Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8xFgTVfk67w8qkbxnkOWM6wQqjg.roa
File: 8xFgTVfk67w8qkbxnkOWM6wQqjg.roa (raw, json)
Hash identifier: TKEsBrDPxhSdJkbNgKhnsz0ZnFFU4cTfUqxZ3zBcYUM=
Subject key identifier: F3:11:60:4D:57:E4:EB:BC:3C:AA:46:F1:9E:43:96:33:AC:10:AA:38
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01979294047723FEBDB9F013CA525CE7B54B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8xFgTVfk67w8qkbxnkOWM6wQqjg.roa
Signing time: Sat 21 Jun 2025 13:01:03 +0000
ROA not before: Sat 21 Jun 2025 13:01:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35346
IP address blocks: 45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.68.0/23 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.80.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.99.0/24 maxlen: 24
91.242.102.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 20
91.242.112.0/24 maxlen: 24
91.242.113.0/24 maxlen: 24
91.242.114.0/24 maxlen: 24
91.242.115.0/24 maxlen: 24
91.242.116.0/24 maxlen: 24
91.242.117.0/24 maxlen: 24
91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
91.242.120.0/24 maxlen: 24
91.242.121.0/24 maxlen: 24
91.242.122.0/24 maxlen: 24
178.175.176.0/22 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
2a07:5540::/29 maxlen: 29
2a07:c040::/29 maxlen: 29
2a09:700::/29 maxlen: 29
2a09:15c0::/29 maxlen: 29
2a09:3ac0::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
2a09:4c40::/29 maxlen: 29
2a09:63c0::/29 maxlen: 29
2a09:7640::/29 maxlen: 29
2a09:7b40::/29 maxlen: 29
2a09:7f00::/29 maxlen: 29
2a09:a480::/29 maxlen: 29
2a09:bdc0::/29 maxlen: 29
2a09:ca40::/29 maxlen: 29
2a09:e400::/29 maxlen: 29
2a09:f6c0::/29 maxlen: 29
2a09:f940::/29 maxlen: 29
2a09:fdc0::/29 maxlen: 29
2a0a:3700::/29 maxlen: 29
2a0a:3780::/29 maxlen: 29
2a0a:6000::/29 maxlen: 29
2a0a:ef00::/29 maxlen: 29
2a0b:280::/29 maxlen: 29
2a0b:5d00::/29 maxlen: 29
2a0c:380::/29 maxlen: 29
2a0c:3600::/32 maxlen: 32
2a0c:3780::/29 maxlen: 29
2a0c:57c0::/29 maxlen: 29
2a0c:ae00::/29 maxlen: 29
2a0d:1a00::/29 maxlen: 29
2a0d:dac0::/29 maxlen: 29
2a0d:fb00::/29 maxlen: 29
2a0e:f80::/29 maxlen: 29
2a0e:2080::/29 maxlen: 29
2a0e:2500::/29 maxlen: 29
2a0e:3380::/29 maxlen: 29
2a0e:3540::/29 maxlen: 29
2a0e:3c40::/29 maxlen: 29
2a0e:7880::/29 maxlen: 29
2a0e:b000::/29 maxlen: 29
2a0e:c3c0::/29 maxlen: 29
2a0e:c700::/29 maxlen: 29
2a0e:c800::/29 maxlen: 29
2a0e:d180::/29 maxlen: 29
2a0e:d880::/29 maxlen: 29
2a0e:e540::/29 maxlen: 29
2a0e:e8c0::/29 maxlen: 29
2a0e:e940::/29 maxlen: 29
2a0e:f540::/29 maxlen: 29
2a0f:740::/29 maxlen: 29
