Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/8eOcRvtFv6WKmWJsvFtCeh3bQOI.roa
File: 8eOcRvtFv6WKmWJsvFtCeh3bQOI.roa (raw, json)
Hash identifier: Fc0MHvgeimy08EQvI9R5qWeNLdRQwq1sSVsHXK/MAtQ=
Subject key identifier: F1:E3:9C:46:FB:45:BF:A5:8A:99:62:6C:BC:5B:42:7A:1D:DB:40:E2
Certificate issuer: /CN=6279f0a59fc8c6fd785953701ae72b56de5011ac
Certificate serial: 0198C79ABF79E8A68B8AD7E05AB3574687A2
Authority key identifier: 62:79:F0:A5:9F:C8:C6:FD:78:59:53:70:1A:E7:2B:56:DE:50:11:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YnnwpZ_Ixv14WVNwGucrVt5QEaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/8eOcRvtFv6WKmWJsvFtCeh3bQOI.roa
Signing time: Wed 20 Aug 2025 13:11:04 +0000
ROA not before: Wed 20 Aug 2025 13:11:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206470
IP address blocks: 31.3.210.0/24 maxlen: 24
2a13:e340::/29 maxlen: 29
2a13:e340::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/YnnwpZ_Ixv14WVNwGucrVt5QEaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/YnnwpZ_Ixv14WVNwGucrVt5QEaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/YnnwpZ_Ixv14WVNwGucrVt5QEaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 13:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:9a:bf:79:e8:a6:8b:8a:d7:e0:5a:b3:57:46:87:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6279f0a59fc8c6fd785953701ae72b56de5011ac
Validity
Not Before: Aug 20 13:11:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1e39c46fb45bfa58a99626cbc5b427a1ddb40e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:bc:05:bb:ef:ee:fa:31:59:02:41:e9:3a:bb:
0b:15:c6:8b:85:67:af:10:0f:a1:8e:91:6e:b1:fc:
f6:32:20:07:a2:c8:66:3f:ac:a0:1d:7b:32:8e:14:
0d:d2:c5:12:d7:62:cd:8b:09:4e:5e:4c:01:4e:02:
0f:87:d3:55:b7:82:0a:ee:94:95:ac:bb:f3:3b:48:
1a:0b:53:8e:48:62:b6:e4:a9:9a:33:bc:1f:37:d0:
f2:f7:f5:67:9c:f3:40:35:84:dc:e9:b6:c6:9f:14:
e7:90:86:32:f1:cc:49:62:b8:fa:a2:80:3c:37:cd:
fe:8d:71:8d:fd:05:94:dd:4c:b9:d0:01:22:08:05:
7a:01:55:d7:d9:2b:4c:da:cc:77:78:e2:6b:6d:a3:
59:f5:02:28:a8:a7:f6:af:f0:49:76:25:90:09:bf:
bd:43:25:b8:17:2e:ac:2d:21:25:05:ff:2d:fe:0b:
c6:ed:0f:8f:aa:5c:c8:15:db:8e:81:55:41:a3:9f:
06:45:86:9d:fb:93:bb:ab:d2:06:cd:7f:e7:59:f3:
cb:a3:4f:41:78:d3:20:2f:2f:4f:d7:48:01:b4:bd:
66:0d:b1:a4:8e:5a:41:87:9f:60:87:0d:64:97:f0:
e9:f9:de:9d:b8:0b:fb:c7:b7:13:36:50:50:7a:4a:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E3:9C:46:FB:45:BF:A5:8A:99:62:6C:BC:5B:42:7A:1D:DB:40:E2
X509v3 Authority Key Identifier:
keyid:62:79:F0:A5:9F:C8:C6:FD:78:59:53:70:1A:E7:2B:56:DE:50:11:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnnwpZ_Ixv14WVNwGucrVt5QEaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/8eOcRvtFv6WKmWJsvFtCeh3bQOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c8d4bc-f2f1-4ee5-940e-9fc85d02e71a/1/YnnwpZ_Ixv14WVNwGucrVt5QEaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.210.0/24
