Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/oi0U9f8KU3xL5hcxj-l_j_oxaQE.roa
File: oi0U9f8KU3xL5hcxj-l_j_oxaQE.roa (raw, json)
Hash identifier: VaBV5SBKPM+Ny0Aym3FdNVG9ABI2dtE3XxpwOFbyKqQ=
Subject key identifier: A2:2D:14:F5:FF:0A:53:7C:4B:E6:17:31:8F:E9:7F:8F:FA:31:69:01
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 0197CB325386D242AEEDDED96216ABF74C95
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/oi0U9f8KU3xL5hcxj-l_j_oxaQE.roa
Signing time: Wed 02 Jul 2025 12:52:42 +0000
ROA not before: Wed 02 Jul 2025 12:52:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44515
IP address blocks: 82.221.0.0/17 maxlen: 17
82.221.0.0/21 maxlen: 21
82.221.22.0/24 maxlen: 24
82.221.28.0/24 maxlen: 24
82.221.46.0/23 maxlen: 23
82.221.64.0/22 maxlen: 23
82.221.68.0/22 maxlen: 22
82.221.80.0/21 maxlen: 21
82.221.80.0/24 maxlen: 24
82.221.81.0/24 maxlen: 24
82.221.84.0/24 maxlen: 24
82.221.88.0/22 maxlen: 22
82.221.92.0/22 maxlen: 22
82.221.161.0/24 maxlen: 24
82.221.162.0/24 maxlen: 24
82.221.165.0/24 maxlen: 24
82.221.166.0/24 maxlen: 24
212.30.224.0/19 maxlen: 19
212.30.229.0/24 maxlen: 24
212.30.242.0/24 maxlen: 24
2a02:f48::/40 maxlen: 40
2a02:f48:2100::/40 maxlen: 40
2a02:f48:2104::/48 maxlen: 48
2a02:f48:2105::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:32:53:86:d2:42:ae:ed:de:d9:62:16:ab:f7:4c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jul 2 12:52:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a22d14f5ff0a537c4be617318fe97f8ffa316901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ed:21:0f:52:02:59:91:c1:a4:f0:5e:2a:d1:
c3:5c:13:c1:37:da:db:c7:85:63:e4:e2:7e:3d:7d:
89:c5:17:58:77:ea:37:3b:27:f4:2b:3e:4d:76:f9:
89:70:26:97:8a:39:9d:a2:5a:57:c4:57:9a:95:fb:
33:aa:5d:d5:b2:f5:29:e6:9a:8b:7b:ee:d9:54:35:
96:ca:c9:0f:2f:61:42:e8:5b:4c:73:fd:af:be:99:
6b:ef:03:1d:bc:d8:c6:08:8a:f7:bc:0f:be:e0:a8:
d3:c0:85:48:c1:29:50:de:d9:29:d9:ab:d8:7d:ff:
97:95:11:27:ed:69:c2:33:67:e8:2e:84:52:13:40:
76:32:94:b3:aa:3a:be:68:2f:e7:3b:af:3e:2a:cc:
dc:a6:9a:1c:cf:8b:ba:8e:02:d1:e7:9b:16:cc:11:
aa:3b:4a:76:c2:03:84:e7:ab:e3:45:11:55:6a:40:
c8:47:15:16:59:91:cc:ea:e2:07:f3:12:ef:93:16:
d8:c8:cd:d3:db:f6:0a:1c:48:0a:50:eb:eb:1d:c3:
96:aa:38:e3:58:61:ce:28:a2:62:f7:a5:94:51:f0:
8f:66:dc:9d:5f:a0:e1:20:98:f0:44:3a:6e:32:e8:
b1:b4:bc:b3:c6:31:cf:b9:c1:76:e5:c2:d4:f8:76:
4c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:2D:14:F5:FF:0A:53:7C:4B:E6:17:31:8F:E9:7F:8F:FA:31:69:01
