Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Ocqwri5MoNShcVTuA1PlAZ1psVw.roa
File: Ocqwri5MoNShcVTuA1PlAZ1psVw.roa (raw, json)
Hash identifier: 2dAWE34YWa83kIg6ldDSNaZUoKANWoo82zF5rLnPWCg=
Subject key identifier: 39:CA:B0:AE:2E:4C:A0:D4:A1:71:54:EE:03:53:E5:01:9D:69:B1:5C
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0198652C275D33DAE49E778389AD9CA9902A
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Ocqwri5MoNShcVTuA1PlAZ1psVw.roa
Signing time: Fri 01 Aug 2025 10:27:29 +0000
ROA not before: Fri 01 Aug 2025 10:27:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202766
IP address blocks: 45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/20 maxlen: 20
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/23 maxlen: 23
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
91.132.28.0/23 maxlen: 23
91.132.31.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.203.20.0/22 maxlen: 22
185.203.20.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
193.178.212.0/24 maxlen: 24
193.178.218.0/24 maxlen: 24
193.186.1.0/24 maxlen: 24
193.186.11.0/24 maxlen: 24
194.15.146.0/24 maxlen: 24
194.15.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 01:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:2c:27:5d:33:da:e4:9e:77:83:89:ad:9c:a9:90:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Aug 1 10:27:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39cab0ae2e4ca0d4a17154ee0353e5019d69b15c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:4c:91:0c:b9:3e:ae:56:b1:4d:ff:dc:02:a5:
11:1a:90:3a:b6:98:2e:27:09:0b:c8:92:99:1d:c9:
74:6a:f4:e4:08:16:14:43:39:86:1c:6f:bb:c7:ba:
de:04:95:24:65:d3:fd:50:56:56:1e:24:46:65:7d:
cb:2b:03:d8:ba:6f:07:cd:60:47:15:9b:ea:1f:45:
11:23:44:a2:b2:2c:d4:61:59:ad:e6:55:c1:9d:9a:
5e:bb:ef:09:40:39:ba:ac:74:95:25:10:05:0e:88:
7a:c8:35:0f:a8:62:ea:c5:5f:0b:23:b8:fd:32:9f:
12:83:7a:86:8e:cb:d5:dc:1a:ee:4a:ab:46:b5:b0:
d3:5e:86:f6:52:ce:f6:de:95:22:8f:16:74:c4:b2:
4e:6f:f9:12:27:80:5a:56:ec:07:47:55:3c:a4:dc:
a4:52:83:47:b6:31:e5:da:68:e7:b1:41:4b:4c:0e:
1c:9f:33:81:a9:0b:2a:7d:93:44:e2:c5:05:b5:22:
72:cf:e7:65:19:26:a0:49:0a:c6:82:8d:87:27:12:
24:2d:7f:08:db:a2:47:e6:4f:f0:d0:49:92:51:d1:
9a:de:63:2d:cb:3e:45:63:04:05:b0:df:23:c8:3e:
fa:94:cd:6a:0f:96:78:a3:9e:61:12:bb:c9:96:76:
9e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:CA:B0:AE:2E:4C:A0:D4:A1:71:54:EE:03:53:E5:01:9D:69:B1:5C
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Ocqwri5MoNShcVTuA1PlAZ1psVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.50.0/23
80.66.112.0/20
