Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/8nUvj8lY7CMTGbwnkVwsxBWh6aw.roa
File: 8nUvj8lY7CMTGbwnkVwsxBWh6aw.roa (raw, json)
Hash identifier: Aix9ab5boOQSnVduDf/PzYb3KHZGbO4bW6Ul5fxfzk8=
Subject key identifier: F2:75:2F:8F:C9:58:EC:23:13:19:BC:27:91:5C:2C:C4:15:A1:E9:AC
Certificate issuer: /CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Certificate serial: 01978D2D91A72C498A4F734E1AF829EB67BB
Authority key identifier: AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/8nUvj8lY7CMTGbwnkVwsxBWh6aw.roa
Signing time: Fri 20 Jun 2025 11:51:03 +0000
ROA not before: Fri 20 Jun 2025 11:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8851
IP address blocks: 91.84.0.0/18 maxlen: 24
91.84.128.0/17 maxlen: 24
91.85.32.0/19 maxlen: 24
91.85.64.0/18 maxlen: 24
91.85.128.0/19 maxlen: 24
91.85.192.0/18 maxlen: 24
194.46.36.0/24 maxlen: 24
194.46.37.0/24 maxlen: 24
194.46.39.0/24 maxlen: 24
194.46.40.0/24 maxlen: 24
194.46.41.0/24 maxlen: 24
194.46.43.0/24 maxlen: 24
194.46.44.0/24 maxlen: 24
194.46.45.0/24 maxlen: 24
194.46.46.0/24 maxlen: 24
194.46.48.0/21 maxlen: 24
194.46.56.0/24 maxlen: 24
194.46.61.0/24 maxlen: 24
194.46.64.0/22 maxlen: 24
194.46.68.0/23 maxlen: 24
194.46.72.0/22 maxlen: 24
194.46.76.0/23 maxlen: 24
194.46.78.0/24 maxlen: 24
194.46.80.0/23 maxlen: 24
194.46.81.0/24 maxlen: 24
194.46.82.0/24 maxlen: 24
212.104.129.0/24 maxlen: 24
212.104.130.0/24 maxlen: 24
212.104.132.0/24 maxlen: 24
212.104.136.0/24 maxlen: 24
212.104.143.0/24 maxlen: 24
212.104.149.0/24 maxlen: 24
212.104.150.0/24 maxlen: 24
212.104.152.0/24 maxlen: 24
212.104.155.0/24 maxlen: 24
212.104.156.0/24 maxlen: 24
212.104.159.0/24 maxlen: 24
212.108.80.0/23 maxlen: 24
212.108.84.0/24 maxlen: 24
212.108.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 18:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:2d:91:a7:2c:49:8a:4f:73:4e:1a:f8:29:eb:67:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=add353933674a5608f6d1ee2dab4f64c8bff8f39
Validity
Not Before: Jun 20 11:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2752f8fc958ec231319bc27915c2cc415a1e9ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:96:f4:2f:9a:ae:71:70:2a:89:65:5a:9b:5c:
69:7a:a3:3a:af:a7:b2:e1:1e:67:b4:81:aa:75:76:
8c:46:38:6d:d8:9e:cc:42:f2:08:e7:20:e4:69:1b:
1f:c6:6d:4e:c9:48:2f:98:64:5c:25:32:82:73:93:
68:e9:f5:a2:97:a5:76:af:e2:07:8b:f3:e2:31:72:
88:46:e4:60:a6:87:fe:46:59:3f:31:71:2e:98:08:
93:f4:78:f5:d9:5b:73:20:85:6f:4b:f6:0c:84:47:
4a:5f:a9:5f:ff:10:55:54:dd:1c:72:f6:c1:b0:11:
5a:ea:fa:2e:98:51:27:b1:49:4d:7c:58:03:5c:11:
a1:f6:71:d9:27:72:69:dd:58:6b:3a:dc:ac:22:07:
f3:bd:e9:5f:da:81:00:c9:c4:23:f0:8c:40:39:ec:
31:b7:b8:6d:14:a3:10:76:53:e3:80:47:0b:4d:cc:
38:d3:08:97:58:c1:e8:2f:68:0e:a9:78:11:a5:9d:
79:90:34:84:7e:1c:e0:32:46:f5:cc:e1:27:3d:05:
5d:fc:be:58:95:9d:cd:d0:66:00:4f:b2:37:5b:05:
af:4c:a2:7d:d3:95:5d:6c:df:ee:f6:93:b0:1f:93:
15:59:59:99:5e:7b:8e:aa:24:9d:2e:66:10:72:1c:
fe:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:75:2F:8F:C9:58:EC:23:13:19:BC:27:91:5C:2C:C4:15:A1:E9:AC
X509v3 Authority Key Identifier:
keyid:AD:D3:53:93:36:74:A5:60:8F:6D:1E:E2:DA:B4:F6:4C:8B:FF:8F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/8nUvj8lY7CMTGbwnkVwsxBWh6aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/48b407-6d94-49ae-a3d8-72c83128761b/1/rdNTkzZ0pWCPbR7i2rT2TIv_jzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.84.0.0/18
