Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/s8Pwr9XAZCwB5xpzVi5j8lHFjw0.roa
File: s8Pwr9XAZCwB5xpzVi5j8lHFjw0.roa (raw, json)
Hash identifier: vflnC46FDMdoiJ/G2QbgjVJQaaZ6Tzl2ag2D4Mr0VXQ=
Subject key identifier: B3:C3:F0:AF:D5:C0:64:2C:01:E7:1A:73:56:2E:63:F2:51:C5:8F:0D
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01979DFD7758F1E0B30527D004C77E417B01
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/s8Pwr9XAZCwB5xpzVi5j8lHFjw0.roa
Signing time: Mon 23 Jun 2025 18:12:03 +0000
ROA not before: Mon 23 Jun 2025 18:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9d:fd:77:58:f1:e0:b3:05:27:d0:04:c7:7e:41:7b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jun 23 18:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3c3f0afd5c0642c01e71a73562e63f251c58f0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:04:7a:c8:f4:89:03:eb:9a:fd:3c:da:3b:f2:
b8:cf:a3:f0:70:68:1b:95:f4:46:ed:a3:17:f0:1a:
09:44:5e:ff:34:71:88:68:44:36:7b:dc:46:92:4d:
cf:85:5a:59:60:63:65:e1:14:3f:ac:1e:e2:87:5f:
fe:61:93:62:ca:86:31:46:33:d0:ab:1f:d7:4a:c1:
ea:d4:cb:2a:b9:fa:60:93:df:d9:a7:e0:97:f5:d7:
1d:3c:20:ef:bb:6b:57:13:a7:2f:59:68:31:27:30:
ef:12:72:13:f5:a0:93:dd:b7:10:3c:9f:55:78:5e:
af:e2:b7:83:31:ac:b9:da:eb:75:d2:b7:f8:fe:f8:
fb:97:4c:d9:86:02:06:0d:e1:d7:6b:cf:e7:52:10:
30:36:eb:fb:46:c9:aa:70:17:2c:b1:15:96:6c:8b:
07:bf:73:f5:1a:e9:2b:0e:8c:ae:3d:ca:b2:a5:f7:
db:c1:94:c5:52:29:ff:54:cd:83:c1:b1:40:2b:43:
3d:46:17:af:21:df:f5:bb:20:48:eb:8c:cb:a7:95:
72:05:4b:be:da:95:5a:ac:e1:fb:7e:2e:9d:8f:b3:
4e:93:60:88:67:be:92:ab:be:ea:30:54:84:7d:69:
49:c6:ca:2c:d9:3f:1a:4f:58:b2:61:eb:cd:3d:34:
73:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C3:F0:AF:D5:C0:64:2C:01:E7:1A:73:56:2E:63:F2:51:C5:8F:0D
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/s8Pwr9XAZCwB5xpzVi5j8lHFjw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
86.54.28.0/23
86.54.31.0/24
212.104.140.0/23
213.254.179.0/24
IPv6:
2a01:e940::/48
2a01:e945::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
47:bd:3f:7d:b1:33:98:2c:cd:c5:c3:50:ce:52:c8:d5:58:90:
6c:5a:1e:5e:60:0f:a0:e3:6c:02:03:66:c9:bd:81:98:70:14:
84:7f:51:8f:17:0a:9d:53:65:b3:71:b1:7a:57:72:17:f7:df:
9e:d3:68:db:22:a9:e1:fd:ca:a3:2f:2e:18:3e:9e:11:6c:64:
fa:6f:23:47:1c:bd:b9:60:fc:15:24:a0:37:d5:1e:ca:c6:1b:
b8:65:9a:f5:62:cf:a3:21:3a:80:83:c3:aa:9e:6d:51:80:29:
6a:72:aa:d4:40:df:5c:fb:6f:af:7a:15:3c:0d:99:9e:9c:2d:
cf:50:2d:bc:41:5c:7d:c9:70:99:d1:20:ee:6f:42:f6:ea:a1:
ec:12:2c:4a:90:e5:1c:d6:e0:99:8a:fa:da:e0:41:cb:06:bb:
60:f5:79:f7:52:80:4c:df:6f:85:3c:da:2f:84:a1:33:de:54:
27:74:91:dc:21:3e:af:3d:6e:51:d8:5f:43:1c:12:0a:94:dc:
a9:f1:7e:7f:f1:3e:28:12:26:8a:4b:f6:07:de:05:d3:b9:cc:
4c:e3:cc:fb:98:0a:91:cf:f4:97:58:22:8a:f6:7f:dd:5a:61:
63:10:2d:de:f4:fa:29:de:27:6e:cc:ac:3f:2c:03:4b:ae:ce:
0b:02:71:80
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZed/XdY8eCzBSfQBMd+QXsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwNjIzMTgxMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MzZjBhZmQ1YzA2NDJjMDFlNzFhNzM1NjJlNjNmMjUxYzU4ZjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAR6yPSJA+ua/TzaO/K4z6PwcGgb
lfRG7aMX8BoJRF7/NHGIaEQ2e9xGkk3PhVpZYGNl4RQ/rB7ih1/+YZNiyoYxRjPQ
qx/XSsHq1Msqufpgk9/Zp+CX9dcdPCDvu2tXE6cvWWgxJzDvEnIT9aCT3bcQPJ9V
eF6v4reDMay52ut10rf4/vj7l0zZhgIGDeHXa8/nUhAwNuv7RsmqcBcssRWWbIsH
v3P1GukrDoyuPcqypffbwZTFUin/VM2DwbFAK0M9RhevId/1uyBI64zLp5VyBUu+
2pVarOH7fi6dj7NOk2CIZ76Sq77qMFSEfWlJxsos2T8aT1iyYevNPTRzdQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFLPD8K/VwGQsAecac1YuY/JRxY8NMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvczhQd3I5WEFaQ3dCNXhwelZpNWo4bEhGancwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAkBAIAATAeAwQAAjsWAwQB
VjYcAwQAVjYfAwQB1GiMAwQA1f6zMCEEAgACMBsDBwAqAelAAAADBwAqAelFAAAD
BwAqAelHAAAwDQYJKoZIhvcNAQELBQADggEBAEe9P32xM5gszcXDUM5SyNVYkGxa
Hl5gD6DjbAIDZsm9gZhwFIR/UY8XCp1TZbNxsXpXchf3357TaNsiqeH9yqMvLhg+
nhFsZPpvI0ccvblg/BUkoDfVHsrGG7hlmvViz6MhOoCDw6qebVGAKWpyqtRA31z7
b696FTwNmZ6cLc9QLbxBXH3JcJnRIO5vQvbqoewSLEqQ5RzW4JmK+trgQcsGu2D1
efdSgEzfb4U82i+EoTPeVCd0kdwhPq89blHYX0McEgqU3Knxfn/xPigSJopL9gfe
BdO5zEzjzPuYCpHP9JdYIor2f91aYWMQLd70+ineJ27MrD8sA0uuzgsCcYA=
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:50:35 2025 by rpki-client