Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/OocR_iUkrj-J-FM6f_TzX7UrgMA.roa
File: OocR_iUkrj-J-FM6f_TzX7UrgMA.roa (raw, json)
Hash identifier: hmTut/fJ4LvrsDikYOm9f3fwTrbmtYAESYxYRyr65qI=
Subject key identifier: 3A:87:11:FE:25:24:AE:3F:89:F8:53:3A:7F:F4:F3:5F:B5:2B:80:C0
Certificate issuer: /CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Certificate serial: 01987F53901D900541043D3B156B43B51A70
Authority key identifier: 5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/OocR_iUkrj-J-FM6f_TzX7UrgMA.roa
Signing time: Wed 06 Aug 2025 12:20:39 +0000
ROA not before: Wed 06 Aug 2025 12:20:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28876
IP address blocks: 81.89.160.0/20 maxlen: 21
217.24.48.0/20 maxlen: 20
217.24.48.0/21 maxlen: 21
217.24.56.0/21 maxlen: 21
2a00:9d80::/32 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:53:90:1d:90:05:41:04:3d:3b:15:6b:43:b5:1a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8cb6da358a8d2d270c305f8b61f3c990d5766e
Validity
Not Before: Aug 6 12:20:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a8711fe2524ae3f89f8533a7ff4f35fb52b80c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fb:79:4b:06:65:8a:d4:64:43:fa:12:71:6c:
3d:02:2e:93:d2:17:c2:c5:62:d6:96:60:47:f2:bc:
77:ab:9f:7e:21:a8:9b:f9:d5:09:06:04:22:97:f1:
86:3d:34:2e:ce:75:58:cb:47:71:0b:c4:16:79:91:
7e:bb:d0:83:60:2d:85:f5:5e:2f:c0:e6:b4:f7:34:
be:35:ce:3f:14:a6:0d:77:28:a1:b2:35:76:3f:f6:
49:e9:08:4d:a4:36:63:4a:2a:ef:6c:69:6f:95:de:
d6:2e:53:21:2e:24:22:be:61:6a:dd:2e:ca:35:a2:
ab:20:e1:0b:94:67:ee:1a:2f:9a:37:55:27:e8:30:
49:4f:3e:d5:96:ec:38:fc:2e:be:c6:bf:5f:10:77:
27:12:c4:e1:ef:66:6e:fc:83:94:33:9e:d4:12:d0:
67:95:69:97:cd:f0:a3:48:57:44:1b:83:54:db:6c:
8d:2c:c4:ba:4a:0f:af:17:6a:6f:5f:64:88:90:ef:
78:53:c2:9c:c5:86:ae:5d:44:7b:9e:ae:8f:b8:1d:
4c:bc:70:33:7a:d3:f0:08:b5:20:48:62:c1:7e:39:
f8:7f:fe:ed:05:3c:d3:1f:ef:35:18:2d:28:b4:f7:
3d:eb:8c:cd:18:99:6e:16:e2:2d:b3:54:06:b9:32:
df:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:87:11:FE:25:24:AE:3F:89:F8:53:3A:7F:F4:F3:5F:B5:2B:80:C0
X509v3 Authority Key Identifier:
keyid:5E:8C:B6:DA:35:8A:8D:2D:27:0C:30:5F:8B:61:F3:C9:90:D5:76:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xoy22jWKjS0nDDBfi2HzyZDVdm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/OocR_iUkrj-J-FM6f_TzX7UrgMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f02661-b591-4f5e-b369-f74a5f2bcb47/1/Xoy22jWKjS0nDDBfi2HzyZDVdm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.160.0/20
