Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/ObkoamnLayObdruWUVgDbymFpX8.roa
File: ObkoamnLayObdruWUVgDbymFpX8.roa (raw, json)
Hash identifier: h3ksuf6RlogpUGG+WTsKW6QNPIIF290h4H13NE4plvY=
Subject key identifier: 39:B9:28:6A:69:CB:6B:23:9B:76:BB:96:51:58:03:6F:29:85:A5:7F
Certificate issuer: /CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Certificate serial: 019A26591343464EB9A545E15E88E991A0FD
Authority key identifier: 7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/ObkoamnLayObdruWUVgDbymFpX8.roa
Signing time: Mon 27 Oct 2025 15:46:03 +0000
ROA not before: Mon 27 Oct 2025 15:46:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8069
IP address blocks: 145.190.0.0/23 maxlen: 23
145.190.2.0/24 maxlen: 24
145.190.3.0/24 maxlen: 24
145.190.4.0/23 maxlen: 23
145.190.6.0/24 maxlen: 24
145.190.7.0/24 maxlen: 24
145.190.8.0/21 maxlen: 21
145.190.16.0/21 maxlen: 21
145.190.24.0/21 maxlen: 21
145.190.32.0/22 maxlen: 22
145.190.36.0/24 maxlen: 24
145.190.37.0/24 maxlen: 24
145.190.38.0/23 maxlen: 23
145.190.40.0/23 maxlen: 23
145.190.42.0/24 maxlen: 24
145.190.43.0/24 maxlen: 24
145.190.44.0/22 maxlen: 22
145.190.48.0/22 maxlen: 22
145.190.52.0/23 maxlen: 23
145.190.54.0/24 maxlen: 24
145.190.55.0/24 maxlen: 24
145.190.56.0/23 maxlen: 23
145.190.58.0/24 maxlen: 24
145.190.59.0/24 maxlen: 24
145.190.60.0/24 maxlen: 24
145.190.61.0/24 maxlen: 24
145.190.62.0/24 maxlen: 24
145.190.63.0/24 maxlen: 24
145.190.64.0/24 maxlen: 24
145.190.65.0/24 maxlen: 24
145.190.66.0/24 maxlen: 24
145.190.128.0/24 maxlen: 24
145.190.129.0/24 maxlen: 24
145.190.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:59:13:43:46:4e:b9:a5:45:e1:5e:88:e9:91:a0:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ce68daf5f089456c0e1d02245393531ac5b8fcb
Validity
Not Before: Oct 27 15:46:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=39b9286a69cb6b239b76bb965158036f2985a57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f5:20:5b:55:7e:50:94:ac:f9:d1:e6:00:67:
4b:26:bc:9a:88:ab:69:dc:ab:87:96:a4:c1:8c:88:
7a:a1:6a:6e:bd:e6:83:03:df:d4:26:55:dc:77:82:
9a:e4:e6:66:d4:18:e7:51:69:bc:e8:28:50:e2:34:
b2:b9:09:4a:15:41:06:15:3e:b1:5d:ed:d3:72:0f:
cd:9d:d7:9d:c4:d6:d1:0c:90:ab:17:ab:da:fc:e1:
75:7c:b9:95:4a:e0:f9:3b:94:b7:a2:3c:17:3a:7e:
09:e8:57:5d:94:64:23:cb:8b:97:c1:7c:f0:4a:ca:
ba:72:9a:9a:0c:31:ba:1c:bc:a3:ee:92:3c:bf:43:
df:ab:38:fa:3f:78:8f:c5:4a:c7:68:03:31:e9:f4:
e3:c3:fb:84:eb:e3:54:e0:28:f2:6d:0a:57:ec:4f:
ee:b9:ab:42:89:28:83:75:98:53:f3:76:ca:6b:e8:
c1:c9:6e:89:c2:f6:62:66:d4:6b:b9:fe:6f:34:d9:
25:87:d0:31:d8:70:81:a2:eb:f2:4f:d1:eb:a0:d8:
25:48:2d:6e:c4:5d:e3:fe:fa:e1:9c:e8:f4:df:4c:
89:81:90:30:1c:66:7f:8a:b2:11:25:aa:fd:91:8d:
0d:c4:1c:c0:16:32:a4:bd:4d:55:df:57:c7:c3:0c:
09:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B9:28:6A:69:CB:6B:23:9B:76:BB:96:51:58:03:6F:29:85:A5:7F
X509v3 Authority Key Identifier:
