Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/OJ3hJK2NsEBEH-x2WBFHPvaCDog.roa
File: OJ3hJK2NsEBEH-x2WBFHPvaCDog.roa (raw, json)
Hash identifier: s7m/tc3JzApqCmdGlsd5PYtN6aJAyx63GowKbfL7Q2I=
Subject key identifier: 38:9D:E1:24:AD:8D:B0:40:44:1F:EC:76:58:11:47:3E:F6:82:0E:88
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01975F85411F3D3C0CA6DE0AE96A81E64098
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/OJ3hJK2NsEBEH-x2WBFHPvaCDog.roa
Signing time: Wed 11 Jun 2025 15:04:17 +0000
ROA not before: Wed 11 Jun 2025 15:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 86.106.80.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 15:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:85:41:1f:3d:3c:0c:a6:de:0a:e9:6a:81:e6:40:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jun 11 15:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=389de124ad8db040441fec765811473ef6820e88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:76:03:ba:03:a7:46:a8:40:04:3f:31:43:e6:
3b:e3:66:9f:46:fb:03:2c:f3:15:37:22:3c:db:04:
d1:4f:22:e5:56:18:51:db:ac:f3:81:cc:2d:57:f3:
e9:99:a1:8c:83:57:9f:2d:85:27:78:ba:0e:60:c3:
dd:72:eb:21:d1:9b:9a:01:97:e3:53:96:16:c0:6e:
7c:6d:0a:60:cc:ca:71:66:4b:1f:c9:a6:b1:6e:8c:
7c:b0:d9:99:35:33:bf:49:d3:ef:7b:cf:20:a0:2c:
19:41:20:fb:36:23:d5:71:01:59:c0:e5:b1:3e:bc:
f5:b8:2b:0e:91:e3:b0:0c:bd:9e:0d:da:fa:ce:b4:
cb:25:2b:3c:4f:52:ad:da:3d:22:0c:ed:07:18:cf:
3d:c9:1a:18:7b:81:cd:a1:d2:de:fb:8a:49:ab:a5:
40:dc:a0:b3:97:17:bd:4d:b7:20:20:bd:d7:df:a6:
c5:c4:0f:24:a5:e8:eb:fe:37:c0:d9:20:cb:d2:26:
fa:dc:b4:76:84:3a:e7:93:88:95:40:ec:37:f5:2e:
22:d3:87:4f:9d:2c:3a:4d:d0:4f:99:8e:ba:32:0c:
b1:db:d3:8b:1a:7c:a9:20:54:62:70:98:d2:bd:b3:
c7:c9:88:04:7f:24:08:05:e9:20:1e:df:85:30:1a:
4f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9D:E1:24:AD:8D:B0:40:44:1F:EC:76:58:11:47:3E:F6:82:0E:88
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/OJ3hJK2NsEBEH-x2WBFHPvaCDog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.80.0/24
89.44.209.0/24
89.45.34.0/24
93.114.187.0/24
188.215.72.0/24
188.215.95.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:a0:d5:ac:b3:bc:c2:b8:60:e6:18:1b:6d:15:da:28:5c:06:
01:a1:7c:6a:1e:19:a1:e0:7c:2e:97:b1:19:2b:11:d2:bd:04:
d8:82:41:23:52:c8:c8:b0:a0:65:e9:69:9e:7c:3c:63:15:72:
6e:81:bd:d8:43:6f:25:08:d9:da:77:c2:aa:80:b9:1a:d5:a0:
cc:97:a8:93:bf:d1:9b:a7:93:58:b9:04:9a:19:00:76:e4:ec:
36:03:a9:23:ef:cc:2a:46:28:7b:78:e3:7c:63:8a:f9:21:8e:
0e:5c:5a:17:0e:98:de:d1:12:4b:e0:ee:67:0d:49:e2:c8:a7:
d2:35:eb:b3:44:7e:fc:a7:5c:b8:4e:1b:91:61:d5:1e:58:c7:
3a:18:26:94:ef:01:ec:bd:ee:f3:5c:8c:66:a4:d3:68:9b:12:
fa:95:fe:e7:9c:b9:f8:0d:67:9d:78:cd:36:55:97:ca:81:83:
2e:a9:31:3a:2e:d7:ef:eb:1d:24:00:66:37:00:ab:87:9b:bc:
c0:18:16:16:5a:4d:ab:04:ae:00:91:d2:f6:80:94:d9:57:6d:
05:75:ef:bd:ee:03:3d:c1:74:a9:8f:ff:3a:5c:bd:1e:6b:bf:
e8:8f:91:d3:51:d4:ad:8a:6f:f7:ef:2c:64:4e:09:a7:32:5b:
98:7d:64:a5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZdfhUEfPTwMpt4K6WqB5kCYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwNjExMTUwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODlkZTEyNGFkOGRiMDQwNDQxZmVjNzY1ODExNDczZWY2ODIwZTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXYDugOnRqhABD8xQ+Y742afRvsD
LPMVNyI82wTRTyLlVhhR26zzgcwtV/PpmaGMg1efLYUneLoOYMPdcush0ZuaAZfj
U5YWwG58bQpgzMpxZksfyaaxbox8sNmZNTO/SdPve88goCwZQSD7NiPVcQFZwOWx
Prz1uCsOkeOwDL2eDdr6zrTLJSs8T1Kt2j0iDO0HGM89yRoYe4HNodLe+4pJq6VA
3KCzlxe9TbcgIL3X36bFxA8kpejr/jfA2SDL0ib63LR2hDrnk4iVQOw39S4i04dP
nSw6TdBPmY66Mgyx29OLGnypIFRicJjSvbPHyYgEfyQIBekgHt+FMBpPPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDid4SStjbBARB/sdlgRRz72gg6IMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvT0ozaEpLMk5zRUJFSC14MldCRkhQdmFDRG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVmpQAwQA
WSzRAwQAWS0iAwQAXXK7AwQAvNdIAwQAvNdfMA0GCSqGSIb3DQEBCwUAA4IBAQC6
oNWss7zCuGDmGBttFdooXAYBoXxqHhmh4Hwul7EZKxHSvQTYgkEjUsjIsKBl6Wme
fDxjFXJugb3YQ28lCNnad8KqgLka1aDMl6iTv9Gbp5NYuQSaGQB25Ow2A6kj78wq
Rih7eON8Y4r5IY4OXFoXDpje0RJL4O5nDUniyKfSNeuzRH78p1y4ThuRYdUeWMc6
GCaU7wHsve7zXIxmpNNomxL6lf7nnLn4DWedeM02VZfKgYMuqTE6Ltfv6x0kAGY3
AKuHm7zAGBYWWk2rBK4AkdL2gJTZV20Fde+97gM9wXSpj/86XL0ea7/oj5HTUdSt
im/37yxkTgmnMluYfWSl
-----END CERTIFICATE-----
Generated at Sun Jun 15 00:09:47 2025 by rpki-client