Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/8qaANOmA5TyfCX9SSE9fZHxlef0.roa
File: 8qaANOmA5TyfCX9SSE9fZHxlef0.roa (raw, json)
Hash identifier: KplUX/9PtnTld0cowtlt0wGVLtKYx94e6T0lw36I4cc=
Subject key identifier: F2:A6:80:34:E9:80:E5:3C:9F:09:7F:52:48:4F:5F:64:7C:65:79:FD
Certificate issuer: /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial: 0198B08F17EA99C89D5B0B38FAEB52F9EFA5
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/8qaANOmA5TyfCX9SSE9fZHxlef0.roa
Signing time: Sat 16 Aug 2025 01:47:04 +0000
ROA not before: Sat 16 Aug 2025 01:47:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208972
IP address blocks: 91.102.160.0/23 maxlen: 23
91.102.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b0:8f:17:ea:99:c8:9d:5b:0b:38:fa:eb:52:f9:ef:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Validity
Not Before: Aug 16 01:47:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2a68034e980e53c9f097f52484f5f647c6579fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0b:04:94:31:5b:bc:3e:a0:bd:e5:e7:41:57:
1c:86:92:6d:1a:ed:6c:25:78:e9:db:c9:59:51:8a:
42:33:27:9b:61:d6:ae:74:71:28:1f:3b:7a:eb:09:
16:b5:27:f5:ef:23:1e:19:90:32:30:c9:52:0e:25:
4e:27:3c:bf:2f:0f:44:a6:1d:e1:86:fa:04:f8:da:
3a:0b:95:97:0d:62:ad:bc:eb:79:23:01:c6:5b:9b:
69:7b:cb:a1:c1:61:5d:71:6e:6a:63:45:8d:30:42:
bc:07:45:cc:18:aa:1c:d1:d3:03:29:ed:22:7b:b6:
2a:f0:9e:e7:bf:b7:19:fe:9b:fe:0b:17:8b:fe:c8:
7e:77:32:16:b3:83:d3:53:8e:2f:4c:4e:7a:53:1a:
94:ba:fe:38:df:1f:ec:0e:74:e0:cc:69:b9:c3:47:
05:a0:25:3d:61:d1:9a:7d:09:9e:3f:69:4b:9f:9f:
84:ba:40:0d:0b:72:7f:77:f6:74:bb:d5:75:dd:1c:
3f:34:07:63:2f:9c:0f:38:90:3f:65:cb:87:7f:c8:
71:7f:bd:ab:1c:5d:22:4d:b5:43:4d:68:3e:28:60:
54:be:1d:1d:b1:bb:b6:bd:7a:0b:98:22:e6:56:f1:
78:05:ac:6c:83:82:3b:c1:68:51:d4:a3:71:83:1e:
de:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A6:80:34:E9:80:E5:3C:9F:09:7F:52:48:4F:5F:64:7C:65:79:FD
X509v3 Authority Key Identifier:
keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/8qaANOmA5TyfCX9SSE9fZHxlef0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.160.0/23
91.102.167.0/24
Signature Algorithm: sha256WithRSAEncryption
05:c1:37:4e:20:53:f7:ae:52:79:2d:67:5d:e9:e9:24:24:50:
25:47:51:45:20:73:91:1e:c2:3e:76:c6:bc:01:27:4b:86:7c:
d1:57:72:5a:61:6e:d1:df:06:ac:4f:f5:b2:3c:c7:0c:f2:99:
dc:21:9f:a0:92:ec:47:87:4d:8e:97:d2:45:2c:70:fd:23:25:
c4:6a:4c:ec:ee:d8:59:49:2f:6b:38:1f:ee:f0:94:d7:95:0e:
0b:ae:a8:89:59:24:af:6d:dd:6a:5a:9b:ee:b4:80:b3:ef:de:
36:4d:8a:e1:e5:b8:53:ce:61:cf:22:58:1f:88:20:85:99:bb:
10:fd:1e:8e:8d:62:2b:d6:19:d0:02:1f:74:1f:29:3f:b3:8f:
47:07:d9:e4:16:98:c7:b6:bc:93:58:8e:be:df:c7:a6:dd:5e:
40:b7:52:d8:fd:96:04:9b:07:3c:bd:aa:21:f4:b6:ed:53:86:
97:bd:a7:5d:45:e1:80:7f:b4:67:6d:7e:d9:2c:ab:23:00:cd:
ea:47:56:dc:fd:6a:cd:47:9b:94:5d:11:5e:da:23:95:11:a7:
90:56:74:dc:09:83:18:d9:61:17:f1:28:7f:3a:0c:df:d7:30:
f1:8f:3d:bf:d8:dd:5d:50:97:5f:39:4b:59:1f:ad:ad:a4:29:
30:38:fe:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiwjxfqmcidWws4+utS+e+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjUwODE2MDE0NzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE2ODAzNGU5ODBlNTNjOWYwOTdmNTI0ODRmNWY2NDdjNjU3OWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgsElDFbvD6gveXnQVcchpJtGu1s
JXjp28lZUYpCMyebYdaudHEoHzt66wkWtSf17yMeGZAyMMlSDiVOJzy/Lw9Eph3h
hvoE+No6C5WXDWKtvOt5IwHGW5tpe8uhwWFdcW5qY0WNMEK8B0XMGKoc0dMDKe0i
e7Yq8J7nv7cZ/pv+CxeL/sh+dzIWs4PTU44vTE56UxqUuv443x/sDnTgzGm5w0cF
oCU9YdGafQmeP2lLn5+EukANC3J/d/Z0u9V13Rw/NAdjL5wPOJA/ZcuHf8hxf72r
HF0iTbVDTWg+KGBUvh0dsbu2vXoLmCLmVvF4Baxsg4I7wWhR1KNxgx7eVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPKmgDTpgOU8nwl/UkhPX2R8ZXn9MB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvOHFhQU5PbUE1VHlmQ1g5U1NFOWZaSHhsZWYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW2agAwQA
W2anMA0GCSqGSIb3DQEBCwUAA4IBAQAFwTdOIFP3rlJ5LWdd6ekkJFAlR1FFIHOR
HsI+dsa8ASdLhnzRV3JaYW7R3wasT/WyPMcM8pncIZ+gkuxHh02Ol9JFLHD9IyXE
akzs7thZSS9rOB/u8JTXlQ4LrqiJWSSvbd1qWpvutICz7942TYrh5bhTzmHPIlgf
iCCFmbsQ/R6OjWIr1hnQAh90Hyk/s49HB9nkFpjHtryTWI6+38em3V5At1LY/ZYE
mwc8vaoh9LbtU4aXvaddReGAf7RnbX7ZLKsjAM3qR1bc/WrNR5uUXRFe2iOVEaeQ
VnTcCYMY2WEX8Sh/Ogzf1zDxjz2/2N1dUJdfOUtZH62tpCkwOP66
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:34:18 2025 by rpki-client