Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BO8-9xGk4M--8c5-wr1SN_aO1RI.roa
File: BO8-9xGk4M--8c5-wr1SN_aO1RI.roa (raw, json)
Hash identifier: knkjqFWbt7fkKYWHsMH853udtHB0a9MpwAUmCKrBKNI=
Subject key identifier: 04:EF:3E:F7:11:A4:E0:CF:BE:F1:CE:7E:C2:BD:52:37:F6:8E:D5:12
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0198CC684DB05287C8176A5F09EBA8203DE6
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BO8-9xGk4M--8c5-wr1SN_aO1RI.roa
Signing time: Thu 21 Aug 2025 11:34:04 +0000
ROA not before: Thu 21 Aug 2025 11:34:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 984
IP address blocks: 84.233.132.0/23 maxlen: 24
84.233.164.0/23 maxlen: 24
84.233.200.0/23 maxlen: 24
84.233.220.0/23 maxlen: 24
84.233.232.0/23 maxlen: 24
84.233.240.0/23 maxlen: 24
195.86.2.0/23 maxlen: 24
195.86.8.0/21 maxlen: 24
195.86.16.0/22 maxlen: 24
195.86.20.0/23 maxlen: 24
195.86.28.0/22 maxlen: 24
195.86.32.0/22 maxlen: 24
195.86.36.0/23 maxlen: 24
195.86.44.0/22 maxlen: 24
195.86.50.0/23 maxlen: 24
195.86.52.0/22 maxlen: 24
195.86.60.0/22 maxlen: 24
195.86.64.0/23 maxlen: 24
195.86.68.0/22 maxlen: 24
195.86.72.0/21 maxlen: 24
195.86.80.0/20 maxlen: 24
195.86.96.0/20 maxlen: 24
195.86.114.0/23 maxlen: 24
195.86.116.0/22 maxlen: 24
195.86.120.0/22 maxlen: 24
195.86.128.0/23 maxlen: 24
195.86.132.0/22 maxlen: 24
195.86.136.0/21 maxlen: 24
195.86.144.0/20 maxlen: 24
195.86.162.0/23 maxlen: 24
195.86.164.0/22 maxlen: 24
195.86.168.0/21 maxlen: 24
195.86.176.0/20 maxlen: 24
195.86.192.0/20 maxlen: 24
195.86.212.0/22 maxlen: 24
195.86.216.0/23 maxlen: 24
195.86.224.0/21 maxlen: 24
195.86.232.0/22 maxlen: 24
195.86.236.0/23 maxlen: 24
195.86.242.0/23 maxlen: 24
195.86.244.0/22 maxlen: 24
195.86.248.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:68:4d:b0:52:87:c8:17:6a:5f:09:eb:a8:20:3d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Aug 21 11:34:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04ef3ef711a4e0cfbef1ce7ec2bd5237f68ed512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c0:60:f3:2d:ca:bd:2a:c0:51:d9:02:81:13:
9c:91:f8:43:de:8f:ac:58:64:5e:95:39:89:80:6f:
df:ae:fa:de:e0:3a:65:18:40:00:af:e0:ec:2f:aa:
9f:6d:9f:b6:ea:4c:40:7b:1e:f6:2a:3a:d4:c4:fd:
84:65:d3:86:bc:39:69:f1:88:ed:1f:7d:dc:23:0a:
95:f1:0f:ac:56:39:55:6f:51:70:19:52:7e:51:21:
34:37:47:37:8f:73:ea:97:94:3b:a2:aa:85:49:49:
01:1a:c4:3b:15:84:29:e7:9f:3e:39:b8:4d:56:19:
85:f3:00:7e:eb:fa:2d:af:60:d3:9a:33:52:d0:48:
de:28:75:dc:06:91:80:82:e9:0f:08:2a:39:e4:e6:
9f:16:75:6f:31:20:a4:88:6f:80:56:cd:32:e9:71:
08:b7:7e:ca:07:ce:0b:66:50:ff:56:2d:5a:52:52:
a0:76:4c:d5:55:f5:85:80:be:8b:14:ff:27:2f:fa:
f8:36:2b:ad:99:15:2f:ff:55:64:aa:6f:ea:d8:aa:
b8:a3:af:93:20:bb:c3:04:a4:94:28:c1:e1:3e:ec:
de:af:92:e4:9f:57:38:77:34:a3:fc:88:ee:2d:31:
a5:7b:07:b7:ac:3f:32:57:b6:9c:f4:b1:61:aa:cf:
d8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EF:3E:F7:11:A4:E0:CF:BE:F1:CE:7E:C2:BD:52:37:F6:8E:D5:12
