Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/rFNBUvofc5xFVTdi0cN8neEVhkc.roa
File: rFNBUvofc5xFVTdi0cN8neEVhkc.roa (raw, json)
Hash identifier: ESh8iY5c5lW4tW5XLrhtyizb42oB19124w7i9KKZHMQ=
Subject key identifier: AC:53:41:52:FA:1F:73:9C:45:55:37:62:D1:C3:7C:9D:E1:15:86:47
Certificate issuer: /CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Certificate serial: 0198A2A42AD5CC1798B99B741761FB355A0B
Authority key identifier: B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/rFNBUvofc5xFVTdi0cN8neEVhkc.roa
Signing time: Wed 13 Aug 2025 08:55:24 +0000
ROA not before: Wed 13 Aug 2025 08:55:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 89.38.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:a4:2a:d5:cc:17:98:b9:9b:74:17:61:fb:35:5a:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8c8aa18730f4a83e2852c5692551abb5b1ee7ea
Validity
Not Before: Aug 13 08:55:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac534152fa1f739c45553762d1c37c9de1158647
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:6e:06:8b:e6:42:82:7c:b2:e6:b9:6a:16:
06:aa:73:b1:fb:04:78:6f:40:07:9b:55:53:82:0f:
98:d0:0e:54:bf:91:f9:a3:1e:b4:73:b0:f3:a1:e7:
bd:48:a0:b1:cc:40:f1:ae:d6:12:e7:28:86:94:e6:
e3:2a:98:e9:6c:8e:d6:b8:56:8d:6f:ed:d8:68:92:
4a:60:35:ff:2c:d5:b2:27:75:58:5d:dd:03:ca:d5:
64:c2:22:96:fc:0a:99:07:29:f9:c9:4a:68:56:6b:
cb:14:6e:72:83:5c:11:03:1a:b7:1a:97:23:9a:ad:
2b:1b:86:c4:f4:36:15:df:92:ab:cd:c4:ea:7e:f5:
78:70:a1:56:50:4d:e7:81:79:d6:9a:3c:9c:45:ab:
85:8c:a7:1b:7b:63:9b:a6:9c:9b:bb:fa:73:c7:0b:
e0:91:ba:59:6e:59:5e:3d:f0:92:14:01:94:16:1a:
36:b3:e2:75:e6:7a:87:94:2a:a6:e6:01:8b:75:a6:
85:7a:5c:72:b9:47:3d:66:e7:a3:ba:60:bb:b3:67:
c0:a4:f2:47:92:26:1a:6d:71:58:66:ce:fe:ea:6e:
18:54:12:f8:44:89:9b:24:16:e3:fc:f6:b7:0d:ac:
18:19:5a:78:96:63:f9:31:b4:97:1a:29:a4:f3:0c:
ec:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:53:41:52:FA:1F:73:9C:45:55:37:62:D1:C3:7C:9D:E1:15:86:47
X509v3 Authority Key Identifier:
keyid:B8:C8:AA:18:73:0F:4A:83:E2:85:2C:56:92:55:1A:BB:5B:1E:E7:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uMiqGHMPSoPihSxWklUau1se5-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/rFNBUvofc5xFVTdi0cN8neEVhkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a94992-566b-4b6f-a689-a57604a3f6bb/1/uMiqGHMPSoPihSxWklUau1se5-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.40.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:20:0d:c1:eb:60:b4:13:16:3e:fa:c6:cf:38:d9:e8:82:36:
f8:3d:c7:cc:f1:36:00:c6:62:13:ee:08:80:3c:71:1f:d9:4a:
a2:ad:46:8b:39:7d:3c:60:3d:7c:fd:b2:2b:68:52:8b:d1:4d:
b4:8e:20:ef:2b:4d:a1:e5:9a:6b:09:d2:a4:3a:1a:78:29:f8:
38:4d:7a:de:07:c3:10:9e:91:bf:b1:24:a8:39:9c:2d:f1:2c:
c2:bd:39:da:0b:9e:10:05:b6:22:81:b5:16:84:07:cf:78:c4:
b4:a8:cd:c7:4c:19:90:62:d0:bb:3c:85:36:16:a2:2b:bb:6f:
87:f7:61:3b:25:fb:76:3f:28:fe:80:e0:19:e6:b6:ad:49:03:
08:64:48:2d:01:56:99:0a:cf:e3:58:8a:d6:35:a3:77:fc:49:
d9:57:66:2b:d3:2d:c9:c1:16:de:c8:d5:8c:32:96:fe:fe:fd:
45:b4:a5:f4:0d:ee:c2:2f:cc:92:29:e7:b7:68:56:c3:8a:e5:
5d:6f:36:bf:66:0e:84:26:4b:aa:bb:ac:d2:61:62:4e:eb:f1:
71:70:9e:29:f2:dd:f5:5e:e7:2f:70:9a:ee:a1:84:83:90:33:
8b:bc:84:07:c3:a9:18:04:6a:b1:30:1c:e4:1c:df:85:d4:b0:
0a:a9:0c:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiipCrVzBeYuZt0F2H7NVoLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YzhhYTE4NzMwZjRhODNlMjg1MmM1NjkyNTUxYWJiNWIx
ZWU3ZWEwHhcNMjUwODEzMDg1NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzUzNDE1MmZhMWY3MzljNDU1NTM3NjJkMWMzN2M5ZGUxMTU4NjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRhuBovmQoJ8sua5ahYGqnOx+wR4
b0AHm1VTgg+Y0A5Uv5H5ox60c7Dzoee9SKCxzEDxrtYS5yiGlObjKpjpbI7WuFaN
b+3YaJJKYDX/LNWyJ3VYXd0DytVkwiKW/AqZByn5yUpoVmvLFG5yg1wRAxq3Gpcj
mq0rG4bE9DYV35KrzcTqfvV4cKFWUE3ngXnWmjycRauFjKcbe2Obppybu/pzxwvg
kbpZbllePfCSFAGUFho2s+J15nqHlCqm5gGLdaaFelxyuUc9ZuejumC7s2fApPJH
kiYabXFYZs7+6m4YVBL4RImbJBbj/Pa3DawYGVp4lmP5MbSXGimk8wzsaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKxTQVL6H3OcRVU3YtHDfJ3hFYZHMB8GA1UdIwQY
MBaAFLjIqhhzD0qD4oUsVpJVGrtbHufqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODkt
YTU3NjA0YTNmNmJiLzEvckZOQlV2b2ZjNXhGVlRkaTBjTjhuZUVWaGtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hOTQ5OTItNTY2Yi00YjZmLWE2ODktYTU3NjA0YTNmNmJi
LzEvdU1pcUdITVBTb1BpaFN4V2tsVWF1MXNlNS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSYoMA0G
CSqGSIb3DQEBCwUAA4IBAQBdIA3B62C0ExY++sbPONnogjb4PcfM8TYAxmIT7giA
PHEf2UqirUaLOX08YD18/bIraFKL0U20jiDvK02h5ZprCdKkOhp4Kfg4TXreB8MQ
npG/sSSoOZwt8SzCvTnaC54QBbYigbUWhAfPeMS0qM3HTBmQYtC7PIU2FqIru2+H
92E7Jft2Pyj+gOAZ5ratSQMIZEgtAVaZCs/jWIrWNaN3/EnZV2Yr0y3JwRbeyNWM
Mpb+/v1FtKX0De7CL8ySKee3aFbDiuVdbza/Zg6EJkuqu6zSYWJO6/FxcJ4p8t31
XucvcJruoYSDkDOLvIQHw6kYBGqxMBzkHN+F1LAKqQyP
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:47:23 2025 by rpki-client