Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OV9dPGBr9rAw2xSRglHWhMauwlg.roa
File: OV9dPGBr9rAw2xSRglHWhMauwlg.roa (raw, json)
Hash identifier: bzKwKZKAWKVcV4AZ5+o7pEBhLQ8+Skxz+y/ciYCTExU=
Subject key identifier: 39:5F:5D:3C:60:6B:F6:B0:30:DB:14:91:82:51:D6:84:C6:AE:C2:58
Certificate issuer: /CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Certificate serial: 0198D349C75B50804C94B617B09D8A43E524
Authority key identifier: C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OV9dPGBr9rAw2xSRglHWhMauwlg.roa
Signing time: Fri 22 Aug 2025 19:38:04 +0000
ROA not before: Fri 22 Aug 2025 19:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204490
IP address blocks: 2a0e:f04::/32 maxlen: 32
2a0e:f07::/32 maxlen: 32
2a11:15c1::/32 maxlen: 32
2a11:3180::/32 maxlen: 32
2a11:4a04::/32 maxlen: 32
2a11:4a07::/32 maxlen: 32
2a11:7883::/32 maxlen: 32
2a11:8500::/32 maxlen: 32
2a11:8507::/32 maxlen: 32
2a12:4144::/32 maxlen: 32
2a12:4147::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.mft
rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d3:49:c7:5b:50:80:4c:94:b6:17:b0:9d:8a:43:e5:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c38280c5300b74888ac7eb4bfa6417d9a2e7b0be
Validity
Not Before: Aug 22 19:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=395f5d3c606bf6b030db14918251d684c6aec258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:76:2f:b7:e9:5d:9f:a0:9d:73:97:5a:7d:52:
96:fe:10:32:64:aa:36:4a:16:4d:5b:2b:08:53:50:
e5:71:83:d1:f0:62:eb:84:6f:f6:3b:ae:bb:a4:a8:
48:f8:0f:6f:ba:9f:8a:a7:d2:41:95:4f:82:c0:e2:
28:51:1c:03:43:ed:4e:07:01:84:a2:ac:7a:a8:44:
30:4f:3b:34:e5:ca:b2:95:e2:1b:39:cf:32:de:7a:
57:ad:5a:e2:6e:6d:76:6a:41:0b:4a:dd:70:88:0e:
a3:d9:a6:21:e9:bf:c1:dc:36:59:a8:d2:5e:d7:e3:
c1:63:60:2a:c9:9f:76:a0:ba:c0:3e:fd:09:a8:80:
2e:39:93:97:66:8f:f4:08:b2:92:97:7a:e4:bc:a3:
d8:e6:29:cf:c6:04:a0:9d:32:c7:42:df:3e:36:29:
aa:86:f9:83:d0:7c:b0:cc:16:29:72:8b:de:b1:34:
b1:35:72:e0:34:44:06:79:19:48:91:7c:ea:d7:7e:
10:8b:c4:14:5b:b1:1a:68:ff:cc:e5:98:de:73:74:
0a:5c:cf:7d:70:a2:d7:19:3b:19:d4:1a:9e:1d:da:
61:7c:ff:a0:ca:cf:b1:3e:0c:90:19:14:21:3f:15:
18:61:d0:d8:70:42:67:8d:47:ba:d7:0b:3c:38:31:
b9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5F:5D:3C:60:6B:F6:B0:30:DB:14:91:82:51:D6:84:C6:AE:C2:58
X509v3 Authority Key Identifier:
keyid:C3:82:80:C5:30:0B:74:88:8A:C7:EB:4B:FA:64:17:D9:A2:E7:B0:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w4KAxTALdIiKx-tL-mQX2aLnsL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/OV9dPGBr9rAw2xSRglHWhMauwlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/897449-e9cf-4a79-89cf-41bb21ac2801/1/w4KAxTALdIiKx-tL-mQX2aLnsL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:f04::/32