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BO8-9xGk4M--8c5-wr1SN_aO1RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.233.132.0/23
84.233.164.0/23
84.233.200.0/23
84.233.220.0/23
84.233.232.0/23
84.233.240.0/23
195.86.2.0/23
195.86.8.0-195.86.21.255
195.86.28.0-195.86.37.255
195.86.44.0/22
195.86.50.0-195.86.55.255
195.86.60.0-195.86.65.255
195.86.68.0-195.86.111.255
195.86.114.0-195.86.123.255
195.86.128.0/23
195.86.132.0-195.86.159.255
195.86.162.0-195.86.207.255
195.86.212.0-195.86.217.255
195.86.224.0-195.86.237.255
195.86.242.0-195.86.255.255
Signature Algorithm: sha256WithRSAEncryption
0e:4d:b7:61:43:27:3d:d3:0b:ed:56:d8:d0:35:be:26:57:98:
fb:e4:38:81:0e:6b:c6:ef:de:13:db:b3:d9:0f:f3:68:0b:f9:
7a:f9:66:38:95:96:23:59:10:bc:ef:af:28:97:ed:b4:07:76:
71:6a:e5:d4:0a:02:1d:e6:97:b2:53:c0:43:4a:a7:05:59:9e:
16:94:52:cd:ce:8c:f4:e5:8a:5c:24:77:db:19:d3:a7:d7:33:
5d:31:66:e2:7c:9c:0d:c8:0f:6d:76:43:0c:bf:ca:7c:5c:8f:
0f:0c:5a:ac:72:6d:f6:40:db:db:d5:2a:4d:33:9e:1c:66:8b:
2f:4d:11:65:18:24:bd:9d:82:46:cb:20:f8:c8:e7:d3:b0:e9:
a2:ca:43:07:ff:7c:90:84:a3:07:9f:fd:ef:07:63:80:76:63:
f6:cf:28:25:48:a9:a4:29:85:87:d8:59:51:88:29:cd:b8:7a:
be:a6:be:60:8b:16:5c:54:49:84:54:36:d5:4e:30:36:58:a1:
3e:b2:73:9b:f5:10:7f:02:86:11:e5:05:51:e5:28:34:7d:5c:
2e:84:34:0d:71:98:6b:05:f5:56:75:b5:39:f7:b7:72:af:ee:
38:db:2d:aa:7e:63:f0:24:b3:ce:43:80:bc:03:e8:aa:85:30:
ac:9d:4d:84
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgISAZjMaE2wUofIF2pfCeuoID3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwODIxMTEzNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVmM2VmNzExYTRlMGNmYmVmMWNlN2VjMmJkNTIzN2Y2OGVkNTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Bg8y3KvSrAUdkCgROckfhD3o+s
WGRelTmJgG/frvre4DplGEAAr+DsL6qfbZ+26kxAex72KjrUxP2EZdOGvDlp8Yjt
H33cIwqV8Q+sVjlVb1FwGVJ+USE0N0c3j3Pql5Q7oqqFSUkBGsQ7FYQp558+ObhN
VhmF8wB+6/otr2DTmjNS0EjeKHXcBpGAgukPCCo55OafFnVvMSCkiG+AVs0y6XEI
t37KB84LZlD/Vi1aUlKgdkzVVfWFgL6LFP8nL/r4NiutmRUv/1Vkqm/q2Kq4o6+T
ILvDBKSUKMHhPuzer5Lkn1c4dzSj/IjuLTGlewe3rD8yV7ac9LFhqs/YvQIDAQAB
o4IC1zCCAtMwHQYDVR0OBBYEFATvPvcRpODPvvHOfsK9Ujf2jtUSMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvQk84LTl4R2s0TS0tOGM1LXdyMVNOX2FPMVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHsBggrBgEFBQcBBwEB/wSB3DCB2TCB1gQCAAEwgc8DBAFU
6YQDBAFU6aQDBAFU6cgDBAFU6dwDBAFU6egDBAFU6fADBAHDVgIwDAMEA8NWCAME
AcNWFDAMAwQCw1YcAwQBw1YkAwQCw1YsMAwDBAHDVjIDBAPDVjAwDAMEAsNWPAME
AcNWQDAMAwQCw1ZEAwQEw1ZgMAwDBAHDVnIDBALDVngDBAHDVoAwDAMEAsNWhAME
BcNWgDAMAwQBw1aiAwQEw1bAMAwDBALDVtQDBAHDVtgwDAMEBcNW4AMEAcNW7DAL
AwQBw1byAwMAw1YwDQYJKoZIhvcNAQELBQADggEBAA5Nt2FDJz3TC+1W2NA1viZX
mPvkOIEOa8bv3hPbs9kP82gL+Xr5ZjiVliNZELzvryiX7bQHdnFq5dQKAh3ml7JT
wENKpwVZnhaUUs3OjPTlilwkd9sZ06fXM10xZuJ8nA3ID212Qwy/ynxcjw8MWqxy
bfZA29vVKk0znhxmiy9NEWUYJL2dgkbLIPjI59Ow6aLKQwf/fJCEowef/e8HY4B2
Y/bPKCVIqaQphYfYWVGIKc24er6mvmCLFlxUSYRUNtVOMDZYoT6yc5v1EH8ChhHl
BVHlKDR9XC6ENA1xmGsF9VZ1tTn3t3Kv7jjbLap+Y/Aks85DgLwD6KqFMKydTYQ=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:36:32 2025 by rpki-client