Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/oviWOpLT1qa_QlvcF06kxF1PsAE.roa
File: oviWOpLT1qa_QlvcF06kxF1PsAE.roa (raw, json)
Hash identifier: 06h9FkxdcGuPtmnJPaSEvBV1beciLQDwC+dGunkQE1I=
Subject key identifier: A2:F8:96:3A:92:D3:D6:A6:BF:42:5B:DC:17:4E:A4:C4:5D:4F:B0:01
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 01984C004DDA6697C6489ECE0E6F3AF900BA
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/oviWOpLT1qa_QlvcF06kxF1PsAE.roa
Signing time: Sun 27 Jul 2025 13:09:05 +0000
ROA not before: Sun 27 Jul 2025 13:09:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213807
IP address blocks: 37.202.224.0/22 maxlen: 24
37.202.228.0/22 maxlen: 24
37.202.232.0/22 maxlen: 24
37.202.236.0/22 maxlen: 24
37.202.240.0/23 maxlen: 24
37.202.241.0/24 maxlen: 24
37.202.242.0/24 maxlen: 24
37.202.244.0/22 maxlen: 24
37.202.248.0/24 maxlen: 24
37.202.249.0/24 maxlen: 24
37.202.250.0/24 maxlen: 24
94.182.101.0/24 maxlen: 24
94.182.104.0/22 maxlen: 24
94.182.108.0/24 maxlen: 24
94.182.128.0/23 maxlen: 24
94.182.131.0/24 maxlen: 24
94.182.134.0/24 maxlen: 24
94.182.136.0/23 maxlen: 24
94.182.145.0/24 maxlen: 24
94.182.147.0/24 maxlen: 24
94.182.149.0/24 maxlen: 24
94.182.150.0/24 maxlen: 24
94.182.152.0/24 maxlen: 24
94.182.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 12:33:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4c:00:4d:da:66:97:c6:48:9e:ce:0e:6f:3a:f9:00:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jul 27 13:09:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2f8963a92d3d6a6bf425bdc174ea4c45d4fb001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:f0:4f:52:d0:06:ff:f7:cd:c3:c3:fb:49:
2a:6f:a8:93:f8:41:7c:e1:56:c4:bb:8d:e5:16:3a:
0a:a7:b9:8b:56:d3:e4:6e:cc:98:b9:8e:2d:d8:85:
1b:cc:06:2c:0f:a5:a7:3a:58:05:e9:c5:8f:4e:91:
01:f3:8c:00:f8:01:68:f8:95:eb:fd:91:c6:d3:c6:
4c:95:66:59:59:2e:78:33:97:7e:48:05:f4:56:d2:
e3:99:23:03:3e:ec:c2:4d:8c:ff:35:b8:4e:86:84:
57:37:2e:46:c1:6d:36:66:21:3e:e0:2c:4b:b1:64:
2b:cc:41:ca:f0:05:78:34:af:48:1d:4e:a4:71:69:
2e:96:21:41:75:d2:15:97:19:de:e7:37:15:26:ad:
e7:cb:45:fb:de:6f:4b:8f:b8:1a:96:bf:b4:fc:e8:
4c:ba:6b:db:c5:59:29:6b:b7:8f:de:63:d0:4d:4b:
66:0c:7f:f5:74:12:fe:ce:33:65:0b:a7:0e:6f:33:
f6:fe:a3:b6:ac:7a:f6:cd:83:a0:51:68:ae:25:9a:
9c:38:b0:c7:ba:c8:40:2e:0c:49:a5:77:42:64:ca:
90:42:f7:75:b6:ca:70:e9:95:e3:15:4b:2d:17:93:
e7:da:89:5b:d9:49:a0:2f:9b:54:35:1f:80:1c:f8:
4f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F8:96:3A:92:D3:D6:A6:BF:42:5B:DC:17:4E:A4:C4:5D:4F:B0:01
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/oviWOpLT1qa_QlvcF06kxF1PsAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.224.0-37.202.242.255