2a0f:1b40::/29 maxlen: 29
2a0f:3900::/29 maxlen: 29
2a0f:4840::/29 maxlen: 29
2a0f:6200::/29 maxlen: 29
2a0f:82c0::/29 maxlen: 29
2a0f:9380::/29 maxlen: 29
2a0f:b200::/29 maxlen: 29
2a0f:da00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:92:94:04:77:23:fe:bd:b9:f0:13:ca:52:5c:e7:b5:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jun 21 13:01:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f311604d57e4ebbc3caa46f19e439633ac10aa38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b3:f8:fc:5d:c4:f9:83:dc:6f:2b:dd:e2:52:
55:ad:a5:78:f7:9d:fe:b5:6a:82:96:d0:1b:5f:32:
31:2e:5f:ab:48:ee:64:98:f7:cb:8f:fb:ee:85:24:
8c:89:05:5f:f9:d9:3f:68:07:27:e4:a1:d1:4d:6e:
93:62:9c:55:15:c9:03:17:13:10:2c:b0:27:2b:61:
0e:85:b7:39:83:fa:93:a4:35:b2:09:07:5f:39:50:
43:04:99:7d:ee:5c:7e:33:45:56:ca:11:7e:f2:6d:
43:1a:53:1c:9c:45:4c:60:06:0a:a5:e9:67:2a:5e:
20:19:e9:69:b8:71:53:c0:fb:d6:ab:b3:d9:f1:3a:
69:9c:f6:cc:93:ef:ef:0f:cf:1c:91:f1:3b:ab:8b:
5a:8e:7d:4d:cc:6d:80:15:7f:04:3b:37:61:13:07:
51:16:51:da:d7:1a:e8:53:93:8a:9b:40:f4:da:c4:
7b:06:29:4c:cd:04:43:e6:9f:06:53:ed:70:3a:b4:
51:45:e2:93:2a:cc:2e:2c:e1:eb:47:67:f7:3f:99:
8e:75:ba:83:57:ee:80:98:a1:62:56:c9:bf:b0:d0:
2b:fb:67:e6:3d:0f:cd:5a:23:87:5e:70:50:e3:d7:
7b:ad:76:20:7f:b1:a3:56:ee:7b:a7:a1:37:b7:71:
e6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:11:60:4D:57:E4:EB:BC:3C:AA:46:F1:9E:43:96:33:AC:10:AA:38
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8xFgTVfk67w8qkbxnkOWM6wQqjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a07:c040::/29
2a09:700::/29
2a09:15c0::/29
2a09:3ac0::/29
2a09:4440::/29
2a09:4c40::/29
2a09:63c0::/29
2a09:7640::/29
2a09:7b40::/29
2a09:7f00::/29
2a09:a480::/29
2a09:bdc0::/29
2a09:ca40::/29
2a09:e400::/29
2a09:f6c0::/29
2a09:f940::/29
2a09:fdc0::/29
2a0a:3700::/29
2a0a:3780::/29
2a0a:6000::/29
2a0a:ef00::/29
2a0b:280::/29
2a0b:5d00::/29
2a0c:380::/29
2a0c:3600::/32
2a0c:3780::/29
2a0c:57c0::/29
2a0c:ae00::/29
2a0d:1a00::/29
2a0d:dac0::/29
2a0d:fb00::/29
2a0e:f80::/29
2a0e:2080::/29
2a0e:2500::/29
2a0e:3380::/29
2a0e:3540::/29
2a0e:3c40::/29
2a0e:7880::/29
2a0e:b000::/29
2a0e:c3c0::/29
2a0e:c700::/29
2a0e:c800::/29
2a0e:d180::/29
2a0e:d880::/29
2a0e:e540::/29
2a0e:e8c0::/29
2a0e:e940::/29
2a0e:f540::/29
2a0f:740::/29
2a0f:1b40::/29
2a0f:3900::/29
2a0f:4840::/29
2a0f:6200::/29
2a0f:82c0::/29
2a0f:9380::/29
2a0f:b200::/29
2a0f:da00::/29
Signature Algorithm: sha256WithRSAEncryption
5f:bf:e9:47:df:3a:c7:43:2f:8a:5e:49:50:6e:9d:30:e9:8c:
df:92:e5:cf:47:49:a4:77:77:67:24:4b:f6:79:e5:6f:6e:1c:
75:69:a3:d1:b2:f4:29:f9:19:38:d3:9e:c0:36:69:f2:88:86:
8b:5b:fb:f9:e2:0b:3e:68:cf:c7:37:83:54:16:41:29:e5:b3:
d9:df:62:76:7c:1d:73:e8:5f:bf:da:74:b5:b0:f3:96:81:74:
e6:f6:f8:10:7a:6e:ae:24:2f:35:22:11:f6:b0:7b:f7:f2:97:
6b:cb:0d:7e:e5:61:4a:26:c1:74:42:b6:9e:5a:ae:93:cf:7e:
7c:cb:5b:87:b1:35:f2:12:27:4e:80:d9:1d:36:c5:d8:05:58:
78:17:70:22:bb:59:23:f4:c0:0b:19:39:cf:9c:b5:ad:e6:f6:
8d:c6:cb:18:3c:e3:7a:45:24:4a:ab:ed:94:ad:a1:95:8b:78:
68:fe:bd:f0:f3:0a:e7:49:08:56:1b:e5:23:f8:cb:3e:1a:72:
16:0d:d0:ae:47:04:c8:cf:7e:5a:2a:bd:db:6b:5c:bc:e0:81:
13:62:3d:55:58:9e:1c:24:9c:70:0e:b7:63:a3:cb:ec:d0:8e:
0c:9e:13:c5:49:c5:34:6f:45:92:e1:94:e5:8a:86:07:d9:5d:
66:8f:7f:62
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAZeSlAR3I/69ufATylJc57VLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNjIxMTMwMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzExNjA0ZDU3ZTRlYmJjM2NhYTQ2ZjE5ZTQzOTYzM2FjMTBhYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbP4/F3E+YPcbyvd4lJVraV4953+
tWqCltAbXzIxLl+rSO5kmPfLj/vuhSSMiQVf+dk/aAcn5KHRTW6TYpxVFckDFxMQ
LLAnK2EOhbc5g/qTpDWyCQdfOVBDBJl97lx+M0VWyhF+8m1DGlMcnEVMYAYKpeln
Kl4gGelpuHFTwPvWq7PZ8TppnPbMk+/vD88ckfE7q4tajn1NzG2AFX8EOzdhEwdR
FlHa1xroU5OKm0D02sR7BilMzQRD5p8GU+1wOrRRReKTKswuLOHrR2f3P5mOdbqD
V+6AmKFiVsm/sNAr+2fmPQ/NWiOHXnBQ49d7rXYgf7GjVu57p6E3t3Hm+wIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFPMRYE1X5Ou8PKpG8Z5DljOsEKo4MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOHhGZ1RWZms2N3c4cWtieG5rT1dNNndRcWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjAeBAIAATAYAwQA
LUN0AwQGW/JAAwQCsq+wAwQAwnKQMIIBngQCAAIwggGWAwUDKgdVQAMFAyoHwEAD
BQMqCQcAAwUDKgkVwAMFAyoJOsADBQMqCURAAwUDKglMQAMFAyoJY8ADBQMqCXZA
AwUDKgl7QAMFAyoJfwADBQMqCaSAAwUDKgm9wAMFAyoJykADBQMqCeQAAwUDKgn2
wAMFAyoJ+UADBQMqCf3AAwUDKgo3AAMFAyoKN4ADBQMqCmAAAwUDKgrvAAMFAyoL
AoADBQMqC10AAwUDKgwDgAMFACoMNgADBQMqDDeAAwUDKgxXwAMFAyoMrgADBQMq
DRoAAwUDKg3awAMFAyoN+wADBQMqDg+AAwUDKg4ggAMFAyoOJQADBQMqDjOAAwUD
Kg41QAMFAyoOPEADBQMqDniAAwUDKg6wAAMFAyoOw8ADBQMqDscAAwUDKg7IAAMF
AyoO0YADBQMqDtiAAwUDKg7lQAMFAyoO6MADBQMqDulAAwUDKg71QAMFAyoPB0AD
BQMqDxtAAwUDKg85AAMFAyoPSEADBQMqD2IAAwUDKg+CwAMFAyoPk4ADBQMqD7IA
AwUDKg/aADANBgkqhkiG9w0BAQsFAAOCAQEAX7/pR986x0Mvil5JUG6dMOmM35Ll
z0dJpHd3ZyRL9nnlb24cdWmj0bL0KfkZONOewDZp8oiGi1v7+eILPmjPxzeDVBZB
KeWz2d9idnwdc+hfv9p0tbDzloF05vb4EHpuriQvNSIR9rB79/KXa8sNfuVhSibB
dEK2nlquk89+fMtbh7E18hInToDZHTbF2AVYeBdwIrtZI/TACxk5z5y1reb2jcbL
GDzjekUkSqvtlK2hlYt4aP698PMK50kIVhvlI/jLPhpyFg3QrkcEyM9+Wiq922tc
vOCBE2I9VVieHCSccA63Y6PL7NCODJ4TxUnFNG9FkuGU5YqGB9ldZo9/Yg==
-----END CERTIFICATE-----
Generated at Wed Jul 2 19:25:33 2025 by rpki-client