2a0e:f07::/32
2a11:15c1::/32
2a11:3180::/32
2a11:4a04::/32
2a11:4a07::/32
2a11:7883::/32
2a11:8500::/32
2a11:8507::/32
2a12:4144::/32
2a12:4147::/32
Signature Algorithm: sha256WithRSAEncryption
c5:90:4d:da:9c:45:5c:b5:a8:74:bb:c0:4d:76:dc:bb:2a:24:
17:a6:25:4b:e4:46:ed:41:5f:07:10:20:c5:5e:6c:62:30:00:
94:db:6e:3b:78:f1:11:da:82:86:e2:e9:fd:c2:e4:ef:e2:04:
74:86:18:e8:da:60:cb:1c:7a:d4:59:cf:9e:18:05:94:9a:6b:
34:07:3f:a2:ef:0a:5c:e6:91:9a:85:ec:14:06:28:9d:3d:8d:
97:1f:08:27:13:ab:bc:be:06:42:9e:46:0e:19:9d:30:ce:15:
74:ef:4e:54:85:31:24:b4:a0:6d:3c:da:9b:35:18:59:8d:eb:
8b:34:46:33:74:a0:fd:a0:8b:85:a7:f4:0b:47:b6:cd:eb:61:
42:bd:77:8e:f9:27:fc:cb:60:22:c0:69:5a:f0:83:29:48:e9:
c7:bc:31:48:76:93:a9:62:a3:75:da:d2:e8:c7:7d:03:7b:70:
bb:c0:25:6c:8a:37:90:a1:4f:88:7b:b0:c6:78:a0:7c:fb:5d:
ab:0d:5a:26:07:df:0f:b8:2d:1f:5e:6e:d0:83:01:ad:2e:e8:
13:d7:38:aa:08:f0:c3:42:bc:b7:2a:4e:f0:e1:bd:37:9d:37:
f2:b1:91:38:cf:b4:4f:c2:be:5f:bb:d1:7e:66:18:83:0a:77:
62:a8:6a:c2
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZjTScdbUIBMlLYXsJ2KQ+UkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzODI4MGM1MzAwYjc0ODg4YWM3ZWI0YmZhNjQxN2Q5YTJl
N2IwYmUwHhcNMjUwODIyMTkzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVmNWQzYzYwNmJmNmIwMzBkYjE0OTE4MjUxZDY4NGM2YWVjMjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXYvt+ldn6Cdc5dafVKW/hAyZKo2
ShZNWysIU1DlcYPR8GLrhG/2O667pKhI+A9vup+Kp9JBlU+CwOIoURwDQ+1OBwGE
oqx6qEQwTzs05cqyleIbOc8y3npXrVribm12akELSt1wiA6j2aYh6b/B3DZZqNJe
1+PBY2AqyZ92oLrAPv0JqIAuOZOXZo/0CLKSl3rkvKPY5inPxgSgnTLHQt8+Nimq
hvmD0HywzBYpcovesTSxNXLgNEQGeRlIkXzq134Qi8QUW7EaaP/M5Zjec3QKXM99
cKLXGTsZ1BqeHdphfP+gys+xPgyQGRQhPxUYYdDYcEJnjUe61ws8ODG5vwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDlfXTxga/awMNsUkYJR1oTGrsJYMB8GA1UdIwQY
MBaAFMOCgMUwC3SIisfrS/pkF9mi57C+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2Yt
NDFiYjIxYWMyODAxLzEvT1Y5ZFBHQnI5ckF3MnhTUmdsSFdoTWF1d2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84OTc0NDktZTljZi00YTc5LTg5Y2YtNDFiYjIxYWMyODAx
LzEvdzRLQXhUQUxkSWlLeC10TC1tUVgyYUxuc0w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAAjBNAwUAKg4PBAMF
ACoODwcDBQAqERXBAwUAKhExgAMFACoRSgQDBQAqEUoHAwUAKhF4gwMFACoRhQAD
BQAqEYUHAwUAKhJBRAMFACoSQUcwDQYJKoZIhvcNAQELBQADggEBAMWQTdqcRVy1
qHS7wE123LsqJBemJUvkRu1BXwcQIMVebGIwAJTbbjt48RHagobi6f3C5O/iBHSG
GOjaYMscetRZz54YBZSaazQHP6LvClzmkZqF7BQGKJ09jZcfCCcTq7y+BkKeRg4Z
nTDOFXTvTlSFMSS0oG082ps1GFmN64s0RjN0oP2gi4Wn9AtHts3rYUK9d475J/zL
YCLAaVrwgylI6ce8MUh2k6lio3Xa0ujHfQN7cLvAJWyKN5ChT4h7sMZ4oHz7XasN
WiYH3w+4LR9ebtCDAa0u6BPXOKoI8MNCvLcqTvDhvTedN/KxkTjPtE/Cvl+70X5m
GIMKd2KoasI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:05:10 2025 by rpki-client