Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/8Tg_w4jLr-o6paH7i7ao61nZQwM.roa
File: 8Tg_w4jLr-o6paH7i7ao61nZQwM.roa (raw, json)
Hash identifier: BXi5IdwKZUBuQCj2qQLYriilM2He/krSkrWhx7hLw5g=
Subject key identifier: F1:38:3F:C3:88:CB:AF:EA:3A:A5:A1:FB:8B:B6:A8:EB:59:D9:43:03
Certificate issuer: /CN=576d59494a0a927f7a68f909ecef577cd503db1c
Certificate serial: 0197A321A40D1C5508E74D4F2FE68E643DE6
Authority key identifier: 57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/8Tg_w4jLr-o6paH7i7ao61nZQwM.roa
Signing time: Tue 24 Jun 2025 18:09:40 +0000
ROA not before: Tue 24 Jun 2025 18:09:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50812
IP address blocks: 91.193.106.0/23 maxlen: 24
91.224.6.0/23 maxlen: 24
185.30.48.0/22 maxlen: 24
185.145.32.0/22 maxlen: 24
193.105.252.0/24 maxlen: 24
194.110.164.0/22 maxlen: 24
194.116.202.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a3:21:a4:0d:1c:55:08:e7:4d:4f:2f:e6:8e:64:3d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576d59494a0a927f7a68f909ecef577cd503db1c
Validity
Not Before: Jun 24 18:09:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1383fc388cbafea3aa5a1fb8bb6a8eb59d94303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b3:1c:0a:f7:69:f3:bb:06:d5:16:a8:ba:04:
ac:db:60:b2:b8:54:4d:30:45:82:28:ff:32:3b:07:
ee:39:90:f1:b9:1b:8a:88:65:37:a9:34:71:4b:a7:
e2:3e:13:2e:44:7d:98:0e:9b:6b:2a:75:73:bb:55:
3f:48:2a:ce:1b:ae:39:d1:45:c4:21:96:8f:a6:96:
ba:e1:a3:f7:71:47:e8:d5:2a:aa:93:26:f6:c2:28:
92:c8:a5:66:c2:f9:f3:b8:af:f9:cc:d8:44:d8:6b:
3a:d3:8e:c9:a4:e3:f0:97:45:9b:56:b4:92:79:c5:
f1:2d:63:bf:85:47:ab:46:eb:97:b1:f0:ba:38:a1:
bc:35:bd:a5:c1:09:e2:3a:b5:be:e8:f0:ac:7e:d5:
c4:68:e0:b0:6c:97:49:3e:4e:2e:47:1d:cc:5b:26:
eb:e0:cb:48:ef:57:58:a7:d0:eb:d5:4f:65:97:20:
4e:6a:e9:8d:f2:7d:4e:c2:8e:26:00:86:82:4d:a2:
4d:4d:7d:1c:70:38:9a:45:09:3b:55:48:34:55:3c:
1e:c8:26:14:2f:e8:22:55:c4:ea:7a:93:b7:88:f4:
fa:6e:87:98:c4:8e:b9:9a:44:0a:42:98:16:5a:43:
21:c0:10:e0:23:b1:fe:a3:04:45:da:88:78:bf:11:
13:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:38:3F:C3:88:CB:AF:EA:3A:A5:A1:FB:8B:B6:A8:EB:59:D9:43:03
X509v3 Authority Key Identifier:
keyid:57:6D:59:49:4A:0A:92:7F:7A:68:F9:09:EC:EF:57:7C:D5:03:DB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V21ZSUoKkn96aPkJ7O9XfNUD2xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/8Tg_w4jLr-o6paH7i7ao61nZQwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/a89644-9316-4e8b-81a4-1f19a8bda3ed/1/V21ZSUoKkn96aPkJ7O9XfNUD2xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.106.0/23
