Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/y8iS8tleElOyte-JeYh4Dq2HQdQ.roa
File: y8iS8tleElOyte-JeYh4Dq2HQdQ.roa (raw, json)
Hash identifier: w4RufdDSavSTM6kQpcDOAtc9GCwrPgmFgYh1WnUGNU8=
Subject key identifier: CB:C8:92:F2:D9:5E:12:53:B2:B5:EF:89:79:88:78:0E:AD:87:41:D4
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 019889BA9BAF196F22431EABCD2E313B4A69
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/y8iS8tleElOyte-JeYh4Dq2HQdQ.roa
Signing time: Fri 08 Aug 2025 12:49:24 +0000
ROA not before: Fri 08 Aug 2025 12:49:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 37.221.124.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.120.179.0/24 maxlen: 24
86.104.75.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.132.133.0/24 maxlen: 24
91.132.134.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
103.113.69.0/24 maxlen: 24
103.231.72.0/24 maxlen: 24
103.231.73.0/24 maxlen: 24
146.19.75.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
176.120.74.0/24 maxlen: 24
185.234.56.0/24 maxlen: 24
185.234.58.0/24 maxlen: 24
185.234.67.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
213.159.65.0/24 maxlen: 24
213.159.67.0/24 maxlen: 24
213.159.68.0/24 maxlen: 24
213.159.69.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c43::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a0b:cf40::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a11:3803::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c00::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d84::/32 maxlen: 32
2a14:2d86::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:ba:9b:af:19:6f:22:43:1e:ab:cd:2e:31:3b:4a:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Aug 8 12:49:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbc892f2d95e1253b2b5ef897988780ead8741d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f0:05:bb:e7:f0:5d:fb:f9:73:44:af:c3:36:
4c:21:c0:38:b6:b5:a4:2b:66:78:bd:d1:f0:c0:84:
16:69:b2:d3:1f:a2:c3:c9:42:82:cc:57:0e:4a:07:
20:7d:29:aa:df:4d:59:b7:80:11:1d:2f:f7:a7:86:
18:f4:12:63:63:db:dc:70:45:bd:ba:05:4d:3d:46:
d9:0c:b1:6a:39:e3:db:14:47:cb:00:c7:29:f1:9a:
83:e1:9d:1e:cc:c8:a7:6c:b8:7b:81:09:55:a3:c3:
5f:5a:00:0b:10:c6:26:6f:ab:50:9a:b9:30:e8:8a:
80:3b:0b:24:ff:ce:73:4f:f5:22:6f:56:9d:c6:12:
12:fd:5d:22:aa:cd:7e:e3:14:3d:9c:e0:e6:a3:02:
be:a7:57:82:1b:c2:da:9e:bd:85:ce:38:47:27:93:
f2:a8:f2:3c:7d:da:24:f2:44:d4:25:ff:ec:f9:a4:
6b:9c:9d:f0:c6:f2:aa:39:6a:56:4f:bb:cf:7b:33:
8b:d9:83:0a:b9:f0:61:a9:1f:27:cd:4b:55:e8:8e:
94:31:23:4a:87:40:3d:02:44:0f:07:83:db:ef:7c:
03:de:8c:05:86:cc:af:d9:7f:03:0f:c2:fa:54:31:
b8:ed:54:80:a6:6b:f5:77:57:28:93:3d:7a:7c:40:
04:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C8:92:F2:D9:5E:12:53:B2:B5:EF:89:79:88:78:0E:AD:87:41:D4
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/y8iS8tleElOyte-JeYh4Dq2HQdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/24
45.67.229.0/24
45.120.179.0/24
86.104.75.0/24
89.221.224.0/24
91.132.133.0-91.132.134.255
91.194.161.0/24
94.131.8.0/24
94.131.10.0/24
94.131.13.0-94.131.14.255
94.131.96.0/24
94.131.100.0/24
94.131.104.0/24
94.131.117.0/24
94.131.119.0/24
103.113.69.0/24
103.231.72.0/23