91.84.128.0/17
91.85.32.0-91.85.159.255
91.85.192.0/18
194.46.36.0/23
194.46.39.0-194.46.41.255
194.46.43.0-194.46.46.255
194.46.48.0-194.46.56.255
194.46.61.0/24
194.46.64.0-194.46.69.255
194.46.72.0-194.46.78.255
194.46.80.0-194.46.82.255
212.104.129.0-212.104.130.255
212.104.132.0/24
212.104.136.0/24
212.104.143.0/24
212.104.149.0-212.104.150.255
212.104.152.0/24
212.104.155.0-212.104.156.255
212.104.159.0/24
212.108.80.0/23
212.108.84.0/24
212.108.88.0/23
Signature Algorithm: sha256WithRSAEncryption
59:76:34:df:94:b7:ac:cf:67:ee:8e:4a:74:98:fb:ae:53:f0:
5e:e3:61:34:3e:ee:49:39:88:97:f1:61:37:25:26:21:da:61:
be:9f:e4:a0:1b:cd:eb:50:09:ae:df:9f:21:b1:e7:71:c4:f3:
4b:cc:9a:b9:f4:67:b4:f1:e7:ad:99:54:6b:79:ab:26:fa:9f:
18:23:cb:83:0d:ae:62:49:e6:4a:b0:28:18:23:64:3a:6d:29:
1c:69:89:56:df:97:fe:e9:61:30:12:46:f2:05:18:ec:97:d9:
23:a8:d2:10:d4:2a:92:e6:1d:43:03:bd:03:6e:20:21:1f:94:
ce:33:30:49:3e:f5:0e:91:00:96:d7:14:fd:fb:7d:07:b2:82:
4a:3c:fb:08:ef:0e:69:34:3d:98:c7:68:ea:ab:b7:1c:42:54:
66:51:22:ff:06:06:60:7c:9f:02:1c:9f:bf:56:84:bb:ef:55:
85:62:64:36:3b:db:c4:45:2c:3a:9b:b7:c8:36:23:f0:ec:06:
e0:77:84:96:6e:25:c6:81:71:36:a6:0c:fe:6b:ed:f5:10:f5:
6a:f4:e5:72:a6:fa:65:a0:6f:1a:dc:df:28:be:a5:6b:20:08:
98:d9:fe:16:2f:94:af:18:fb:ca:d3:16:4a:bb:6c:a7:8d:68:
fa:a0:3c:e3
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZeNLZGnLEmKT3NOGvgp62e7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZDM1MzkzMzY3NGE1NjA4ZjZkMWVlMmRhYjRmNjRjOGJm
ZjhmMzkwHhcNMjUwNjIwMTE1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjc1MmY4ZmM5NThlYzIzMTMxOWJjMjc5MTVjMmNjNDE1YTFlOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpb0L5qucXAqiWVam1xpeqM6r6ey
4R5ntIGqdXaMRjht2J7MQvII5yDkaRsfxm1OyUgvmGRcJTKCc5No6fWil6V2r+IH
i/PiMXKIRuRgpof+Rlk/MXEumAiT9Hj12VtzIIVvS/YMhEdKX6lf/xBVVN0ccvbB
sBFa6voumFEnsUlNfFgDXBGh9nHZJ3Jp3VhrOtysIgfzvelf2oEAycQj8IxAOewx
t7htFKMQdlPjgEcLTcw40wiXWMHoL2gOqXgRpZ15kDSEfhzgMkb1zOEnPQVd/L5Y
lZ3N0GYAT7I3WwWvTKJ905VdbN/u9pOwH5MVWVmZXnuOqiSdLmYQchz+PQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFPJ1L4/JWOwjExm8J5FcLMQVoemsMB8GA1UdIwQY
MBaAFK3TU5M2dKVgj20e4tq09kyL/485MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgt
NzJjODMxMjg3NjFiLzEvOG5Vdmo4bFk3Q01UR2J3bmtWd3N4QldoNmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy80OGI0MDctNmQ5NC00OWFlLWEzZDgtNzJjODMxMjg3NjFi
LzEvcmROVGt6WjBwV0NQYlI3aTJyVDJUSXZfanprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBAZb
VAADBAdbVIAwDAMEBVtVIAMEBVtVgAMEBltVwAMEAcIuJDAMAwQAwi4nAwQBwi4o
MAwDBADCLisDBADCLi4wDAMEBMIuMAMEAMIuOAMEAMIuPTAMAwQGwi5AAwQBwi5E
MAwDBAPCLkgDBADCLk4wDAMEBMIuUAMEAMIuUjAMAwQA1GiBAwQA1GiCAwQA1GiE
AwQA1GiIAwQA1GiPMAwDBADUaJUDBADUaJYDBADUaJgwDAMEANRomwMEANRonAME
ANRonwMEAdRsUAMEANRsVAMEAdRsWDANBgkqhkiG9w0BAQsFAAOCAQEAWXY035S3
rM9n7o5KdJj7rlPwXuNhND7uSTmIl/FhNyUmIdphvp/koBvN61AJrt+fIbHnccTz
S8yaufRntPHnrZlUa3mrJvqfGCPLgw2uYknmSrAoGCNkOm0pHGmJVt+X/ulhMBJG
8gUY7JfZI6jSENQqkuYdQwO9A24gIR+UzjMwST71DpEAltcU/ft9B7KCSjz7CO8O
aTQ9mMdo6qu3HEJUZlEi/wYGYHyfAhyfv1aEu+9VhWJkNjvbxEUsOpu3yDYj8OwG
4HeElm4lxoFxNqYM/mvt9RD1avTlcqb6ZaBvGtzfKL6layAImNn+Fi+Urxj7ytMW
Srtsp41o+qA84w==
-----END CERTIFICATE-----
Generated at Wed Jul 2 22:41:42 2025 by rpki-client