Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oLlpic8oiHMUypC2hgRMeL8sZeM.roa
File: oLlpic8oiHMUypC2hgRMeL8sZeM.roa (raw, json)
Hash identifier: gjf65vRAJzCPG145ULDdmw2S6DPQqwIxgOo2vrKsH1s=
Subject key identifier: A0:B9:69:89:CF:28:88:73:14:CA:90:B6:86:04:4C:78:BF:2C:65:E3
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 0198CE61AC4D3A2BE9803A4B935952EDFE75
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oLlpic8oiHMUypC2hgRMeL8sZeM.roa
Signing time: Thu 21 Aug 2025 20:46:04 +0000
ROA not before: Thu 21 Aug 2025 20:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 146.247.104.0/24 maxlen: 24
146.247.107.0/24 maxlen: 24
146.247.119.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ce:61:ac:4d:3a:2b:e9:80:3a:4b:93:59:52:ed:fe:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Aug 21 20:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0b96989cf28887314ca90b686044c78bf2c65e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:02:b0:d6:9c:c7:66:6e:1f:8f:53:e3:d8:9a:
1e:20:64:df:32:15:70:f7:4f:23:43:4d:ca:64:18:
87:81:3a:31:e3:cc:e6:e8:da:1d:41:65:55:34:82:
b7:2a:6b:84:f9:6c:1f:38:ab:f5:07:14:fd:37:59:
eb:e5:61:d3:ce:25:f6:55:70:09:d3:06:74:12:8b:
20:44:25:71:bc:a8:57:e5:12:82:ad:54:8e:55:3f:
18:b6:10:91:9b:53:7b:5a:9b:fd:d8:31:d8:72:bc:
52:cc:2b:b9:fa:7f:1a:5f:29:14:3d:16:8c:70:92:
f2:e8:dc:39:91:2f:90:1d:2d:13:af:d4:65:01:75:
07:ba:2c:ae:f0:5f:6d:93:04:8b:e5:83:89:63:c6:
b0:82:25:38:f1:77:8a:81:86:89:6c:8f:b0:a2:13:
4e:d1:c6:19:71:51:72:04:ee:59:7f:2a:4d:a7:5e:
b6:f8:6f:03:24:1a:6d:ec:9d:bb:20:c9:99:6a:d5:
ae:2c:6c:42:59:cd:9f:a9:1d:da:be:a1:b4:85:73:
c9:8a:ff:64:f7:c5:05:f5:47:cf:d3:ba:14:13:12:
a0:60:8d:b7:d0:4d:54:01:4c:5d:29:f8:2e:c0:72:
3f:65:e3:3f:aa:fc:50:88:d9:9c:f8:6c:0e:47:83:
9c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B9:69:89:CF:28:88:73:14:CA:90:B6:86:04:4C:78:BF:2C:65:E3
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oLlpic8oiHMUypC2hgRMeL8sZeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.104.0/24
146.247.107.0/24
146.247.119.0/24
146.247.127.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e5:22:33:89:e7:60:80:15:1d:b6:87:06:c4:ce:12:80:da:
26:2c:ae:9f:df:ae:e5:c0:25:61:96:a5:e3:d0:32:25:01:e7:
a6:f9:06:77:e7:d4:11:d6:9a:88:29:15:d8:8d:64:97:f9:82:
75:1d:09:9c:7c:65:c5:e8:d6:26:76:ed:93:2b:5c:84:29:50:
fb:b1:b4:50:a0:17:52:7f:76:95:05:40:28:2c:69:3f:cf:50:
68:92:9c:c1:5a:59:fd:f6:e4:4f:8f:2e:87:cc:8d:de:41:5a:
c6:8e:a0:41:c6:f9:12:a4:4b:ea:ff:0a:9e:ab:5c:7c:3a:5a:
ad:8f:56:76:de:91:0d:e6:54:ae:e0:de:63:7d:5b:e4:23:a6:
d1:69:64:67:ae:0d:a5:7f:89:c3:7e:9d:4e:90:59:28:02:e9:
2d:ed:b2:e2:7b:93:5b:16:78:89:e6:2c:69:87:44:3c:df:b3:
4a:9a:6d:d6:78:3d:58:93:05:8e:8c:44:83:01:6f:fa:12:2e:
e2:22:db:ce:b9:65:76:7f:60:28:e0:f1:44:fe:32:3f:e5:52:
76:d2:8c:58:94:b1:46:52:ef:e0:2a:ee:2e:16:f4:33:d1:cc:
cf:b6:f7:66:13:b6:35:69:b8:83:f1:50:07:ec:ac:2c:1e:77:
12:1f:f9:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjOYaxNOivpgDpLk1lS7f51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjUwODIxMjA0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI5Njk4OWNmMjg4ODczMTRjYTkwYjY4NjA0NGM3OGJmMmM2NWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjgKw1pzHZm4fj1Pj2JoeIGTfMhVw
908jQ03KZBiHgTox48zm6NodQWVVNIK3KmuE+WwfOKv1BxT9N1nr5WHTziX2VXAJ
0wZ0EosgRCVxvKhX5RKCrVSOVT8YthCRm1N7Wpv92DHYcrxSzCu5+n8aXykUPRaM
cJLy6Nw5kS+QHS0Tr9RlAXUHuiyu8F9tkwSL5YOJY8awgiU48XeKgYaJbI+wohNO
0cYZcVFyBO5ZfypNp162+G8DJBpt7J27IMmZatWuLGxCWc2fqR3avqG0hXPJiv9k
98UF9UfP07oUExKgYI230E1UAUxdKfguwHI/ZeM/qvxQiNmc+GwOR4OcxwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKC5aYnPKIhzFMqQtoYETHi/LGXjMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvb0xscGljOG9pSE1VeXBDMmhnUk1lTDhzWmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkvdoAwQA
kvdrAwQAkvd3AwQAkvd/MA0GCSqGSIb3DQEBCwUAA4IBAQA75SIziedggBUdtocG
xM4SgNomLK6f367lwCVhlqXj0DIlAeem+QZ359QR1pqIKRXYjWSX+YJ1HQmcfGXF
6NYmdu2TK1yEKVD7sbRQoBdSf3aVBUAoLGk/z1BokpzBWln99uRPjy6HzI3eQVrG
jqBBxvkSpEvq/wqeq1x8Olqtj1Z23pEN5lSu4N5jfVvkI6bRaWRnrg2lf4nDfp1O
kFkoAukt7bLie5NbFniJ5ixph0Q837NKmm3WeD1YkwWOjESDAW/6Ei7iItvOuWV2
f2Ao4PFE/jI/5VJ20oxYlLFGUu/gKu4uFvQz0czPtvdmE7Y1abiD8VAH7KwsHncS
H/kL
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:04:09 2025 by rpki-client