Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/OGPVBoRE-lHq_3um0W6LRa7Uil4.roa
File: OGPVBoRE-lHq_3um0W6LRa7Uil4.roa (raw, json)
Hash identifier: dK0nHno7O0jV6OHBq7qhW3Foh08a8amSBMLlT7zl2oQ=
Subject key identifier: 38:63:D5:06:84:44:FA:51:EA:FF:7B:A6:D1:6E:8B:45:AE:D4:8A:5E
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 019669D37F22DBD3240E45B7AFBAADA5DE7C
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/OGPVBoRE-lHq_3um0W6LRa7Uil4.roa
Signing time: Thu 24 Apr 2025 22:03:10 +0000
ROA not before: Thu 24 Apr 2025 22:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202105
IP address blocks: 83.136.8.0/24 maxlen: 24
83.136.9.0/24 maxlen: 24
83.136.10.0/24 maxlen: 24
83.136.11.0/24 maxlen: 24
83.136.12.0/24 maxlen: 24
83.136.13.0/24 maxlen: 24
83.136.14.0/24 maxlen: 24
83.136.15.0/24 maxlen: 24
87.237.224.0/24 maxlen: 24
87.237.225.0/24 maxlen: 24
87.237.226.0/24 maxlen: 24
87.237.227.0/24 maxlen: 24
87.237.228.0/24 maxlen: 24
87.237.229.0/24 maxlen: 24
87.237.230.0/24 maxlen: 24
87.237.231.0/24 maxlen: 24
185.11.120.0/24 maxlen: 24
185.11.121.0/24 maxlen: 24
185.11.122.0/24 maxlen: 24
185.11.123.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.82.119.0/24 maxlen: 24
185.108.240.0/24 maxlen: 24
185.108.241.0/24 maxlen: 24
185.108.242.0/24 maxlen: 24
185.108.243.0/24 maxlen: 24
185.133.84.0/24 maxlen: 24
185.133.85.0/24 maxlen: 24
185.133.86.0/24 maxlen: 24
185.133.87.0/24 maxlen: 24
185.164.24.0/24 maxlen: 24
185.164.26.0/24 maxlen: 24
185.164.27.0/24 maxlen: 24
185.164.28.0/24 maxlen: 24
185.164.29.0/24 maxlen: 24
185.164.31.0/24 maxlen: 24
185.203.108.0/24 maxlen: 24
185.203.109.0/24 maxlen: 24
185.203.110.0/24 maxlen: 24
185.206.28.0/24 maxlen: 24
185.206.29.0/24 maxlen: 24
185.206.30.0/24 maxlen: 24
185.206.132.0/24 maxlen: 24
185.206.133.0/24 maxlen: 24
185.206.134.0/24 maxlen: 24
185.206.135.0/24 maxlen: 24
185.217.8.0/24 maxlen: 24
185.217.9.0/24 maxlen: 24
185.217.10.0/24 maxlen: 24
185.217.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:69:d3:7f:22:db:d3:24:0e:45:b7:af:ba:ad:a5:de:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Apr 24 22:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3863d5068444fa51eaff7ba6d16e8b45aed48a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7e:70:a0:8a:52:55:4f:65:9c:0c:3e:cf:1b:
0f:ab:1b:7a:ec:72:5f:6b:2f:37:a0:65:d5:83:fe:
9f:6a:72:84:b1:7a:ad:ba:8c:70:6a:28:20:e1:03:
48:f9:51:c2:00:ac:dc:95:c6:a6:64:62:fc:a8:49:
76:2b:5d:0b:fe:8e:be:6f:a6:97:a9:c8:ed:a4:ae:
65:77:f1:fa:b7:91:5d:3b:ee:0b:08:96:2f:73:3d:
13:55:a1:1a:0d:b0:06:bb:4b:ab:ca:33:1b:7d:86:
16:66:01:d1:1a:45:c6:35:56:2c:e8:fa:5e:70:05:
36:18:2c:8c:87:06:0a:0c:f1:7c:06:3f:47:77:ed:
57:d9:e5:cd:6c:7d:ce:9a:4e:9d:fa:99:e1:13:74:
e3:60:81:ac:a9:7d:ba:fa:f8:2c:b4:cf:02:87:7f:
59:47:14:3d:9a:49:2e:21:5d:b2:7f:69:7a:0a:af:
8a:91:16:8a:e6:19:7a:96:81:6b:7f:70:17:af:4d:
e4:b5:0d:3e:10:f2:f4:dd:82:8f:df:85:66:3a:83:
61:dc:0a:f9:f4:79:29:63:ac:15:77:f9:4a:b4:ce:
5b:71:88:b6:3a:ea:a0:d8:a6:2e:17:22:7a:ac:0e:
