Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o7cxoqcOfcaMCQcWzFlykCgCnJ0.roa
File: o7cxoqcOfcaMCQcWzFlykCgCnJ0.roa (raw, json)
Hash identifier: uxgCIVlYlLobXDnVmVbUN9wJj1iEKsKYK0q3PWlJcnI=
Subject key identifier: A3:B7:31:A2:A7:0E:7D:C6:8C:09:07:16:CC:59:72:90:28:02:9C:9D
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019759EB8A982BB600961B8E09A1238B4818
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o7cxoqcOfcaMCQcWzFlykCgCnJ0.roa
Signing time: Tue 10 Jun 2025 12:58:18 +0000
ROA not before: Tue 10 Jun 2025 12:58:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 193.124.16.0/24 maxlen: 24
193.124.44.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
194.87.38.0/24 maxlen: 24
194.87.72.0/24 maxlen: 24
194.87.114.0/24 maxlen: 24
194.87.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 18:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:eb:8a:98:2b:b6:00:96:1b:8e:09:a1:23:8b:48:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 10 12:58:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3b731a2a70e7dc68c090716cc59729028029c9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d3:d2:9b:b7:4b:8b:17:a6:36:70:c5:0f:30:
22:67:40:36:cf:b7:23:b0:58:f8:e4:45:a2:0b:20:
11:4b:d7:a1:e8:12:d3:15:87:cb:ba:9f:23:e7:9d:
ea:10:03:1a:53:b6:07:9e:2f:2c:f8:b3:d4:c5:f8:
25:c0:45:10:5e:2c:10:8a:66:45:a6:42:b6:64:a4:
df:43:a9:94:38:1e:ec:c1:13:55:ac:51:3b:1d:5b:
2b:f0:35:cd:12:d9:b0:13:09:2a:d1:0e:e1:06:f8:
66:e0:8b:61:f5:5f:78:f1:3b:9d:67:15:52:aa:8b:
31:e9:ad:bc:1b:b9:a0:d5:72:bc:50:f4:fb:af:0d:
d4:cb:f0:f6:2e:ae:d7:9a:c3:ba:7e:e6:f4:13:d5:
db:18:eb:c7:95:97:71:59:66:08:47:1a:00:a3:25:
e0:90:6c:9e:ce:0d:07:f1:9b:ad:d5:1a:fb:7f:eb:
a8:25:1a:9c:da:2d:ef:2a:12:f2:6e:77:57:a5:47:
25:f2:b8:3e:e5:83:d3:e9:b4:fe:c2:6f:37:14:b6:
fa:65:e5:f4:f1:cd:1d:0e:5d:ca:4c:5d:7f:cc:62:
56:30:90:38:2a:d7:f0:5c:c6:ab:68:10:3b:2f:1a:
52:00:ca:73:43:e2:94:8c:bb:5d:02:bb:15:21:ce:
c5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B7:31:A2:A7:0E:7D:C6:8C:09:07:16:CC:59:72:90:28:02:9C:9D
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/o7cxoqcOfcaMCQcWzFlykCgCnJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.16.0/24
193.124.44.0/24
193.124.206.0/24
194.87.38.0/24
194.87.72.0/24
194.87.114.0/24
194.87.127.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:de:dc:64:1a:d2:d3:c4:3a:96:7a:e0:8f:2c:29:43:1f:f9:
17:12:52:e4:30:74:d7:cb:cd:d9:81:09:9f:0e:d4:25:fb:70:
25:bf:81:c5:6f:da:7d:c3:c8:4a:88:1e:c3:e1:ee:0d:b9:20:
e1:1b:9b:1c:59:bf:47:62:80:b5:f6:09:a9:d7:00:ed:05:7e:
ee:1f:29:4a:b5:24:d8:da:d3:a9:85:57:e5:44:85:be:d5:6f:
fe:68:ec:52:d9:68:61:d0:f6:5c:41:ce:12:93:3d:35:94:2f:
61:f8:bc:9b:61:c7:d5:d6:26:93:9f:36:f1:83:7e:38:d1:94:
16:ab:6a:1f:a8:c7:51:1a:8c:3e:c1:95:39:04:65:c5:ef:af:
b0:6e:83:9b:73:20:29:f0:a3:e9:6c:a3:1d:39:ab:f9:f2:32:
ad:5d:8d:f2:cd:eb:7f:8f:c6:81:03:ea:dc:4b:14:c2:f0:9e:
28:6a:2d:45:0f:dc:f9:95:9a:c9:44:42:f6:bb:fa:5f:2a:83:
6a:93:09:4e:fa:83:e6:d1:15:83:02:af:11:15:36:9a:6c:c0:
a5:2a:b1:47:a2:22:bc:b4:60:96:94:dd:2c:78:76:58:37:97:
ef:c1:d0:d3:86:32:d0:50:a7:3e:d9:5d:19:53:33:42:be:8d:
38:e3:f1:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdZ64qYK7YAlhuOCaEji0gYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNjEwMTI1ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2I3MzFhMmE3MGU3ZGM2OGMwOTA3MTZjYzU5NzI5MDI4MDI5YzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NPSm7dLixemNnDFDzAiZ0A2z7cj
sFj45EWiCyARS9eh6BLTFYfLup8j553qEAMaU7YHni8s+LPUxfglwEUQXiwQimZF
pkK2ZKTfQ6mUOB7swRNVrFE7HVsr8DXNEtmwEwkq0Q7hBvhm4Ith9V948TudZxVS
qosx6a28G7mg1XK8UPT7rw3Uy/D2Lq7XmsO6fub0E9XbGOvHlZdxWWYIRxoAoyXg
kGyezg0H8Zut1Rr7f+uoJRqc2i3vKhLybndXpUcl8rg+5YPT6bT+wm83FLb6ZeX0
8c0dDl3KTF1/zGJWMJA4KtfwXMaraBA7LxpSAMpzQ+KUjLtdArsVIc7FvwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKO3MaKnDn3GjAkHFsxZcpAoApydMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbzdjeG9xY09mY2FNQ1FjV3pGbHlrQ2dDbkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwXwQAwQA
wXwsAwQAwXzOAwQAwlcmAwQAwldIAwQAwldyAwQAwld/MA0GCSqGSIb3DQEBCwUA
A4IBAQAd3txkGtLTxDqWeuCPLClDH/kXElLkMHTXy83ZgQmfDtQl+3Alv4HFb9p9
w8hKiB7D4e4NuSDhG5scWb9HYoC19gmp1wDtBX7uHylKtSTY2tOphVflRIW+1W/+
aOxS2Whh0PZcQc4Skz01lC9h+LybYcfV1iaTnzbxg3440ZQWq2ofqMdRGow+wZU5
BGXF76+wboObcyAp8KPpbKMdOav58jKtXY3yzet/j8aBA+rcSxTC8J4oai1FD9z5
lZrJREL2u/pfKoNqkwlO+oPm0RWDAq8RFTaabMClKrFHoiK8tGCWlN0seHZYN5fv
wdDThjLQUKc+2V0ZUzNCvo044/HI
-----END CERTIFICATE-----
Generated at Sat Jun 14 04:12:19 2025 by rpki-client