Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uH96Z6OjpdY4PPv0sHyEUck3BbQ.roa
File: uH96Z6OjpdY4PPv0sHyEUck3BbQ.roa (raw, json)
Hash identifier: vQrBGMdQcBs2pOj7zz8aMCOqWhOWFy7K6Om0qzA5Qwk=
Subject key identifier: B8:7F:7A:67:A3:A3:A5:D6:38:3C:FB:F4:B0:7C:84:51:C9:37:05:B4
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0198A8AC9B4E70811C492B99BAEF6B2CD1C3
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uH96Z6OjpdY4PPv0sHyEUck3BbQ.roa
Signing time: Thu 14 Aug 2025 13:02:20 +0000
ROA not before: Thu 14 Aug 2025 13:02:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
195.138.103.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:ac:9b:4e:70:81:1c:49:2b:99:ba:ef:6b:2c:d1:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 14 13:02:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b87f7a67a3a3a5d6383cfbf4b07c8451c93705b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3c:c6:4c:59:3b:18:dd:28:6c:60:24:2f:d4:
db:cb:34:a4:1f:b3:bb:cf:51:66:b4:f1:ce:16:b4:
07:b6:bb:23:c8:98:a9:7c:1d:10:9e:81:6e:09:34:
0a:c5:a6:05:9c:59:46:d8:50:eb:84:62:ef:70:c7:
89:d2:35:88:a7:fc:21:39:01:e4:c4:74:04:f3:f5:
3b:f3:67:9f:b0:e3:6e:e6:bd:95:e7:23:e5:ce:96:
30:d8:6d:d3:bc:57:d1:72:5e:d9:2f:48:94:1c:fe:
62:f5:bb:36:ba:ad:57:9b:ee:93:5b:a6:87:5d:e9:
4c:26:22:0e:c2:83:f3:ae:97:d0:20:f5:a2:b8:7f:
62:4d:e8:62:92:56:56:10:52:c4:b2:c8:3e:1d:aa:
13:c7:b5:37:21:35:5b:31:f8:5a:a6:dc:97:ed:7c:
b3:d7:50:c2:26:13:34:ae:2c:01:80:25:21:e0:ee:
61:2b:63:03:a7:6e:99:0a:f3:da:0c:68:d0:67:5e:
a2:8f:20:64:d6:f8:ac:31:6f:99:e5:c0:db:97:15:
08:88:5b:76:57:ee:96:91:33:bb:9c:62:e2:c6:77:
b7:b3:f4:d1:f8:0b:fd:8d:43:4e:85:d4:8c:06:dc:
5c:4f:6c:79:12:ae:b2:34:29:58:16:87:63:0b:16:
2b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7F:7A:67:A3:A3:A5:D6:38:3C:FB:F4:B0:7C:84:51:C9:37:05:B4
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/uH96Z6OjpdY4PPv0sHyEUck3BbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.123.0-91.242.124.255
91.242.126.0/23
185.40.105.0/24
185.180.145.0/24
193.31.104.0/22
195.138.103.0/24
195.138.109.0-195.138.111.255
195.138.113.0/24
195.138.115.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
03:7d:c5:6e:30:26:16:00:07:c5:81:cb:4a:05:f5:5f:f6:a8:
34:bc:be:72:a4:d6:cc:3d:f2:02:fe:67:90:6b:6d:52:b8:4b:
ce:03:60:d9:84:53:ea:d3:cc:2a:e4:f1:49:e3:0a:b3:2f:d9:
42:4b:55:ab:5f:05:56:b6:6c:58:c3:d8:15:8b:ca:19:50:47:
e2:98:c3:63:bd:3c:62:8a:28:d4:08:de:95:cb:ba:c8:03:ec:
11:44:be:68:5f:5f:21:30:19:71:e0:76:d1:b5:66:61:dc:36:
8e:43:b8:da:18:a2:39:a4:a0:e3:b6:ca:b7:df:e1:b4:92:6e:
7b:f8:be:b1:e1:82:34:fe:03:68:46:ef:52:c8:d6:a0:55:db:
d7:4e:39:18:4a:40:8e:59:8b:d2:74:cd:25:3e:d6:48:fe:55:
88:97:25:b3:89:73:80:a6:40:2b:1b:03:46:49:1a:cb:51:22:
26:76:d7:38:28:44:92:46:c9:dd:fb:e3:62:7d:af:29:10:73:
be:9b:8f:2c:cb:55:74:e1:65:bd:ae:57:ef:c5:35:10:0d:18:
68:9e:66:7d:70:53:bc:58:fe:93:5b:4e:a6:ea:8a:43:1e:92:
5a:aa:c2:20:4d:56:5c:96:51:c9:21:8f:eb:2c:1d:41:f9:2a:
5f:d7:7d:08
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZiorJtOcIEcSSuZuu9rLNHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwODE0MTMwMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdmN2E2N2EzYTNhNWQ2MzgzY2ZiZjRiMDdjODQ1MWM5MzcwNWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDzGTFk7GN0obGAkL9TbyzSkH7O7
z1FmtPHOFrQHtrsjyJipfB0QnoFuCTQKxaYFnFlG2FDrhGLvcMeJ0jWIp/whOQHk
xHQE8/U782efsONu5r2V5yPlzpYw2G3TvFfRcl7ZL0iUHP5i9bs2uq1Xm+6TW6aH
XelMJiIOwoPzrpfQIPWiuH9iTehiklZWEFLEssg+HaoTx7U3ITVbMfhaptyX7Xyz
11DCJhM0riwBgCUh4O5hK2MDp26ZCvPaDGjQZ16ijyBk1visMW+Z5cDblxUIiFt2
V+6WkTO7nGLixne3s/TR+Av9jUNOhdSMBtxcT2x5Eq6yNClYFodjCxYrrwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFLh/emejo6XWODz79LB8hFHJNwW0MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvdUg5Nlo2T2pwZFk0UFB2MHNIeUVVY2szQmJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgW2
HAMEAC1DdQMEAi2WqAMEAi2XxAMEAFkooTAMAwQBW/JGAwQBW/JIMAwDBABb8nsD
BABb8nwDBAFb8n4DBAC5KGkDBAC5tJEDBALBH2gDBADDimcwDAMEAMOKbQMEBMOK
YAMEAMOKcQMEAMOKcwMEAMOKeAMEAsOKfDANBgkqhkiG9w0BAQsFAAOCAQEAA33F
bjAmFgAHxYHLSgX1X/aoNLy+cqTWzD3yAv5nkGttUrhLzgNg2YRT6tPMKuTxSeMK
sy/ZQktVq18FVrZsWMPYFYvKGVBH4pjDY708Yooo1Ajelcu6yAPsEUS+aF9fITAZ
ceB20bVmYdw2jkO42hiiOaSg47bKt9/htJJue/i+seGCNP4DaEbvUsjWoFXb1045
GEpAjlmL0nTNJT7WSP5ViJcls4lzgKZAKxsDRkkay1EiJnbXOChEkkbJ3fvjYn2v
KRBzvpuPLMtVdOFlva5X78U1EA0YaJ5mfXBTvFj+k1tOpuqKQx6SWqrCIE1WXJZR
ySGP6ywdQfkqX9d9CA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:47:30 2025 by rpki-client