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/oi0U9f8KU3xL5hcxj-l_j_oxaQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.0.0/17
82.221.161.0-82.221.162.255
82.221.165.0-82.221.166.255
212.30.224.0/19
IPv6:
2a02:f48::/40
2a02:f48:2100::/40
Signature Algorithm: sha256WithRSAEncryption
58:f5:75:71:26:78:99:73:c4:ea:d1:49:51:67:71:c7:ff:b2:
a6:28:e6:78:3d:7d:25:48:3f:14:fc:83:24:f4:a0:85:9e:bd:
d6:65:65:d4:73:4b:1c:05:9c:10:b7:ea:58:f8:93:07:1d:91:
04:df:4f:b1:7a:a2:4a:b7:85:86:1b:28:1f:4c:c1:98:45:84:
69:10:a9:22:52:ad:dd:9a:57:ae:e3:c9:45:6c:cd:ab:f4:cf:
3d:c2:8a:28:2d:8b:14:8f:3b:4a:1f:55:28:fb:ad:ac:5e:60:
60:0f:21:aa:71:ab:c1:c2:0e:f8:b6:0d:51:9e:fb:f5:b2:bc:
fc:8b:85:be:bf:ba:ef:1a:08:60:88:dc:4c:b8:97:d8:a1:2d:
1c:20:13:ed:2c:e3:5c:ea:21:8a:d2:03:04:3e:29:62:ab:c9:
57:88:34:9c:d0:bc:42:e6:d9:cf:14:77:62:c0:7c:2a:ff:65:
cb:3f:d3:8f:0d:cf:f1:41:c5:f8:c9:7d:a6:13:cd:a0:03:48:
30:5d:02:e2:bf:75:33:f9:31:4e:a3:28:63:c4:88:ad:3d:70:
7b:88:9f:6f:20:07:60:ab:65:12:c1:9d:c7:d1:3b:af:b0:b7:
01:f1:89:3d:df:a3:48:07:7c:3c:18:ee:f1:20:8f:5b:16:fc:
08:cc:c4:4e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZfLMlOG0kKu7d7ZYhar90yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjUwNzAyMTI1MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjJkMTRmNWZmMGE1MzdjNGJlNjE3MzE4ZmU5N2Y4ZmZhMzE2OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+0hD1ICWZHBpPBeKtHDXBPBN9rb
x4Vj5OJ+PX2JxRdYd+o3Oyf0Kz5NdvmJcCaXijmdolpXxFealfszql3VsvUp5pqL
e+7ZVDWWyskPL2FC6FtMc/2vvplr7wMdvNjGCIr3vA++4KjTwIVIwSlQ3tkp2avY
ff+XlREn7WnCM2foLoRSE0B2MpSzqjq+aC/nO68+Kszcppocz4u6jgLR55sWzBGq
O0p2wgOE56vjRRFVakDIRxUWWZHM6uIH8xLvkxbYyM3T2/YKHEgKUOvrHcOWqjjj
WGHOKKJi96WUUfCPZtydX6DhIJjwRDpuMuixtLyzxjHPucF25cLU+HZM2wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFKItFPX/ClN8S+YXMY/pf4/6MWkBMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvb2kwVTlmOEtVM3hMNWhjeGotbF9qX294YVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAuBAIAATAoAwQHUt0AMAwD
BABS3aEDBABS3aIwDAMEAFLdpQMEAFLdpgMEBdQe4DAWBAIAAjAQAwYAKgIPSAAD
BgAqAg9IITANBgkqhkiG9w0BAQsFAAOCAQEAWPV1cSZ4mXPE6tFJUWdxx/+ypijm
eD19JUg/FPyDJPSghZ691mVl1HNLHAWcELfqWPiTBx2RBN9PsXqiSreFhhsoH0zB
mEWEaRCpIlKt3ZpXruPJRWzNq/TPPcKKKC2LFI87Sh9VKPutrF5gYA8hqnGrwcIO
+LYNUZ779bK8/IuFvr+67xoIYIjcTLiX2KEtHCAT7SzjXOohitIDBD4pYqvJV4g0
nNC8QubZzxR3YsB8Kv9lyz/Tjw3P8UHF+Ml9phPNoANIMF0C4r91M/kxTqMoY8SI
rT1we4ifbyAHYKtlEsGdx9E7r7C3AfGJPd+jSAd8PBju8SCPWxb8CMzETg==
-----END CERTIFICATE-----
Generated at Fri Jul 4 06:56:51 2025 by rpki-client