Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B8FR9SA5Fk8sfSBZT2d88IzPSuM.roa
File: B8FR9SA5Fk8sfSBZT2d88IzPSuM.roa (raw, json)
Hash identifier: xWCZc/aZyTQfJO3Hey5rRYelsTLc0vBGe/wKJpUha0w=
Subject key identifier: 07:C1:51:F5:20:39:16:4F:2C:7D:20:59:4F:67:7C:F0:8C:CF:4A:E3
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019787207F20AD05B643FF4BB169CC8BB7F6
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B8FR9SA5Fk8sfSBZT2d88IzPSuM.roa
Signing time: Thu 19 Jun 2025 07:39:03 +0000
ROA not before: Thu 19 Jun 2025 07:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 79.121.132.0/22 maxlen: 24
79.121.132.0/23 maxlen: 24
79.121.134.0/23 maxlen: 24
79.121.140.0/22 maxlen: 24
79.121.140.0/23 maxlen: 24
79.121.142.0/23 maxlen: 24
79.121.144.0/23 maxlen: 24
79.121.148.0/22 maxlen: 24
79.121.148.0/23 maxlen: 24
79.121.150.0/23 maxlen: 24
79.121.154.0/23 maxlen: 24
79.121.156.0/23 maxlen: 24
79.121.162.0/23 maxlen: 24
79.121.164.0/22 maxlen: 24
79.121.164.0/23 maxlen: 24
79.121.166.0/23 maxlen: 24
79.121.168.0/23 maxlen: 24
79.121.178.0/23 maxlen: 24
79.121.180.0/23 maxlen: 24
79.121.184.0/23 maxlen: 24
79.121.200.0/21 maxlen: 24
79.121.212.0/22 maxlen: 24
79.121.212.0/23 maxlen: 24
79.121.214.0/23 maxlen: 24
79.121.216.0/22 maxlen: 24
79.121.216.0/23 maxlen: 24
79.121.218.0/23 maxlen: 24
79.121.222.0/23 maxlen: 24
79.121.226.0/23 maxlen: 24
79.121.232.0/22 maxlen: 24
79.121.232.0/23 maxlen: 24
79.121.234.0/23 maxlen: 24
79.121.238.0/23 maxlen: 24
95.177.0.0/23 maxlen: 24
95.177.8.0/23 maxlen: 24
95.177.20.0/23 maxlen: 24
95.177.54.0/23 maxlen: 24
95.177.64.0/23 maxlen: 24
95.177.68.0/22 maxlen: 24
95.177.68.0/23 maxlen: 24
95.177.70.0/23 maxlen: 24
95.177.72.0/23 maxlen: 24
95.177.76.0/22 maxlen: 24
95.177.76.0/23 maxlen: 24
95.177.78.0/23 maxlen: 24
95.177.80.0/22 maxlen: 24
95.177.80.0/23 maxlen: 24
95.177.82.0/23 maxlen: 24
95.177.104.0/22 maxlen: 24
95.177.104.0/23 maxlen: 24
95.177.106.0/23 maxlen: 24
95.177.114.0/23 maxlen: 24
95.177.124.0/22 maxlen: 24
95.177.124.0/23 maxlen: 24
95.177.126.0/23 maxlen: 24
109.174.176.0/22 maxlen: 24
109.174.180.0/22 maxlen: 24
109.174.184.0/22 maxlen: 24
109.174.188.0/22 maxlen: 24
109.204.6.0/23 maxlen: 24
109.204.12.0/23 maxlen: 24
109.204.20.0/23 maxlen: 24
109.204.28.0/23 maxlen: 24
109.204.32.0/23 maxlen: 24
109.204.40.0/23 maxlen: 24
109.204.44.0/23 maxlen: 24
109.204.50.0/23 maxlen: 24
109.204.54.0/23 maxlen: 24
109.204.58.0/23 maxlen: 24
109.204.60.0/23 maxlen: 24
