Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oaPEonfIxvp2fD4LE6Z48Mv1AM8.roa
File: oaPEonfIxvp2fD4LE6Z48Mv1AM8.roa (raw, json)
Hash identifier: xY3MS2Y3IYXeFgEtOzPKAhwzAMiRvV8W2cOL6GR3FFU=
Subject key identifier: A1:A3:C4:A2:77:C8:C6:FA:76:7C:3E:0B:13:A6:78:F0:CB:F5:00:CF
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0197547671B2DF4BF4A1F2100F0A2E609827
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oaPEonfIxvp2fD4LE6Z48Mv1AM8.roa
Signing time: Mon 09 Jun 2025 11:32:17 +0000
ROA not before: Mon 09 Jun 2025 11:32:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 79.132.72.0/24 maxlen: 24
79.132.73.0/24 maxlen: 24
79.132.74.0/24 maxlen: 24
79.132.75.0/24 maxlen: 24
79.135.152.0/24 maxlen: 24
79.135.153.0/24 maxlen: 24
79.135.155.0/24 maxlen: 24
80.81.40.0/24 maxlen: 24
80.81.49.0/24 maxlen: 24
80.81.50.0/24 maxlen: 24
80.81.52.0/24 maxlen: 24
80.81.56.0/24 maxlen: 24
80.254.212.0/24 maxlen: 24
80.254.213.0/24 maxlen: 24
80.254.214.0/24 maxlen: 24
80.254.215.0/24 maxlen: 24
80.254.220.0/24 maxlen: 24
80.254.221.0/24 maxlen: 24
80.254.222.0/24 maxlen: 24
80.254.223.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.45.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.70.0/24 maxlen: 24
85.254.72.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.188.0/24 maxlen: 24
85.254.189.0/24 maxlen: 24
85.254.191.0/24 maxlen: 24
91.190.40.0/24 maxlen: 24
91.190.41.0/24 maxlen: 24
91.190.43.0/24 maxlen: 24
91.190.44.0/24 maxlen: 24
91.190.46.0/24 maxlen: 24
91.190.62.0/24 maxlen: 24
91.190.63.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:76:71:b2:df:4b:f4:a1:f2:10:0f:0a:2e:60:98:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jun 9 11:32:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a3c4a277c8c6fa767c3e0b13a678f0cbf500cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f3:f4:84:5e:a1:26:5a:85:c1:45:5a:1e:27:
11:8a:24:09:5c:fa:d8:84:d4:fc:b2:06:40:63:95:
c2:86:84:f2:bd:7d:fd:17:5f:ca:4f:6a:ce:80:24:
c2:51:76:f4:58:8e:ad:c0:d8:ca:ae:a0:a5:72:59:
a0:97:9f:a8:3e:3e:59:af:0c:bc:70:b3:79:94:18:
c5:05:2d:82:b8:7d:79:4a:97:91:83:d1:23:d5:93:
7c:7a:96:fa:83:4b:3e:19:7b:be:86:92:1c:5c:2e:
d6:8c:57:85:b5:1b:7e:c4:a9:b7:15:10:b5:b5:b3:
7c:37:b5:5e:4d:b1:3f:64:1d:be:76:a8:43:0e:c5:
bc:57:8f:ca:92:80:f1:0e:ab:89:78:d0:20:b2:35:
87:e0:94:03:92:99:5e:9f:39:d0:3e:cd:a4:38:9a:
cc:65:7f:60:00:f2:2d:9b:c4:f6:a1:70:b2:d4:62:
b9:21:76:80:30:f3:2e:06:7c:a8:9f:47:c9:2b:e1:
05:c0:bf:bc:e7:29:c5:20:fe:f9:5a:24:03:65:86:
8f:8b:ac:18:87:23:36:52:0e:16:43:36:a3:48:57:
9d:87:64:42:dc:c7:35:63:c7:ef:a5:ee:8f:b4:53:
78:e5:9b:d4:ca:08:32:df:1d:7f:d1:fe:e9:5c:53:
a5:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A3:C4:A2:77:C8:C6:FA:76:7C:3E:0B:13:A6:78:F0:CB:F5:00:CF
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/oaPEonfIxvp2fD4LE6Z48Mv1AM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.72.0/22
