Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/cR8mGfyvWljMgDn5rdkNaakbFHc.roa
File: cR8mGfyvWljMgDn5rdkNaakbFHc.roa (raw, json)
Hash identifier: CorhwcwXqbbXQzle7zQGziSRt6H2numcFrUmwpSGxJg=
Subject key identifier: 71:1F:26:19:FC:AF:5A:58:CC:80:39:F9:AD:D9:0D:69:A9:1B:14:77
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0197C6D0CE33A1988C79FC8A3F3A35F05F8E
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/cR8mGfyvWljMgDn5rdkNaakbFHc.roa
Signing time: Tue 01 Jul 2025 16:27:42 +0000
ROA not before: Tue 01 Jul 2025 16:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 19:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:d0:ce:33:a1:98:8c:79:fc:8a:3f:3a:35:f0:5f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jul 1 16:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=711f2619fcaf5a58cc8039f9add90d69a91b1477
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1d:a2:c7:56:1f:1a:2d:8a:d2:94:99:f7:d2:
81:ca:f5:be:5c:61:89:1c:76:fc:70:b9:b2:6c:ca:
f1:48:30:6c:58:04:3d:3a:1f:b1:b5:c1:0c:32:52:
10:18:63:cf:f4:da:7a:27:5b:0b:be:d4:03:87:dd:
ac:a9:05:0d:6e:87:7c:d2:70:62:6d:8f:48:c9:96:
46:82:cd:23:0a:b7:12:ae:fb:de:cd:cd:ea:23:08:
d6:b5:db:1d:2b:bd:d3:09:0c:88:30:4d:79:6e:74:
c5:81:86:37:b6:05:30:8e:c3:83:d2:d9:8c:ab:f7:
4d:64:d1:ac:be:4f:c1:c1:d1:ea:ca:08:a2:21:bb:
bd:2f:15:58:20:4a:4f:5b:12:9b:86:3f:a4:dc:e5:
d1:73:e6:62:22:6d:55:33:46:8f:a4:96:c7:56:31:
95:2b:8f:69:49:08:ea:e9:b7:e8:bd:70:bd:97:54:
e0:b4:f2:cf:c6:6f:4e:dd:f9:8f:c1:bc:cd:3d:53:
4a:0c:1b:51:a7:88:fc:1b:ab:2b:47:56:bc:99:6a:
fd:31:dc:b6:15:3d:5a:15:dc:0e:e3:9e:9f:d8:f6:
9a:3d:91:f0:7c:6b:a2:4c:9b:ab:f4:db:67:0b:fc:
1c:3a:bb:78:bf:fa:f2:16:e5:1a:43:7a:3a:f8:f4:
20:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1F:26:19:FC:AF:5A:58:CC:80:39:F9:AD:D9:0D:69:A9:1B:14:77
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/cR8mGfyvWljMgDn5rdkNaakbFHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0-91.196.138.255
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:28:96:7b:94:d1:58:b7:6a:60:1b:e5:0c:b1:f2:6b:e1:d3:
7f:61:22:0e:a1:f9:cc:49:54:2c:87:9a:46:bc:c9:e3:93:f7:
20:4a:0e:1b:41:18:73:4f:d0:f5:b6:e1:f9:1b:83:cd:3a:bc:
82:7b:02:45:9b:6f:4e:80:90:4b:8b:49:50:6e:e2:5d:60:23:
46:a3:fc:9e:9f:c7:90:c0:87:23:19:e6:da:b4:a3:7d:a7:b4:
ea:98:0f:24:aa:91:df:75:02:c6:0b:0c:63:6e:6e:ec:50:43:
41:94:eb:34:69:ae:a7:50:f4:e6:bb:eb:23:9d:80:db:c2:22:
cd:7a:03:4d:a4:27:c3:51:cd:40:af:59:f4:7b:eb:d1:72:ae:
5a:36:81:94:e6:2b:a4:66:e0:63:b3:79:e8:07:b7:ff:16:4c:
e3:5b:84:35:ee:f6:77:83:64:05:d1:00:64:74:07:82:b6:94:
e3:b6:07:3e:9f:cb:e1:34:3c:be:8a:19:ee:1c:42:17:97:b1:
78:9f:4b:6d:99:7b:6b:92:4e:4a:15:1b:89:c3:16:40:19:59:
4d:21:aa:ae:21:9e:63:0a:af:c0:85:0b:24:2a:b1:ef:45:7a:
cf:e0:4f:d8:b9:3b:b8:93:bc:f3:0a:01:d0:14:a7:bc:84:87:
bc:69:89:f2
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZfG0M4zoZiMefyKPzo18F+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwNzAxMTYyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTFmMjYxOWZjYWY1YTU4Y2M4MDM5ZjlhZGQ5MGQ2OWE5MWIxNDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3x2ix1YfGi2K0pSZ99KByvW+XGGJ
HHb8cLmybMrxSDBsWAQ9Oh+xtcEMMlIQGGPP9Np6J1sLvtQDh92sqQUNbod80nBi
bY9IyZZGgs0jCrcSrvvezc3qIwjWtdsdK73TCQyIME15bnTFgYY3tgUwjsOD0tmM
q/dNZNGsvk/BwdHqygiiIbu9LxVYIEpPWxKbhj+k3OXRc+ZiIm1VM0aPpJbHVjGV
K49pSQjq6bfovXC9l1TgtPLPxm9O3fmPwbzNPVNKDBtRp4j8G6srR1a8mWr9Mdy2
FT1aFdwO456f2PaaPZHwfGuiTJur9NtnC/wcOrt4v/ryFuUaQ3o6+PQgCQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFHEfJhn8r1pYzIA5+a3ZDWmpGxR3MB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvY1I4bUdmeXZXbGpNZ0RuNXJka05hYWtiRkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAzBAIAATAtMAwDBANbxIgD
BABbxIoDBABds3gDBQdfVVOAAwQAX7XVAwQAbcSFAwQAw7YIMBQEAgACMA4DBQEq
BIaAAwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEALSiWe5TRWLdqYBvlDLHya+HT
f2EiDqH5zElULIeaRrzJ45P3IEoOG0EYc0/Q9bbh+RuDzTq8gnsCRZtvToCQS4tJ
UG7iXWAjRqP8np/HkMCHIxnm2rSjfae06pgPJKqR33UCxgsMY25u7FBDQZTrNGmu
p1D05rvrI52A28IizXoDTaQnw1HNQK9Z9Hvr0XKuWjaBlOYrpGbgY7N56Ae3/xZM
41uENe72d4NkBdEAZHQHgraU47YHPp/L4TQ8vooZ7hxCF5exeJ9LbZl7a5JOShUb
icMWQBlZTSGqriGeYwqvwIULJCqx70V6z+BP2Lk7uJO88woB0BSnvISHvGmJ8g==
-----END CERTIFICATE-----
Generated at Thu Jul 3 03:45:03 2025 by rpki-client