Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/oZtEOJXg9u3YAV29kkGmNWg8F9A.roa
File: oZtEOJXg9u3YAV29kkGmNWg8F9A.roa (raw, json)
Hash identifier: ogCJpbFNRwq+SCRMavwkDAe0bS6yKHWqdkWMeWxeUro=
Subject key identifier: A1:9B:44:38:95:E0:F6:ED:D8:01:5D:BD:92:41:A6:35:68:3C:17:D0
Certificate issuer: /CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Certificate serial: 01987A3489A685DA64D67C05DFFECA5D0500
Authority key identifier: 0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/oZtEOJXg9u3YAV29kkGmNWg8F9A.roa
Signing time: Tue 05 Aug 2025 12:28:40 +0000
ROA not before: Tue 05 Aug 2025 12:28:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 93.91.192.0/20 maxlen: 20
93.91.192.0/24 maxlen: 24
93.91.193.0/24 maxlen: 24
93.91.194.0/24 maxlen: 24
93.91.195.0/24 maxlen: 24
93.91.196.0/24 maxlen: 24
93.91.197.0/24 maxlen: 24
93.91.198.0/24 maxlen: 24
93.91.199.0/24 maxlen: 24
93.91.200.0/24 maxlen: 24
93.91.201.0/24 maxlen: 24
93.91.202.0/24 maxlen: 24
93.91.203.0/24 maxlen: 24
93.91.204.0/24 maxlen: 24
93.91.205.0/24 maxlen: 24
93.91.206.0/24 maxlen: 24
93.91.207.0/24 maxlen: 24
95.170.192.0/19 maxlen: 19
95.170.192.0/24 maxlen: 24
95.170.193.0/24 maxlen: 24
95.170.194.0/24 maxlen: 24
95.170.195.0/24 maxlen: 24
95.170.196.0/24 maxlen: 24
95.170.197.0/24 maxlen: 24
95.170.198.0/24 maxlen: 24
95.170.199.0/24 maxlen: 24
95.170.200.0/24 maxlen: 24
95.170.201.0/24 maxlen: 24
95.170.202.0/24 maxlen: 24
95.170.203.0/24 maxlen: 24
95.170.204.0/24 maxlen: 24
95.170.205.0/24 maxlen: 24
95.170.206.0/24 maxlen: 24
95.170.207.0/24 maxlen: 24
95.170.208.0/24 maxlen: 24
95.170.209.0/24 maxlen: 24
95.170.210.0/24 maxlen: 24
95.170.211.0/24 maxlen: 24
95.170.212.0/24 maxlen: 24
95.170.213.0/24 maxlen: 24
95.170.214.0/24 maxlen: 24
95.170.215.0/24 maxlen: 24
95.170.216.0/24 maxlen: 24
95.170.217.0/24 maxlen: 24
95.170.218.0/24 maxlen: 24
95.170.219.0/24 maxlen: 24
95.170.220.0/24 maxlen: 24
95.170.221.0/24 maxlen: 24
95.170.222.0/24 maxlen: 24
95.170.223.0/24 maxlen: 24
109.127.64.0/18 maxlen: 18
109.127.64.0/20 maxlen: 20
109.127.64.0/21 maxlen: 21
109.127.64.0/24 maxlen: 24
109.127.65.0/24 maxlen: 24
109.127.66.0/24 maxlen: 24
109.127.67.0/24 maxlen: 24
109.127.68.0/24 maxlen: 24
109.127.69.0/24 maxlen: 24
109.127.70.0/24 maxlen: 24
109.127.71.0/24 maxlen: 24
109.127.72.0/21 maxlen: 21
109.127.72.0/24 maxlen: 24
109.127.73.0/24 maxlen: 24
109.127.74.0/24 maxlen: 24
109.127.75.0/24 maxlen: 24
109.127.76.0/24 maxlen: 24
109.127.77.0/24 maxlen: 24
109.127.78.0/24 maxlen: 24
109.127.79.0/24 maxlen: 24
109.127.80.0/24 maxlen: 24
109.127.81.0/24 maxlen: 24
109.127.82.0/24 maxlen: 24
109.127.83.0/24 maxlen: 24
109.127.84.0/24 maxlen: 24
109.127.85.0/24 maxlen: 24
109.127.86.0/24 maxlen: 24
109.127.87.0/24 maxlen: 24
109.127.88.0/24 maxlen: 24
109.127.89.0/24 maxlen: 24
109.127.90.0/24 maxlen: 24
109.127.91.0/24 maxlen: 24
109.127.92.0/24 maxlen: 24
109.127.93.0/24 maxlen: 24
109.127.94.0/24 maxlen: 24
109.127.95.0/24 maxlen: 24
109.127.96.0/24 maxlen: 24