79.135.152.0/23
79.135.155.0/24
80.81.40.0/24
80.81.49.0-80.81.50.255
80.81.52.0/24
80.81.56.0/24
80.254.212.0/22
80.254.220.0/22
85.254.10.0/24
85.254.45.0/24
85.254.47.0/24
85.254.62.0/24
85.254.70.0/24
85.254.72.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
85.254.188.0/23
85.254.191.0/24
91.190.40.0/23
91.190.43.0-91.190.44.255
91.190.46.0/24
91.190.62.0/23
159.148.125.0/24
159.148.138.0/24
159.148.150.0/24
159.148.222.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
27:e2:32:f1:6b:25:1a:67:0a:7f:67:7d:38:0d:6c:67:74:53:
5d:55:99:44:0a:e2:3f:0e:37:a4:b6:16:77:ee:de:78:28:2f:
c3:11:76:50:38:45:e4:90:71:07:f6:80:70:7f:16:11:07:ca:
c7:d7:e4:18:00:5b:ba:43:ba:1a:83:02:fe:71:c4:89:59:fd:
74:37:47:de:ec:0f:0c:f6:e5:58:cf:72:84:32:2f:7d:8c:6c:
b1:50:40:ac:cd:e1:03:8a:a0:e9:01:0c:7e:06:db:65:e5:c1:
1e:c0:eb:8a:9d:16:3f:30:fe:1a:28:7e:c7:7a:d8:59:d7:9c:
0d:d2:a3:ef:0f:9d:22:1e:2f:a5:e6:dd:9a:ae:ff:89:7a:ff:
e1:04:57:72:10:8d:60:70:d7:8e:23:56:e5:16:5a:2a:4a:a3:
34:1d:6d:55:82:42:6d:38:c2:cf:d1:0b:e1:44:6e:04:c0:f3:
d8:63:06:47:ad:20:e4:30:e0:0a:5a:b1:16:79:da:61:67:f6:
0e:88:34:13:2f:66:75:1b:54:d5:33:7a:f4:e5:04:c2:94:f7:
41:ca:05:b2:e6:b9:b7:66:06:7c:4b:71:9b:2e:ea:87:fe:b8:
4c:dd:0e:74:fb:1c:38:ef:41:88:6a:fa:2b:ed:9d:26:46:49:
50:59:73:d9
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZdUdnGy30v0ofIQDwouYJgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNjA5MTEzMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWEzYzRhMjc3YzhjNmZhNzY3YzNlMGIxM2E2NzhmMGNiZjUwMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vP0hF6hJlqFwUVaHicRiiQJXPrY
hNT8sgZAY5XChoTyvX39F1/KT2rOgCTCUXb0WI6twNjKrqClclmgl5+oPj5Zrwy8
cLN5lBjFBS2CuH15SpeRg9Ej1ZN8epb6g0s+GXu+hpIcXC7WjFeFtRt+xKm3FRC1
tbN8N7VeTbE/ZB2+dqhDDsW8V4/KkoDxDquJeNAgsjWH4JQDkplenznQPs2kOJrM
ZX9gAPItm8T2oXCy1GK5IXaAMPMuBnyon0fJK+EFwL+85ynFIP75WiQDZYaPi6wY
hyM2Ug4WQzajSFedh2RC3Mc1Y8fvpe6PtFN45ZvUyggy3x1/0f7pXFOlkwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFKGjxKJ3yMb6dnw+CxOmePDL9QDPMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvb2FQRW9uZkl4dnAyZkQ0TEU2WjQ4TXYxQU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAJP
hEgDBAFPh5gDBABPh5sDBABQUSgwDAMEAFBRMQMEAFBRMgMEAFBRNAMEAFBROAME
AlD+1AMEAlD+3AMEAFX+CgMEAFX+LQMEAFX+LwMEAFX+PgMEAFX+RgMEAFX+SAME
A1X+aAMEAFX+dAMEAFX+egMEAVX+vAMEAFX+vwMEAVu+KDAMAwQAW74rAwQAW74s
AwQAW74uAwQBW74+AwQAn5R9AwQAn5SKAwQAn5SWAwQAn5TeAwQBn5TyMA0GCSqG
SIb3DQEBCwUAA4IBAQAn4jLxayUaZwp/Z304DWxndFNdVZlECuI/DjekthZ37t54
KC/DEXZQOEXkkHEH9oBwfxYRB8rH1+QYAFu6Q7oagwL+ccSJWf10N0fe7A8M9uVY
z3KEMi99jGyxUECszeEDiqDpAQx+Bttl5cEewOuKnRY/MP4aKH7HethZ15wN0qPv
D50iHi+l5t2arv+Jev/hBFdyEI1gcNeOI1blFloqSqM0HW1VgkJtOMLP0QvhRG4E
wPPYYwZHrSDkMOAKWrEWedphZ/YOiDQTL2Z1G1TVM3r05QTClPdBygWy5rm3ZgZ8
S3GbLuqH/rhM3Q50+xw470GIavor7Z0mRklQWXPZ
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:07:09 2025 by rpki-client