89.42.70.0/24
89.44.150.0/23
91.132.28.0/23
91.132.31.0/24
94.198.47.0/24
178.19.44.0/24
178.19.47.0/24
185.203.20.0/22
185.229.212.0/22
185.242.175.0/24
193.178.212.0/24
193.178.218.0/24
193.186.1.0/24
193.186.11.0/24
194.15.146.0/24
194.15.195.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:0b:e1:d7:7e:4c:e8:84:82:f3:be:89:23:bd:5d:95:b7:8f:
52:9e:80:3f:b2:ef:3f:60:d1:21:9a:78:0b:61:81:f8:fb:d3:
d0:f6:56:5c:71:de:5b:7e:90:66:f0:b2:40:85:7a:59:00:6a:
f1:84:a8:ef:1d:62:03:25:34:64:68:37:c7:10:24:5e:96:63:
99:2d:bd:b6:45:7b:4f:a7:f4:a4:da:39:bf:2e:48:97:33:5b:
6c:b3:01:be:01:db:3c:9c:e5:0b:b8:8e:dd:95:3a:37:e5:e6:
de:83:5f:eb:7f:ca:37:ef:c2:cf:eb:af:0e:7c:79:dc:13:d3:
06:b6:2a:ec:73:a7:6e:dc:d2:e8:a2:4b:f7:7e:3b:c3:8c:1b:
6b:6c:24:3d:7a:2c:d6:86:f1:d9:ac:7b:22:5d:af:84:fc:b7:
61:e2:fa:a3:c6:3f:ee:e0:32:63:81:79:00:98:0a:f2:eb:2a:
98:22:25:1c:94:76:17:ce:49:0a:7e:8d:d9:a7:42:4e:91:14:
06:ba:8b:b6:49:f1:8c:47:1b:f3:98:3f:7d:3d:6d:23:47:ac:
ba:a3:e4:7a:13:cd:06:99:ff:1e:cd:fb:0a:41:d0:ba:c5:5b:
22:e8:37:ec:e4:ee:67:f4:59:12:ed:f9:f5:b9:58:14:61:d5:
c9:c8:bf:ec
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZhlLCddM9rknneDia2cqZAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwODAxMTAyNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWNhYjBhZTJlNGNhMGQ0YTE3MTU0ZWUwMzUzZTUwMTlkNjliMTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0yRDLk+rlaxTf/cAqURGpA6tpgu
JwkLyJKZHcl0avTkCBYUQzmGHG+7x7reBJUkZdP9UFZWHiRGZX3LKwPYum8HzWBH
FZvqH0URI0SisizUYVmt5lXBnZpeu+8JQDm6rHSVJRAFDoh6yDUPqGLqxV8LI7j9
Mp8Sg3qGjsvV3BruSqtGtbDTXob2Us723pUijxZ0xLJOb/kSJ4BaVuwHR1U8pNyk
UoNHtjHl2mjnsUFLTA4cnzOBqQsqfZNE4sUFtSJyz+dlGSagSQrGgo2HJxIkLX8I
26JH5k/w0EmSUdGa3mMtyz5FYwQFsN8jyD76lM1qD5Z4o55hErvJlnaeDQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFDnKsK4uTKDUoXFU7gNT5QGdabFcMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvT2Nxd3JpNU1vTlNoY1ZUdUExUGxBWjFwc1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAS1TMgME
BFBCcAMEAFkqRgMEAVkslgMEAVuEHAMEAFuEHwMEAF7GLwMEALITLAMEALITLwME
ArnLFAMEArnl1AMEALnyrwMEAMGy1AMEAMGy2gMEAMG6AQMEAMG6CwMEAMIPkgME
AMIPwzANBgkqhkiG9w0BAQsFAAOCAQEAtQvh135M6ISC876JI71dlbePUp6AP7Lv
P2DRIZp4C2GB+PvT0PZWXHHeW36QZvCyQIV6WQBq8YSo7x1iAyU0ZGg3xxAkXpZj
mS29tkV7T6f0pNo5vy5IlzNbbLMBvgHbPJzlC7iO3ZU6N+Xm3oNf63/KN+/Cz+uv
Dnx53BPTBrYq7HOnbtzS6KJL9347w4wba2wkPXos1obx2ax7Il2vhPy3YeL6o8Y/
7uAyY4F5AJgK8usqmCIlHJR2F85JCn6N2adCTpEUBrqLtknxjEcb85g/fT1tI0es
uqPkehPNBpn/Hs37CkHQusVbIug37OTuZ/RZEu359blYFGHVyci/7A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:20:38 2025 by rpki-client