Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/OS--Lk_-r0Q1zq4QqDjYyZsHuMY.roa
File: OS--Lk_-r0Q1zq4QqDjYyZsHuMY.roa (raw, json)
Hash identifier: MVTlexALEq+OtJ89dtjZODG5hLFqDXsO9MxPnvJn09w=
Subject key identifier: 39:2F:BE:2E:4F:FE:AF:44:35:CE:AE:10:A8:38:D8:C9:9B:07:B8:C6
Certificate issuer: /CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Certificate serial: 019681ED3C4884EA7F840D737504577E5506
Authority key identifier: E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/OS--Lk_-r0Q1zq4QqDjYyZsHuMY.roa
Signing time: Tue 29 Apr 2025 14:22:10 +0000
ROA not before: Tue 29 Apr 2025 14:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43016
IP address blocks: 185.121.216.0/22 maxlen: 22
195.181.192.0/20 maxlen: 23
195.181.194.0/24 maxlen: 24
195.181.195.0/24 maxlen: 24
2a06:a0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 02 May 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:ed:3c:48:84:ea:7f:84:0d:73:75:04:57:7e:55:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e36b4c58e6cfd9fa7e7222a58b3626db7b985324
Validity
Not Before: Apr 29 14:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=392fbe2e4ffeaf4435ceae10a838d8c99b07b8c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:48:54:d5:b0:a3:ff:94:c1:98:c7:c7:aa:84:
8b:bd:53:f2:7d:ab:28:32:de:2f:f5:ae:8d:11:9b:
a6:c6:67:e8:20:99:42:e8:2b:da:b0:36:c1:c6:f5:
3c:31:c2:72:26:b3:98:fc:ce:64:81:43:52:71:f9:
62:93:b0:8f:5c:df:ae:48:f1:fe:e8:d1:56:a0:75:
a3:ef:8a:ed:d4:bd:56:e5:63:ea:f2:4a:d2:3d:d0:
08:06:b5:a4:ba:13:69:d9:87:50:40:de:ba:86:65:
42:d7:c2:ed:6d:32:55:d7:39:80:95:c7:e0:2e:43:
40:8e:95:46:53:6a:d3:4f:82:63:db:28:76:8f:20:
d7:bd:d9:2d:c5:89:c7:cf:60:56:4b:f9:c3:44:57:
a7:f7:ea:8b:bc:60:e8:25:74:a7:05:99:19:35:b0:
6a:1f:5e:e0:97:3f:27:71:75:f2:b7:39:28:36:19:
40:5b:fe:3c:9f:62:f3:88:6e:b2:68:2e:06:df:22:
ac:44:fd:7f:14:70:41:73:d4:94:07:9b:82:a7:3c:
1f:d1:b7:aa:02:c1:aa:c1:d4:82:08:5e:30:e3:be:
f8:99:85:7d:ee:76:bc:e4:96:19:dc:32:e8:3f:db:
8c:77:9b:86:36:a3:9f:49:fa:56:36:5a:d6:09:d9:
f2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:2F:BE:2E:4F:FE:AF:44:35:CE:AE:10:A8:38:D8:C9:9B:07:B8:C6
X509v3 Authority Key Identifier:
keyid:E3:6B:4C:58:E6:CF:D9:FA:7E:72:22:A5:8B:36:26:DB:7B:98:53:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/42tMWObP2fp-ciKlizYm23uYUyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/OS--Lk_-r0Q1zq4QqDjYyZsHuMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5d7df8-b464-4ca7-ba6c-800c99851368/1/42tMWObP2fp-ciKlizYm23uYUyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.216.0/22
