Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/8TP605-bnnRU4oKxlSCpw5mXUvE.roa
File: 8TP605-bnnRU4oKxlSCpw5mXUvE.roa (raw, json)
Hash identifier: mDnmEgfw91sdWLEWlPQZ2jWiCvBV4IYovQSRnJwJt28=
Subject key identifier: F1:33:FA:D3:9F:9B:9E:74:54:E2:82:B1:95:20:A9:C3:99:97:52:F1
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019687499D90A7E845F8A76AFF723EAA4233
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/8TP605-bnnRU4oKxlSCpw5mXUvE.roa
Signing time: Wed 30 Apr 2025 15:21:10 +0000
ROA not before: Wed 30 Apr 2025 15:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208795
IP address blocks: 5.35.104.0/21 maxlen: 24
94.131.80.0/20 maxlen: 24
94.131.176.0/20 maxlen: 24
2a07:aa40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 18:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:49:9d:90:a7:e8:45:f8:a7:6a:ff:72:3e:aa:42:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Apr 30 15:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f133fad39f9b9e7454e282b19520a9c3999752f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:92:7c:e3:f8:b3:2d:2c:6a:7f:1f:d1:2d:b3:
61:c4:19:4f:0d:c1:27:7e:38:b0:95:27:d1:f5:54:
92:c7:24:a5:92:3a:cd:21:81:c9:12:ce:db:d9:87:
27:b6:e8:33:de:4b:62:61:78:6f:76:af:5a:57:d2:
ec:ca:c2:b3:e1:90:6d:50:69:e6:e9:b4:f3:5b:b1:
4a:72:33:23:86:fb:e7:d1:2c:0a:06:c5:c5:ed:72:
4e:c2:d7:f0:05:70:4a:f6:36:ff:62:92:55:54:25:
b8:45:c9:c0:60:90:58:66:e9:4a:47:2a:c0:3e:91:
96:4c:50:b1:4a:d0:17:9b:04:7b:b9:68:89:70:34:
38:b3:04:a4:39:8f:99:6b:e0:b8:d3:05:b4:73:8d:
22:d4:b9:ad:12:cf:13:a5:ea:14:41:5d:57:a1:6b:
33:ce:03:c5:97:5d:de:22:8e:e3:02:5d:91:ac:22:
96:60:b7:1d:d5:be:3a:e6:7f:2c:18:df:0f:fb:16:
30:a0:c0:cb:cf:a4:75:65:67:36:76:e6:16:1b:f1:
17:33:1d:01:1a:d1:ba:f7:af:e5:a0:f2:1b:31:c9:
c3:aa:bf:d9:36:9b:3a:c6:8f:d8:b4:8a:3c:ed:64:
38:db:9d:1a:8b:3c:69:ac:c6:09:fc:b5:49:3e:25:
25:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:33:FA:D3:9F:9B:9E:74:54:E2:82:B1:95:20:A9:C3:99:97:52:F1
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/8TP605-bnnRU4oKxlSCpw5mXUvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.104.0/21
94.131.80.0/20
94.131.176.0/20
IPv6:
2a07:aa40::/29
Signature Algorithm: sha256WithRSAEncryption
9b:e4:92:7e:a3:37:e0:87:e4:43:c4:9c:af:f7:0c:f7:cb:30:
13:0f:28:7f:c0:05:ff:26:b5:af:f3:d8:55:13:a1:a9:8e:47:
da:a5:b1:e8:0c:ce:93:4a:67:98:b5:df:21:b2:2e:63:59:f8:
5a:fa:54:e3:01:cd:31:25:22:92:d4:33:86:af:41:b1:16:71:
2a:6e:8f:a4:7f:5c:08:14:a2:03:ae:05:f7:d1:55:71:ed:25:
35:6a:ba:80:4b:53:7f:f7:50:75:c2:a5:97:fc:f8:44:51:18:
16:66:49:90:3a:58:16:e1:a8:94:f6:9f:b5:27:32:36:62:5c:
7b:43:ce:00:a9:22:54:ea:a6:b8:a9:52:9d:9e:98:74:d8:15:
83:ae:eb:a6:e8:4e:c2:ca:48:1c:36:90:7e:7a:e7:fd:b9:c8:
63:f0:22:17:cc:68:bd:70:6c:3d:73:1b:ee:7e:1b:57:b9:6f:
d8:2f:9e:0b:e1:e7:11:8e:21:27:97:52:7c:6b:d4:7b:94:5c:
cc:a8:15:ab:c3:89:9a:b9:b8:76:2a:a9:35:dc:bc:99:a9:f5:
a1:9a:bc:85:fc:6b:2f:f8:55:f4:99:4a:a9:a1:d0:4b:fb:b1:
f8:a5:0c:7d:0c:90:28:78:5d:5c:21:68:2c:29:93:f9:61:3f:
49:b8:54:26
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZaHSZ2Qp+hF+Kdq/3I+qkIzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjUwNDMwMTUyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTMzZmFkMzlmOWI5ZTc0NTRlMjgyYjE5NTIwYTljMzk5OTc1MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJJ84/izLSxqfx/RLbNhxBlPDcEn
fjiwlSfR9VSSxySlkjrNIYHJEs7b2Ycntugz3ktiYXhvdq9aV9LsysKz4ZBtUGnm
6bTzW7FKcjMjhvvn0SwKBsXF7XJOwtfwBXBK9jb/YpJVVCW4RcnAYJBYZulKRyrA
PpGWTFCxStAXmwR7uWiJcDQ4swSkOY+Za+C40wW0c40i1LmtEs8TpeoUQV1XoWsz
zgPFl13eIo7jAl2RrCKWYLcd1b465n8sGN8P+xYwoMDLz6R1ZWc2duYWG/EXMx0B
GtG696/loPIbMcnDqr/ZNps6xo/YtIo87WQ4250aizxprMYJ/LVJPiUlIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPEz+tOfm550VOKCsZUgqcOZl1LxMB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvOFRQNjA1LWJublJVNG9LeGxTQ3B3NW1YVXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSNoAwQE
XoNQAwQEXoOwMA0EAgACMAcDBQMqB6pAMA0GCSqGSIb3DQEBCwUAA4IBAQCb5JJ+
ozfgh+RDxJyv9wz3yzATDyh/wAX/JrWv89hVE6GpjkfapbHoDM6TSmeYtd8hsi5j
Wfha+lTjAc0xJSKS1DOGr0GxFnEqbo+kf1wIFKIDrgX30VVx7SU1arqAS1N/91B1
wqWX/PhEURgWZkmQOlgW4aiU9p+1JzI2Ylx7Q84AqSJU6qa4qVKdnph02BWDruum
6E7CykgcNpB+euf9uchj8CIXzGi9cGw9cxvufhtXuW/YL54L4ecRjiEnl1J8a9R7
lFzMqBWrw4maubh2Kqk13LyZqfWhmryF/Gsv+FX0mUqpodBL+7H4pQx9DJAoeF1c
IWgsKZP5YT9JuFQm
-----END CERTIFICATE-----
Generated at Wed May 14 02:30:45 2025 by rpki-client