
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/OZJAkQeWPGiu0MMG4YGewg2oUhI.roa
File: OZJAkQeWPGiu0MMG4YGewg2oUhI.roa (raw, json)
Hash identifier: kvD4Jh7HATnFEhZqQFNvhTQZ3Ir8ynHCKw0hu3/CQds=
Subject key identifier: 39:92:40:91:07:96:3C:68:AE:D0:C3:06:E1:81:9E:C2:0D:A8:52:12
Certificate issuer: /CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Certificate serial: 01985627DA0F5E2579E10E5727221B3F1980
Authority key identifier: 0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/OZJAkQeWPGiu0MMG4YGewg2oUhI.roa
Signing time: Tue 29 Jul 2025 12:28:28 +0000
ROA not before: Tue 29 Jul 2025 12:28:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12540
IP address blocks: 212.64.160.0/19 maxlen: 19
212.64.160.0/24 maxlen: 24
212.64.161.0/24 maxlen: 24
212.64.162.0/24 maxlen: 24
212.64.163.0/24 maxlen: 24
212.64.164.0/24 maxlen: 24
212.64.165.0/24 maxlen: 24
212.64.166.0/24 maxlen: 24
212.64.167.0/24 maxlen: 24
212.64.168.0/24 maxlen: 24
212.64.169.0/24 maxlen: 24
212.64.170.0/24 maxlen: 24
212.64.171.0/24 maxlen: 24
212.64.172.0/24 maxlen: 24
212.64.173.0/24 maxlen: 24
212.64.174.0/24 maxlen: 24
212.64.175.0/24 maxlen: 24
212.64.176.0/24 maxlen: 24
212.64.177.0/24 maxlen: 24
212.64.178.0/24 maxlen: 24
212.64.179.0/24 maxlen: 24
212.64.180.0/24 maxlen: 24
212.64.181.0/24 maxlen: 24
212.64.182.0/24 maxlen: 24
212.64.183.0/24 maxlen: 24
212.64.184.0/24 maxlen: 24
212.64.185.0/24 maxlen: 24
212.64.186.0/24 maxlen: 24
212.64.187.0/24 maxlen: 24
212.64.188.0/24 maxlen: 24
212.64.189.0/24 maxlen: 24
212.64.190.0/24 maxlen: 24
212.64.191.0/24 maxlen: 24
2a0d:fc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:27:da:0f:5e:25:79:e1:0e:57:27:22:1b:3f:19:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4a861d7c14b4ca5e6d1c7d60aaeeb32ea8ef61
Validity
Not Before: Jul 29 12:28:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3992409107963c68aed0c306e1819ec20da85212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:12:84:d8:4b:30:aa:d1:8e:e1:88:98:89:be:
0f:d8:2a:ac:f8:a2:e6:ec:45:66:83:72:eb:66:45:
cc:5b:fb:79:0a:45:54:33:44:eb:ff:4a:cf:9e:95:
cc:af:8e:df:2b:b4:d1:12:c4:c7:b5:87:81:bd:1d:
b0:71:af:b4:a2:a1:db:8d:6e:b8:6d:f2:41:6d:aa:
fd:54:02:d6:c1:96:4a:ed:d6:01:3b:9d:b6:a9:72:
ef:15:69:ba:ee:bb:13:83:8d:27:c6:6d:45:6a:b4:
04:58:4c:a6:24:0c:dd:d2:36:d4:5d:ee:ac:54:5d:
e0:83:4d:53:7f:db:20:19:a4:5e:0e:06:db:38:d6:
b1:25:a9:b4:9e:75:86:6d:88:73:79:1f:47:bd:b6:
d1:39:27:d0:b6:de:3f:6a:6c:e6:91:57:74:7a:7f:
09:bf:14:05:0a:7a:60:21:66:d3:47:2f:fc:bd:3a:
b3:93:3d:08:74:d9:7a:34:17:e2:89:f5:c3:5b:ef:
9a:0a:ea:b3:33:7b:01:0c:f7:70:80:f3:d9:e6:61:
ec:e0:ae:5d:12:82:b0:3e:28:9e:12:21:66:c1:7a:
9d:bb:79:94:2c:73:c4:95:4e:89:98:e6:2f:b4:29:
ef:90:12:11:c2:a0:e9:6f:11:90:12:c4:41:79:b7:
54:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:92:40:91:07:96:3C:68:AE:D0:C3:06:E1:81:9E:C2:0D:A8:52:12
X509v3 Authority Key Identifier:
keyid:0A:4A:86:1D:7C:14:B4:CA:5E:6D:1C:7D:60:AA:EE:B3:2E:A8:EF:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkqGHXwUtMpebRx9YKrusy6o72E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/OZJAkQeWPGiu0MMG4YGewg2oUhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/e792b0-0f79-4fa2-a5cb-94dbf3fd0e2d/1/CkqGHXwUtMpebRx9YKrusy6o72E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.64.160.0/19
IPv6:
2a0d:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
62:d5:54:0e:da:96:93:3d:19:ae:af:a7:9e:e8:1a:93:b8:70:
97:87:53:35:38:59:7e:61:3b:f5:9a:b7:69:f7:d5:fa:5e:34:
8f:1b:92:94:1a:83:c8:ba:a3:09:97:76:be:25:97:29:b1:f5:
ae:91:7f:be:c3:2d:94:2c:95:79:2b:aa:f4:b1:bd:b2:c1:d8:
e4:47:5d:7f:19:3d:37:fb:33:50:d6:b6:e3:5f:50:73:ca:e5:
fc:07:6d:f4:0c:80:47:f9:83:af:19:c4:de:bd:89:07:0d:45:
c4:05:79:f0:be:8e:b2:6b:03:ee:2c:cf:35:3b:ca:c0:74:8e:
5a:0b:06:1c:f5:f7:7d:7a:2b:a9:16:ca:31:0c:78:72:03:90:
50:26:ba:d3:24:3e:7c:80:f6:68:71:ff:e0:89:86:cd:a1:a1:
24:77:be:91:0a:42:38:92:7d:62:8d:08:d7:64:e0:ba:3c:c3:
63:dc:da:fc:0f:a4:10:b4:d9:a9:5d:1f:ea:65:68:23:84:d4:
d7:5c:b6:75:82:9b:24:ee:a6:0e:c5:60:54:e5:24:e6:d0:70:
ce:59:cd:22:e8:1b:1b:b2:16:93:03:c6:22:e5:ae:a6:e6:ef:
ad:05:0d:0c:3f:75:ae:b7:9e:bb:b3:95:41:2e:85:71:ba:c6:
52:b9:17:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZhWJ9oPXiV54Q5XJyIbPxmAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGE4NjFkN2MxNGI0Y2E1ZTZkMWM3ZDYwYWFlZWIzMmVh
OGVmNjEwHhcNMjUwNzI5MTIyODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTkyNDA5MTA3OTYzYzY4YWVkMGMzMDZlMTgxOWVjMjBkYTg1MjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBKE2EswqtGO4YiYib4P2Cqs+KLm
7EVmg3LrZkXMW/t5CkVUM0Tr/0rPnpXMr47fK7TREsTHtYeBvR2wca+0oqHbjW64
bfJBbar9VALWwZZK7dYBO522qXLvFWm67rsTg40nxm1FarQEWEymJAzd0jbUXe6s
VF3gg01Tf9sgGaReDgbbONaxJam0nnWGbYhzeR9HvbbROSfQtt4/amzmkVd0en8J
vxQFCnpgIWbTRy/8vTqzkz0IdNl6NBfiifXDW++aCuqzM3sBDPdwgPPZ5mHs4K5d
EoKwPiieEiFmwXqdu3mULHPElU6JmOYvtCnvkBIRwqDpbxGQEsRBebdUiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDmSQJEHljxortDDBuGBnsINqFISMB8GA1UdIwQY
MBaAFApKhh18FLTKXm0cfWCq7rMuqO9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2It
OTRkYmYzZmQwZTJkLzEvT1pKQWtRZVdQR2l1ME1NRzRZR2V3ZzJvVWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My9lNzkyYjAtMGY3OS00ZmEyLWE1Y2ItOTRkYmYzZmQwZTJk
LzEvQ2txR0hYd1V0TXBlYlJ4OVlLcnVzeTZvNzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1ECgMA0E
AgACMAcDBQMqDQ/AMA0GCSqGSIb3DQEBCwUAA4IBAQBi1VQO2paTPRmur6ee6BqT
uHCXh1M1OFl+YTv1mrdp99X6XjSPG5KUGoPIuqMJl3a+JZcpsfWukX++wy2ULJV5
K6r0sb2ywdjkR11/GT03+zNQ1rbjX1BzyuX8B230DIBH+YOvGcTevYkHDUXEBXnw
vo6yawPuLM81O8rAdI5aCwYc9fd9eiupFsoxDHhyA5BQJrrTJD58gPZocf/giYbN
oaEkd76RCkI4kn1ijQjXZOC6PMNj3Nr8D6QQtNmpXR/qZWgjhNTXXLZ1gpsk7qYO
xWBU5STm0HDOWc0i6BsbshaTA8Yi5a6m5u+tBQ0MP3Wut567s5VBLoVxusZSuRfL
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:04:14 2025 by rpki-client