Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/pPb-CBexk36WjvY49Sg0ZGeG_AI.roa
File: pPb-CBexk36WjvY49Sg0ZGeG_AI.roa (raw, json)
Hash identifier: C2eHQ74TxOJX4sjzgtNLD8HryHtD6jrPYZrRej2PG9w=
Subject key identifier: A4:F6:FE:08:17:B1:93:7E:96:8E:F6:38:F5:28:34:64:67:86:FC:02
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 019898E29CAE89499D30D7AD96E3AB624D47
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/pPb-CBexk36WjvY49Sg0ZGeG_AI.roa
Signing time: Mon 11 Aug 2025 11:27:24 +0000
ROA not before: Mon 11 Aug 2025 11:27:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8331
IP address blocks: 80.90.240.0/20 maxlen: 20
80.90.240.0/24 maxlen: 24
80.90.249.0/24 maxlen: 24
80.90.250.0/24 maxlen: 24
80.90.252.0/24 maxlen: 24
80.90.254.0/24 maxlen: 24
86.62.64.0/18 maxlen: 18
86.62.64.0/24 maxlen: 24
86.62.105.0/24 maxlen: 24
195.54.192.0/19 maxlen: 19
195.54.195.0/24 maxlen: 24
195.54.196.0/24 maxlen: 24
195.54.198.0/24 maxlen: 24
195.54.202.0/23 maxlen: 23
195.54.202.0/24 maxlen: 24
195.54.203.0/24 maxlen: 24
195.54.213.0/24 maxlen: 24
195.54.214.0/24 maxlen: 24
195.91.128.0/17 maxlen: 17
2a00:14d0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:e2:9c:ae:89:49:9d:30:d7:ad:96:e3:ab:62:4d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Aug 11 11:27:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4f6fe0817b1937e968ef638f52834646786fc02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:6e:c6:10:ec:a1:3b:04:f4:fd:c6:ba:0b:
44:84:82:06:09:41:c1:03:35:fc:71:0e:73:e5:75:
4e:d0:0e:16:61:ab:25:a2:2d:ed:88:99:fe:4c:4e:
ea:68:f4:95:13:97:a9:90:28:f9:d2:a1:15:7f:e0:
f6:17:39:19:72:63:63:8b:b6:fb:fb:de:55:3e:49:
a7:ee:a1:e6:8f:c3:bb:a1:ea:1d:0b:cc:28:19:0b:
6d:e9:31:be:f8:00:c2:66:88:cb:bd:98:e9:46:5d:
3c:83:b6:ca:c3:f3:41:d0:f0:c4:ec:fe:44:0a:c4:
bc:b9:a7:6d:1e:84:44:c9:25:10:0c:62:62:d4:d4:
c3:25:70:3d:34:01:9f:7b:4f:34:36:3e:e0:e8:69:
97:23:4f:57:90:70:c0:3f:eb:1b:29:05:7b:9d:c8:
cb:c7:fb:78:a2:b4:eb:f9:16:77:a9:1d:9d:1f:f7:
1c:bb:0a:ea:a5:d6:53:3f:20:50:f1:d1:84:db:aa:
79:29:26:1d:3c:f0:b4:76:67:23:87:8b:b5:98:0f:
ca:bf:f4:fd:01:8f:fa:4e:42:f9:c3:69:6c:88:ab:
a5:c3:78:1e:bc:98:68:7a:b9:26:e5:49:4d:75:3f:
1f:60:60:61:a9:e5:4b:93:6c:a8:13:a9:5f:fd:43:
14:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:F6:FE:08:17:B1:93:7E:96:8E:F6:38:F5:28:34:64:67:86:FC:02