109.204.72.0/23 maxlen: 24
109.204.82.0/23 maxlen: 24
109.204.92.0/23 maxlen: 24
109.204.112.0/23 maxlen: 24
109.204.120.0/23 maxlen: 24
109.204.124.0/23 maxlen: 24
217.79.104.0/22 maxlen: 24
217.79.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 22:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:20:7f:20:ad:05:b6:43:ff:4b:b1:69:cc:8b:b7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Jun 19 07:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07c151f52039164f2c7d20594f677cf08ccf4ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:18:4e:a0:fd:cf:15:03:0a:ca:98:a2:25:b6:
93:a8:73:f3:bb:d7:16:f7:53:5e:e5:da:4e:19:e3:
bd:59:29:6e:7c:0a:e6:a4:69:97:02:f4:90:f1:8c:
84:09:d5:a6:d9:be:08:b4:fa:23:fc:34:f9:f6:7f:
78:63:9a:25:44:ea:48:02:74:3b:4a:e9:66:8a:96:
c6:43:5f:0e:32:da:dd:78:68:f3:88:a4:e2:17:64:
0d:c2:34:ba:72:1d:a4:32:2f:e0:3b:3b:8d:58:ec:
1f:12:a5:cf:a3:e7:7c:73:ef:87:c7:ec:2e:9d:18:
c6:33:1b:ca:b7:d8:6e:69:22:a7:2c:8b:7b:32:31:
0c:80:0e:e8:d4:b9:5e:a1:f7:5d:c0:44:73:11:56:
21:c4:c0:f2:9a:50:52:cc:e4:0e:f8:ae:b2:42:4d:
70:41:aa:cd:5c:de:27:9f:e0:e5:00:c2:66:49:a0:
74:dc:ea:11:b5:76:78:0e:0d:13:6f:49:ef:78:e4:
d1:fe:24:29:85:42:c5:b6:64:1d:95:3f:70:7b:97:
b1:c5:28:64:9a:cc:ea:26:f3:cf:be:34:47:25:cb:
bb:20:7a:80:9f:c4:06:9f:5b:74:58:a4:6e:9f:7e:
3c:27:a8:23:ba:fe:9c:e9:c9:21:be:f1:a8:e7:2f:
56:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C1:51:F5:20:39:16:4F:2C:7D:20:59:4F:67:7C:F0:8C:CF:4A:E3
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/B8FR9SA5Fk8sfSBZT2d88IzPSuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.121.132.0/22
79.121.140.0-79.121.145.255
79.121.148.0/22
79.121.154.0-79.121.157.255
79.121.162.0-79.121.169.255
79.121.178.0-79.121.181.255
79.121.184.0/23
79.121.200.0/21
79.121.212.0-79.121.219.255
79.121.222.0/23
79.121.226.0/23
79.121.232.0/22
79.121.238.0/23
95.177.0.0/23
95.177.8.0/23
95.177.20.0/23
95.177.54.0/23
95.177.64.0/23
95.177.68.0-95.177.73.255
95.177.76.0-95.177.83.255
95.177.104.0/22
95.177.114.0/23
95.177.124.0/22
109.174.176.0/20
109.204.6.0/23
109.204.12.0/23
109.204.20.0/23
109.204.28.0/23
109.204.32.0/23
109.204.40.0/23
109.204.44.0/23
109.204.50.0/23
109.204.54.0/23
109.204.58.0-109.204.61.255
109.204.72.0/23
109.204.82.0/23
109.204.92.0/23
109.204.112.0/23
109.204.120.0/23
109.204.124.0/23
217.79.104.0/22
217.79.116.0/22
Signature Algorithm: sha256WithRSAEncryption
74:51:aa:e3:cc:ec:c9:25:10:f8:08:1a:e6:c3:61:32:ad:9b:
84:f5:93:cc:59:2c:d3:d4:75:a0:0d:43:a1:5f:73:0f:44:2a:
bc:6f:4d:6b:25:09:42:43:56:fb:05:3c:57:3d:a6:59:64:7c:
cd:04:cb:e7:65:82:82:94:53:a7:4f:03:af:47:46:61:02:a0:
b2:a0:98:15:3e:57:fc:a7:55:9f:f4:09:b6:fc:fd:75:fb:ea:
90:35:e9:86:fb:41:69:fb:38:1a:cc:5e:1b:ee:7b:c9:dc:56:
e1:3f:0f:50:6b:50:eb:fc:ce:72:f0:8b:d1:c8:5f:97:ed:25:
0c:94:8a:a0:4f:70:e7:bb:71:70:7d:13:5d:de:4c:d9:db:8e:
73:99:cc:42:23:95:0d:78:e2:22:7c:ff:ed:73:d3:6f:96:ff:
59:6f:69:a0:b7:e0:ac:ac:96:7d:b3:a5:fe:b8:1c:18:f9:aa:
d4:52:bf:da:3e:e5:fa:6a:17:0a:1a:d9:12:e4:a8:23:4d:e7:
4a:5b:b2:6c:b8:a0:fc:d7:9c:6b:49:61:91:7c:7d:25:9e:22:
47:6c:a2:63:d6:55:d8:7c:0f:7e:e0:da:4f:75:c4:11:9f:26:
2c:0f:05:d7:f3:8e:e4:d0:bc:6f:cb:e0:25:34:5b:06:cd:e7:
42:99:d1:fd
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZeHIH8grQW2Q/9LsWnMi7f2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwNjE5MDczOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2MxNTFmNTIwMzkxNjRmMmM3ZDIwNTk0ZjY3N2NmMDhjY2Y0YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBhOoP3PFQMKypiiJbaTqHPzu9cW
91Ne5dpOGeO9WSlufArmpGmXAvSQ8YyECdWm2b4ItPoj/DT59n94Y5olROpIAnQ7
SulmipbGQ18OMtrdeGjziKTiF2QNwjS6ch2kMi/gOzuNWOwfEqXPo+d8c++Hx+wu
nRjGMxvKt9huaSKnLIt7MjEMgA7o1LleofddwERzEVYhxMDymlBSzOQO+K6yQk1w
QarNXN4nn+DlAMJmSaB03OoRtXZ4Dg0Tb0nveOTR/iQphULFtmQdlT9we5exxShk
mszqJvPPvjRHJcu7IHqAn8QGn1t0WKRun348J6gjuv6c6ckhvvGo5y9WIQIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFAfBUfUgORZPLH0gWU9nfPCMz0rjMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvQjhGUjlTQTVGazhzZlNCWlQyZDg4SXpQU3VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAk95hDAMAwQCT3mMAwQBT3mQAwQCT3mUMAwDBAFPeZoDBAFPeZwwDAMEAU95
ogMEAU95qDAMAwQBT3myAwQBT3m0AwQBT3m4AwQDT3nIMAwDBAJPedQDBAJPedgD
BAFPed4DBAFPeeIDBAJPeegDBAFPee4DBAFfsQADBAFfsQgDBAFfsRQDBAFfsTYD
BAFfsUAwDAMEAl+xRAMEAV+xSDAMAwQCX7FMAwQCX7FQAwQCX7FoAwQBX7FyAwQC
X7F8AwQEba6wAwQBbcwGAwQBbcwMAwQBbcwUAwQBbcwcAwQBbcwgAwQBbcwoAwQB
bcwsAwQBbcwyAwQBbcw2MAwDBAFtzDoDBAFtzDwDBAFtzEgDBAFtzFIDBAFtzFwD
BAFtzHADBAFtzHgDBAFtzHwDBALZT2gDBALZT3QwDQYJKoZIhvcNAQELBQADggEB
AHRRquPM7MklEPgIGubDYTKtm4T1k8xZLNPUdaANQ6Ffcw9EKrxvTWslCUJDVvsF
PFc9pllkfM0Ey+dlgoKUU6dPA69HRmECoLKgmBU+V/ynVZ/0Cbb8/XX76pA16Yb7
QWn7OBrMXhvue8ncVuE/D1BrUOv8znLwi9HIX5ftJQyUiqBPcOe7cXB9E13eTNnb
jnOZzEIjlQ144iJ8/+1z02+W/1lvaaC34Kysln2zpf64HBj5qtRSv9o+5fpqFwoa
2RLkqCNN50pbsmy4oPzXnGtJYZF8fSWeIkdsomPWVdh8D37g2k91xBGfJiwPBdfz
juTQvG/L4CU0WwbN50KZ0f0=
-----END CERTIFICATE-----
Generated at Tue Jul 1 02:48:22 2025 by rpki-client