IPv6:
2a13:e340::/29
Signature Algorithm: sha256WithRSAEncryption
18:a6:c3:9b:12:a3:7f:cb:84:67:a3:a5:8e:d7:91:43:ea:76:
f7:d2:6a:11:80:2b:2b:f1:18:d3:5f:df:44:84:c0:8d:5e:58:
97:f5:59:b1:4e:10:14:59:a3:87:4e:25:9a:08:93:a2:62:13:
ac:03:a3:6d:96:4f:5b:fb:ce:50:ae:ae:e1:22:37:f0:73:68:
ca:8f:81:3d:71:ad:aa:70:47:21:eb:a0:cf:a3:4c:3b:d8:da:
b3:db:33:60:a3:f5:c2:e8:15:51:40:45:df:1c:1a:cd:7d:e0:
eb:3c:d7:26:0c:87:73:c6:55:c2:9f:57:bc:cd:6f:51:63:b5:
09:1d:ba:17:74:51:fc:92:62:9c:30:db:a4:03:70:2a:12:b1:
dd:2b:fd:2c:b9:b6:d6:b8:dd:5b:8b:a8:79:90:1b:cf:e6:3b:
ae:84:57:03:76:f2:53:7e:81:4b:2e:c6:df:12:70:53:52:09:
9c:f2:33:a4:f9:ed:4e:16:43:e6:55:83:2c:1e:65:d2:3c:b2:
65:f6:07:98:bd:31:a4:c9:8b:11:b9:7d:14:14:c7:f1:4b:12:
22:4a:53:3c:f0:92:c7:b6:c7:fc:50:f0:3e:07:a8:0c:b3:5c:
60:d5:53:6a:80:d2:1c:d2:c5:32:2f:3e:9f:4c:cf:2f:a0:1f:
ee:cd:f4:04
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZjHmr956KaLitfgWrNXRoeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNzlmMGE1OWZjOGM2ZmQ3ODU5NTM3MDFhZTcyYjU2ZGU1
MDExYWMwHhcNMjUwODIwMTMxMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUzOWM0NmZiNDViZmE1OGE5OTYyNmNiYzViNDI3YTFkZGI0MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+rwFu+/u+jFZAkHpOrsLFcaLhWev
EA+hjpFusfz2MiAHoshmP6ygHXsyjhQN0sUS12LNiwlOXkwBTgIPh9NVt4IK7pSV
rLvzO0gaC1OOSGK25KmaM7wfN9Dy9/VnnPNANYTc6bbGnxTnkIYy8cxJYrj6ooA8
N83+jXGN/QWU3Uy50AEiCAV6AVXX2StM2sx3eOJrbaNZ9QIoqKf2r/BJdiWQCb+9
QyW4Fy6sLSElBf8t/gvG7Q+PqlzIFduOgVVBo58GRYad+5O7q9IGzX/nWfPLo09B
eNMgLy9P10gBtL1mDbGkjlpBh59ghw1kl/Dp+d6duAv7x7cTNlBQekrdXQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPHjnEb7Rb+liplibLxbQnod20DiMB8GA1UdIwQY
MBaAFGJ58KWfyMb9eFlTcBrnK1beUBGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5ud3BaX0l4djE0V1ZOd0d1Y3JWdDVRRWF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jOGQ0YmMtZjJmMS00ZWU1LTk0MGUt
OWZjODVkMDJlNzFhLzEvOGVPY1J2dEZ2NldLbVdKc3ZGdENlaDNiUU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jOGQ0YmMtZjJmMS00ZWU1LTk0MGUtOWZjODVkMDJlNzFh
LzEvWW5ud3BaX0l4djE0V1ZOd0d1Y3JWdDVRRWF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAHwPSMA0E
AgACMAcDBQMqE+NAMA0GCSqGSIb3DQEBCwUAA4IBAQAYpsObEqN/y4Rno6WO15FD
6nb30moRgCsr8RjTX99EhMCNXliX9VmxThAUWaOHTiWaCJOiYhOsA6Ntlk9b+85Q
rq7hIjfwc2jKj4E9ca2qcEch66DPo0w72Nqz2zNgo/XC6BVRQEXfHBrNfeDrPNcm
DIdzxlXCn1e8zW9RY7UJHboXdFH8kmKcMNukA3AqErHdK/0subbWuN1bi6h5kBvP
5juuhFcDdvJTfoFLLsbfEnBTUgmc8jOk+e1OFkPmVYMsHmXSPLJl9geYvTGkyYsR
uX0UFMfxSxIiSlM88JLHtsf8UPA+B6gMs1xg1VNqgNIc0sUyLz6fTM8voB/uzfQE
-----END CERTIFICATE-----
Generated at Sat Aug 23 23:44:50 2025 by rpki-client