
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IuV-6SWrCp8akHcG4XGuf63FGmw.roa
File: IuV-6SWrCp8akHcG4XGuf63FGmw.roa (raw, json)
Hash identifier: NSshUaLiddHa4TTgeZmwMZHbVzZCiD7/IIzDOony558=
Subject key identifier: 22:E5:7E:E9:25:AB:0A:9F:1A:90:77:06:E1:71:AE:7F:AD:C5:1A:6C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01989E49FCA82FA834C62E7DADC152F5728C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IuV-6SWrCp8akHcG4XGuf63FGmw.roa
Signing time: Tue 12 Aug 2025 12:38:25 +0000
ROA not before: Tue 12 Aug 2025 12:38:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 89.213.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:49:fc:a8:2f:a8:34:c6:2e:7d:ad:c1:52:f5:72:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 12 12:38:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22e57ee925ab0a9f1a907706e171ae7fadc51a6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d6:c8:4c:9e:44:e5:e1:52:e1:f7:47:3f:a3:
4c:07:de:8e:85:37:0e:3c:09:5b:1d:8a:aa:70:3e:
b0:a2:35:47:09:d4:4f:7a:8f:35:64:36:db:a7:6e:
f6:cb:91:af:d8:2b:a4:17:c2:55:4c:bf:b4:54:ad:
da:b1:6e:2b:f5:31:51:8f:12:e7:2b:85:5e:9f:04:
97:25:81:6c:5a:bf:77:94:62:a6:66:6b:da:b4:15:
1c:86:4a:22:7d:5c:84:26:82:a3:61:82:85:bb:90:
cb:9c:28:c2:f9:be:84:48:e4:7e:5e:0a:b7:6c:09:
92:e6:08:bf:01:be:7a:ac:a2:aa:49:83:0e:d1:9b:
a6:bf:57:60:c9:c8:69:1f:dd:2a:58:3e:e2:41:dd:
29:4e:5a:b3:36:ad:1d:77:c0:dd:5e:a7:2d:6e:6d:
c4:66:62:e7:e2:73:32:ba:c1:39:2d:df:6c:89:aa:
92:8f:ac:2c:20:06:a9:41:82:7d:fd:3c:31:50:6a:
4a:24:41:a8:84:4b:df:de:01:8b:2c:4d:57:1e:d0:
b7:94:61:69:43:af:de:4f:6e:cd:53:81:64:95:6b:
b1:6a:ed:b2:7e:ab:54:90:1c:db:0e:5a:64:23:19:
92:67:80:9c:62:7b:b1:7a:93:12:0d:d5:02:66:ea:
c8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E5:7E:E9:25:AB:0A:9F:1A:90:77:06:E1:71:AE:7F:AD:C5:1A:6C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IuV-6SWrCp8akHcG4XGuf63FGmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.183.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ac:4a:e0:53:54:d8:14:43:6d:af:26:a7:a1:be:63:b3:36:
a0:f4:17:2a:a5:67:9c:88:de:24:8c:8b:d7:c6:ab:5a:27:e6:
c7:c6:cb:57:e7:1f:7c:c5:b6:e5:ad:a1:92:10:8f:bb:d7:bd:
cd:a8:9c:cb:18:3b:1a:7f:21:65:d3:99:55:65:ba:88:5b:ab:
29:10:74:a1:2d:26:af:8b:f5:ea:43:63:4a:49:dc:c8:6a:fc:
3e:53:07:d1:f7:23:58:78:70:cc:bb:7c:e5:64:51:e7:5b:5b:
da:c2:9e:53:50:39:d4:60:c7:08:e4:db:b0:d2:94:b2:24:5b:
70:1c:6b:72:f5:6c:f4:9a:b8:ab:03:f7:f4:af:e3:17:cf:aa:
3c:6d:ce:91:82:4c:60:1a:c6:1a:57:c1:f0:ef:ce:ff:0d:bf:
12:57:1b:22:25:00:9e:fe:37:25:28:21:d9:be:84:81:15:2d:
04:30:07:88:61:d6:69:59:aa:db:7d:14:51:40:eb:c4:17:c0:
16:66:71:ee:be:38:c0:73:4e:41:9a:3d:70:27:66:33:1a:04:
46:f0:e3:15:d2:11:cd:b6:97:b6:d6:56:32:ef:bb:d2:88:13:
62:5a:4f:5f:61:60:36:ed:a4:4b:c2:30:c2:9d:e0:aa:17:ea:
fe:98:d7:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZieSfyoL6g0xi59rcFS9XKMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODEyMTIzODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmU1N2VlOTI1YWIwYTlmMWE5MDc3MDZlMTcxYWU3ZmFkYzUxYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktbITJ5E5eFS4fdHP6NMB96OhTcO
PAlbHYqqcD6wojVHCdRPeo81ZDbbp272y5Gv2CukF8JVTL+0VK3asW4r9TFRjxLn
K4VenwSXJYFsWr93lGKmZmvatBUchkoifVyEJoKjYYKFu5DLnCjC+b6ESOR+Xgq3
bAmS5gi/Ab56rKKqSYMO0Zumv1dgychpH90qWD7iQd0pTlqzNq0dd8DdXqctbm3E
ZmLn4nMyusE5Ld9siaqSj6wsIAapQYJ9/TwxUGpKJEGohEvf3gGLLE1XHtC3lGFp
Q6/eT27NU4FklWuxau2yfqtUkBzbDlpkIxmSZ4CcYnuxepMSDdUCZurI5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLlfuklqwqfGpB3BuFxrn+txRpsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSXVWLTZTV3JDcDhha0hjRzRYR3VmNjNGR213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdW3MA0G
CSqGSIb3DQEBCwUAA4IBAQCnrErgU1TYFENtryanob5jszag9BcqpWeciN4kjIvX
xqtaJ+bHxstX5x98xbblraGSEI+7173NqJzLGDsafyFl05lVZbqIW6spEHShLSav
i/XqQ2NKSdzIavw+UwfR9yNYeHDMu3zlZFHnW1vawp5TUDnUYMcI5Nuw0pSyJFtw
HGty9Wz0mrirA/f0r+MXz6o8bc6RgkxgGsYaV8Hw787/Db8SVxsiJQCe/jclKCHZ
voSBFS0EMAeIYdZpWarbfRRRQOvEF8AWZnHuvjjAc05Bmj1wJ2YzGgRG8OMV0hHN
tpe21lYy77vSiBNiWk9fYWA27aRLwjDCneCqF+r+mNfn
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:01:09 2025 by rpki-client