195.181.192.0/20
IPv6:
2a06:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:6d:7a:4f:ec:55:64:74:d9:2e:4c:86:8e:58:43:01:ba:fd:
7c:c8:81:98:ff:09:aa:40:70:f0:d0:09:68:8a:1b:7e:bf:d8:
43:c1:69:d7:8a:4e:8a:02:c5:9b:4d:17:05:2d:04:15:9f:21:
e6:12:08:e6:c5:05:38:d3:da:a9:65:76:e6:b0:55:f2:3a:29:
26:b8:db:52:fd:81:40:5f:db:e1:c8:77:6d:17:df:e6:61:0b:
a7:26:53:b9:6a:5f:b9:09:fd:59:da:06:25:60:3e:fb:3f:81:
c0:11:bd:aa:88:e2:61:d2:bd:93:e8:ed:e5:0f:1d:72:27:91:
68:6c:5f:02:d3:90:89:40:65:33:2a:48:95:a2:71:4a:ab:e7:
e7:89:50:ad:be:d0:ef:62:ce:d9:6d:57:b8:42:bd:08:86:4a:
11:88:13:80:88:76:a7:41:77:5e:c5:81:de:94:93:86:ed:ec:
2d:fa:f8:b5:c6:38:ca:01:a4:c4:90:39:ac:ef:9f:db:4b:11:
39:d1:7f:eb:29:a4:df:65:0e:56:71:f2:30:4e:7f:79:33:eb:
f3:c0:b7:6c:a1:1c:d8:c7:d0:ea:d7:ab:9f:57:4f:a8:9c:0a:
5e:0b:c6:f2:19:8a:ec:17:37:f9:de:f6:62:d4:35:02:12:7f:
a1:55:94:c1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZaB7TxIhOp/hA1zdQRXflUGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzNmI0YzU4ZTZjZmQ5ZmE3ZTcyMjJhNThiMzYyNmRiN2I5
ODUzMjQwHhcNMjUwNDI5MTQyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTJmYmUyZTRmZmVhZjQ0MzVjZWFlMTBhODM4ZDhjOTliMDdiOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0hU1bCj/5TBmMfHqoSLvVPyfaso
Mt4v9a6NEZumxmfoIJlC6CvasDbBxvU8McJyJrOY/M5kgUNScflik7CPXN+uSPH+
6NFWoHWj74rt1L1W5WPq8krSPdAIBrWkuhNp2YdQQN66hmVC18LtbTJV1zmAlcfg
LkNAjpVGU2rTT4Jj2yh2jyDXvdktxYnHz2BWS/nDRFen9+qLvGDoJXSnBZkZNbBq
H17glz8ncXXytzkoNhlAW/48n2LziG6yaC4G3yKsRP1/FHBBc9SUB5uCpzwf0beq
AsGqwdSCCF4w4774mYV97na85JYZ3DLoP9uMd5uGNqOfSfpWNlrWCdnyVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDkvvi5P/q9ENc6uEKg42MmbB7jGMB8GA1UdIwQY
MBaAFONrTFjmz9n6fnIipYs2Jtt7mFMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMt
ODAwYzk5ODUxMzY4LzEvT1MtLUxrXy1yMFExenE0UXFEall5WnNIdU1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZDdkZjgtYjQ2NC00Y2E3LWJhNmMtODAwYzk5ODUxMzY4
LzEvNDJ0TVdPYlAyZnAtY2lLbGl6WW0yM3VZVXlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXnYAwQE
w7XAMA0EAgACMAcDBQMqBqDAMA0GCSqGSIb3DQEBCwUAA4IBAQCdbXpP7FVkdNku
TIaOWEMBuv18yIGY/wmqQHDw0Aloiht+v9hDwWnXik6KAsWbTRcFLQQVnyHmEgjm
xQU409qpZXbmsFXyOikmuNtS/YFAX9vhyHdtF9/mYQunJlO5al+5Cf1Z2gYlYD77
P4HAEb2qiOJh0r2T6O3lDx1yJ5FobF8C05CJQGUzKkiVonFKq+fniVCtvtDvYs7Z
bVe4Qr0IhkoRiBOAiHanQXdexYHelJOG7ewt+vi1xjjKAaTEkDms75/bSxE50X/r
KaTfZQ5WcfIwTn95M+vzwLdsoRzYx9Dq16ufV0+onApeC8byGYrsFzf53vZi1DUC
En+hVZTB
-----END CERTIFICATE-----
Generated at Fri May 2 01:50:41 2025 by rpki-client