Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oj8sx7Rs_-krQwFKASAR_vAo090.roa
File: oj8sx7Rs_-krQwFKASAR_vAo090.roa (raw, json)
Hash identifier: HnbRrqeHzRxVykU55hkTK8InYycKiinxMsEEXj+ncR8=
Subject key identifier: A2:3F:2C:C7:B4:6C:FF:E9:2B:43:01:4A:01:20:11:FE:F0:28:D3:DD
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019792A91402AD16BAABE47C1C4ACE86DB88
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oj8sx7Rs_-krQwFKASAR_vAo090.roa
Signing time: Sat 21 Jun 2025 13:24:03 +0000
ROA not before: Sat 21 Jun 2025 13:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29069
IP address blocks: 77.87.112.0/21 maxlen: 21
77.87.112.0/24 maxlen: 24
95.215.96.0/21 maxlen: 21
185.13.112.0/22 maxlen: 22
195.128.56.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:92:a9:14:02:ad:16:ba:ab:e4:7c:1c:4a:ce:86:db:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 21 13:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a23f2cc7b46cffe92b43014a012011fef028d3dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:5a:bb:3e:df:4a:43:42:c5:c3:c3:96:0a:d8:
b6:9a:ab:18:a9:56:ab:89:1b:22:66:0f:3a:51:5a:
87:03:23:19:56:0c:a4:c8:6b:1a:40:1b:16:11:32:
95:91:bc:7c:ce:af:b3:ac:1e:5c:84:5b:ca:ad:db:
63:19:37:5b:ed:48:e7:3d:0f:d1:28:a0:9b:60:a1:
64:8b:1c:57:f8:1e:8f:86:4d:b2:95:76:10:4a:a0:
47:a5:81:03:a9:e5:e1:18:83:87:03:ac:a2:29:c9:
23:1b:8c:5c:8c:8b:2b:c4:3a:83:56:a0:d2:40:26:
f3:3d:d5:4f:f3:42:38:d0:2c:0e:4e:c4:b6:c0:35:
b0:10:46:85:5a:ee:8b:34:ae:0d:89:31:c4:55:b7:
98:d6:1b:3d:f5:04:18:fb:03:30:02:11:47:e6:7d:
25:cb:34:65:4c:de:ba:fe:81:56:0b:b3:e0:c0:8d:
5e:8c:41:08:9c:cb:30:e7:03:c8:0d:3f:1f:6d:17:
74:9d:70:b2:ad:c0:54:df:74:d5:e4:63:4d:11:ce:
bd:99:dd:46:bb:35:93:6f:d2:e9:ab:cd:11:e1:07:
39:f6:f2:cc:e6:ba:8e:b4:7a:ed:a8:38:54:7c:06:
40:3b:ee:8d:82:e3:0e:7a:96:4d:ca:30:3c:e5:8a:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3F:2C:C7:B4:6C:FF:E9:2B:43:01:4A:01:20:11:FE:F0:28:D3:DD
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/oj8sx7Rs_-krQwFKASAR_vAo090.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.112.0/21
95.215.96.0/21
185.13.112.0/22
195.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
31:50:f4:18:78:6d:74:0f:cf:ab:60:0c:ff:00:27:d2:a8:26:
d0:9e:d8:0b:9c:5a:d9:fc:cf:04:07:63:1b:13:a2:2d:ff:c7:
49:9d:cc:be:61:95:a3:ce:5a:6b:17:8e:6c:c0:c1:e7:7c:9b:
21:02:ab:2f:93:f6:94:f5:db:c1:60:44:59:ee:59:b8:f4:30:
c5:6e:ea:b7:31:93:d6:f5:8b:b1:d1:8a:4d:e4:e9:02:64:93:
2e:e3:0b:1d:e1:f6:33:84:64:a4:ac:4d:52:c8:dd:9a:34:a6:
b6:59:e4:8b:ac:52:88:2f:33:d1:d3:f1:3c:22:91:3b:a5:41:
4e:22:c6:fe:c5:32:bf:8f:05:85:6f:45:0b:5b:e9:9b:08:95:
6b:8e:16:0d:6b:91:49:4b:a7:65:cd:be:f3:86:47:e3:7f:af:
07:d7:a4:67:e0:37:9e:6e:de:50:4e:75:1d:98:74:4e:62:c3:
66:48:17:d0:2f:bd:68:46:af:f2:4d:2d:ad:66:3d:33:cc:86:
c2:e9:43:4a:9b:ff:6d:e0:a6:fa:ed:66:f7:8e:fb:90:4d:79:
0a:62:76:56:4b:73:f0:62:a8:0d:66:51:d9:e0:1e:02:11:5a:
b6:74:da:b7:a4:e9:ef:19:30:e0:60:00:ce:0a:34:6f:0d:df:
5d:7c:e1:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeSqRQCrRa6q+R8HErOhtuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjIxMTMyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNmMmNjN2I0NmNmZmU5MmI0MzAxNGEwMTIwMTFmZWYwMjhkM2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21q7Pt9KQ0LFw8OWCti2mqsYqVar
iRsiZg86UVqHAyMZVgykyGsaQBsWETKVkbx8zq+zrB5chFvKrdtjGTdb7UjnPQ/R
KKCbYKFkixxX+B6Phk2ylXYQSqBHpYEDqeXhGIOHA6yiKckjG4xcjIsrxDqDVqDS
QCbzPdVP80I40CwOTsS2wDWwEEaFWu6LNK4NiTHEVbeY1hs99QQY+wMwAhFH5n0l
yzRlTN66/oFWC7PgwI1ejEEInMsw5wPIDT8fbRd0nXCyrcBU33TV5GNNEc69md1G
uzWTb9Lpq80R4Qc59vLM5rqOtHrtqDhUfAZAO+6NguMOepZNyjA85YoRYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKI/LMe0bP/pK0MBSgEgEf7wKNPdMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvb2o4c3g3UnNfLWtyUXdGS0FTQVJfdkFvMDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDTVdwAwQD
X9dgAwQCuQ1wAwQDw4A4MA0GCSqGSIb3DQEBCwUAA4IBAQAxUPQYeG10D8+rYAz/
ACfSqCbQntgLnFrZ/M8EB2MbE6It/8dJncy+YZWjzlprF45swMHnfJshAqsvk/aU
9dvBYERZ7lm49DDFbuq3MZPW9Yux0YpN5OkCZJMu4wsd4fYzhGSkrE1SyN2aNKa2
WeSLrFKILzPR0/E8IpE7pUFOIsb+xTK/jwWFb0ULW+mbCJVrjhYNa5FJS6dlzb7z
hkfjf68H16Rn4Deebt5QTnUdmHROYsNmSBfQL71oRq/yTS2tZj0zzIbC6UNKm/9t
4Kb67Wb3jvuQTXkKYnZWS3PwYqgNZlHZ4B4CEVq2dNq3pOnvGTDgYADOCjRvDd9d
fOHJ
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:11:28 2025 by rpki-client