Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jiYCba4NkCF6TDOXjnu72rA9uUc.roa
File: jiYCba4NkCF6TDOXjnu72rA9uUc.roa (raw, json)
Hash identifier: 4+b9D6PJCmNOiVJ18HK6Vf7Whs5pxNXnm7DAPLk1xLg=
Subject key identifier: 8E:26:02:6D:AE:0D:90:21:7A:4C:33:97:8E:7B:BB:DA:B0:3D:B9:47
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 0196A5E771516F93DA7AABCDBE9446B94C20
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jiYCba4NkCF6TDOXjnu72rA9uUc.roa
Signing time: Tue 06 May 2025 14:02:10 +0000
ROA not before: Tue 06 May 2025 14:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56534
IP address blocks: 82.179.248.0/22 maxlen: 22
85.142.164.0/22 maxlen: 22
85.142.168.0/21 maxlen: 21
85.142.176.0/22 maxlen: 22
85.142.208.0/22 maxlen: 22
85.142.252.0/24 maxlen: 24
85.143.144.0/22 maxlen: 22
85.143.160.0/21 maxlen: 21
85.143.176.0/22 maxlen: 22
85.143.184.0/22 maxlen: 22
85.143.203.0/24 maxlen: 24
85.143.204.0/22 maxlen: 22
85.143.250.0/24 maxlen: 24
85.143.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 08 May 2025 13:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:e7:71:51:6f:93:da:7a:ab:cd:be:94:46:b9:4c:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: May 6 14:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e26026dae0d90217a4c33978e7bbbdab03db947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c3:93:f7:28:cc:b6:2a:8f:d1:e9:a1:ee:89:
18:a8:d7:a0:b6:7c:9b:14:19:44:7f:d3:11:eb:c9:
55:a7:14:45:40:fd:e0:be:c6:02:d8:c1:f0:b6:f1:
1b:a9:95:26:99:57:d7:c3:17:c0:f2:45:9b:5b:15:
b4:66:69:9f:df:30:4f:18:48:44:b1:86:05:39:ba:
80:2c:f9:0c:ba:1c:72:af:e6:16:ff:99:14:32:b6:
5b:01:57:b9:91:71:b5:2d:5d:38:02:38:cb:e5:a4:
86:b8:f4:b0:0e:2c:e2:7d:09:bd:2d:84:75:49:c7:
55:bb:e6:7d:b8:1d:f7:46:8a:28:0f:34:de:60:1c:
f8:54:dc:7e:88:c6:f5:9f:3f:19:ab:f0:43:e1:b6:
86:f6:a0:f3:b2:0f:e2:97:3c:ba:f9:40:2a:24:89:
0d:be:b4:13:83:11:7e:bb:0a:b3:15:7a:0e:fa:fc:
d3:46:18:03:c3:56:6b:4a:a4:14:d8:a9:71:2c:4e:
bf:47:d4:ca:b8:ad:3d:ee:8e:1d:ce:22:1b:95:dc:
14:ec:ce:82:c3:5a:91:70:56:67:c5:12:34:e6:8f:
e2:46:98:48:50:9f:ce:bd:4b:0e:b9:96:2b:54:89:
93:7a:c4:f4:70:98:6b:e5:74:af:eb:59:4b:f7:30:
fd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:26:02:6D:AE:0D:90:21:7A:4C:33:97:8E:7B:BB:DA:B0:3D:B9:47
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/jiYCba4NkCF6TDOXjnu72rA9uUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.248.0/22
85.142.164.0-85.142.179.255
