Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tXgGYpQySZlc44p9Eh-xxfclD6Y.roa
File: tXgGYpQySZlc44p9Eh-xxfclD6Y.roa (raw, json)
Hash identifier: MeCWMbRP6Q9c7iL6SmUJQbG+rf+97CFi3dVeXy0XP4M=
Subject key identifier: B5:78:06:62:94:32:49:99:5C:E3:8A:7D:12:1F:B1:C5:F7:25:0F:A6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0198AC313BF110224E65D352C7D13084F26A
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tXgGYpQySZlc44p9Eh-xxfclD6Y.roa
Signing time: Fri 15 Aug 2025 05:26:04 +0000
ROA not before: Fri 15 Aug 2025 05:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.37.119.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.85.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.118.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
93.113.183.0/24 maxlen: 24
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ac:31:3b:f1:10:22:4e:65:d3:52:c7:d1:30:84:f2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Aug 15 05:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5780662943249995ce38a7d121fb1c5f7250fa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:7b:1d:0d:69:13:4f:c3:1e:90:71:80:78:03:
c7:18:c4:4e:fd:a8:5b:24:29:a4:c0:d0:62:70:2a:
f1:a5:d8:5c:59:2d:67:4a:08:d8:b7:79:61:52:9b:
2a:db:2d:c0:39:5a:59:6d:36:08:d0:0b:77:93:26:
23:dc:26:54:82:11:d2:e8:35:43:f1:02:62:1e:15:
ab:d1:f9:18:8d:80:dd:16:d0:1c:e2:13:94:a4:9e:
1a:3f:5b:7e:c9:92:76:25:27:bb:fe:92:6e:3e:18:
de:04:52:56:5a:ed:80:c9:15:d5:c1:f1:b4:c6:81:
a0:97:dd:8b:b1:12:15:72:f7:e8:df:76:e2:ca:6c:
eb:ee:fb:5b:6a:1a:e4:e4:dc:ef:46:8b:eb:6d:57:
0b:ed:13:b9:33:2c:f9:95:91:14:c5:9b:cb:f9:24:
1d:ef:a3:44:e6:4f:df:ec:13:f0:ac:cd:b3:52:88:
69:f6:2a:64:6e:80:e1:c6:6c:82:08:66:3f:68:d5:
df:67:4c:05:e4:ed:6a:a6:3d:e3:34:c5:bb:85:b1:
6b:aa:47:92:8c:e1:d1:d5:a5:69:12:b4:14:00:5a:
6c:71:8e:15:d3:b0:aa:e7:34:c7:59:cf:f1:c7:58:
16:fd:5e:cf:d2:35:6d:3c:32:b1:8f:f0:1f:8d:b9:
8d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:78:06:62:94:32:49:99:5C:E3:8A:7D:12:1F:B1:C5:F7:25:0F:A6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/tXgGYpQySZlc44p9Eh-xxfclD6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.37.119.0/24
89.38.228.0/23
89.40.82.0/24
89.42.80.0-89.42.82.255
89.42.85.0-89.42.86.255
89.42.89.0/24
89.42.92.0/23
89.42.95.0/24
89.43.140.0/24
89.43.142.0/23
89.46.3.0-89.46.4.255
89.47.99.0/24
89.47.115.0/24
89.47.117.0-89.47.119.255
89.47.123.0-89.47.126.255
93.113.176.0/24
93.113.181.0/24
93.113.183.0/24
