Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oJxKZo4agwGsaNPjM2jUfixfjt0.roa
File: oJxKZo4agwGsaNPjM2jUfixfjt0.roa (raw, json)
Hash identifier: S0tm3SBDEvwHhq22vptDgM4iqTn1mdaAwh5ePPrJI9c=
Subject key identifier: A0:9C:4A:66:8E:1A:83:01:AC:68:D3:E3:33:68:D4:7E:2C:5F:8E:DD
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 0198896CB407CD19C73E8E32689BA1759D0C
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oJxKZo4agwGsaNPjM2jUfixfjt0.roa
Signing time: Fri 08 Aug 2025 11:24:19 +0000
ROA not before: Fri 08 Aug 2025 11:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12325
IP address blocks: 46.102.191.0/24 maxlen: 24
89.40.204.0/24 maxlen: 24
89.40.233.0/24 maxlen: 24
94.176.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:6c:b4:07:cd:19:c7:3e:8e:32:68:9b:a1:75:9d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Aug 8 11:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a09c4a668e1a8301ac68d3e33368d47e2c5f8edd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:e4:74:a1:b6:47:54:7b:0b:8a:a1:68:eb:
7c:28:73:6f:4a:d6:e1:f0:ab:8c:78:7d:13:9e:5c:
04:8a:49:be:ed:f1:85:26:76:a0:44:83:bb:26:13:
ea:78:39:c1:9a:2d:35:26:47:6a:4e:ef:eb:8a:3e:
cb:6e:d6:bd:cd:4a:5f:e9:d9:fc:ac:c8:32:ee:9c:
6a:30:ad:cb:74:da:1d:93:69:7e:59:09:f4:93:91:
bf:a0:5f:15:4d:27:86:08:5e:0c:0e:34:ac:23:bc:
98:06:59:a3:71:c4:80:ef:88:21:a0:12:47:f3:ff:
98:b1:9a:e9:f3:25:9b:4c:5d:38:bd:ad:a8:02:bf:
e9:80:0b:8e:28:06:fb:94:96:96:0a:77:da:ae:21:
2e:a8:0f:db:08:0f:44:7a:9d:2e:75:00:33:06:5b:
a4:32:56:14:c8:e7:24:a5:96:13:94:15:d3:3f:5c:
98:92:f8:53:86:d0:c5:29:b7:62:53:a0:2d:a5:79:
61:9f:a8:d0:ea:ff:8d:9f:6d:f3:35:7b:03:63:8e:
81:d6:15:42:1c:eb:d4:14:fc:71:3a:f8:2e:87:85:
3d:7c:1d:a2:f0:82:2d:a5:5c:70:d6:af:9e:cd:b5:
3e:32:2e:42:00:bc:e8:4a:6f:d8:34:20:43:df:90:
32:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9C:4A:66:8E:1A:83:01:AC:68:D3:E3:33:68:D4:7E:2C:5F:8E:DD
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/oJxKZo4agwGsaNPjM2jUfixfjt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.191.0/24
89.40.204.0/24
89.40.233.0/24
94.176.3.0/24
Signature Algorithm: sha256WithRSAEncryption
e7:3c:7c:40:23:5c:c6:57:58:6d:5a:41:5c:34:93:7c:c2:fc:
89:6f:b7:e6:9c:c6:1c:1d:93:93:18:38:4c:db:57:03:e4:c5:
1b:b9:0f:33:46:45:2f:9d:37:b6:fe:3e:e7:7d:67:bd:77:e5:
38:b4:47:5e:56:08:c1:b6:7b:ee:66:c8:ae:bf:14:50:f7:74:
91:3e:08:64:86:06:54:1b:c8:20:51:a6:46:12:9d:c6:d6:af:
94:e6:db:e5:45:46:3d:af:a1:d8:51:c2:5d:14:79:3d:3a:5b:
3b:e0:e4:74:65:24:35:10:b5:c4:29:c9:2c:ff:47:90:58:70:
30:1d:c9:a4:73:f1:86:f8:9c:9e:75:44:94:c9:36:54:2e:81:
cc:3e:57:07:d0:c6:48:a8:41:08:ba:fc:f4:78:40:a1:05:84:
57:9b:40:77:eb:76:99:84:51:69:b6:58:f6:21:cb:7f:b7:01:
55:2c:43:48:c6:b3:83:b3:59:01:4a:c7:7f:da:6e:49:81:64:
0b:26:cc:d8:b4:8a:a1:c9:68:c1:3b:49:f0:e2:f6:f4:4e:66:
1d:2d:bd:ed:db:fe:23:bb:6f:64:dc:95:ff:51:31:58:d2:16:
64:68:bb:9a:c3:5a:d0:75:ce:53:02:a0:ba:9a:ad:2f:a6:51:
69:45:3c:de
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZiJbLQHzRnHPo4yaJuhdZ0MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwODA4MTEyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDljNGE2NjhlMWE4MzAxYWM2OGQzZTMzMzY4ZDQ3ZTJjNWY4ZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvDkdKG2R1R7C4qhaOt8KHNvStbh
8KuMeH0TnlwEikm+7fGFJnagRIO7JhPqeDnBmi01JkdqTu/rij7Lbta9zUpf6dn8
rMgy7pxqMK3LdNodk2l+WQn0k5G/oF8VTSeGCF4MDjSsI7yYBlmjccSA74ghoBJH
8/+YsZrp8yWbTF04va2oAr/pgAuOKAb7lJaWCnfariEuqA/bCA9Eep0udQAzBluk
MlYUyOckpZYTlBXTP1yYkvhThtDFKbdiU6AtpXlhn6jQ6v+Nn23zNXsDY46B1hVC
HOvUFPxxOvguh4U9fB2i8IItpVxw1q+ezbU+Mi5CALzoSm/YNCBD35AylQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKCcSmaOGoMBrGjT4zNo1H4sX47dMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL29KeEtabzRhZ3dHc2FOUGpNMmpVZml4Zmp0MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAuZr8D
BABZKMwDBABZKOkDBABesAMwDQYJKoZIhvcNAQELBQADggEBAOc8fEAjXMZXWG1a
QVw0k3zC/Ilvt+acxhwdk5MYOEzbVwPkxRu5DzNGRS+dN7b+Pud9Z7135Ti0R15W
CMG2e+5myK6/FFD3dJE+CGSGBlQbyCBRpkYSncbWr5Tm2+VFRj2vodhRwl0UeT06
Wzvg5HRlJDUQtcQpySz/R5BYcDAdyaRz8Yb4nJ51RJTJNlQugcw+VwfQxkioQQi6
/PR4QKEFhFebQHfrdpmEUWm2WPYhy3+3AVUsQ0jGs4OzWQFKx3/abkmBZAsmzNi0
iqHJaME7SfDi9vROZh0tve3b/iO7b2Tclf9RMVjSFmRou5rDWtB1zlMCoLqarS+m
UWlFPN4=
-----END CERTIFICATE-----
Generated at Wed Aug 13 05:56:54 2025 by rpki-client