Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/Oplxdwrz2tj49hUWFKVUBYlZ3BU.roa
File: Oplxdwrz2tj49hUWFKVUBYlZ3BU.roa (raw, json)
Hash identifier: GxmLkOEt5gK3qfSa1llVLKux6EH+FwaJgU6VGKajc/A=
Subject key identifier: 3A:99:71:77:0A:F3:DA:D8:F8:F6:15:16:14:A5:54:05:89:59:DC:15
Certificate issuer: /CN=706745ad92353da8a80cb2e0d229d68c2ef53db2
Certificate serial: 019A3FDF31B28D29223D7E6E74D7D88F6A85
Authority key identifier: 70:67:45:AD:92:35:3D:A8:A8:0C:B2:E0:D2:29:D6:8C:2E:F5:3D:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/Oplxdwrz2tj49hUWFKVUBYlZ3BU.roa
Signing time: Sat 01 Nov 2025 14:43:03 +0000
ROA not before: Sat 01 Nov 2025 14:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15731
IP address blocks: 185.133.173.0/24 maxlen: 24
185.133.174.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:df:31:b2:8d:29:22:3d:7e:6e:74:d7:d8:8f:6a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706745ad92353da8a80cb2e0d229d68c2ef53db2
Validity
Not Before: Nov 1 14:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a9971770af3dad8f8f6151614a554058959dc15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:40:10:c1:25:0b:63:3a:95:a9:26:18:c0:61:
4a:c3:35:a7:6e:c5:52:a4:f1:5e:cc:8a:ea:eb:2a:
36:bb:d7:34:3a:01:9c:de:e1:7c:b7:87:6a:bd:72:
d8:50:a5:1e:7f:aa:46:15:e2:90:15:6e:ba:c9:56:
6c:83:01:05:48:9c:e2:6c:d0:b9:1b:14:5a:0b:cd:
22:65:73:14:2b:22:59:44:6b:46:1d:49:9f:0f:a6:
a9:c2:b7:9a:b0:7f:22:b5:e3:4e:44:c7:74:09:86:
79:af:19:ff:6a:32:1c:b8:a8:37:4a:9b:85:13:86:
c7:6a:96:60:a7:e5:1e:aa:a3:75:d1:7d:b5:84:a4:
92:52:5a:3a:4a:c2:04:29:24:24:4c:3f:15:56:5b:
cb:9e:4d:35:b4:d7:53:5a:be:e6:da:1f:89:c7:8b:
89:d8:8b:b0:f1:08:f6:58:3a:4d:55:32:74:ca:93:
1e:71:08:5e:0e:9a:83:71:c6:91:65:51:b4:dd:cf:
d9:45:df:5b:bd:60:4d:b4:38:53:73:96:26:57:c9:
4f:a0:ee:4b:77:67:2c:a0:ba:58:08:c0:8c:2b:bf:
f7:26:3c:a9:a9:31:42:43:07:98:d8:c0:b7:45:56:
cb:1e:24:af:1f:d8:be:06:fd:5c:a1:e3:e6:0a:48:
61:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:99:71:77:0A:F3:DA:D8:F8:F6:15:16:14:A5:54:05:89:59:DC:15
X509v3 Authority Key Identifier:
keyid:70:67:45:AD:92:35:3D:A8:A8:0C:B2:E0:D2:29:D6:8C:2E:F5:3D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/Oplxdwrz2tj49hUWFKVUBYlZ3BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.173.0-185.133.175.255
Signature Algorithm: sha256WithRSAEncryption
77:47:c5:6a:4f:4d:51:a4:d2:98:48:ea:6d:55:b1:2c:9d:80:
68:d4:ee:ab:a8:e9:98:21:39:38:98:82:f7:7b:3e:2b:25:6c:
9a:b4:03:df:26:fa:ed:56:59:85:39:2b:55:81:92:67:cd:5e:
f5:31:e2:ce:df:de:2f:95:78:39:d3:fc:5b:cb:4c:83:be:1c:
b9:17:dd:ae:bd:84:4c:d4:a1:12:b5:e2:e5:d6:8c:4e:e5:1e:
c5:77:98:7a:f4:d5:b2:79:fa:e0:31:1d:8c:6c:94:8e:72:2a:
e0:23:8c:a4:f3:82:28:48:37:5a:8e:4e:6a:93:33:0e:1a:54:
19:e5:6d:56:90:a1:f3:b3:b5:ad:d8:92:9c:c2:11:1b:6c:41:
ce:3a:d1:ed:67:49:e6:48:11:6d:3a:e8:ca:be:df:c7:1a:a6:
ce:9c:bc:3e:f4:0b:1d:b3:de:6a:7c:93:94:25:b6:8e:79:0d:
13:a5:65:8f:a8:e8:78:45:74:f0:b4:2a:bc:16:c3:b1:42:8a:
7d:be:ec:75:9f:92:b3:79:ae:42:fe:f8:82:16:dc:44:7c:93:
30:90:84:6f:49:40:1a:d3:4c:8f:a1:82:94:85:28:06:fb:ba:
56:ee:60:4e:01:51:66:4f:3b:99:e4:a9:4e:35:aa:5d:24:e6:
20:4f:f1:b9
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZo/3zGyjSkiPX5udNfYj2qFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjc0NWFkOTIzNTNkYThhODBjYjJlMGQyMjlkNjhjMmVm
NTNkYjIwHhcNMjUxMTAxMTQ0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk5NzE3NzBhZjNkYWQ4ZjhmNjE1MTYxNGE1NTQwNTg5NTlkYzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEAQwSULYzqVqSYYwGFKwzWnbsVS
pPFezIrq6yo2u9c0OgGc3uF8t4dqvXLYUKUef6pGFeKQFW66yVZsgwEFSJzibNC5
GxRaC80iZXMUKyJZRGtGHUmfD6apwreasH8iteNORMd0CYZ5rxn/ajIcuKg3SpuF
E4bHapZgp+UeqqN10X21hKSSUlo6SsIEKSQkTD8VVlvLnk01tNdTWr7m2h+Jx4uJ
2Iuw8Qj2WDpNVTJ0ypMecQheDpqDccaRZVG03c/ZRd9bvWBNtDhTc5YmV8lPoO5L
d2csoLpYCMCMK7/3JjypqTFCQweY2MC3RVbLHiSvH9i+Bv1coePmCkhh1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDqZcXcK89rY+PYVFhSlVAWJWdwVMB8GA1UdIwQY
MBaAFHBnRa2SNT2oqAyy4NIp1owu9T2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dkRnJaSTFQYWlvRExMZzBpbldqQzcxUGJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kMGFiZDAtYjExNC00ZTNhLWFlNTkt
ZTIxNzYzYzY3MmZhLzEvT3BseGR3cnoydGo0OWhVV0ZLVlVCWWxaM0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kMGFiZDAtYjExNC00ZTNhLWFlNTktZTIxNzYzYzY3MmZh
LzEvY0dkRnJaSTFQYWlvRExMZzBpbldqQzcxUGJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5ha0D
BAS5haAwDQYJKoZIhvcNAQELBQADggEBAHdHxWpPTVGk0phI6m1VsSydgGjU7quo
6ZghOTiYgvd7PislbJq0A98m+u1WWYU5K1WBkmfNXvUx4s7f3i+VeDnT/FvLTIO+
HLkX3a69hEzUoRK14uXWjE7lHsV3mHr01bJ5+uAxHYxslI5yKuAjjKTzgihIN1qO
TmqTMw4aVBnlbVaQofOzta3YkpzCERtsQc460e1nSeZIEW066Mq+38caps6cvD70
Cx2z3mp8k5Qlto55DROlZY+o6HhFdPC0KrwWw7FCin2+7HWfkrN5rkL++IIW3ER8
kzCQhG9JQBrTTI+hgpSFKAb7ulbuYE4BUWZPO5nkqU41ql0k5iBP8bk=
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:03:01 2025 by rpki-client