93.114.90.0/23
93.119.106.0/24
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f7:28:88:8c:64:0f:0b:12:f0:f6:c0:85:55:1e:41:56:7c:
b8:04:26:f0:44:aa:ef:f8:89:7c:6b:59:91:2b:95:77:d0:b6:
c8:88:d5:80:fd:09:16:99:a0:90:fc:9e:8c:31:cb:b0:98:e0:
d2:b3:a3:2c:d3:6c:06:0c:7f:dd:d4:57:e4:99:c0:98:c2:91:
44:5a:64:23:8e:f7:45:f4:57:b4:97:dd:6f:7f:50:2f:43:1f:
e8:f3:53:a7:ed:88:05:1c:8e:4b:fc:14:e6:9d:9b:bc:97:38:
f1:a8:65:05:ff:24:a9:fa:e3:9f:0b:00:99:7c:4a:b0:ed:0b:
a1:29:87:3f:59:f9:e7:17:b0:2e:63:ab:ef:2a:94:72:26:8b:
1c:34:1e:b2:e6:c9:26:b5:0a:00:0e:a1:02:dc:45:d0:63:fd:
27:52:35:c3:81:24:ea:ff:0d:e0:0a:69:95:94:db:66:5f:1f:
b3:71:b5:11:f2:89:63:e4:55:f0:9d:f3:31:ff:70:f4:4e:04:
d3:18:5e:25:f4:00:10:50:95:10:c0:bd:e4:99:77:8e:8c:09:
ef:81:99:c3:34:b5:88:84:c4:3c:2f:d1:af:39:13:37:36:76:
30:02:ac:6e:82:0e:72:9c:9c:f6:21:58:d0:dd:85:b0:63:2b:
38:f6:b5:e3
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZisMTvxECJOZdNSx9EwhPJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwODE1MDUyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTc4MDY2Mjk0MzI0OTk5NWNlMzhhN2QxMjFmYjFjNWY3MjUwZmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9XsdDWkTT8MekHGAeAPHGMRO/ahb
JCmkwNBicCrxpdhcWS1nSgjYt3lhUpsq2y3AOVpZbTYI0At3kyYj3CZUghHS6DVD
8QJiHhWr0fkYjYDdFtAc4hOUpJ4aP1t+yZJ2JSe7/pJuPhjeBFJWWu2AyRXVwfG0
xoGgl92LsRIVcvfo33biymzr7vtbahrk5NzvRovrbVcL7RO5Myz5lZEUxZvL+SQd
76NE5k/f7BPwrM2zUohp9ipkboDhxmyCCGY/aNXfZ0wF5O1qpj3jNMW7hbFrqkeS
jOHR1aVpErQUAFpscY4V07Cq5zTHWc/xx1gW/V7P0jVtPDKxj/AfjbmNyQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFLV4BmKUMkmZXOOKfRIfscX3JQ+mMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvdFhnR1lwUXlTWmxjNDRwOUVoLXh4ZmNsRDZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAFZ
IuADBABZIuQDBABZIucDBABZJXcDBAFZJuQDBABZKFIwDAMEBFkqUAMEAFkqUjAM
AwQAWSpVAwQAWSpWAwQAWSpZAwQBWSpcAwQAWSpfAwQAWSuMAwQBWSuOMAwDBABZ
LgMDBABZLgQDBABZL2MDBABZL3MwDAMEAFkvdQMEA1kvcDAMAwQAWS97AwQAWS9+
AwQAXXGwAwQAXXG1AwQAXXG3AwQBXXJaAwQAXXdqAwQAuWVpMA0GCSqGSIb3DQEB
CwUAA4IBAQB09yiIjGQPCxLw9sCFVR5BVny4BCbwRKrv+Il8a1mRK5V30LbIiNWA
/QkWmaCQ/J6MMcuwmODSs6Ms02wGDH/d1FfkmcCYwpFEWmQjjvdF9Fe0l91vf1Av
Qx/o81On7YgFHI5L/BTmnZu8lzjxqGUF/ySp+uOfCwCZfEqw7QuhKYc/WfnnF7Au
Y6vvKpRyJoscNB6y5skmtQoADqEC3EXQY/0nUjXDgSTq/w3gCmmVlNtmXx+zcbUR
8olj5FXwnfMx/3D0TgTTGF4l9AAQUJUQwL3kmXeOjAnvgZnDNLWIhMQ8L9GvORM3
NnYwAqxugg5ynJz2IVjQ3YWwYys49rXj
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:43:31 2025 by rpki-client