91.224.6.0/23
185.30.48.0/22
185.145.32.0/22
193.105.252.0/24
194.110.164.0/22
194.116.202.0/23
Signature Algorithm: sha256WithRSAEncryption
98:55:06:37:a8:87:71:f7:b4:e4:62:cc:a8:4b:01:8b:5b:db:
aa:95:0c:a3:cf:aa:0f:86:d7:a8:8b:26:27:6f:58:b2:a0:46:
6e:14:75:bd:be:7f:01:37:8f:b3:f1:d3:e9:ee:3a:2a:a6:89:
03:81:80:7c:6f:21:f7:4f:83:a3:ef:13:ee:30:6a:3d:ab:0f:
2d:ea:8b:8d:8d:3d:51:0c:b3:70:3a:12:51:a4:cc:db:45:27:
c5:08:19:27:b4:b0:2a:c7:1b:43:52:6b:8e:58:7e:19:f4:03:
ae:0f:a6:1e:89:a8:2e:83:04:28:e6:e2:0b:5c:06:b9:44:57:
c4:15:28:06:04:18:38:2c:f8:01:9d:c3:4c:64:9c:3b:b2:e0:
ff:37:6c:a0:48:f1:18:1c:36:af:00:9e:51:ba:4e:66:1d:a5:
e2:01:8c:a7:67:3d:84:ea:60:0b:58:fe:bc:6c:1c:76:96:e8:
b0:58:2d:71:6a:04:9d:f8:2f:63:74:ef:5b:be:38:02:fc:98:
13:43:0d:43:ad:59:3c:c9:8d:1e:97:3c:27:d5:31:e6:4a:e9:
64:c1:cc:c5:f1:42:98:2d:31:14:a8:1a:8f:6b:c8:fd:2a:96:
be:71:53:53:0d:3e:21:7c:cf:e2:ac:0e:cc:bd:00:ef:6d:b7:
f0:8b:87:42
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZejIaQNHFUI501PL+aOZD3mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmQ1OTQ5NGEwYTkyN2Y3YTY4ZjkwOWVjZWY1NzdjZDUw
M2RiMWMwHhcNMjUwNjI0MTgwOTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM4M2ZjMzg4Y2JhZmVhM2FhNWExZmI4YmI2YThlYjU5ZDk0MzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbMcCvdp87sG1RaougSs22CyuFRN
MEWCKP8yOwfuOZDxuRuKiGU3qTRxS6fiPhMuRH2YDptrKnVzu1U/SCrOG6450UXE
IZaPppa64aP3cUfo1Sqqkyb2wiiSyKVmwvnzuK/5zNhE2Gs6047JpOPwl0WbVrSS
ecXxLWO/hUerRuuXsfC6OKG8Nb2lwQniOrW+6PCsftXEaOCwbJdJPk4uRx3MWybr
4MtI71dYp9Dr1U9llyBOaumN8n1Owo4mAIaCTaJNTX0ccDiaRQk7VUg0VTweyCYU
L+giVcTqepO3iPT6boeYxI65mkQKQpgWWkMhwBDgI7H+owRF2oh4vxETnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPE4P8OIy6/qOqWh+4u2qOtZ2UMDMB8GA1UdIwQY
MBaAFFdtWUlKCpJ/emj5CezvV3zVA9scMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQt
MWYxOWE4YmRhM2VkLzEvOFRnX3c0akxyLW82cGFIN2k3YW82MW5aUXdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9hODk2NDQtOTMxNi00ZThiLTgxYTQtMWYxOWE4YmRhM2Vk
LzEvVjIxWlNVb0trbjk2YVBrSjdPOVhmTlVEMnh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBW8FqAwQB
W+AGAwQCuR4wAwQCuZEgAwQAwWn8AwQCwm6kAwQBwnTKMA0GCSqGSIb3DQEBCwUA
A4IBAQCYVQY3qIdx97TkYsyoSwGLW9uqlQyjz6oPhteoiyYnb1iyoEZuFHW9vn8B
N4+z8dPp7joqpokDgYB8byH3T4Oj7xPuMGo9qw8t6ouNjT1RDLNwOhJRpMzbRSfF
CBkntLAqxxtDUmuOWH4Z9AOuD6YeiagugwQo5uILXAa5RFfEFSgGBBg4LPgBncNM
ZJw7suD/N2ygSPEYHDavAJ5Ruk5mHaXiAYynZz2E6mALWP68bBx2luiwWC1xagSd
+C9jdO9bvjgC/JgTQw1DrVk8yY0elzwn1THmSulkwczF8UKYLTEUqBqPa8j9Kpa+
cVNTDT4hfM/irA7MvQDvbbfwi4dC
-----END CERTIFICATE-----
Generated at Wed Jul 2 19:57:50 2025 by rpki-client