70:4e:dd:1d:88:1f:ef:07:a6:61:9a:3c:d9:
ac:c7:3b:4c:4d:ea:4f:97:1e:e8:d5:86:b9:29:ac:78:f5:55:
2d:bb:78:0e:b7:ef:c6:9b:9c:65:08:26:ec:1f:c6:f9:26:61:
84:47:e3:48:38:18:f1:74:20:43:c1:7f:a0:46:05:c1:b6:de:
cf:c1:a2:30:b5:a9:45:ec:f9:90:1a:e8:fb:2b:d9:dc:58:3e:
ee:81:79:07:47:1d:28:9f:00:7f:03:c3:4a:6b:10:b2:8c:b9:
18:8b:1d:ac:5a:96:23:74:e0:d4:ba:48:14:e9:9b:f5:66:f7:
1a:25:a4:54:36:4d:6b:62:ec:84:d8:6c:9b:12:c7:a0:89:ac:
4f:21:48:e2:2b:15:0f:71:7e:db:3c:b4:8d:57:98:a2:62:c2:
23:32:2f:be:82:10:bf:13:d5:99:1d:62:94:57:de:27:3d:0c:
da:16:7e:b4:40:7c:0e:10:86:1c:81:3a:08:fb:57:22:3f:1c:
0c:37:a1:8c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZl/0PEhrKGLK5o+PhWpX0zFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwOTI1MDc0MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIyNGU2Y2UwZmFiNjQyMmJiMjNiNGY4YWRmMzdiM2NiMjc1NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllPzJsLHRZgyVtCwHxpkBMHFI5cD
a1EcpduOXw5i/s+HvqI43yDQ8koy/RtDswfLoRhCvxnQNQmdIkKXBnXuu3lVJ15K
7a3EOVFYq/2JyCl97lwFg1sZT6dVXUkJn6Ha/4etYAcKwc+P5r9ifVJwxtNWW1iD
uJ+NVV9FhxnGHGiuYYLjYSFb69PQhXhT9q6lNnCKuEjnMKctYosAe3fabItlgURs
ghnNxzSH277THBNalx7EqtpOyoorTDht2qZLnEs3p20qoRX++szv9/FOW/BMkK4V
nxPsLh2O1OPM+neI4+fNr49XoZPmOy0caQUhQKaEBj5vvD12P9cEgHeJrQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFDmyTmzg+rZCK7I7T4rfN7PLJ1QcMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvT2JKT2JPRDZ0a0lyc2p0UGl0ODNzOHNuVkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQAWFNgAwQA
WFNoAwQAWFNqAwQAWFNtAwQAWFNvAwQAWFN0AwQBWFN2MAwDBAJYU3wDBABYU34w
DAMEAMNQAQMEAMNQAgMEAcNQDjANBgkqhkiG9w0BAQsFAAOCAQEAB1+wBqpaxTw9
io/QQ2Qq72mhbn2aMN4O9f8n6zK0ypVy2uBXVWbVex0n1sErjxl6zHMZy9N0DLt1
QQ1wTt0diB/vB6ZhmjzZrMc7TE3qT5ce6NWGuSmsePVVLbt4DrfvxpucZQgm7B/G
+SZhhEfjSDgY8XQgQ8F/oEYFwbbez8GiMLWpRez5kBro+yvZ3Fg+7oF5B0cdKJ8A
fwPDSmsQsoy5GIsdrFqWI3Tg1LpIFOmb9Wb3GiWkVDZNa2LshNhsmxLHoImsTyFI
4isVD3F+2zy0jVeYomLCIzIvvoIQvxPVmR1ilFfeJz0M2hZ+tEB8DhCGHIE6CPtX
Ij8cDDehjA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:22:19 2025 by rpki-client