Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/ohgVS6vR-4SGEXaj_tFUb-UB3m0.roa
File: ohgVS6vR-4SGEXaj_tFUb-UB3m0.roa (raw, json)
Hash identifier: FUu97z1QXGuNnK2gooake8eelYh7e6wKHA9hoFvMoKQ=
Subject key identifier: A2:18:15:4B:AB:D1:FB:84:86:11:76:A3:FE:D1:54:6F:E5:01:DE:6D
Certificate issuer: /CN=521a30077223c25c6f37dcf59480778c0b5b1068
Certificate serial: 0198BE712A3E4665E41B9F34A4963DEDA428
Authority key identifier: 52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/ohgVS6vR-4SGEXaj_tFUb-UB3m0.roa
Signing time: Mon 18 Aug 2025 18:29:04 +0000
ROA not before: Mon 18 Aug 2025 18:29:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206754
IP address blocks: 176.117.108.0/24 maxlen: 24
185.194.112.0/24 maxlen: 24
2a0a:4a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:be:71:2a:3e:46:65:e4:1b:9f:34:a4:96:3d:ed:a4:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521a30077223c25c6f37dcf59480778c0b5b1068
Validity
Not Before: Aug 18 18:29:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a218154babd1fb84861176a3fed1546fe501de6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:ab:dc:2f:f0:3f:ee:e0:f3:39:7f:19:92:
ed:a9:b5:50:85:a9:60:7a:28:b5:86:8f:9c:f8:8c:
17:da:58:5d:6d:b1:74:e8:38:89:35:ae:45:e7:cb:
33:72:3a:6d:f9:41:e9:be:25:8b:6c:f6:5d:25:50:
81:1f:f3:3d:1b:97:82:62:45:db:d4:56:ce:74:42:
38:f9:50:c5:36:30:ae:98:56:de:a3:ab:98:ab:b6:
0d:4d:d2:19:df:40:02:fb:c8:73:a2:b5:31:58:4f:
41:ae:24:80:1f:0b:df:5a:42:c7:57:58:b8:ae:ae:
1d:20:65:9e:02:4c:9c:84:50:9a:18:9f:52:ac:db:
73:74:12:25:84:f4:a9:32:eb:99:05:0d:ac:06:7b:
f1:8b:2c:e3:2e:f2:26:14:ea:07:56:94:8d:cf:5e:
52:27:72:de:11:81:d5:a1:87:8c:de:70:b7:d8:26:
58:23:ba:c4:6c:96:12:15:e9:ff:ed:94:f8:ee:ec:
06:f6:39:04:f1:96:ae:a8:41:89:83:62:aa:a1:e4:
a3:17:f1:c9:4a:8b:ee:d2:3d:c3:4f:e4:be:7d:ce:
c7:5e:72:e7:9d:65:c7:7c:b8:17:86:8c:8e:61:5d:
1a:1a:c3:b7:c7:c9:7f:d2:ec:b0:dd:e0:5f:32:3d:
36:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:18:15:4B:AB:D1:FB:84:86:11:76:A3:FE:D1:54:6F:E5:01:DE:6D
X509v3 Authority Key Identifier:
keyid:52:1A:30:07:72:23:C2:5C:6F:37:DC:F5:94:80:77:8C:0B:5B:10:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhowB3IjwlxvN9z1lIB3jAtbEGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/ohgVS6vR-4SGEXaj_tFUb-UB3m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6b1151-b05a-4a02-a883-0f5f09b2eb14/1/UhowB3IjwlxvN9z1lIB3jAtbEGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.108.0/24
185.194.112.0/24
