Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0nbzn0DjaEDYI5JH25hES5RTvDQ.roa
File: 0nbzn0DjaEDYI5JH25hES5RTvDQ.roa (raw, json)
Hash identifier: 9upnjr0tXBLiiM8zKsYci8Dynb7mxgezQHMXmHqS7yM=
Subject key identifier: D2:76:F3:9F:40:E3:68:40:D8:23:92:47:DB:98:44:4B:94:53:BC:34
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0198602FE8C8C2166865FEC36423EB942A15
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0nbzn0DjaEDYI5JH25hES5RTvDQ.roa
Signing time: Thu 31 Jul 2025 11:13:29 +0000
ROA not before: Thu 31 Jul 2025 11:13:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
79.135.141.0/24 maxlen: 24
80.81.47.0/24 maxlen: 24
83.223.131.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
83.223.140.0/24 maxlen: 24
83.223.152.0/24 maxlen: 24
83.223.156.0/24 maxlen: 24
83.223.158.0/24 maxlen: 24
85.254.8.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
91.190.37.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
217.24.64.0/20 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:60:2f:e8:c8:c2:16:68:65:fe:c3:64:23:eb:94:2a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jul 31 11:13:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d276f39f40e36840d8239247db98444b9453bc34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1e:92:bd:fc:f1:88:b6:ec:0f:7c:b9:6c:f3:
73:67:3d:e4:ca:65:bc:1d:d7:c4:5b:af:0c:34:72:
96:d2:0a:ec:62:02:49:82:78:12:66:58:b8:fc:ca:
84:88:45:01:ea:d5:8d:1c:71:28:b7:1f:51:c7:46:
02:31:74:8b:de:49:7f:44:48:c1:6e:f6:f9:29:05:
71:7c:54:a2:95:d4:ae:de:bb:9b:9b:42:02:41:2b:
96:f2:23:be:64:92:64:a1:55:39:80:dd:37:79:43:
64:62:5a:20:87:80:72:6f:f7:cf:5a:9a:d1:d7:8d:
b1:51:2b:34:c5:fd:26:7e:22:c6:73:9f:7d:db:49:
c5:97:46:f2:23:11:25:ff:0a:f5:d2:d4:fe:a0:f4:
39:50:9a:95:c9:b9:fc:4c:ef:64:48:0c:8e:6c:23:
b0:ce:70:cc:00:ad:4e:6d:1a:3a:c5:ff:5f:eb:0a:
08:2c:27:1e:55:7a:87:a9:70:0b:d8:01:c6:40:32:
75:e1:a8:eb:97:1f:5c:74:18:a7:51:32:61:6e:40:
62:39:f5:62:f2:c4:27:1c:a4:08:25:7f:2d:d1:f2:
a8:c0:ba:be:f0:9a:fa:d4:de:3c:c6:d2:68:db:b4:
61:6c:1d:1f:88:45:b5:a9:0c:3d:75:81:07:1a:22:
b6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:76:F3:9F:40:E3:68:40:D8:23:92:47:DB:98:44:4B:94:53:BC:34
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/0nbzn0DjaEDYI5JH25hES5RTvDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
79.135.141.0/24
80.81.47.0/24
83.223.131.0/24
83.223.138.0/24
83.223.140.0/24
83.223.152.0/24
83.223.156.0/24
83.223.158.0/24
85.254.8.0/24
85.254.11.0-85.254.15.255
