Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/8iGd8L0j6FHu_yxVIMTG7nGhl2o.roa
File: 8iGd8L0j6FHu_yxVIMTG7nGhl2o.roa (raw, json)
Hash identifier: EtgX9wLO5CJtBR8PjzUlWKaAZQPPQAmS6LoUZ8zB8hc=
Subject key identifier: F2:21:9D:F0:BD:23:E8:51:EE:FF:2C:55:20:C4:C6:EE:71:A1:97:6A
Certificate issuer: /CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Certificate serial: 0198A2F3D1F60D2537A76018DA126FCCA3AA
Authority key identifier: F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/8iGd8L0j6FHu_yxVIMTG7nGhl2o.roa
Signing time: Wed 13 Aug 2025 10:22:24 +0000
ROA not before: Wed 13 Aug 2025 10:22:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214123
IP address blocks: 185.36.208.0/24 maxlen: 24
185.183.220.0/24 maxlen: 24
2a0f:4f00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:f3:d1:f6:0d:25:37:a7:60:18:da:12:6f:cc:a3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Validity
Not Before: Aug 13 10:22:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2219df0bd23e851eeff2c5520c4c6ee71a1976a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:69:c4:35:38:0f:89:01:f4:2e:7b:fe:1b:01:
3f:d7:ce:6b:6a:1b:40:a3:e7:75:cf:0a:22:0a:d8:
cf:65:6e:ba:da:f8:2f:4a:59:ca:5d:1e:e3:99:42:
1b:69:d3:7a:9d:8a:19:66:0c:fe:4d:82:26:47:d2:
a3:d9:89:05:d0:05:8e:55:4e:dd:ff:6a:22:a9:f9:
b5:d4:fa:bb:7c:33:2f:81:43:78:c1:e3:5d:86:d7:
ea:00:36:8e:46:a8:cc:45:82:c4:a9:45:c7:6b:87:
83:f6:c6:ea:f6:47:f7:62:3d:12:e6:6f:b5:45:90:
df:03:d9:1d:69:3f:42:20:bf:95:e5:d3:a4:7e:80:
08:84:ea:ac:9e:45:8c:fb:c6:1a:c4:a2:bb:78:70:
b8:04:6b:44:1f:3b:c1:7d:16:9c:7c:2e:dc:90:12:
38:d9:b8:a9:64:e8:c1:4e:3d:ef:96:03:cc:a6:76:
28:6b:f9:e6:27:ac:11:f2:fd:0d:a1:b3:9b:2d:60:
52:dc:0c:d6:32:1e:04:a6:27:f2:d7:a2:53:93:96:
21:b8:a3:ba:ac:7d:20:1c:71:f7:90:55:5b:1e:1a:
ee:7e:4b:0c:50:63:4b:06:e3:95:ea:f9:c8:18:42:
52:7f:b2:7c:0f:7f:1d:66:29:cd:6c:f4:75:8f:52:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:21:9D:F0:BD:23:E8:51:EE:FF:2C:55:20:C4:C6:EE:71:A1:97:6A
X509v3 Authority Key Identifier:
keyid:F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/8iGd8L0j6FHu_yxVIMTG7nGhl2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.208.0/24
185.183.220.0/24
IPv6:
2a0f:4f00::/29
Signature Algorithm: sha256WithRSAEncryption
73:2c:c9:fb:31:21:69:cb:82:69:da:0b:65:ca:37:42:a3:28:
e5:de:c6:f7:c2:9a:fc:f6:20:a8:2d:73:8c:e7:c3:b2:3a:c3:
