Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vT8ke6Ah41xXsDixevR4jCdbWXg.roa
File: vT8ke6Ah41xXsDixevR4jCdbWXg.roa (raw, json)
Hash identifier: R6BwtxgkuhnQbRfNE/0V6UnuFhe/ujWK5RZpBG6ANe4=
Subject key identifier: BD:3F:24:7B:A0:21:E3:5C:57:B0:38:B1:7A:F4:78:8C:27:5B:59:78
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 0198A20972EE22E9172B849502BDBA6FE11E
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vT8ke6Ah41xXsDixevR4jCdbWXg.roa
Signing time: Wed 13 Aug 2025 06:06:24 +0000
ROA not before: Wed 13 Aug 2025 06:06:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211043
IP address blocks: 46.244.99.0/24 maxlen: 24
92.240.150.0/24 maxlen: 24
185.102.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:09:72:ee:22:e9:17:2b:84:95:02:bd:ba:6f:e1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 13 06:06:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd3f247ba021e35c57b038b17af4788c275b5978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:06:c5:82:f1:91:f9:a4:bc:9e:a4:cb:33:c9:
e4:bb:ff:63:c5:54:f4:79:02:03:47:9f:73:72:16:
f7:05:2a:0e:64:42:88:6f:06:fb:69:c3:e5:7e:09:
7a:8b:52:05:b6:90:90:12:f2:e1:c6:ed:f5:b4:8d:
2a:4f:01:e6:d4:b4:69:01:19:6d:24:97:ea:c2:d0:
81:30:bf:b3:a1:f5:3e:2c:ab:c0:bd:0c:ed:4a:1b:
3b:50:db:1d:8f:5c:b6:b8:21:06:15:ee:7f:26:21:
08:16:45:9b:9b:77:41:f2:96:d5:0a:64:ad:04:d6:
2f:51:6a:a6:87:02:d4:dd:62:b6:21:e2:7c:e9:c7:
69:15:83:9d:90:3e:e2:9f:eb:40:42:d2:52:0c:89:
85:9c:25:95:3c:24:52:22:ce:8f:11:53:d6:61:5a:
84:75:04:44:33:46:77:8b:29:22:87:3b:3a:ac:a1:
56:de:e0:32:f4:f1:3f:7b:9f:d4:89:1c:e7:2e:70:
10:ae:35:7c:cc:d6:8a:17:14:43:0e:fd:79:d6:64:
65:92:c3:4a:92:18:6d:1f:95:9e:fd:c5:a2:96:5e:
83:a7:b2:b7:d6:60:de:80:0f:53:7a:78:81:02:7c:
8d:be:fb:c6:00:db:5c:57:ff:36:17:1b:4b:db:67:
e6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:3F:24:7B:A0:21:E3:5C:57:B0:38:B1:7A:F4:78:8C:27:5B:59:78
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/vT8ke6Ah41xXsDixevR4jCdbWXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.99.0/24
92.240.150.0/24
185.102.171.0/24
Signature Algorithm: sha256WithRSAEncryption
31:84:8e:a8:e1:a2:20:f6:41:06:f1:2c:62:ad:a3:d5:cc:c2:
ab:c8:a1:5c:47:e0:eb:66:31:f4:7d:fa:d2:05:fd:9e:23:2c:
ad:bf:d9:45:f1:83:ee:6c:19:91:10:d7:b1:82:b4:dc:66:f0:
ab:52:28:c3:9d:a4:81:84:cf:79:c2:3c:52:83:ef:41:dc:e5:
26:b6:a1:89:ea:fb:7e:cf:c3:85:64:b4:fe:97:e1:27:20:d7:
b6:28:72:33:8f:25:62:4b:81:f4:f9:a0:94:a1:89:96:1f:84:
2e:d1:07:df:37:12:a9:e5:38:42:ae:55:1e:09:77:0f:b9:82:
f3:a7:92:bf:ea:db:0f:42:f0:f5:c7:a3:6e:a6:86:8c:2f:72:
05:d5:d5:f0:99:38:fc:7f:a9:3b:b6:e6:d2:c9:fa:b9:e7:cb:
fd:24:25:a9:be:a6:b8:49:0c:18:b0:99:3a:03:72:15:ff:3d:
85:aa:72:7f:d2:91:bb:25:cb:e8:a5:8c:5c:77:d2:31:48:fe:
2a:99:46:63:e2:c6:5e:2e:92:36:0c:5f:be:a3:94:9a:68:91:
bf:2c:b5:d3:fd:91:b6:11:88:08:d8:63:85:bf:97:03:c3:79:
7c:8d:51:07:4e:c7:4a:67:b0:51:fb:0d:30:df:8a:e4:a6:67:
74:3e:e9:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiiCXLuIukXK4SVAr26b+EeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwODEzMDYwNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDNmMjQ3YmEwMjFlMzVjNTdiMDM4YjE3YWY0Nzg4YzI3NWI1OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQbFgvGR+aS8nqTLM8nku/9jxVT0
eQIDR59zchb3BSoOZEKIbwb7acPlfgl6i1IFtpCQEvLhxu31tI0qTwHm1LRpARlt
JJfqwtCBML+zofU+LKvAvQztShs7UNsdj1y2uCEGFe5/JiEIFkWbm3dB8pbVCmSt
BNYvUWqmhwLU3WK2IeJ86cdpFYOdkD7in+tAQtJSDImFnCWVPCRSIs6PEVPWYVqE
dQREM0Z3iykihzs6rKFW3uAy9PE/e5/UiRznLnAQrjV8zNaKFxRDDv151mRlksNK
khhtH5We/cWill6Dp7K31mDegA9TeniBAnyNvvvGANtcV/82FxtL22fmhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL0/JHugIeNcV7A4sXr0eIwnW1l4MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvdlQ4a2U2QWg0MXhYc0RpeGV2UjRqQ2RiV1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALvRjAwQA
XPCWAwQAuWarMA0GCSqGSIb3DQEBCwUAA4IBAQAxhI6o4aIg9kEG8SxiraPVzMKr
yKFcR+DrZjH0ffrSBf2eIyytv9lF8YPubBmRENexgrTcZvCrUijDnaSBhM95wjxS
g+9B3OUmtqGJ6vt+z8OFZLT+l+EnINe2KHIzjyViS4H0+aCUoYmWH4Qu0QffNxKp
5ThCrlUeCXcPuYLzp5K/6tsPQvD1x6NupoaML3IF1dXwmTj8f6k7tubSyfq558v9
JCWpvqa4SQwYsJk6A3IV/z2FqnJ/0pG7JcvopYxcd9IxSP4qmUZj4sZeLpI2DF++
o5SaaJG/LLXT/ZG2EYgI2GOFv5cDw3l8jVEHTsdKZ7BR+w0w34rkpmd0Pun4
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:59:02 2025 by rpki-client