6a:55:27:34:56:3b:fb:5e:e0:a6:e4:01:21:73:7b:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:63:D5:06:84:44:FA:51:EA:FF:7B:A6:D1:6E:8B:45:AE:D4:8A:5E
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/OGPVBoRE-lHq_3um0W6LRa7Uil4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.8.0/21
87.237.224.0/21
185.11.120.0/22
185.51.204.0/22
185.82.116.0/22
185.108.240.0/22
185.133.84.0/22
185.164.24.0/24
185.164.26.0-185.164.29.255
185.164.31.0/24
185.203.108.0-185.203.110.255
185.206.28.0-185.206.30.255
185.206.132.0/22
185.217.8.0/22
Signature Algorithm: sha256WithRSAEncryption
73:8e:a5:58:dd:80:1f:7c:78:6c:40:d1:70:fe:9e:87:c6:ee:
1d:b2:97:db:b8:65:81:4b:0f:59:48:42:5c:69:fd:db:5b:10:
c7:f9:f6:52:83:91:f9:c9:54:71:63:52:3b:ec:de:97:a5:74:
88:ea:e0:c4:4a:fe:82:d5:85:71:b2:e1:a5:28:e4:7c:04:f2:
a8:c3:14:41:5c:77:1b:e4:1f:17:2f:24:b7:c3:55:9c:ff:d1:
1a:cd:1f:1f:5b:41:44:b8:4c:f1:c9:1d:d7:f3:65:81:da:b9:
bb:9e:40:c6:53:23:6a:75:cf:56:09:de:ff:ec:fe:89:68:c8:
14:c1:2d:0d:57:4b:8e:11:8e:8c:26:2f:40:b7:0b:e5:30:1b:
d4:15:a6:95:f3:ef:c3:78:d0:9d:3f:c3:72:4b:3a:51:4e:5a:
77:30:ac:61:71:b3:ed:d9:5e:2c:6f:f3:ab:e7:f0:d8:19:14:
e4:74:a2:6c:9b:b1:2d:25:92:b5:7b:1e:b6:d3:ea:ee:08:05:
5c:d3:c8:f9:8a:eb:9a:c8:4d:58:14:07:b3:76:a4:73:1a:93:
fe:be:62:df:ba:8f:a8:a2:21:08:e1:72:fe:41:2c:d4:2f:c9:
1a:f7:6e:33:a4:43:1c:4a:53:a4:35:f7:21:f5:3c:54:b6:66:
29:27:fe:31
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZZp038i29MkDkW3r7qtpd58MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1OWVmZTZlZjk3NzI4YTQyODJhZTJjN2IwNWEyNDA1MDY1
NzFmMWMwHhcNMjUwNDI0MjIwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODYzZDUwNjg0NDRmYTUxZWFmZjdiYTZkMTZlOGI0NWFlZDQ4YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp35woIpSVU9lnAw+zxsPqxt67HJf
ay83oGXVg/6fanKEsXqtuoxwaigg4QNI+VHCAKzclcamZGL8qEl2K10L/o6+b6aX
qcjtpK5ld/H6t5FdO+4LCJYvcz0TVaEaDbAGu0uryjMbfYYWZgHRGkXGNVYs6Ppe
cAU2GCyMhwYKDPF8Bj9Hd+1X2eXNbH3Omk6d+pnhE3TjYIGsqX26+vgstM8Ch39Z
RxQ9mkkuIV2yf2l6Cq+KkRaK5hl6loFrf3AXr03ktQ0+EPL03YKP34VmOoNh3Ar5
9HkpY6wVd/lKtM5bcYi2Ouqg2KYuFyJ6rA5qVSc0Vjv7XuCm5AEhc3uEiwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFDhj1QaERPpR6v97ptFui0Wu1IpeMB8GA1UdIwQY
MBaAFJWe/m75dyikKCrix7BaJAUGVx8cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUt
YTA5MjY2YmI0ZDhjLzEvT0dQVkJvUkUtbEhxXzN1bTBXNkxSYTdVaWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YzFlNDktN2RkMS00NDhkLTg4MTUtYTA5MjY2YmI0ZDhj
LzEvbFo3LWJ2bDNLS1FvS3VMSHNGb2tCUVpYSHh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEA1OICAME
A1ft4AMEArkLeAMEArkzzAMEArlSdAMEArls8AMEArmFVAMEALmkGDAMAwQBuaQa
AwQBuaQcAwQAuaQfMAwDBAK5y2wDBAC5y24wDAMEArnOHAMEALnOHgMEArnOhAME
ArnZCDANBgkqhkiG9w0BAQsFAAOCAQEAc46lWN2AH3x4bEDRcP6eh8buHbKX27hl
gUsPWUhCXGn921sQx/n2UoOR+clUcWNSO+zel6V0iOrgxEr+gtWFcbLhpSjkfATy
qMMUQVx3G+QfFy8kt8NVnP/RGs0fH1tBRLhM8ckd1/Nlgdq5u55AxlMjanXPVgne
/+z+iWjIFMEtDVdLjhGOjCYvQLcL5TAb1BWmlfPvw3jQnT/Dcks6UU5adzCsYXGz
7dleLG/zq+fw2BkU5HSibJuxLSWStXsettPq7ggFXNPI+YrrmshNWBQHs3akcxqT
/r5i37qPqKIhCOFy/kEs1C/JGvduM6RDHEpTpDX3IfU8VLZmKSf+MQ==
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:25:09 2025 by rpki-client