b7:cd:a1:24:5c:44:25:58:4b:e8:fb:4e:6c:94:d4:93:5f:72:
4a:97:0c:d4:b9:e1:a0:88:cb:57:08:ae:13:b6:58:1d:ec:31:
e5:31:40:38:6c:8d:02:8a:77:38:fd:c7:d9:dc:1c:c1:1c:dc:
70:44:18:72:ff:be:d9:98:2e:3c:9a:4b:63:7a:75:91:e4:d4:
95:15:97:62:80:f6:76:52:39:ce:81:d9:12:79:f5:bd:e5:76:
8e:be:e5:7f:6d:7a:8a:a3:84:f7:c7:54:9a:38:ef:83:b5:14:
ef:d5:53:1a:0a:41:1c:12:42:1f:bf:2e:aa:2b:04:6a:c0:50:
ed:16:dc:54:68:45:7f:a8:f1:1e:c4:c1:f0:67:50:97:c9:c0:
3b:4a:9b:2f:0e:73:a7:fe:f5:34:38:4e:91:bc:45:6c:58:d6:
e8:2a:6a:21:b4:b1:f8:b1:8b:b8:89:de:e3:00:c6:32:d0:04:
09:d4:2e:06:f5:dc:dc:a2:76:39:3d:01:46:15:e0:71:ea:00:
ed:ac:16:72:ef:6c:ed:87:68:3f:b4:75:11:7f:62:54:0a:84:
76:1c:e4:eb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZii89H2DSU3p2AY2hJvzKOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OTlhZWE1NmY1MGZmOGY0MzQyY2JlZTJhZjJmMjg4YTE2
OGM5MzAwHhcNMjUwODEzMTAyMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjIxOWRmMGJkMjNlODUxZWVmZjJjNTUyMGM0YzZlZTcxYTE5NzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WnENTgPiQH0Lnv+GwE/185rahtA
o+d1zwoiCtjPZW662vgvSlnKXR7jmUIbadN6nYoZZgz+TYImR9Kj2YkF0AWOVU7d
/2oiqfm11Pq7fDMvgUN4weNdhtfqADaORqjMRYLEqUXHa4eD9sbq9kf3Yj0S5m+1
RZDfA9kdaT9CIL+V5dOkfoAIhOqsnkWM+8YaxKK7eHC4BGtEHzvBfRacfC7ckBI4
2bipZOjBTj3vlgPMpnYoa/nmJ6wR8v0NobObLWBS3AzWMh4Epify16JTk5YhuKO6
rH0gHHH3kFVbHhrufksMUGNLBuOV6vnIGEJSf7J8D38dZinNbPR1j1L9wQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPIhnfC9I+hR7v8sVSDExu5xoZdqMB8GA1UdIwQY
MBaAFPiZrqVvUP+PQ0LL7iry8oihaMkwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KbXVwVzlRXzQ5RFFzdnVLdkx5aUtGb3lUQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1
LTliZjE5ZDg0MjIwZi8xLzhpR2Q4TDBqNkZIdV95eFZJTVRHN25HaGwyby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1LTliZjE5ZDg0MjIw
Zi8xLzEtSm11cFc5UV80OURRc3Z1S3ZMeWlLRm95VEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAC5JNAD
BAC5t9wwDQQCAAIwBwMFAyoPTwAwDQYJKoZIhvcNAQELBQADggEBAHMsyfsxIWnL
gmnaC2XKN0KjKOXexvfCmvz2IKgtc4znw7I6w7fNoSRcRCVYS+j7TmyU1JNfckqX
DNS54aCIy1cIrhO2WB3sMeUxQDhsjQKKdzj9x9ncHMEc3HBEGHL/vtmYLjyaS2N6
dZHk1JUVl2KA9nZSOc6B2RJ59b3ldo6+5X9teoqjhPfHVJo474O1FO/VUxoKQRwS
Qh+/LqorBGrAUO0W3FRoRX+o8R7EwfBnUJfJwDtKmy8Oc6f+9TQ4TpG8RWxY1ugq
aiG0sfixi7iJ3uMAxjLQBAnULgb13Nyidjk9AUYV4HHqAO2sFnLvbO2HaD+0dRF/
YlQKhHYc5Os=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:10:34 2025 by rpki-client