Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/ogSoMdhdAk8uFwcOj4t323bCuLA.roa
File: ogSoMdhdAk8uFwcOj4t323bCuLA.roa (raw, json)
Hash identifier: 6Rc+OF5CJCx6tSX2U3Orec6EhmGDrr319Qj50sk2tYA=
Subject key identifier: A2:04:A8:31:D8:5D:02:4F:2E:17:07:0E:8F:8B:77:DB:76:C2:B8:B0
Certificate issuer: /CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Certificate serial: 019A4EAC0F5F41EFA12DC2EB14C27BF7997C
Authority key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/ogSoMdhdAk8uFwcOj4t323bCuLA.roa
Signing time: Tue 04 Nov 2025 11:41:30 +0000
ROA not before: Tue 04 Nov 2025 11:41:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25441
IP address blocks: 62.231.32.0/19 maxlen: 19
78.135.128.0/17 maxlen: 17
78.135.208.0/21 maxlen: 21
78.135.216.0/21 maxlen: 21
78.135.224.0/21 maxlen: 21
78.135.232.0/21 maxlen: 21
78.135.240.0/21 maxlen: 21
78.135.248.0/21 maxlen: 21
83.141.64.0/18 maxlen: 18
85.134.128.0/17 maxlen: 17
85.134.128.0/21 maxlen: 21
85.134.136.0/21 maxlen: 21
85.134.144.0/21 maxlen: 21
85.134.152.0/21 maxlen: 21
85.134.160.0/21 maxlen: 21
85.134.168.0/21 maxlen: 21
85.134.176.0/21 maxlen: 21
85.134.184.0/21 maxlen: 21
85.134.192.0/21 maxlen: 21
85.134.200.0/21 maxlen: 21
85.134.208.0/21 maxlen: 21
85.134.216.0/21 maxlen: 21
85.134.224.0/21 maxlen: 21
85.134.232.0/21 maxlen: 21
85.134.240.0/21 maxlen: 21
85.134.248.0/21 maxlen: 21
87.192.0.0/18 maxlen: 18
87.192.64.0/20 maxlen: 20
87.192.82.0/23 maxlen: 23
87.192.84.0/22 maxlen: 22
87.192.192.0/20 maxlen: 20
87.192.216.0/22 maxlen: 22
87.192.222.0/23 maxlen: 23
87.232.0.0/19 maxlen: 19
87.232.192.0/24 maxlen: 24
87.232.194.0/23 maxlen: 23
87.232.196.0/22 maxlen: 22
87.232.225.0/24 maxlen: 24
87.232.228.0/22 maxlen: 22
89.124.0.0/24 maxlen: 24
89.124.128.0/18 maxlen: 18
89.124.192.0/19 maxlen: 19
89.124.224.0/20 maxlen: 20
89.124.245.0/24 maxlen: 24
89.126.0.0/22 maxlen: 22
89.126.4.0/22 maxlen: 22
89.126.8.0/22 maxlen: 22
89.126.12.0/22 maxlen: 22
89.126.16.0/22 maxlen: 22
89.126.20.0/22 maxlen: 22
89.126.24.0/22 maxlen: 22
89.126.28.0/22 maxlen: 22
89.127.0.0/17 maxlen: 17
89.127.128.0/18 maxlen: 18
89.127.192.0/19 maxlen: 19
89.127.224.0/20 maxlen: 20
89.127.240.0/21 maxlen: 21
89.127.248.0/22 maxlen: 22
89.127.254.0/23 maxlen: 23
185.247.52.0/22 maxlen: 22
2001:4d68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:ac:0f:5f:41:ef:a1:2d:c2:eb:14:c2:7b:f7:99:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Validity
Not Before: Nov 4 11:41:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a204a831d85d024f2e17070e8f8b77db76c2b8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:94:78:3d:24:a6:ff:ef:ff:14:f4:a3:3c:62:
de:70:97:3c:0c:a9:6f:17:14:54:f4:96:54:27:b5:
ea:c8:01:92:72:a8:db:44:58:17:d6:55:cc:11:79:
e3:ab:25:23:23:23:b6:24:9a:cf:e0:a7:6b:35:9c:
bc:46:6d:7b:f5:bb:b7:1b:74:45:0b:1b:f5:c0:5f:
3f:9d:de:2a:18:66:01:a7:9b:db:6a:24:a9:93:c0:
95:aa:bd:f4:38:29:09:a0:59:14:c0:2c:ad:4f:8b:
c3:ac:97:63:c5:79:24:aa:5f:dd:c8:7c:02:7b:29:
f2:c3:48:58:06:92:31:ed:05:8e:4a:6f:59:77:3a:
57:e6:46:af:c4:76:63:4d:16:e0:ad:74:60:ab:c0:
13:eb:62:0e:96:51:8c:79:65:ec:ff:32:af:db:01:
bb:7e:e7:84:06:71:a5:a0:28:50:9c:0d:d5:71:a4:
ad:b6:62:ce:1d:77:e7:b0:8b:f5:7d:f4:bb:ce:30:
ba:2d:29:f8:e8:3c:04:03:06:aa:eb:f9:7a:ac:22:
37:51:93:15:6b:cd:03:29:4a:7a:a8:49:26:fa:ad:
cc:7c:4e:72:18:d5:09:47:c3:92:82:6c:5d:73:9a:
7a:d2:ab:e0:96:63:4c:66:29:61:e2:04:ee:6e:62:
07:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:04:A8:31:D8:5D:02:4F:2E:17:07:0E:8F:8B:77:DB:76:C2:B8:B0
X509v3 Authority Key Identifier:
keyid:2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/ogSoMdhdAk8uFwcOj4t323bCuLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.82.0-87.192.87.255
87.192.192.0/20
87.192.216.0/22
87.192.222.0/23
87.232.0.0/19
87.232.192.0/24
87.232.194.0-87.232.199.255
87.232.225.0/24
87.232.228.0/22
89.124.0.0/24
89.124.128.0-89.124.239.255
89.124.245.0/24
89.126.0.0/19
89.127.0.0-89.127.251.255
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
Signature Algorithm: sha256WithRSAEncryption
61:87:3d:cf:34:50:01:53:ce:46:5e:99:e2:dc:e8:9a:bb:17:
85:8f:af:9a:d7:a3:67:db:71:63:99:ec:a1:49:e7:97:e2:b5:
9f:76:30:72:8a:26:a7:a9:7f:1a:30:d2:3f:f5:ed:f1:11:e5:
ce:80:f9:e0:f4:ed:7f:8b:89:f5:c9:a8:23:dc:c1:66:f8:5c:
3e:78:2e:53:85:fc:71:9f:e1:e4:6f:93:f6:39:d5:a8:db:d9:
a6:76:ca:47:2f:b1:e6:1b:f4:8d:8b:8a:48:31:42:d3:80:f4:
11:7d:c2:97:fc:01:6e:68:be:5d:75:c3:e9:06:ab:5e:16:03:
52:55:e1:1c:95:30:cc:81:10:a7:d1:9a:40:ba:d1:8e:9b:02:
f0:47:6c:38:77:e0:28:c3:cd:93:5f:a5:1e:0f:78:4d:b3:d4:
16:cf:b4:c7:14:f9:7d:b1:76:46:15:6c:17:e0:c5:fd:25:d4:
f0:b3:2a:fc:4c:d8:27:96:7c:87:e1:a3:75:55:70:a9:bf:0c:
84:68:f3:6d:af:2b:8d:4b:19:43:3c:28:a5:2c:9b:85:9a:91:
11:ab:62:81:98:84:0e:d7:b8:83:3d:59:b4:b7:ac:dc:5c:fe:
83:cf:16:08:6f:0e:a6:7e:5f:8d:de:32:ef:6e:33:40:68:82:
d3:3d:30:42
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZpOrA9fQe+hLcLrFMJ795l8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTFjZmQ3NTdmNTFmMmZlYjc0NTA5ZTljMzliZTQ2ODA2
YmU2NDIwHhcNMjUxMTA0MTE0MTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA0YTgzMWQ4NWQwMjRmMmUxNzA3MGU4ZjhiNzdkYjc2YzJiOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpR4PSSm/+//FPSjPGLecJc8DKlv
FxRU9JZUJ7XqyAGScqjbRFgX1lXMEXnjqyUjIyO2JJrP4KdrNZy8Rm179bu3G3RF
Cxv1wF8/nd4qGGYBp5vbaiSpk8CVqr30OCkJoFkUwCytT4vDrJdjxXkkql/dyHwC
eynyw0hYBpIx7QWOSm9ZdzpX5kavxHZjTRbgrXRgq8AT62IOllGMeWXs/zKv2wG7
fueEBnGloChQnA3VcaSttmLOHXfnsIv1ffS7zjC6LSn46DwEAwaq6/l6rCI3UZMV
a80DKUp6qEkm+q3MfE5yGNUJR8OSgmxdc5p60qvglmNMZilh4gTubmIHzQIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFKIEqDHYXQJPLhcHDo+Ld9t2wriwMB8GA1UdIwQY
MBaAFCuhz9dX9R8v63RQnpw5vkaAa+ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUt
NTc4OWRlNDI0YTQyLzEvb2dTb01kaGRBazh1RndjT2o0dDMyM2JDdUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUtNTc4OWRlNDI0YTQy
LzEvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTCBqwQCAAEwgaQDBAU+
5yADBAdOh4ADBAZTjUADBAdVhoAwCwMDBlfAAwQEV8BAMAwDBAFXwFIDBANXwFAD
BARXwMADBAJXwNgDBAFXwN4DBAVX6AADBABX6MAwDAMEAVfowgMEA1fowAMEAFfo
4QMEAlfo5AMEAFl8ADAMAwQHWXyAAwQEWXzgAwQAWXz1AwQFWX4AMAsDAwBZfwME
All/+AMEAVl//gMEArn3NDANBAIAAjAHAwUAIAFNaDANBgkqhkiG9w0BAQsFAAOC
AQEAYYc9zzRQAVPORl6Z4tzomrsXhY+vmtejZ9txY5nsoUnnl+K1n3Ywcoomp6l/
GjDSP/Xt8RHlzoD54PTtf4uJ9cmoI9zBZvhcPnguU4X8cZ/h5G+T9jnVqNvZpnbK
Ry+x5hv0jYuKSDFC04D0EX3Cl/wBbmi+XXXD6QarXhYDUlXhHJUwzIEQp9GaQLrR
jpsC8EdsOHfgKMPNk1+lHg94TbPUFs+0xxT5fbF2RhVsF+DF/SXU8LMq/EzYJ5Z8
h+GjdVVwqb8MhGjzba8rjUsZQzwopSybhZqREatigZiEDte4gz1ZtLes3Fz+g88W
CG8Opn5fjd4y724zQGiC0z0wQg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:11:13 2025 by rpki-client