Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3oBCcLmO6O3LNUVkwwjC41W_1Js.roa
File: 3oBCcLmO6O3LNUVkwwjC41W_1Js.roa (raw, json)
Hash identifier: S7MsQ1R9KP6uPbmSmdyJoGkRVZx2vBj0BYm1G1xqRJo=
Subject key identifier: DE:80:42:70:B9:8E:E8:ED:CB:35:45:64:C3:08:C2:E3:55:BF:D4:9B
Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Certificate serial: 0198507163A5E8239789116E149F5D40439C
Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3oBCcLmO6O3LNUVkwwjC41W_1Js.roa
Signing time: Mon 28 Jul 2025 09:51:05 +0000
ROA not before: Mon 28 Jul 2025 09:51:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47638
IP address blocks: 91.235.56.0/22 maxlen: 24
149.255.168.0/21 maxlen: 24
185.46.200.0/22 maxlen: 24
185.66.204.0/22 maxlen: 24
185.66.205.0/24 maxlen: 24
185.66.206.0/24 maxlen: 24
185.149.208.0/24 maxlen: 24
185.149.209.0/24 maxlen: 24
185.149.210.0/23 maxlen: 24
185.161.132.0/22 maxlen: 24
192.175.40.0/22 maxlen: 24
194.0.116.0/22 maxlen: 24
2a04:1840::/29 maxlen: 48
2a0b:8640::/29 maxlen: 48
2a0f:cd40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:71:63:a5:e8:23:97:89:11:6e:14:9f:5d:40:43:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f
Validity
Not Before: Jul 28 09:51:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de804270b98ee8edcb354564c308c2e355bfd49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6b:83:6b:d7:54:bb:f9:32:9b:e0:eb:74:a7:
d5:54:1b:35:6f:89:41:8d:50:88:3f:cb:a4:bd:52:
80:e8:02:00:f4:53:be:3f:f9:4a:9a:df:06:cb:3e:
61:6a:10:91:47:03:01:8b:4f:4c:83:ae:2a:82:b7:
ab:65:6e:35:52:1c:06:16:b7:ba:81:d9:74:cd:89:
38:d7:69:2e:c6:b5:82:1d:4b:65:2b:75:d4:ee:58:
16:47:b1:6f:8e:03:8d:52:70:3a:f4:89:89:02:21:
7e:14:58:34:39:09:46:12:e2:6c:3c:91:a8:55:a1:
44:aa:12:f3:e4:29:03:56:12:c8:dd:03:27:e6:e6:
5f:89:39:5f:22:54:56:e2:03:28:93:33:2c:e3:9b:
83:c7:c6:d0:2b:ec:74:04:53:bb:61:5a:4b:82:16:
0b:30:b7:da:3f:0a:18:fe:be:9e:e0:a7:4b:f2:2f:
64:40:43:b0:6c:9a:ba:1e:ab:c0:cc:16:56:bd:3d:
d8:1a:2b:4a:25:b7:c4:f2:da:96:51:d4:78:7b:66:
ec:4d:a0:2f:a7:64:a8:c5:2d:a3:4a:a2:0b:6a:8c:
f9:b8:c0:7e:77:49:f7:69:23:91:7a:27:58:f9:50:
51:2e:b3:69:91:20:96:2e:4e:64:67:c9:c4:40:25:
ce:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:80:42:70:B9:8E:E8:ED:CB:35:45:64:C3:08:C2:E3:55:BF:D4:9B
X509v3 Authority Key Identifier:
keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3oBCcLmO6O3LNUVkwwjC41W_1Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.56.0/22
149.255.168.0/21
185.46.200.0/22
185.66.204.0/22