keyid:7C:E6:8D:AF:5F:08:94:56:C0:E1:D0:22:45:39:35:31:AC:5B:8F:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fOaNr18IlFbA4dAiRTk1Maxbj8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/ObkoamnLayObdruWUVgDbymFpX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ec0b89-1e68-45a0-8b93-13a06a269aa8/1/fOaNr18IlFbA4dAiRTk1Maxbj8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.190.0.0-145.190.66.255
145.190.128.0-145.190.130.255
Signature Algorithm: sha256WithRSAEncryption
ac:78:ff:9c:2d:35:41:d9:82:72:1f:0c:49:d7:7c:e7:1f:cf:
55:c7:c6:1d:18:a1:d3:8e:f0:71:fc:2e:ec:b2:1a:37:ea:73:
2f:10:25:cf:81:3c:58:48:ac:e9:a4:59:43:f2:5e:a7:5d:99:
ba:3d:80:c5:be:07:62:89:15:08:c1:3e:d4:d9:8c:f8:24:48:
bd:dd:d8:11:ba:21:26:09:b4:b7:f6:a3:31:03:d8:40:29:9f:
62:e0:94:3d:b6:3c:56:2b:01:20:38:52:99:85:1c:2e:b7:8e:
b0:54:6a:23:fa:5e:4b:07:7b:f6:15:a0:2a:5e:c4:b6:dd:eb:
71:34:ac:f1:40:63:e8:d8:56:a5:af:8e:05:7d:79:d1:ae:59:
d6:44:2d:1b:72:91:44:7e:6e:5e:96:cc:86:48:56:b1:55:07:
e5:4b:98:8d:a0:33:a9:3a:76:f0:1f:bc:dd:d2:92:90:2a:f1:
6b:45:82:08:6d:48:27:98:83:91:f6:c0:e3:2d:f8:78:4d:d8:
b1:1c:f6:66:84:7f:48:6f:35:60:9c:d2:77:e4:2f:3a:43:3e:
30:2c:c6:83:57:81:cc:d2:26:bc:21:70:d7:37:b3:9a:8a:c0:
b8:14:a4:93:c5:98:ee:ca:11:b0:4b:7c:b7:f6:f4:1b:28:bc:
c2:03:79:0c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZomWRNDRk65pUXhXojpkaD9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjZTY4ZGFmNWYwODk0NTZjMGUxZDAyMjQ1MzkzNTMxYWM1
YjhmY2IwHhcNMjUxMDI3MTU0NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI5Mjg2YTY5Y2I2YjIzOWI3NmJiOTY1MTU4MDM2ZjI5ODVhNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PUgW1V+UJSs+dHmAGdLJryaiKtp
3KuHlqTBjIh6oWpuveaDA9/UJlXcd4Ka5OZm1BjnUWm86ChQ4jSyuQlKFUEGFT6x
Xe3Tcg/NndedxNbRDJCrF6va/OF1fLmVSuD5O5S3ojwXOn4J6FddlGQjy4uXwXzw
Ssq6cpqaDDG6HLyj7pI8v0Pfqzj6P3iPxUrHaAMx6fTjw/uE6+NU4CjybQpX7E/u
uatCiSiDdZhT83bKa+jByW6JwvZiZtRruf5vNNklh9Ax2HCBouvyT9HroNglSC1u
xF3j/vrhnOj030yJgZAwHGZ/irIRJar9kY0NxBzAFjKkvU1V31fHwwwJ7QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDm5KGppy2sjm3a7llFYA28phaV/MB8GA1UdIwQY
MBaAFHzmja9fCJRWwOHQIkU5NTGsW4/LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMt
MTNhMDZhMjY5YWE4LzEvT2Jrb2FtbkxheU9iZHJ1V1VWZ0RieW1GcFg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9lYzBiODktMWU2OC00NWEwLThiOTMtMTNhMDZhMjY5YWE4
LzEvZk9hTnIxOElsRmJBNGRBaVJUazFNYXhiajhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwGRvgME
AJG+QjAMAwQHkb6AAwQAkb6CMA0GCSqGSIb3DQEBCwUAA4IBAQCseP+cLTVB2YJy
HwxJ13znH89Vx8YdGKHTjvBx/C7ssho36nMvECXPgTxYSKzppFlD8l6nXZm6PYDF
vgdiiRUIwT7U2Yz4JEi93dgRuiEmCbS39qMxA9hAKZ9i4JQ9tjxWKwEgOFKZhRwu
t46wVGoj+l5LB3v2FaAqXsS23etxNKzxQGPo2Falr44FfXnRrlnWRC0bcpFEfm5e
lsyGSFaxVQflS5iNoDOpOnbwH7zd0pKQKvFrRYIIbUgnmIOR9sDjLfh4TdixHPZm
hH9IbzVgnNJ35C86Qz4wLMaDV4HM0ia8IXDXN7OaisC4FKSTxZjuyhGwS3y39vQb
KLzCA3kM
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:04:43 2025 by rpki-client