85.142.208.0/22
85.142.252.0/24
85.143.144.0/22
85.143.160.0/21
85.143.176.0/22
85.143.184.0/22
85.143.203.0-85.143.207.255
85.143.250.0/24
85.143.252.0/22
Signature Algorithm: sha256WithRSAEncryption
82:f7:1b:f9:4b:f9:f5:41:39:91:74:c1:ae:0e:92:73:47:f2:
5a:4a:f5:8a:50:b5:21:e3:d8:a3:84:1c:2a:8c:f2:e0:bd:ab:
f7:56:00:59:a8:1a:52:96:ef:da:99:9e:32:6b:0c:fc:49:a7:
b2:82:f8:f0:ce:8c:2c:84:43:ad:88:6f:27:02:35:5d:72:73:
7b:c1:37:e3:ed:5c:91:2c:a9:5f:7e:a1:12:f2:c5:f6:84:6d:
d3:53:ca:0b:8a:cd:65:dc:18:29:45:e1:ec:cf:5f:f6:e7:3b:
3c:5f:85:23:16:5d:b9:78:7d:64:54:1c:cc:ea:9a:d5:09:9b:
8d:c9:57:cd:39:e3:1b:b2:81:b3:71:b2:01:b6:e6:c5:3b:37:
d8:0a:56:b6:98:8a:b7:f8:f8:e3:f0:98:15:ee:ac:21:f1:d9:
21:6c:a9:8d:16:9e:58:30:c6:ad:71:b2:23:75:4b:d9:75:32:
aa:8d:60:95:68:c8:ed:6f:e9:e4:36:1f:3a:c9:d0:fa:6c:00:
8d:d5:2c:b4:c1:a1:78:08:da:7d:47:f6:47:3d:eb:6c:5c:ac:
67:86:de:78:04:b6:f1:cb:61:92:50:6a:b5:35:ae:48:d4:0c:
71:55:31:f4:30:df:5d:c4:9e:be:58:57:99:95:07:3d:9d:6d:
2a:5f:dd:d5
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZal53FRb5PaeqvNvpRGuUwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjUwNTA2MTQwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI2MDI2ZGFlMGQ5MDIxN2E0YzMzOTc4ZTdiYmJkYWIwM2RiOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcOT9yjMtiqP0emh7okYqNegtnyb
FBlEf9MR68lVpxRFQP3gvsYC2MHwtvEbqZUmmVfXwxfA8kWbWxW0Zmmf3zBPGEhE
sYYFObqALPkMuhxyr+YW/5kUMrZbAVe5kXG1LV04AjjL5aSGuPSwDizifQm9LYR1
ScdVu+Z9uB33RoooDzTeYBz4VNx+iMb1nz8Zq/BD4baG9qDzsg/ilzy6+UAqJIkN
vrQTgxF+uwqzFXoO+vzTRhgDw1ZrSqQU2KlxLE6/R9TKuK097o4dziIbldwU7M6C
w1qRcFZnxRI05o/iRphIUJ/OvUsOuZYrVImTesT0cJhr5XSv61lL9zD92wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFI4mAm2uDZAhekwzl457u9qwPblHMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvamlZQ2JhNE5rQ0Y2VERPWGpudTcyckE5dVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQCUrP4MAwD
BAJVjqQDBAJVjrADBAJVjtADBABVjvwDBAJVj5ADBANVj6ADBAJVj7ADBAJVj7gw
DAMEAFWPywMEBFWPwAMEAFWP+gMEAlWP/DANBgkqhkiG9w0BAQsFAAOCAQEAgvcb
+Uv59UE5kXTBrg6Sc0fyWkr1ilC1IePYo4QcKozy4L2r91YAWagaUpbv2pmeMmsM
/EmnsoL48M6MLIRDrYhvJwI1XXJze8E34+1ckSypX36hEvLF9oRt01PKC4rNZdwY
KUXh7M9f9uc7PF+FIxZduXh9ZFQczOqa1QmbjclXzTnjG7KBs3GyAbbmxTs32ApW
tpiKt/j44/CYFe6sIfHZIWypjRaeWDDGrXGyI3VL2XUyqo1glWjI7W/p5DYfOsnQ
+mwAjdUstMGheAjafUf2Rz3rbFysZ4beeAS28cthklBqtTWuSNQMcVUx9DDfXcSe
vlhXmZUHPZ1tKl/d1Q==
-----END CERTIFICATE-----
Generated at Wed May 7 21:22:40 2025 by rpki-client