Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/OH_TFxB8Adh_MWI_JWnXBMovO0U.roa
File: OH_TFxB8Adh_MWI_JWnXBMovO0U.roa (raw, json)
Hash identifier: aa9DOmgpUfY05KEdouKC2X7Phd/w+IPtGM5tRzHgBHw=
Subject key identifier: 38:7F:D3:17:10:7C:01:D8:7F:31:62:3F:25:69:D7:04:CA:2F:3B:45
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01966BFD64141C6B2E391A1A3B6B99D4E876
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/OH_TFxB8Adh_MWI_JWnXBMovO0U.roa
Signing time: Fri 25 Apr 2025 08:08:10 +0000
ROA not before: Fri 25 Apr 2025 08:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61976
IP address blocks: 79.141.64.0/20 maxlen: 24
79.141.64.0/24 maxlen: 24
79.141.65.0/24 maxlen: 24
79.141.66.0/24 maxlen: 24
92.255.62.0/23 maxlen: 24
185.42.164.0/22 maxlen: 24
185.193.90.0/23 maxlen: 24
2a00:ab00:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:fd:64:14:1c:6b:2e:39:1a:1a:3b:6b:99:d4:e8:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Apr 25 08:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=387fd317107c01d87f31623f2569d704ca2f3b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9e:0c:ae:d3:23:33:a8:51:ca:2c:ef:b0:39:
aa:78:cd:7b:08:47:3f:24:89:62:a9:06:1a:3d:a7:
ce:ec:67:ba:90:80:f0:e2:37:f4:5a:4f:51:f4:da:
ad:0f:83:37:64:f5:eb:28:ca:ef:6b:5d:99:87:23:
bb:04:3a:8d:a3:2e:fd:f0:66:f3:01:d3:f0:2f:6e:
76:b8:5a:4a:8b:cd:eb:1d:b3:76:be:c4:fe:76:2b:
4f:8a:60:69:e0:81:74:86:ae:fd:ac:d6:6f:e2:d6:
d1:0d:39:01:8e:c1:fc:38:18:f6:c2:d2:48:0b:52:
e1:ba:cd:f6:36:56:bf:5d:a4:af:90:66:d5:6f:e3:
43:65:ce:bc:70:e4:bf:aa:01:c6:04:98:7f:82:03:
aa:e5:60:f1:2b:7c:89:c7:2f:f0:5d:52:8e:89:24:
e5:97:25:33:7e:f1:61:9c:3b:2f:22:47:4f:d0:f5:
a9:7f:04:1e:fd:5d:b1:dc:40:20:0b:60:90:6a:54:
3b:d3:03:b1:1a:34:2e:b6:cf:90:b7:5a:40:31:40:
39:ac:ff:d6:39:7f:c5:78:14:e3:94:a2:35:e9:93:
7d:4f:04:28:3d:b5:e7:f7:93:08:d0:67:f5:b5:a6:
4d:36:ea:fe:25:24:ad:c9:44:6d:18:72:3f:02:9d:
f2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:D3:17:10:7C:01:D8:7F:31:62:3F:25:69:D7:04:CA:2F:3B:45
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/OH_TFxB8Adh_MWI_JWnXBMovO0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.141.64.0/20
92.255.62.0/23
185.42.164.0/22
185.193.90.0/23
IPv6:
2a00:ab00:6000::/36
Signature Algorithm: sha256WithRSAEncryption
69:6d:1b:8d:6f:38:1b:02:07:a6:cd:b5:90:9d:78:53:2a:7c:
4d:a0:87:14:20:48:4f:76:52:f2:b4:47:eb:35:0d:b9:fa:c1:
17:95:2e:bd:0b:22:e5:12:69:ea:1f:8a:b5:b0:11:f3:81:e4:
11:3b:d9:1a:de:d9:8b:b3:d2:33:20:f6:5e:75:0f:00:63:54:
5b:22:cb:f1:81:41:cb:c0:15:09:e6:5a:d5:a5:19:cf:5d:72:
6e:bc:2d:5b:12:5f:e7:99:e1:b3:15:2c:c2:17:1f:f4:e8:39:
55:a6:72:ba:b1:a5:1f:a2:e8:f5:20:46:90:da:01:6c:19:13:
1b:a5:d1:f7:9f:f1:c9:b3:6e:b8:95:15:eb:b0:8e:47:df:17:
1f:30:a8:a3:fc:4a:6e:ed:7e:fd:45:fa:67:63:be:d6:f7:c7:
be:b1:21:e8:39:7c:24:9b:77:54:c4:d4:cb:ba:61:08:64:31:
e2:20:4d:33:e8:5b:ef:65:4a:70:40:a9:66:fb:0a:9d:1d:a6:
eb:b2:09:bf:8b:0f:7c:4f:80:16:36:94:cb:f3:ab:89:90:a8:
d7:58:2f:da:83:f2:9c:d4:d8:58:23:17:c5:70:84:7d:bc:3d:
30:75:1f:33:c1:61:11:5e:74:1c:82:f6:d1:18:f0:ec:8d:bf:
d2:fe:17:1c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZZr/WQUHGsuORoaO2uZ1Oh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjUwNDI1MDgwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdmZDMxNzEwN2MwMWQ4N2YzMTYyM2YyNTY5ZDcwNGNhMmYzYjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp4MrtMjM6hRyizvsDmqeM17CEc/
JIliqQYaPafO7Ge6kIDw4jf0Wk9R9NqtD4M3ZPXrKMrva12ZhyO7BDqNoy798Gbz
AdPwL252uFpKi83rHbN2vsT+ditPimBp4IF0hq79rNZv4tbRDTkBjsH8OBj2wtJI
C1Lhus32Nla/XaSvkGbVb+NDZc68cOS/qgHGBJh/ggOq5WDxK3yJxy/wXVKOiSTl
lyUzfvFhnDsvIkdP0PWpfwQe/V2x3EAgC2CQalQ70wOxGjQuts+Qt1pAMUA5rP/W
OX/FeBTjlKI16ZN9TwQoPbXn95MI0Gf1taZNNur+JSStyURtGHI/Ap3y1wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDh/0xcQfAHYfzFiPyVp1wTKLztFMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvT0hfVEZ4QjhBZGhfTVdJX0pXblhCTW92TzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQET41AAwQB
XP8+AwQCuSqkAwQBucFaMA4EAgACMAgDBgQqAKsAYDANBgkqhkiG9w0BAQsFAAOC
AQEAaW0bjW84GwIHps21kJ14Uyp8TaCHFCBIT3ZS8rRH6zUNufrBF5UuvQsi5RJp
6h+KtbAR84HkETvZGt7Zi7PSMyD2XnUPAGNUWyLL8YFBy8AVCeZa1aUZz11ybrwt
WxJf55nhsxUswhcf9Og5VaZyurGlH6Lo9SBGkNoBbBkTG6XR95/xybNuuJUV67CO
R98XHzCoo/xKbu1+/UX6Z2O+1vfHvrEh6Dl8JJt3VMTUy7phCGQx4iBNM+hb72VK
cECpZvsKnR2m67IJv4sPfE+AFjaUy/OriZCo11gv2oPynNTYWCMXxXCEfbw9MHUf
M8FhEV50HIL20Rjw7I2/0v4XHA==
-----END CERTIFICATE-----
Generated at Thu May 1 03:52:50 2025 by rpki-client