185.149.208.0/22
185.161.132.0/22
192.175.40.0/22
194.0.116.0/22
IPv6:
2a04:1840::/29
2a0b:8640::/29
2a0f:cd40::/29
Signature Algorithm: sha256WithRSAEncryption
7a:26:9e:49:14:b1:31:8a:3a:b0:4a:60:cc:49:7a:fb:47:36:
2e:75:10:b9:52:29:1f:8a:04:1d:ed:b6:1c:a6:aa:c1:a3:24:
1c:28:ac:fe:7d:e3:74:85:59:09:f2:fe:5d:e1:60:6c:8e:c1:
9d:ac:bf:03:2d:50:fe:4c:98:f5:7f:45:7f:b5:6b:ac:1a:67:
02:33:cd:4e:90:eb:3c:11:e5:4f:7a:8d:f9:04:ae:ed:9c:f2:
74:9b:5a:9a:ae:f9:d3:3a:85:2b:01:6e:6b:29:f0:20:96:e9:
2e:4b:fe:c0:94:53:13:12:a9:f7:34:0f:a7:cc:7e:46:e9:14:
01:8b:a2:58:41:ad:aa:85:f9:f2:69:e3:b1:e9:bd:0b:fa:58:
d4:a1:90:b6:b3:ac:96:9c:54:39:c1:d6:00:7c:6e:50:98:00:
af:bf:e7:84:95:04:70:b8:3f:26:fe:aa:99:ff:ff:d2:e7:db:
84:40:d0:ae:78:55:3a:5f:21:b1:fe:92:9d:a2:3b:38:f8:a8:
d3:76:10:82:82:72:82:1b:4a:0c:53:40:6e:4f:10:10:85:a4:
cc:63:8d:c8:1c:94:53:69:5e:e0:df:b2:4a:68:db:81:fa:ac:
99:c2:f0:2f:37:f0:23:8f:7d:ea:ac:dc:f1:ac:e8:96:ca:16:
a5:64:c4:45
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZhQcWOl6COXiRFuFJ9dQEOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj
NTQ1NWYwHhcNMjUwNzI4MDk1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTgwNDI3MGI5OGVlOGVkY2IzNTQ1NjRjMzA4YzJlMzU1YmZkNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GuDa9dUu/kym+DrdKfVVBs1b4lB
jVCIP8ukvVKA6AIA9FO+P/lKmt8Gyz5hahCRRwMBi09Mg64qgrerZW41UhwGFre6
gdl0zYk412kuxrWCHUtlK3XU7lgWR7FvjgONUnA69ImJAiF+FFg0OQlGEuJsPJGo
VaFEqhLz5CkDVhLI3QMn5uZfiTlfIlRW4gMokzMs45uDx8bQK+x0BFO7YVpLghYL
MLfaPwoY/r6e4KdL8i9kQEOwbJq6HqvAzBZWvT3YGitKJbfE8tqWUdR4e2bsTaAv
p2SoxS2jSqILaoz5uMB+d0n3aSOReidY+VBRLrNpkSCWLk5kZ8nEQCXOVQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFN6AQnC5jujtyzVFZMMIwuNVv9SbMB8GA1UdIwQY
MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt
NjIwOThkMWVjMWU2LzEvM29CQ2NMbU82TzNMTlVWa3d3akM0MVdfMUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2
LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA2BAIAATAwAwQCW+s4AwQD
lf+oAwQCuS7IAwQCuULMAwQCuZXQAwQCuaGEAwQCwK8oAwQCwgB0MBsEAgACMBUD
BQMqBBhAAwUDKguGQAMFAyoPzUAwDQYJKoZIhvcNAQELBQADggEBAHomnkkUsTGK
OrBKYMxJevtHNi51ELlSKR+KBB3tthymqsGjJBworP5943SFWQny/l3hYGyOwZ2s
vwMtUP5MmPV/RX+1a6waZwIzzU6Q6zwR5U96jfkEru2c8nSbWpqu+dM6hSsBbmsp
8CCW6S5L/sCUUxMSqfc0D6fMfkbpFAGLolhBraqF+fJp47HpvQv6WNShkLazrJac
VDnB1gB8blCYAK+/54SVBHC4Pyb+qpn//9Ln24RA0K54VTpfIbH+kp2iOzj4qNN2
EIKCcoIbSgxTQG5PEBCFpMxjjcgclFNpXuDfskpo24H6rJnC8C838COPfeqs3PGs
6JbKFqVkxEU=
-----END CERTIFICATE-----
Generated at Thu Aug 7 14:50:21 2025 by rpki-client