217.24.48.0/20
IPv6:
2a00:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
25:90:55:37:15:f5:c3:e6:02:b9:01:52:ad:02:d1:2f:de:2f:
84:d1:73:fd:6d:65:7f:b4:61:e0:23:33:80:a1:d3:fd:88:a3:
61:b4:83:a1:d7:71:56:e7:06:b9:c7:e5:78:45:68:01:9f:8b:
60:11:6c:b8:e1:e6:d8:7b:17:70:9f:83:a4:ce:e5:43:06:9c:
51:0f:b7:82:fa:af:c2:e4:fb:bb:52:e0:a2:21:5f:a1:af:ff:
2e:8c:0b:67:c4:13:28:b4:cd:4d:82:be:a1:28:bc:db:89:43:
fc:ca:d1:6e:09:e1:08:c8:f2:e8:17:e3:8c:41:89:aa:bd:16:
83:9e:6f:2c:34:0e:12:2c:27:9d:4a:05:37:c0:cc:c1:4f:23:
ba:37:06:79:42:ea:47:f3:71:c7:1b:f4:75:33:46:93:0a:e9:
11:ce:ca:28:17:c9:e3:47:22:f8:12:a7:a4:5f:df:4e:ba:fe:
5e:e6:f3:f0:60:d0:1b:b8:65:22:43:0e:1c:0f:1f:a0:ca:a1:
a7:a1:fd:1b:b5:3c:87:6f:48:67:3d:0c:ee:76:f4:50:13:27:
b4:46:cc:e5:bb:44:72:34:a4:10:64:02:21:86:e3:16:9d:a5:
1b:c6:61:eb:cf:52:c2:c8:26:28:10:f2:74:f6:09:08:b9:4e:
86:bd:c4:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZh/U5AdkAVBBD07FWtDtRpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGNiNmRhMzU4YThkMmQyNzBjMzA1ZjhiNjFmM2M5OTBk
NTc2NmUwHhcNMjUwODA2MTIyMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTg3MTFmZTI1MjRhZTNmODlmODUzM2E3ZmY0ZjM1ZmI1MmI4MGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApft5SwZlitRkQ/oScWw9Ai6T0hfC
xWLWlmBH8rx3q59+Iaib+dUJBgQil/GGPTQuznVYy0dxC8QWeZF+u9CDYC2F9V4v
wOa09zS+Nc4/FKYNdyihsjV2P/ZJ6QhNpDZjSirvbGlvld7WLlMhLiQivmFq3S7K
NaKrIOELlGfuGi+aN1Un6DBJTz7Vluw4/C6+xr9fEHcnEsTh72Zu/IOUM57UEtBn
lWmXzfCjSFdEG4NU22yNLMS6Sg+vF2pvX2SIkO94U8KcxYauXUR7nq6PuB1MvHAz
etPwCLUgSGLBfjn4f/7tBTzTH+81GC0otPc964zNGJluFuIts1QGuTLfLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDqHEf4lJK4/ifhTOn/081+1K4DAMB8GA1UdIwQY
MBaAFF6Mtto1io0tJwwwX4th88mQ1XZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjkt
Zjc0YTVmMmJjYjQ3LzEvT29jUl9pVWtyai1KLUZNNmZfVHpYN1VyZ01BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mMDI2NjEtYjU5MS00ZjVlLWIzNjktZjc0YTVmMmJjYjQ3
LzEvWG95MjJqV0tqUzBuRERCZmkySHp5WkRWZG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEUVmgAwQE
2RgwMA0EAgACMAcDBQAqAJ2AMA0GCSqGSIb3DQEBCwUAA4IBAQAlkFU3FfXD5gK5
AVKtAtEv3i+E0XP9bWV/tGHgIzOAodP9iKNhtIOh13FW5wa5x+V4RWgBn4tgEWy4
4ebYexdwn4OkzuVDBpxRD7eC+q/C5Pu7UuCiIV+hr/8ujAtnxBMotM1Ngr6hKLzb
iUP8ytFuCeEIyPLoF+OMQYmqvRaDnm8sNA4SLCedSgU3wMzBTyO6NwZ5QupH83HH
G/R1M0aTCukRzsooF8njRyL4EqekX99Ouv5e5vPwYNAbuGUiQw4cDx+gyqGnof0b
tTyHb0hnPQzudvRQEye0Rszlu0RyNKQQZAIhhuMWnaUbxmHrz1LCyCYoEPJ09gkI
uU6GvcQE
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:39:50 2025 by rpki-client