Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/8OIYkDCThDfW6SZNbMzfjq6dxRA.roa
File: 8OIYkDCThDfW6SZNbMzfjq6dxRA.roa (raw, json)
Hash identifier: PDryoI78AVRqL+j9w/KF/y77zscXbT8sgLXegaXMnWQ=
Subject key identifier: F0:E2:18:90:30:93:84:37:D6:E9:26:4D:6C:CC:DF:8E:AE:9D:C5:10
Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924
Certificate serial: 0197ACA3253B38CA50588EAD84A14CBDAF60
Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/8OIYkDCThDfW6SZNbMzfjq6dxRA.roa
Signing time: Thu 26 Jun 2025 14:27:42 +0000
ROA not before: Thu 26 Jun 2025 14:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35179
IP address blocks: 79.110.192.0/20 maxlen: 24
83.168.64.0/22 maxlen: 22
83.168.71.0/24 maxlen: 24
83.168.72.0/21 maxlen: 24
83.168.80.0/21 maxlen: 21
83.168.88.0/22 maxlen: 22
83.168.96.0/23 maxlen: 24
83.168.100.0/22 maxlen: 24
83.168.104.0/24 maxlen: 24
83.168.108.0/23 maxlen: 23
83.168.111.0/24 maxlen: 24
83.168.114.0/23 maxlen: 23
83.168.116.0/23 maxlen: 23
83.168.120.0/23 maxlen: 23
83.168.126.0/23 maxlen: 23
185.49.29.0/24 maxlen: 24
185.49.30.0/23 maxlen: 23
193.239.56.0/22 maxlen: 24
2a01:96e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:a3:25:3b:38:ca:50:58:8e:ad:84:a1:4c:bd:af:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924
Validity
Not Before: Jun 26 14:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0e2189030938437d6e9264d6cccdf8eae9dc510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4c:a3:0e:3a:ed:d3:20:fb:3c:f9:6f:e2:c1:
ae:2d:cd:29:e9:e3:98:6a:72:47:f1:5c:19:53:a4:
85:04:29:b5:56:d4:30:a5:92:74:0a:84:80:da:9c:
50:9c:6e:7d:d2:51:e7:20:3b:db:78:63:29:a7:35:
89:6d:ca:e0:36:4d:8b:59:6b:9d:5a:a8:30:07:35:
4e:ba:4b:4d:16:36:1c:3d:1e:db:68:62:91:9d:41:
a9:78:2f:b5:4f:22:ea:68:3d:fc:bc:c1:81:72:44:
a2:c0:56:5d:a6:4d:43:fa:ff:b6:e6:c5:63:42:13:
d6:ca:57:0f:4c:3a:93:68:31:71:4b:0e:c3:22:d1:
75:41:a0:5a:6c:1a:42:6d:35:5f:8c:b4:d8:a0:1d:
ac:a0:90:fd:2c:d2:6a:6a:98:7b:c1:b4:20:a7:c1:
42:44:a1:23:f5:fe:e9:ee:4b:6e:99:d1:a6:73:0f:
6c:47:88:52:fc:34:3c:d9:dc:79:a4:d2:5a:e8:cb:
2e:82:31:e8:82:6b:26:3c:5a:05:8a:b9:1d:5e:ab:
15:1a:eb:bc:cd:0e:c4:eb:8f:f0:68:ef:1b:0f:7f:
c9:d7:6d:5b:fb:bd:68:1b:83:ed:b3:06:a5:52:4f:
d6:2e:b1:66:6e:4c:25:d4:80:a2:f4:0a:66:1b:ef:
95:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E2:18:90:30:93:84:37:D6:E9:26:4D:6C:CC:DF:8E:AE:9D:C5:10
X509v3 Authority Key Identifier:
keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/8OIYkDCThDfW6SZNbMzfjq6dxRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.192.0/20
83.168.64.0/22
83.168.71.0-83.168.91.255
83.168.96.0/23