146.19.75.0/24
146.19.170.0/24
176.120.67.0/24
176.120.74.0/24
185.234.56.0/24
185.234.58.0/24
185.234.67.0/24
185.242.84.0/24
185.250.148.0/24
213.159.65.0/24
213.159.67.0-213.159.69.255
213.159.77.0-213.159.79.255
IPv6:
2a09:7c43::/32
2a09:7c46::/32
2a0b:cf40::/32
2a0b:cf43::/32
2a11:3803::/32
2a11:3805::/32
2a11:3c00::/31
2a11:4c00::/32
2a11:4c04::/32
2a11:4c06::/32
2a11:7e06::/32
2a14:2d80::/32
2a14:2d83::-2a14:2d84:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d86::/32
2a14:3081::/32
2a14:3084::/32
2a14:3086::/32
Signature Algorithm: sha256WithRSAEncryption
65:43:86:04:0f:f8:f2:7f:fd:55:90:df:eb:86:28:dd:e0:4b:
4e:be:ff:dd:3d:5e:63:88:59:71:e7:88:c2:49:44:71:ea:2d:
14:c5:83:c9:1f:e8:6e:67:83:8a:70:32:a5:19:b7:ae:a1:f6:
11:04:bd:99:a6:fe:ff:a5:c4:af:60:2b:e5:83:bf:cb:ac:99:
1a:7b:6e:ea:d7:1f:50:93:af:87:8c:b5:e9:cb:dd:40:e3:98:
75:38:87:0a:de:a7:e7:15:4f:ef:eb:d8:2a:1f:ad:3b:ca:92:
52:2c:01:ee:d9:a2:5c:fe:84:80:ff:63:28:f7:5d:c9:61:cc:
f9:2e:7d:4c:df:58:ca:f2:0f:23:91:fb:22:b8:96:bc:25:8b:
b5:5a:a1:4d:1b:ba:bc:22:52:6a:85:e4:ff:e4:47:8b:dc:c5:
bb:a7:65:5a:6f:01:7a:74:4c:75:70:ed:a3:19:98:fc:6f:85:
5a:6b:79:f8:d8:d2:86:e7:89:8e:31:ac:68:d0:47:c4:45:bc:
51:a2:58:0b:ea:06:6a:41:ca:50:52:6f:69:27:c1:47:08:d1:
bf:75:0a:f5:a5:91:81:35:99:f8:9a:ed:dc:e6:f7:fd:b5:70:
be:fd:6f:23:c9:06:41:be:7d:86:a7:07:2b:ea:09:56:08:e4:
9d:c1:23:39
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAZiJupuvGW8iQx6rzS4xO0ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwODA4MTI0OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmM4OTJmMmQ5NWUxMjUzYjJiNWVmODk3OTg4NzgwZWFkODc0MWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/AFu+fwXfv5c0SvwzZMIcA4trWk
K2Z4vdHwwIQWabLTH6LDyUKCzFcOSgcgfSmq301Zt4ARHS/3p4YY9BJjY9vccEW9
ugVNPUbZDLFqOePbFEfLAMcp8ZqD4Z0ezMinbLh7gQlVo8NfWgALEMYmb6tQmrkw
6IqAOwsk/85zT/Uib1adxhIS/V0iqs1+4xQ9nODmowK+p1eCG8Lanr2FzjhHJ5Py
qPI8fdok8kTUJf/s+aRrnJ3wxvKqOWpWT7vPezOL2YMKufBhqR8nzUtV6I6UMSNK
h0A9AkQPB4Pb73wD3owFhsyv2X8DD8L6VDG47VSApmv1d1cokz16fEAEOwIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFMvIkvLZXhJTsrXviXmIeA6th0HUMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEveThpUzh0bGVFbE95dGUtSmVZaDREcTJIUWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCB1QQCAAEwgc4D
BAAl3XwDBAAtQ+UDBAAteLMDBABWaEsDBABZ3eAwDAMEAFuEhQMEAFuEhgMEAFvC
oQMEAF6DCAMEAF6DCjAMAwQAXoMNAwQAXoMOAwQAXoNgAwQAXoNkAwQAXoNoAwQA
XoN1AwQAXoN3AwQAZ3FFAwQBZ+dIAwQAkhNLAwQAkhOqAwQAsHhDAwQAsHhKAwQA
ueo4AwQAueo6AwQAuepDAwQAufJUAwQAufqUAwQA1Z9BMAwDBADVn0MDBAHVn0Qw
DAMEANWfTQMEBNWfQDCBhwQCAAIwgYADBQAqCXxDAwUAKgl8RgMFACoLz0ADBQAq
C89DAwUAKhE4AwMFACoROAUDBQEqETwAAwUAKhFMAAMFACoRTAQDBQAqEUwGAwUA
KhF+BgMFACoULYAwDgMFACoULYMDBQAqFC2EAwUAKhQthgMFACoUMIEDBQAqFDCE
AwUAKhQwhjANBgkqhkiG9w0BAQsFAAOCAQEAZUOGBA/48n/9VZDf64Yo3eBLTr7/
3T1eY4hZceeIwklEceotFMWDyR/obmeDinAypRm3rqH2EQS9mab+/6XEr2Ar5YO/
y6yZGntu6tcfUJOvh4y16cvdQOOYdTiHCt6n5xVP7+vYKh+tO8qSUiwB7tmiXP6E
gP9jKPddyWHM+S59TN9YyvIPI5H7IriWvCWLtVqhTRu6vCJSaoXk/+RHi9zFu6dl
Wm8BenRMdXDtoxmY/G+FWmt5+NjShueJjjGsaNBHxEW8UaJYC+oGakHKUFJvaSfB
RwjRv3UK9aWRgTWZ+Jrt3Ob3/bVwvv1vI8kGQb59hqcHK+oJVgjkncEjOQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:20:31 2025 by rpki-client