Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jyZd5l7Ddk_EbCHmkFdw577ooYc.roa
File: jyZd5l7Ddk_EbCHmkFdw577ooYc.roa (raw, json)
Hash identifier: RcTJ0CZ+vll/p/fLOOafBOf9MzCFLr9H8J7Tkigu8Ew=
Subject key identifier: 8F:26:5D:E6:5E:C3:76:4F:C4:6C:21:E6:90:57:70:E7:BE:E8:A1:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198C6BA7473A375DC9FF28E6A4BCC7E5879
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jyZd5l7Ddk_EbCHmkFdw577ooYc.roa
Signing time: Wed 20 Aug 2025 09:06:04 +0000
ROA not before: Wed 20 Aug 2025 09:06:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.28.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c6:ba:74:73:a3:75:dc:9f:f2:8e:6a:4b:cc:7e:58:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 20 09:06:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f265de65ec3764fc46c21e6905770e7bee8a187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:60:68:59:8c:4f:29:c8:f7:85:1f:aa:7f:f1:
b2:96:0a:ce:ef:c2:88:b8:83:d1:62:85:df:51:cd:
c9:93:1d:9d:27:a2:99:5f:79:b3:03:94:d3:96:41:
e2:bc:cd:6f:e4:f2:f6:48:f1:6b:52:64:a3:10:a0:
f8:d1:d4:77:a9:06:d8:cc:35:8a:18:37:a3:9e:4c:
ea:f3:54:90:87:57:c3:f9:87:e7:f6:5b:62:08:a2:
4d:40:7e:dd:30:06:fe:a2:88:78:90:e5:1b:ae:e1:
cc:e8:7f:ce:8c:72:13:33:01:b6:93:dd:30:4c:38:
82:80:a2:71:49:5a:78:fb:80:aa:6f:71:b3:ec:ed:
0c:6e:d0:bd:5a:f6:32:21:f9:06:dc:ab:66:6f:c4:
94:40:fb:81:be:1a:aa:5d:37:eb:7d:57:fb:aa:bb:
16:c2:64:06:e7:3b:bc:fc:e0:4a:2f:b9:4e:b6:df:
af:ef:0f:35:44:85:d4:c3:39:30:c7:eb:65:61:2b:
ea:4e:c6:13:e5:2b:d7:14:1f:46:64:7c:2c:93:d2:
f6:5a:a8:e2:1f:fb:7a:76:2f:dd:ce:2d:b8:ef:de:
28:27:6d:14:55:65:ad:46:63:15:08:1f:eb:e0:fe:
b4:67:c5:ce:4d:c4:d3:52:1d:ea:10:01:72:1d:4d:
ae:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:26:5D:E6:5E:C3:76:4F:C4:6C:21:E6:90:57:70:E7:BE:E8:A1:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/jyZd5l7Ddk_EbCHmkFdw577ooYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.205.0/24
82.153.217.0/24
82.163.23.0/24
89.213.50.0/24
89.213.164.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
109.176.244.0/24
212.38.79.0/24
213.130.130.0/24
213.130.149.0/24
213.210.28.0/24
213.210.54.0/24
213.218.214.0/24
213.218.234.0/24
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
83:44:2b:91:28:04:c5:b2:b6:6d:1b:41:f0:99:ce:de:2a:3c:
b4:79:c1:f3:c4:e1:e4:e3:7b:93:d4:13:9c:3c:50:e1:86:fc:
7f:f7:3f:43:54:fd:9c:97:34:bf:40:03:54:e2:0e:a9:1b:46:
68:b0:61:ed:b0:70:c1:7b:5a:bd:10:14:03:88:c7:8b:c6:8f:
04:11:24:3f:62:ea:19:53:e8:e2:90:a7:cc:f8:48:d7:25:ed:
12:c5:86:61:7c:ce:4c:0a:8e:f6:05:bf:89:ad:b6:6b:37:c3:
e6:96:bb:07:69:f3:21:0e:f2:e2:c1:97:3d:4b:ff:32:34:ca:
9f:91:77:de:ed:30:bb:3b:58:b1:a7:4a:e7:d7:86:a5:1c:bc:
a2:ec:70:ed:1b:51:ee:f4:6a:fe:63:ef:f7:8b:2c:c6:8c:66:
00:a8:67:2c:83:be:9d:fc:97:70:0c:e7:1c:4c:31:a6:60:8c:
de:96:aa:2f:91:60:36:7d:0d:0a:e5:b5:97:d0:83:14:64:46:
7b:8d:28:53:0d:9f:46:c5:b0:9e:36:5d:f8:b6:08:7e:ca:d2:
23:52:f1:0c:16:ce:fd:5b:65:df:af:b1:38:29:21:52:c9:bc:
ce:11:a0:bb:57:c8:69:d9:e5:28:e6:7e:79:55:78:81:19:8b:
6c:e3:f5:46
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZjGunRzo3Xcn/KOakvMflh5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODIwMDkwNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjI2NWRlNjVlYzM3NjRmYzQ2YzIxZTY5MDU3NzBlN2JlZThhMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumBoWYxPKcj3hR+qf/GylgrO78KI
uIPRYoXfUc3Jkx2dJ6KZX3mzA5TTlkHivM1v5PL2SPFrUmSjEKD40dR3qQbYzDWK
GDejnkzq81SQh1fD+Yfn9ltiCKJNQH7dMAb+ooh4kOUbruHM6H/OjHITMwG2k90w
TDiCgKJxSVp4+4Cqb3Gz7O0MbtC9WvYyIfkG3Ktmb8SUQPuBvhqqXTfrfVf7qrsW
wmQG5zu8/OBKL7lOtt+v7w81RIXUwzkwx+tlYSvqTsYT5SvXFB9GZHwsk9L2Wqji
H/t6di/dzi24794oJ20UVWWtRmMVCB/r4P60Z8XOTcTTUh3qEAFyHU2ugQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFI8mXeZew3ZPxGwh5pBXcOe+6KGHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvanlaZDVsN0Rka19FYkNIbWtGZHc1Nzdvb1ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBABS
mAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwMEAFKYYgMEAFKYbQMEAFKY4gME
AFKY8AMEAFKY8wMEAFKZzQMEAFKZ2QMEAFKjFwMEAFnVMgMEAFnVpDAMAwQDbbAo
AwQDbbAwAwQAbbCZAwQAbbD0AwQA1CZPAwQA1YKCAwQA1YKVAwQA1dIcAwQA1dI2
AwQA1drWAwQA1drqAwQA1druMA0GCSqGSIb3DQEBCwUAA4IBAQCDRCuRKATFsrZt
G0Hwmc7eKjy0ecHzxOHk43uT1BOcPFDhhvx/9z9DVP2clzS/QANU4g6pG0ZosGHt
sHDBe1q9EBQDiMeLxo8EESQ/YuoZU+jikKfM+EjXJe0SxYZhfM5MCo72Bb+JrbZr
N8PmlrsHafMhDvLiwZc9S/8yNMqfkXfe7TC7O1ixp0rn14alHLyi7HDtG1Hu9Gr+
Y+/3iyzGjGYAqGcsg76d/JdwDOccTDGmYIzelqovkWA2fQ0K5bWX0IMUZEZ7jShT
DZ9GxbCeNl34tgh+ytIjUvEMFs79W2Xfr7E4KSFSybzOEaC7V8hp2eUo5n55VXiB
GYts4/VG
-----END CERTIFICATE-----
Generated at Sat Aug 23 12:15:39 2025 by rpki-client