83.168.100.0-83.168.104.255
83.168.108.0/23
83.168.111.0/24
83.168.114.0-83.168.117.255
83.168.120.0/23
83.168.126.0/23
185.49.29.0-185.49.31.255
193.239.56.0/22
IPv6:
2a01:96e0::/32
Signature Algorithm: sha256WithRSAEncryption
07:87:8e:69:8f:0e:93:02:dd:e8:85:10:39:e8:50:11:33:5f:
f3:ae:3d:2c:a5:3f:ce:0e:75:2b:53:19:73:8c:e5:5e:e1:25:
77:72:e5:e2:b9:36:74:9b:33:b5:c3:15:7f:5d:a5:2c:e0:89:
56:f5:d1:23:74:8f:72:a4:07:62:54:08:73:ef:ca:f5:30:16:
9e:6d:19:c5:b7:a3:75:96:27:96:9d:51:f1:0b:34:7a:fe:c6:
e9:8b:a1:39:1d:73:48:62:1f:85:e6:79:d5:90:d9:5c:05:72:
45:6b:03:36:d5:0a:05:f9:d6:8a:b7:b4:61:28:ad:f0:46:44:
8c:f1:3d:51:a7:0a:3f:84:9b:7e:65:07:8f:77:8d:83:d4:55:
8e:fe:02:d8:64:9e:30:a1:af:20:49:0c:08:69:d6:8d:b2:1e:
79:30:0c:b2:fe:96:ac:b2:cc:18:b9:68:df:87:e3:4e:e2:b9:
9e:ae:c3:b9:21:e3:56:89:e1:0d:e6:71:d8:93:c7:ff:1a:95:
bb:c2:eb:b7:68:2e:11:58:f2:e3:90:8b:a3:b9:8a:f3:1b:17:
10:a6:e8:35:a0:e2:8f:9a:51:44:26:3c:63:90:33:18:4f:4b:
4d:89:6d:c5:48:b5:53:92:a2:04:58:24:c5:67:6d:e5:c9:60:
d7:ce:c8:03
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZesoyU7OMpQWI6thKFMva9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi
M2Q5MjQwHhcNMjUwNjI2MTQyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGUyMTg5MDMwOTM4NDM3ZDZlOTI2NGQ2Y2NjZGY4ZWFlOWRjNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEyjDjrt0yD7PPlv4sGuLc0p6eOY
anJH8VwZU6SFBCm1VtQwpZJ0CoSA2pxQnG590lHnIDvbeGMppzWJbcrgNk2LWWud
WqgwBzVOuktNFjYcPR7baGKRnUGpeC+1TyLqaD38vMGBckSiwFZdpk1D+v+25sVj
QhPWylcPTDqTaDFxSw7DItF1QaBabBpCbTVfjLTYoB2soJD9LNJqaph7wbQgp8FC
RKEj9f7p7ktumdGmcw9sR4hS/DQ82dx5pNJa6MsugjHogmsmPFoFirkdXqsVGuu8
zQ7E64/waO8bD3/J121b+71oG4PtswalUk/WLrFmbkwl1ICi9ApmG++VKwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFPDiGJAwk4Q31ukmTWzM346uncUQMB8GA1UdIwQY
MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt
ODI0NTFmMzNmNGNhLzEvOE9JWWtEQ1RoRGZXNlNaTmJNemZqcTZkeFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh
LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgDBARPbsAD
BAJTqEAwDAMEAFOoRwMEAlOoWAMEAVOoYDAMAwQCU6hkAwQAU6hoAwQBU6hsAwQA
U6hvMAwDBAFTqHIDBAFTqHQDBAFTqHgDBAFTqH4wDAMEALkxHQMEBbkxAAMEAsHv
ODANBAIAAjAHAwUAKgGW4DANBgkqhkiG9w0BAQsFAAOCAQEAB4eOaY8OkwLd6IUQ
OehQETNf8649LKU/zg51K1MZc4zlXuEld3Ll4rk2dJsztcMVf12lLOCJVvXRI3SP
cqQHYlQIc+/K9TAWnm0ZxbejdZYnlp1R8Qs0ev7G6YuhOR1zSGIfheZ51ZDZXAVy
RWsDNtUKBfnWire0YSit8EZEjPE9UacKP4SbfmUHj3eNg9RVjv4C2GSeMKGvIEkM
CGnWjbIeeTAMsv6WrLLMGLlo34fjTuK5nq7DuSHjVonhDeZx2JPH/xqVu8Lrt2gu
EVjy45CLo7mK8xsXEKboNaDij5pRRCY8Y5AzGE9LTYltxUi1U5KiBFgkxWdt5clg
187IAw==
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:24:53 2025 by rpki-client