Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/o9mceQYqtFoKzwvzdeJ1jBL3f3Y.roa
File: o9mceQYqtFoKzwvzdeJ1jBL3f3Y.roa (raw, json)
Hash identifier: c07LpCr3xRVa6EUSM5mUWsvcrH95psy0xlLsOm8yViU=
Subject key identifier: A3:D9:9C:79:06:2A:B4:5A:0A:CF:0B:F3:75:E2:75:8C:12:F7:7F:76
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 0198A2489D3F81804ACF093266E91CFFCBC8
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/o9mceQYqtFoKzwvzdeJ1jBL3f3Y.roa
Signing time: Wed 13 Aug 2025 07:15:24 +0000
ROA not before: Wed 13 Aug 2025 07:15:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 45.147.156.0/24 maxlen: 24
45.147.157.0/24 maxlen: 24
45.147.158.0/24 maxlen: 24
77.111.116.0/24 maxlen: 24
77.111.121.0/24 maxlen: 24
92.61.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:48:9d:3f:81:80:4a:cf:09:32:66:e9:1c:ff:cb:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Aug 13 07:15:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3d99c79062ab45a0acf0bf375e2758c12f77f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:74:61:c1:97:c6:fd:80:2a:0d:88:1e:3c:47:
a8:08:f7:cb:32:87:b5:7d:b1:64:53:50:c5:65:0d:
66:41:db:8d:ad:25:d4:2f:a8:dd:a6:fe:fe:e5:63:
2b:2e:03:6f:ad:11:fa:56:4c:94:6a:e7:d9:e6:f7:
a6:16:20:99:35:6c:df:b6:d3:83:2c:bf:c1:de:29:
8b:1d:d7:03:30:ce:6d:b6:3b:35:02:7c:76:c9:db:
77:a0:77:f3:1d:70:1a:ac:c3:0b:13:f9:f0:97:f2:
e7:0c:a5:5f:01:cf:b5:73:dd:c6:0b:98:ee:b0:d5:
e0:39:cb:79:6a:ce:96:ae:34:f8:15:31:49:c2:c1:
2c:96:a8:c8:55:91:5a:d6:dd:42:1d:93:e5:65:59:
f9:d8:5d:de:4f:5b:28:02:5e:60:ce:2c:29:55:cc:
8c:35:6e:44:b1:eb:73:6b:d8:f3:4e:55:ba:3a:f3:
01:ff:21:5b:49:e9:27:2d:d3:dc:13:8c:82:05:2f:
e4:15:a7:13:be:f1:62:a9:ed:77:80:15:63:bd:61:
5b:2c:bd:db:4e:1d:6f:c0:7c:bd:0a:74:61:cf:cb:
cf:ed:52:37:37:cd:fe:fc:71:7c:bc:74:46:47:a4:
d3:1c:8e:e4:b1:af:98:f0:0a:ae:26:b3:0b:96:e6:
65:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:9C:79:06:2A:B4:5A:0A:CF:0B:F3:75:E2:75:8C:12:F7:7F:76
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/o9mceQYqtFoKzwvzdeJ1jBL3f3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.156.0-45.147.158.255
77.111.116.0/24
77.111.121.0/24
92.61.102.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:69:13:88:32:53:c9:a5:92:a6:8f:3d:31:af:8b:b6:96:56:
4b:49:18:da:8a:4a:2a:b2:89:1c:82:e8:d3:d4:f5:87:77:59:
55:c5:d2:d9:5b:42:81:fc:fb:4e:df:b4:85:13:5c:e2:f3:a4:
cd:c5:f3:7b:eb:cb:f4:a3:61:8d:dc:2f:fc:e7:63:00:b8:e8:
6a:e9:e0:ab:13:f3:a5:1f:7d:83:ba:39:30:2e:99:73:f5:28:
30:eb:d0:db:11:2d:41:e4:9f:bf:35:22:35:55:00:d1:d0:e7:
41:06:9a:79:70:28:da:1d:9b:64:21:17:d3:ed:49:3b:dc:dc:
4b:67:9d:0e:cf:e1:9b:08:72:5b:70:3e:1b:d9:89:bb:a9:43:
b8:f9:a1:94:ad:31:9d:ff:25:96:41:ab:7e:1a:d2:aa:22:c1:
d4:fb:fc:d4:a6:f8:12:cb:49:f8:f8:c9:8c:58:bb:8e:35:fe:
94:4b:67:51:b1:c6:68:0d:53:b1:bc:25:24:c2:fb:bd:37:3d:
4c:50:e4:57:5f:0d:7c:8c:dc:1c:7e:f6:a8:5e:85:a7:43:04:
6b:bf:28:57:5f:7e:02:46:53:0e:8b:ce:1e:a2:b9:83:11:63:
4f:47:ce:3d:b9:89:68:be:bb:3a:6d:e9:cc:ad:ba:71:3b:cd:
5d:bc:05:45
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZiiSJ0/gYBKzwkyZukc/8vIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjUwODEzMDcxNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5OWM3OTA2MmFiNDVhMGFjZjBiZjM3NWUyNzU4YzEyZjc3Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXRhwZfG/YAqDYgePEeoCPfLMoe1
fbFkU1DFZQ1mQduNrSXUL6jdpv7+5WMrLgNvrRH6VkyUaufZ5vemFiCZNWzfttOD
LL/B3imLHdcDMM5ttjs1Anx2ydt3oHfzHXAarMMLE/nwl/LnDKVfAc+1c93GC5ju
sNXgOct5as6WrjT4FTFJwsEslqjIVZFa1t1CHZPlZVn52F3eT1soAl5gziwpVcyM
NW5Esetza9jzTlW6OvMB/yFbSeknLdPcE4yCBS/kFacTvvFiqe13gBVjvWFbLL3b
Th1vwHy9CnRhz8vP7VI3N83+/HF8vHRGR6TTHI7ksa+Y8AquJrMLluZlyQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKPZnHkGKrRaCs8L83XidYwS9392MB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvbzltY2VRWXF0Rm9Lend2emRlSjFqQkwzZjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAItk5wD
BAAtk54DBABNb3QDBABNb3kDBABcPWYwDQYJKoZIhvcNAQELBQADggEBAE1pE4gy
U8mlkqaPPTGvi7aWVktJGNqKSiqyiRyC6NPU9Yd3WVXF0tlbQoH8+07ftIUTXOLz
pM3F83vry/SjYY3cL/znYwC46Grp4KsT86UffYO6OTAumXP1KDDr0NsRLUHkn781
IjVVANHQ50EGmnlwKNodm2QhF9PtSTvc3EtnnQ7P4ZsIcltwPhvZibupQ7j5oZSt
MZ3/JZZBq34a0qoiwdT7/NSm+BLLSfj4yYxYu441/pRLZ1GxxmgNU7G8JSTC+703
PUxQ5FdfDXyM3Bx+9qhehadDBGu/KFdffgJGUw6Lzh6iuYMRY09Hzj25iWi+uzpt
6cytunE7zV28BUU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:36:52 2025 by rpki-client