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/pPb-CBexk36WjvY49Sg0ZGeG_AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.240.0/20
86.62.64.0/18
195.54.192.0/19
195.91.128.0/17
IPv6:
2a00:14d0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:93:e3:76:b1:73:b3:e9:12:b5:11:86:52:42:da:7e:74:52:
c0:e6:66:36:da:cc:0d:83:f3:4a:68:64:58:b4:71:b6:74:7e:
af:be:41:b6:cb:a3:ed:fa:24:0f:57:df:72:47:3c:dc:f7:2b:
2d:b6:90:f2:e7:36:d0:2e:b7:6e:f5:07:43:d1:e4:7e:c6:b8:
31:e7:20:9e:29:76:a2:ea:c7:71:52:0f:68:c5:6f:2d:9e:16:
3e:87:aa:55:32:09:b8:3c:9c:12:43:1d:3e:71:5e:e6:5e:aa:
e1:7e:65:9a:db:37:07:6d:74:fe:04:a1:e9:e5:69:e5:fe:da:
40:a0:44:3d:a2:10:3e:b4:9d:9a:20:a5:a0:10:cd:67:90:dc:
7d:43:0f:2a:fb:24:3d:b8:1d:ca:da:ec:93:77:6f:3f:3f:22:
0d:14:87:2f:5a:a6:56:fe:ef:a1:81:65:8f:bc:83:02:0b:ef:
a9:66:b0:3f:65:22:cc:f2:bc:33:ab:d5:35:0e:b1:cb:62:e1:
b5:86:f2:49:83:10:84:bb:30:43:01:41:7b:f3:14:62:9d:e3:
6d:50:d5:e7:78:56:02:fc:69:20:8e:83:b1:38:be:1e:5b:df:
85:2e:6d:48:d7:e8:c8:18:74:f6:ca:dc:68:e2:d4:df:26:6e:
bc:76:56:e5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZiY4pyuiUmdMNetluOrYk1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwODExMTEyNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGY2ZmUwODE3YjE5MzdlOTY4ZWY2MzhmNTI4MzQ2NDY3ODZmYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1huxhDsoTsE9P3GugtEhIIGCUHB
AzX8cQ5z5XVO0A4WYasloi3tiJn+TE7qaPSVE5epkCj50qEVf+D2FzkZcmNji7b7
+95VPkmn7qHmj8O7oeodC8woGQtt6TG++ADCZojLvZjpRl08g7bKw/NB0PDE7P5E
CsS8uadtHoREySUQDGJi1NTDJXA9NAGfe080Nj7g6GmXI09XkHDAP+sbKQV7ncjL
x/t4orTr+RZ3qR2dH/ccuwrqpdZTPyBQ8dGE26p5KSYdPPC0dmcjh4u1mA/Kv/T9
AY/6TkL5w2lsiKulw3gevJhoerkm5UlNdT8fYGBhqeVLk2yoE6lf/UMUVQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKT2/ggXsZN+lo72OPUoNGRnhvwCMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvcFBiLUNCZXhrMzZXanZZNDlTZzBaR2VHX0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUFrwAwQG
Vj5AAwQFwzbAAwQHw1uAMA0EAgACMAcDBQAqABTQMA0GCSqGSIb3DQEBCwUAA4IB
AQBak+N2sXOz6RK1EYZSQtp+dFLA5mY22swNg/NKaGRYtHG2dH6vvkG2y6Pt+iQP
V99yRzzc9ysttpDy5zbQLrdu9QdD0eR+xrgx5yCeKXai6sdxUg9oxW8tnhY+h6pV
Mgm4PJwSQx0+cV7mXqrhfmWa2zcHbXT+BKHp5Wnl/tpAoEQ9ohA+tJ2aIKWgEM1n
kNx9Qw8q+yQ9uB3K2uyTd28/PyINFIcvWqZW/u+hgWWPvIMCC++pZrA/ZSLM8rwz
q9U1DrHLYuG1hvJJgxCEuzBDAUF78xRineNtUNXneFYC/GkgjoOxOL4eW9+FLm1I
1+jIGHT2ytxo4tTfJm68dlbl
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:45:01 2025 by rpki-client