37.202.244.0-37.202.250.255
94.182.101.0/24
94.182.104.0-94.182.108.255
94.182.128.0/23
94.182.131.0/24
94.182.134.0/24
94.182.136.0/23
94.182.145.0/24
94.182.147.0/24
94.182.149.0-94.182.150.255
94.182.152.0/24
94.182.223.0/24
Signature Algorithm: sha256WithRSAEncryption
78:f1:40:a6:d0:d1:78:ce:5d:81:02:f1:39:1c:a0:48:54:28:
d4:fb:7d:02:1b:61:41:6b:57:81:25:8a:1b:12:8a:63:17:31:
b8:67:07:3b:6a:d0:e0:e1:2b:6b:58:0d:bd:90:f2:d1:1c:3d:
0c:1d:31:50:bf:c6:db:54:28:d6:d8:18:71:c4:1d:a8:9d:3a:
83:65:ea:4d:8c:e7:d1:d4:aa:a1:11:54:25:7d:8a:36:f4:b8:
35:81:4b:f0:16:fa:f6:e3:fc:23:99:af:39:7d:a7:cd:74:93:
71:c0:ca:b4:00:2c:5c:6f:3b:f1:60:68:83:0c:c4:54:1c:55:
b9:8a:95:8c:c0:a8:f2:65:ca:17:f0:12:a6:5c:2a:66:5b:28:
db:27:9d:b5:fb:ac:a3:58:e9:a6:f5:31:85:34:72:cc:a1:d8:
d2:e1:5b:a4:b5:86:fa:51:64:77:90:b1:f7:e8:79:dd:1c:d1:
f5:5d:9f:3d:bf:29:08:48:52:9e:ed:91:21:33:49:20:fa:6e:
2c:36:64:ce:fa:a9:22:a4:38:bb:fe:6f:72:b3:13:ef:26:aa:
a2:4b:3a:cc:1d:a2:85:04:52:97:2c:27:97:54:95:2c:43:a7:
3e:00:39:81:87:a7:98:9c:70:0d:e3:c6:44:cd:ef:33:31:a3:
d5:69:e9:c6
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZhMAE3aZpfGSJ7ODm86+QC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNzI3MTMwOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmY4OTYzYTkyZDNkNmE2YmY0MjViZGMxNzRlYTRjNDVkNGZiMDAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunLwT1LQBv/3zcPD+0kqb6iT+EF8
4VbEu43lFjoKp7mLVtPkbsyYuY4t2IUbzAYsD6WnOlgF6cWPTpEB84wA+AFo+JXr
/ZHG08ZMlWZZWS54M5d+SAX0VtLjmSMDPuzCTYz/NbhOhoRXNy5GwW02ZiE+4CxL
sWQrzEHK8AV4NK9IHU6kcWkuliFBddIVlxne5zcVJq3ny0X73m9Lj7galr+0/OhM
umvbxVkpa7eP3mPQTUtmDH/1dBL+zjNlC6cObzP2/qO2rHr2zYOgUWiuJZqcOLDH
ushALgxJpXdCZMqQQvd1tspw6ZXjFUstF5Pn2olb2UmgL5tUNR+AHPhPywIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFKL4ljqS09amv0Jb3BdOpMRdT7ABMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvb3ZpV09wTFQxcWFfUWx2Y0YwNmt4RjFQc0FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbjAMAwQFJcrg
AwQAJcryMAwDBAIlyvQDBAAlyvoDBABetmUwDAMEA162aAMEAF62bAMEAV62gAME
AF62gwMEAF62hgMEAV62iAMEAF62kQMEAF62kzAMAwQAXraVAwQAXraWAwQAXraY
AwQAXrbfMA0GCSqGSIb3DQEBCwUAA4IBAQB48UCm0NF4zl2BAvE5HKBIVCjU+30C
G2FBa1eBJYobEopjFzG4Zwc7atDg4StrWA29kPLRHD0MHTFQv8bbVCjW2BhxxB2o
nTqDZepNjOfR1KqhEVQlfYo29Lg1gUvwFvr24/wjma85fafNdJNxwMq0ACxcbzvx
YGiDDMRUHFW5ipWMwKjyZcoX8BKmXCpmWyjbJ521+6yjWOmm9TGFNHLModjS4Vuk
tYb6UWR3kLH36HndHNH1XZ89vykISFKe7ZEhM0kg+m4sNmTO+qkipDi7/m9ysxPv
JqqiSzrMHaKFBFKXLCeXVJUsQ6c+ADmBh6eYnHAN48ZEze8zMaPVaenG
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:29:17 2025 by rpki-client