109.127.97.0/24 maxlen: 24
109.127.98.0/24 maxlen: 24
109.127.99.0/24 maxlen: 24
109.127.100.0/24 maxlen: 24
109.127.101.0/24 maxlen: 24
109.127.102.0/24 maxlen: 24
109.127.103.0/24 maxlen: 24
109.127.104.0/24 maxlen: 24
109.127.105.0/24 maxlen: 24
109.127.106.0/24 maxlen: 24
109.127.107.0/24 maxlen: 24
109.127.108.0/24 maxlen: 24
109.127.109.0/24 maxlen: 24
109.127.110.0/24 maxlen: 24
109.127.111.0/24 maxlen: 24
109.127.112.0/24 maxlen: 24
109.127.113.0/24 maxlen: 24
109.127.114.0/24 maxlen: 24
109.127.115.0/24 maxlen: 24
109.127.116.0/24 maxlen: 24
109.127.117.0/24 maxlen: 24
109.127.118.0/24 maxlen: 24
109.127.119.0/24 maxlen: 24
109.127.120.0/24 maxlen: 24
109.127.121.0/24 maxlen: 24
109.127.122.0/24 maxlen: 24
109.127.123.0/24 maxlen: 24
109.127.124.0/24 maxlen: 24
109.127.125.0/24 maxlen: 24
109.127.126.0/24 maxlen: 24
109.127.127.0/24 maxlen: 24
130.193.128.0/17 maxlen: 17
130.193.128.0/19 maxlen: 19
130.193.128.0/24 maxlen: 24
130.193.129.0/24 maxlen: 24
130.193.130.0/24 maxlen: 24
130.193.131.0/24 maxlen: 24
130.193.132.0/22 maxlen: 22
130.193.132.0/24 maxlen: 24
130.193.133.0/24 maxlen: 24
130.193.134.0/24 maxlen: 24
130.193.135.0/24 maxlen: 24
130.193.136.0/24 maxlen: 24
130.193.137.0/24 maxlen: 24
130.193.138.0/24 maxlen: 24
130.193.139.0/24 maxlen: 24
130.193.140.0/24 maxlen: 24
130.193.141.0/24 maxlen: 24
130.193.142.0/24 maxlen: 24
130.193.143.0/24 maxlen: 24
130.193.144.0/24 maxlen: 24
130.193.145.0/24 maxlen: 24
130.193.146.0/24 maxlen: 24
130.193.147.0/24 maxlen: 24
130.193.148.0/24 maxlen: 24
130.193.149.0/24 maxlen: 24
130.193.150.0/23 maxlen: 23
130.193.150.0/24 maxlen: 24
130.193.151.0/24 maxlen: 24
130.193.152.0/23 maxlen: 23
130.193.154.0/23 maxlen: 23
130.193.160.0/20 maxlen: 20
130.193.160.0/23 maxlen: 23
130.193.160.0/24 maxlen: 24
130.193.161.0/24 maxlen: 24
130.193.165.0/24 maxlen: 24
130.193.166.0/24 maxlen: 24
130.193.176.0/20 maxlen: 20
130.193.176.0/21 maxlen: 21
130.193.184.0/21 maxlen: 21
130.193.192.0/20 maxlen: 20
130.193.208.0/20 maxlen: 20
130.193.224.0/20 maxlen: 20
130.193.240.0/20 maxlen: 20
2a04:a040::/29 maxlen: 29
2a04:a040::/32 maxlen: 32
2a04:a041::/32 maxlen: 32
2a04:a042::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:34:89:a6:85:da:64:d6:7c:05:df:fe:ca:5d:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Validity
Not Before: Aug 5 12:28:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a19b443895e0f6edd8015dbd9241a635683c17d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4f:66:60:02:d7:c1:a1:49:87:cc:71:d5:fe:
5e:0e:85:01:7f:89:2f:c1:0c:20:f7:3e:7b:b8:34:
d9:5e:19:d9:de:bd:e2:3e:ab:d3:04:9d:b0:dc:56:
9f:94:37:71:8f:5c:c3:33:81:64:54:4b:b9:5a:e5:
a7:c1:c5:8a:df:e5:3a:94:ab:12:7a:9b:89:0e:65:
8f:a7:e2:d3:9a:0a:66:55:3b:98:d2:77:6a:5a:c5:
5c:fb:ab:22:24:8f:0d:5d:80:27:27:72:bb:bc:1f:
ee:e9:7b:ca:ca:3a:a2:c4:b5:ec:79:68:35:de:51:
89:01:71:72:a1:19:58:dd:b2:be:eb:13:45:25:7b:
a9:3d:2c:b7:b9:3b:5e:50:f9:aa:bb:bd:ee:4b:b0:
48:47:30:23:45:fd:13:df:ba:1c:dd:5e:c8:c2:32:
59:4d:b3:05:65:b1:d3:a1:32:5b:ad:f7:8b:f6:41:
1d:ea:59:6a:25:42:95:58:e8:be:d2:5d:58:27:85:
21:05:c8:78:99:34:62:8d:78:67:52:21:8a:bc:2f:
ee:a9:c5:31:5b:fc:50:ce:64:b3:2f:3f:dc:25:23:
5d:40:6c:fb:98:40:d2:84:20:81:54:5f:52:58:39:
43:9e:77:d6:70:57:a4:4d:66:56:93:60:f0:f9:5b:
f2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9B:44:38:95:E0:F6:ED:D8:01:5D:BD:92:41:A6:35:68:3C:17:D0
X509v3 Authority Key Identifier:
keyid:0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/oZtEOJXg9u3YAV29kkGmNWg8F9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.192.0/20
95.170.192.0/19
109.127.64.0/18
130.193.128.0/17
IPv6:
2a04:a040::/29
Signature Algorithm: sha256WithRSAEncryption
48:18:5f:f3:3a:b6:ef:69:16:25:5a:24:25:37:3d:6f:c3:85:
41:4a:c7:c4:7b:c6:a8:11:89:9c:68:12:e7:2a:a7:39:ec:ad:
b9:56:be:c5:7c:f9:e4:59:95:f4:bb:41:b0:0e:57:1a:2d:10:
31:98:14:62:f3:06:62:8f:8a:14:56:77:56:f0:71:ea:f1:2a:
a6:e8:91:93:06:dc:4f:84:14:8b:fe:7e:3d:5a:69:9e:63:3d:
51:97:a1:fe:96:97:1a:96:c6:df:a9:20:89:c0:fa:b8:51:d2:
44:01:e4:a1:52:0a:a7:bd:b7:7f:23:84:0f:50:7b:43:3e:dd:
2d:56:81:d3:3e:62:5b:34:2c:34:97:f8:62:0e:58:f5:23:cb:
72:d9:d5:0d:13:ad:e6:e0:cf:02:5e:ea:54:4e:18:6a:be:cd:
f9:ce:61:74:17:7b:f0:32:d4:e0:96:ac:87:a6:49:97:95:d8:
8b:c7:3b:6e:a6:1e:59:94:da:c0:48:d4:d6:6b:c4:f8:31:c2:
cf:8f:38:86:b9:02:a1:f9:d4:96:20:da:1c:05:6c:4e:7e:12:
ef:ac:a9:e5:a4:dd:d1:0f:c4:24:26:7c:4c:7e:56:22:7c:9b:
c5:1e:96:fa:37:31:92:d7:6c:63:d4:c5:de:24:7c:a7:74:c2:
10:6f:f9:65
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZh6NImmhdpk1nwF3/7KXQUAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMGY3YTA0ZGQ3MjQ5YTVkMTRiN2RlMDU0MmE0MTk3Mzgw
MDA2Y2MwHhcNMjUwODA1MTIyODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTliNDQzODk1ZTBmNmVkZDgwMTVkYmQ5MjQxYTYzNTY4M2MxN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k9mYALXwaFJh8xx1f5eDoUBf4kv
wQwg9z57uDTZXhnZ3r3iPqvTBJ2w3FaflDdxj1zDM4FkVEu5WuWnwcWK3+U6lKsS
epuJDmWPp+LTmgpmVTuY0ndqWsVc+6siJI8NXYAnJ3K7vB/u6XvKyjqixLXseWg1
3lGJAXFyoRlY3bK+6xNFJXupPSy3uTteUPmqu73uS7BIRzAjRf0T37oc3V7IwjJZ
TbMFZbHToTJbrfeL9kEd6llqJUKVWOi+0l1YJ4UhBch4mTRijXhnUiGKvC/uqcUx
W/xQzmSzLz/cJSNdQGz7mEDShCCBVF9SWDlDnnfWcFekTWZWk2Dw+VvydwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKGbRDiV4Pbt2AFdvZJBpjVoPBfQMB8GA1UdIwQY
MBaAFAwPegTdckml0Ut94FQqQZc4AAbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTIt
YTNjYmVmZmY3Nzc3LzEvb1p0RU9KWGc5dTNZQVYyOWtrR21OV2c4RjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTItYTNjYmVmZmY3Nzc3
LzEvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVvAAwQF
X6rAAwQGbX9AAwQHgsGAMA0EAgACMAcDBQMqBKBAMA0GCSqGSIb3DQEBCwUAA4IB
AQBIGF/zOrbvaRYlWiQlNz1vw4VBSsfEe8aoEYmcaBLnKqc57K25Vr7FfPnkWZX0
u0GwDlcaLRAxmBRi8wZij4oUVndW8HHq8Sqm6JGTBtxPhBSL/n49WmmeYz1Rl6H+
lpcalsbfqSCJwPq4UdJEAeShUgqnvbd/I4QPUHtDPt0tVoHTPmJbNCw0l/hiDlj1
I8ty2dUNE63m4M8CXupUThhqvs35zmF0F3vwMtTglqyHpkmXldiLxztuph5ZlNrA
SNTWa8T4McLPjziGuQKh+dSWINocBWxOfhLvrKnlpN3RD8QkJnxMflYifJvFHpb6
NzGS12xj1MXeJHyndMIQb/ll
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:00:08 2025 by rpki-client