
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oRX7Y6Pj914WAp7rnqodS5u2ca8.roa
File: oRX7Y6Pj914WAp7rnqodS5u2ca8.roa (raw, json)
Hash identifier: oe6rATV3dmst397dzzXrIt+aYf/37RibyDHjgXpGCSU=
Subject key identifier: A1:15:FB:63:A3:E3:F7:5E:16:02:9E:EB:9E:AA:1D:4B:9B:B6:71:AF
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 0198CE61ACEBA71F13579B0A84EC33F636CE
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oRX7Y6Pj914WAp7rnqodS5u2ca8.roa
Signing time: Thu 21 Aug 2025 20:46:04 +0000
ROA not before: Thu 21 Aug 2025 20:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 146.247.106.0/24 maxlen: 24
146.247.108.0/24 maxlen: 24
146.247.111.0/24 maxlen: 24
146.247.112.0/23 maxlen: 23
146.247.114.0/24 maxlen: 24
146.247.115.0/24 maxlen: 24
146.247.116.0/24 maxlen: 24
146.247.117.0/24 maxlen: 24
146.247.118.0/24 maxlen: 24
146.247.120.0/24 maxlen: 24
146.247.121.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ce:61:ac:eb:a7:1f:13:57:9b:0a:84:ec:33:f6:36:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Aug 21 20:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a115fb63a3e3f75e16029eeb9eaa1d4b9bb671af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:35:be:2c:18:bf:44:7d:38:92:d6:33:a2:f0:
7c:02:2d:fc:96:6a:bf:04:16:ad:84:61:ac:cc:61:
34:25:55:d7:3a:8a:46:b6:df:22:75:e9:bc:11:20:
27:67:68:88:40:55:37:3e:bd:c6:d9:3d:60:be:68:
e9:5d:a3:6c:38:c0:ec:31:96:31:ff:5c:ce:15:40:
44:11:74:d3:cf:1f:24:5a:4b:5b:4e:a6:3d:56:21:
9d:59:c1:f2:d5:9e:99:01:38:91:4f:7a:18:cf:87:
31:13:4d:1a:da:e9:cb:c9:f8:b7:ca:e2:a6:a8:32:
77:4f:44:1f:70:13:37:62:6d:70:57:57:62:c3:c0:
07:da:ef:a7:7f:a1:12:72:c3:62:2b:16:59:c8:d6:
fc:c4:3e:be:1d:fc:d4:cf:3d:6d:fc:49:8e:d5:80:
ee:81:ff:d1:f0:d8:42:5b:12:17:ab:c0:0c:9a:fc:
74:ad:45:35:4a:db:c4:b9:e1:5e:cd:0c:d0:27:aa:
3b:18:55:51:01:f6:d1:75:16:63:93:02:b2:8d:d5:
82:5e:75:30:90:c5:62:30:af:8a:5d:50:04:41:12:
35:af:e0:a6:bf:86:f9:53:36:25:d9:91:e5:a2:c0:
7b:1d:35:e4:ef:f4:32:94:2a:de:8d:2c:6d:d6:19:
87:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:15:FB:63:A3:E3:F7:5E:16:02:9E:EB:9E:AA:1D:4B:9B:B6:71:AF
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/oRX7Y6Pj914WAp7rnqodS5u2ca8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.106.0/24
146.247.108.0/24
146.247.111.0-146.247.118.255
146.247.120.0-146.247.122.255
146.247.126.0/23
Signature Algorithm: sha256WithRSAEncryption
93:33:b8:b4:34:e9:a1:e6:04:ef:d0:44:5a:c0:ed:a3:2f:03:
05:39:35:33:61:59:19:27:79:c6:bf:e6:f5:1c:11:99:9a:a2:
6b:5f:9f:38:3a:fa:da:af:f1:ca:47:16:62:89:ff:66:e6:7d:
38:62:11:d3:87:54:cd:1d:b6:8b:e1:50:a2:51:d8:a0:5e:0a:
ba:85:08:b2:7e:ab:d0:73:04:a4:40:9d:07:7c:68:8e:40:ae:
cf:4d:ec:53:b3:fa:9e:97:5a:84:5c:8a:c7:d8:34:33:76:ca:
81:f7:2e:d0:df:45:07:2f:78:3c:19:07:a4:4d:f3:30:24:45:
b3:d0:c7:85:1a:7a:8a:78:fd:bc:ed:38:13:16:62:f1:39:96:
b2:30:f4:a8:e6:24:bc:e8:be:15:c0:d5:cf:a2:80:f5:14:0d:
23:29:5d:56:c4:3f:ad:db:4c:63:42:45:06:6e:a6:91:78:fe:
62:c3:9a:39:fc:e1:e0:29:23:95:27:d8:6f:4d:43:2b:8c:ad:
0b:4d:6c:84:07:01:c9:e1:05:32:d9:bd:8e:bf:df:1c:3a:e1:
46:ef:7d:70:fa:fa:d1:b3:7e:ca:c8:53:58:d8:2d:6c:6e:57:
d6:f9:89:c0:bf:ba:c4:06:46:27:b0:80:e7:c9:93:1a:df:4a:
cf:31:f7:c9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZjOYazrpx8TV5sKhOwz9jbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjUwODIxMjA0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTE1ZmI2M2EzZTNmNzVlMTYwMjllZWI5ZWFhMWQ0YjliYjY3MWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjW+LBi/RH04ktYzovB8Ai38lmq/
BBathGGszGE0JVXXOopGtt8idem8ESAnZ2iIQFU3Pr3G2T1gvmjpXaNsOMDsMZYx
/1zOFUBEEXTTzx8kWktbTqY9ViGdWcHy1Z6ZATiRT3oYz4cxE00a2unLyfi3yuKm
qDJ3T0QfcBM3Ym1wV1diw8AH2u+nf6EScsNiKxZZyNb8xD6+HfzUzz1t/EmO1YDu
gf/R8NhCWxIXq8AMmvx0rUU1StvEueFezQzQJ6o7GFVRAfbRdRZjkwKyjdWCXnUw
kMViMK+KXVAEQRI1r+Cmv4b5UzYl2ZHlosB7HTXk7/QylCrejSxt1hmHwwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFKEV+2Oj4/deFgKe656qHUubtnGvMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvb1JYN1k2UGo5MTRXQXA3cm5xb2RTNXUyY2E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAkvdqAwQA
kvdsMAwDBACS928DBACS93YwDAMEA5L3eAMEAJL3egMEAZL3fjANBgkqhkiG9w0B
AQsFAAOCAQEAkzO4tDTpoeYE79BEWsDtoy8DBTk1M2FZGSd5xr/m9RwRmZqia1+f
ODr62q/xykcWYon/ZuZ9OGIR04dUzR22i+FQolHYoF4KuoUIsn6r0HMEpECdB3xo
jkCuz03sU7P6npdahFyKx9g0M3bKgfcu0N9FBy94PBkHpE3zMCRFs9DHhRp6inj9
vO04ExZi8TmWsjD0qOYkvOi+FcDVz6KA9RQNIyldVsQ/rdtMY0JFBm6mkXj+YsOa
Ofzh4CkjlSfYb01DK4ytC01shAcByeEFMtm9jr/fHDrhRu99cPr60bN+yshTWNgt
bG5X1vmJwL+6xAZGJ7CA58mTGt9KzzH3yQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:05:35 2025 by rpki-client