Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OOxMT8AzvVmmzMNnWSbKEIi1yWI.roa
File: OOxMT8AzvVmmzMNnWSbKEIi1yWI.roa (raw, json)
Hash identifier: sEt6Bo0rM1lUm7gE6QBT+B5M4t0Kw84DOEXibhQwOjQ=
Subject key identifier: 38:EC:4C:4F:C0:33:BD:59:A6:CC:C3:67:59:26:CA:10:88:B5:C9:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197C55E0769A9DEE9C8F387356B311E8AEF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OOxMT8AzvVmmzMNnWSbKEIi1yWI.roa
Signing time: Tue 01 Jul 2025 09:42:43 +0000
ROA not before: Tue 01 Jul 2025 09:42:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 5.253.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:5e:07:69:a9:de:e9:c8:f3:87:35:6b:31:1e:8a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 1 09:42:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38ec4c4fc033bd59a6ccc3675926ca1088b5c962
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:71:b4:91:36:8d:87:7b:46:05:2a:06:ef:90:
1a:8c:21:4f:2e:df:e0:e8:4e:a9:b0:46:ad:19:c7:
2d:a6:56:18:fa:11:b5:64:d9:6e:37:0f:ee:08:c2:
d8:88:e3:eb:44:42:0b:66:ab:50:ac:e7:dc:cc:21:
7c:29:52:87:0a:73:92:c1:fb:41:4d:4e:a6:3c:ac:
69:05:ad:e1:7b:47:94:22:5f:68:54:1c:18:b1:17:
0b:48:f6:f4:de:f6:45:e6:3e:0d:30:0a:89:e3:2c:
ad:5a:e1:bc:6d:e8:5c:a8:fa:9b:2c:2a:c1:a9:eb:
96:45:31:1f:c3:34:9a:53:c8:c2:9f:17:6f:80:f2:
05:7b:c3:d6:94:e1:05:a3:b5:0a:95:81:8d:03:9c:
7d:d9:a8:5d:63:84:d4:ba:4b:70:b9:fc:57:59:c5:
8f:39:a8:38:4c:97:ca:b8:33:4d:d9:dd:06:58:88:
22:11:1d:e4:da:af:44:99:58:18:ad:61:0e:43:a9:
83:d3:f9:bb:d4:bb:37:8c:19:71:7d:9d:eb:a2:af:
64:69:77:cd:15:42:2d:6a:ec:d5:15:d7:da:d6:2b:
40:4f:68:c7:8c:eb:02:6f:1e:c8:4c:b5:02:b4:cd:
34:67:8e:55:eb:65:61:fc:e2:7a:d0:86:aa:9a:69:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:EC:4C:4F:C0:33:BD:59:A6:CC:C3:67:59:26:CA:10:88:B5:C9:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OOxMT8AzvVmmzMNnWSbKEIi1yWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
Signature Algorithm: sha256WithRSAEncryption
80:9b:bd:ed:33:01:8c:97:55:b1:2c:98:1d:4f:e8:ad:79:1d:
13:5c:2f:97:ca:ff:e3:1f:48:b5:de:96:16:51:de:43:18:73:
74:55:e8:39:ed:e1:36:92:60:fb:88:5c:d1:ab:b5:b2:79:36:
51:01:5d:55:33:01:48:73:a8:1b:91:5b:35:69:10:65:f3:b0:
70:df:71:e7:f6:a5:24:d9:df:fe:d7:49:dd:f8:bc:87:93:6b:
c3:94:67:fa:19:e3:1c:f7:fb:00:20:f8:3f:a5:18:f0:5b:cf:
f1:82:1a:7e:ab:a3:2c:85:88:ca:2e:f4:7c:c5:fa:a6:e3:38:
cb:ae:d3:67:bd:3b:97:83:56:70:46:90:51:df:af:a8:ba:3b:
23:a5:95:14:19:26:cb:67:f5:aa:10:90:38:72:0f:82:82:33:
2a:02:00:8a:78:4f:31:94:9a:cf:f8:81:78:ce:cc:3a:5c:cd:
72:13:2d:6c:cf:e5:9b:d7:be:d4:91:48:f8:61:52:24:e0:4d:
3d:06:6b:ff:16:dd:b7:8c:1e:fd:30:71:18:b5:4f:61:2f:f4:
45:b9:0c:c7:c7:41:d0:34:e0:63:a1:f1:08:14:5a:a2:30:48:
28:1e:db:89:ce:35:b1:77:ee:9e:db:0a:11:ac:ec:9f:3d:2e:
6a:3d:e7:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfFXgdpqd7pyPOHNWsxHorvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzAxMDk0MjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGVjNGM0ZmMwMzNiZDU5YTZjY2MzNjc1OTI2Y2ExMDg4YjVjOTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HG0kTaNh3tGBSoG75AajCFPLt/g
6E6psEatGcctplYY+hG1ZNluNw/uCMLYiOPrREILZqtQrOfczCF8KVKHCnOSwftB
TU6mPKxpBa3he0eUIl9oVBwYsRcLSPb03vZF5j4NMAqJ4yytWuG8behcqPqbLCrB
qeuWRTEfwzSaU8jCnxdvgPIFe8PWlOEFo7UKlYGNA5x92ahdY4TUuktwufxXWcWP
Oag4TJfKuDNN2d0GWIgiER3k2q9EmVgYrWEOQ6mD0/m71Ls3jBlxfZ3roq9kaXfN
FUItauzVFdfa1itAT2jHjOsCbx7ITLUCtM00Z45V62Vh/OJ60Iaqmmn0mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjsTE/AM71ZpszDZ1kmyhCItcliMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT094TVQ4QXp2Vm1tek1ObldTYktFSWkxeVdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABf1BMA0G
CSqGSIb3DQEBCwUAA4IBAQCAm73tMwGMl1WxLJgdT+iteR0TXC+Xyv/jH0i13pYW
Ud5DGHN0Veg57eE2kmD7iFzRq7WyeTZRAV1VMwFIc6gbkVs1aRBl87Bw33Hn9qUk
2d/+10nd+LyHk2vDlGf6GeMc9/sAIPg/pRjwW8/xghp+q6MshYjKLvR8xfqm4zjL
rtNnvTuXg1ZwRpBR36+oujsjpZUUGSbLZ/WqEJA4cg+CgjMqAgCKeE8xlJrP+IF4
zsw6XM1yEy1sz+Wb177UkUj4YVIk4E09Bmv/Ft23jB79MHEYtU9hL/RFuQzHx0HQ
NOBjofEIFFqiMEgoHtuJzjWxd+6e2woRrOyfPS5qPecN
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:50:47 2025 by rpki-client