85.254.41.0/24
85.254.46.0/24
85.254.63.0/24
85.254.117.0-85.254.119.255
91.190.37.0/24
159.148.143.0/24
185.176.116.0/24
185.176.119.0/24
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:6d:58:3a:d9:42:82:a7:39:ff:d5:20:2d:e3:32:4d:ac:ac:
ad:e1:0b:09:03:12:f3:06:3e:46:0e:44:15:31:3e:50:51:6d:
07:39:85:7b:00:78:98:82:61:53:56:7b:85:a7:bc:92:dd:12:
7c:27:e5:20:cd:22:59:ea:34:1d:fc:a3:30:3f:89:89:c7:2a:
93:4e:38:a4:aa:51:dc:50:1b:97:de:b6:61:f2:7f:18:36:15:
fe:55:22:db:b2:7a:08:1b:a8:4d:31:ab:db:1a:d5:98:72:f7:
2b:88:00:d7:49:45:47:5c:43:80:fc:84:d0:cc:a1:64:2f:af:
8f:ae:79:14:e1:ce:17:99:64:c2:a7:21:c7:b5:1b:99:7e:68:
6f:f0:e8:f1:3b:3d:0d:36:a6:56:d5:8f:c0:95:49:6e:f6:be:
b3:5b:b7:9e:f6:d7:b8:f2:b9:04:b5:ec:cb:b7:e9:cb:95:61:
82:16:ea:b0:da:a6:96:3d:fe:93:18:26:e0:96:cd:02:9e:29:
7a:99:c6:8c:68:26:2b:1e:20:24:d1:4c:94:10:e7:a9:c7:12:
bf:25:c7:83:f8:46:00:ac:6a:3f:a6:23:55:81:b2:86:e3:65:
0f:c2:87:f1:ef:b3:a2:d4:46:08:63:2f:72:3c:8b:77:23:88:
94:19:0c:61
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZhgL+jIwhZoZf7DZCPrlCoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNzMxMTExMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc2ZjM5ZjQwZTM2ODQwZDgyMzkyNDdkYjk4NDQ0Yjk0NTNiYzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h6SvfzxiLbsD3y5bPNzZz3kymW8
HdfEW68MNHKW0grsYgJJgngSZli4/MqEiEUB6tWNHHEotx9Rx0YCMXSL3kl/REjB
bvb5KQVxfFSildSu3rubm0ICQSuW8iO+ZJJkoVU5gN03eUNkYlogh4Byb/fPWprR
142xUSs0xf0mfiLGc59920nFl0byIxEl/wr10tT+oPQ5UJqVybn8TO9kSAyObCOw
znDMAK1ObRo6xf9f6woILCceVXqHqXAL2AHGQDJ14ajrlx9cdBinUTJhbkBiOfVi
8sQnHKQIJX8t0fKowLq+8Jr61N48xtJo27RhbB0fiEW1qQw9dYEHGiK22QIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFNJ2859A42hA2COSR9uYREuUU7w0MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMG5iem4wRGphRURZSTVKSDI1aEVTNVJUdkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAQ+
VBADBABPh40DBABQUS8DBABT34MDBABT34oDBABT34wDBABT35gDBABT35wDBABT
354DBABV/ggwDAMEAFX+CwMEBFX+AAMEAFX+KQMEAFX+LgMEAFX+PzAMAwQAVf51
AwQDVf5wAwQAW74lAwQAn5SPAwQAubB0AwQAubB3AwQE2RhAMA0GCSqGSIb3DQEB
CwUAA4IBAQBtbVg62UKCpzn/1SAt4zJNrKyt4QsJAxLzBj5GDkQVMT5QUW0HOYV7
AHiYgmFTVnuFp7yS3RJ8J+UgzSJZ6jQd/KMwP4mJxyqTTjikqlHcUBuX3rZh8n8Y
NhX+VSLbsnoIG6hNMavbGtWYcvcriADXSUVHXEOA/ITQzKFkL6+PrnkU4c4XmWTC
pyHHtRuZfmhv8OjxOz0NNqZW1Y/AlUlu9r6zW7ee9te48rkEtezLt+nLlWGCFuqw
2qaWPf6TGCbgls0Cnil6mcaMaCYrHiAk0UyUEOepxxK/JceD+EYArGo/piNVgbKG
42UPwofx77Oi1EYIYy9yPIt3I4iUGQxh
-----END CERTIFICATE-----
Generated at Wed Aug 6 16:10:07 2025 by rpki-client