IPv6:
2a0a:4a40::/29
Signature Algorithm: sha256WithRSAEncryption
54:66:fd:49:a6:1f:ce:44:6a:00:9c:7c:ba:29:b3:17:62:e8:
e0:28:46:35:59:10:4a:ad:3b:59:35:b3:7c:fd:f2:4a:b8:c6:
74:e4:04:4b:35:0f:a1:ce:50:2b:ec:6c:29:f3:af:9d:f0:68:
0a:fb:16:83:39:47:6d:0a:a7:ef:50:0d:4c:ce:9b:00:5d:76:
0c:44:bc:18:5d:73:5b:bc:82:16:dc:45:92:33:af:c6:26:7c:
4c:1b:a1:ce:c7:ce:4a:e1:f1:2a:f3:7f:af:a1:f1:2d:9b:d0:
36:9a:0f:08:d0:ee:c8:94:7a:fe:e4:48:23:c8:22:2f:8e:ce:
03:1d:64:ed:62:50:0f:4c:25:63:b4:3e:32:3b:73:00:62:db:
4b:b0:3c:d6:80:20:fc:93:af:d0:c8:25:2b:7d:df:c5:93:fc:
76:ae:81:ab:cc:16:f6:ab:a3:a9:20:57:d9:75:03:fc:70:7b:
f7:2b:93:cd:a8:d4:14:c0:39:eb:6b:5a:0e:93:b2:b0:7b:35:
32:80:40:3f:82:63:fd:d7:3c:f5:cd:19:c2:3f:b0:96:8f:89:
24:44:a4:79:af:16:68:e1:5b:32:93:39:6b:05:fc:c3:37:dc:
6d:d5:0e:88:3f:a9:34:41:3f:e9:de:93:98:aa:53:61:47:15:
92:2c:12:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZi+cSo+RmXkG580pJY97aQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWEzMDA3NzIyM2MyNWM2ZjM3ZGNmNTk0ODA3NzhjMGI1
YjEwNjgwHhcNMjUwODE4MTgyOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjE4MTU0YmFiZDFmYjg0ODYxMTc2YTNmZWQxNTQ2ZmU1MDFkZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt6r3C/wP+7g8zl/GZLtqbVQhalg
eii1ho+c+IwX2lhdbbF06DiJNa5F58szcjpt+UHpviWLbPZdJVCBH/M9G5eCYkXb
1FbOdEI4+VDFNjCumFbeo6uYq7YNTdIZ30AC+8hzorUxWE9BriSAHwvfWkLHV1i4
rq4dIGWeAkychFCaGJ9SrNtzdBIlhPSpMuuZBQ2sBnvxiyzjLvImFOoHVpSNz15S
J3LeEYHVoYeM3nC32CZYI7rEbJYSFen/7ZT47uwG9jkE8ZauqEGJg2KqoeSjF/HJ
Sovu0j3DT+S+fc7HXnLnnWXHfLgXhoyOYV0aGsO3x8l/0uyw3eBfMj022wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKIYFUur0fuEhhF2o/7RVG/lAd5tMB8GA1UdIwQY
MBaAFFIaMAdyI8Jcbzfc9ZSAd4wLWxBoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMt
MGY1ZjA5YjJlYjE0LzEvb2hnVlM2dlItNFNHRVhhal90RlViLVVCM20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82YjExNTEtYjA1YS00YTAyLWE4ODMtMGY1ZjA5YjJlYjE0
LzEvVWhvd0IzSWp3bHh2Tjl6MWxJQjNqQXRiRUdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAsHVsAwQA
ucJwMA0EAgACMAcDBQMqCkpAMA0GCSqGSIb3DQEBCwUAA4IBAQBUZv1Jph/ORGoA
nHy6KbMXYujgKEY1WRBKrTtZNbN8/fJKuMZ05ARLNQ+hzlAr7Gwp86+d8GgK+xaD
OUdtCqfvUA1MzpsAXXYMRLwYXXNbvIIW3EWSM6/GJnxMG6HOx85K4fEq83+vofEt
m9A2mg8I0O7IlHr+5EgjyCIvjs4DHWTtYlAPTCVjtD4yO3MAYttLsDzWgCD8k6/Q
yCUrfd/Fk/x2roGrzBb2q6OpIFfZdQP8cHv3K5PNqNQUwDnra1oOk7KwezUygEA/
gmP91zz1zRnCP7CWj4kkRKR5rxZo4VsykzlrBfzDN9xt1Q6IP6k0QT/p3pOYqlNh
RxWSLBK0
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:29:29 2025 by rpki-client