Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/8Zr1EuEk0Vxvcc2k5pXuwrw-ABA.roa
File: 8Zr1EuEk0Vxvcc2k5pXuwrw-ABA.roa (raw, json)
Hash identifier: pM0cNbzIutHb3vT5BUaqDjHoT7A2zJT+29QTInvcw4E=
Subject key identifier: F1:9A:F5:12:E1:24:D1:5C:6F:71:CD:A4:E6:95:EE:C2:BC:3E:00:10
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01977CDB52EA3B79FD5F337B1C677221FAAA
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/8Zr1EuEk0Vxvcc2k5pXuwrw-ABA.roa
Signing time: Tue 17 Jun 2025 07:47:17 +0000
ROA not before: Tue 17 Jun 2025 07:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29286
IP address blocks: 84.22.64.0/24 maxlen: 24
84.22.65.0/24 maxlen: 24
84.22.67.0/24 maxlen: 24
84.22.68.0/24 maxlen: 24
84.22.79.0/24 maxlen: 24
84.22.86.0/24 maxlen: 24
128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.225.0/24 maxlen: 24
213.180.226.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.229.0/24 maxlen: 24
213.180.230.0/24 maxlen: 24
213.180.247.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7c:db:52:ea:3b:79:fd:5f:33:7b:1c:67:72:21:fa:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Jun 17 07:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f19af512e124d15c6f71cda4e695eec2bc3e0010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:7c:0b:8e:d7:c4:30:4e:54:5b:30:81:53:
77:01:27:70:c3:1b:0b:c4:c6:fc:03:0d:23:77:8c:
98:72:76:a0:ce:67:fd:f1:9c:02:15:08:21:98:3f:
14:4c:ee:17:e8:d8:f5:31:65:82:b8:dc:de:53:41:
a3:b0:6c:5c:84:59:c7:e1:98:f8:a0:d1:9a:69:b2:
76:1c:19:4e:7c:cc:db:1d:29:ec:18:f0:0c:30:63:
e4:21:c0:43:f6:da:7b:6f:f7:35:db:34:35:1b:68:
fc:36:dc:f7:f8:a2:93:45:c6:8c:71:cf:57:18:da:
ff:62:b0:79:09:70:a5:8c:e3:b8:f1:5f:63:86:3b:
80:23:e0:61:8e:23:60:6c:4e:79:23:6a:b3:52:7b:
d9:c4:01:9c:9c:a0:d8:25:af:16:85:08:99:fc:47:
e1:7b:9b:09:cb:bb:26:11:a4:92:87:8f:11:15:93:
a6:44:44:fb:1d:75:3a:96:5f:50:2f:63:fc:48:df:
56:53:b7:c0:34:b8:6a:b2:77:ef:8a:c8:4e:66:2f:
d1:a1:27:5c:26:2e:54:ee:17:0b:38:70:24:2a:68:
fd:35:50:61:fe:88:c4:87:10:69:51:51:77:90:d8:
16:12:ed:9b:32:1c:a3:e0:7a:61:04:1c:56:22:a8:
b6:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:9A:F5:12:E1:24:D1:5C:6F:71:CD:A4:E6:95:EE:C2:BC:3E:00:10
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/8Zr1EuEk0Vxvcc2k5pXuwrw-ABA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.22.64.0/23
84.22.67.0-84.22.68.255
84.22.79.0/24
84.22.86.0/24
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.225.0-213.180.226.255
213.180.228.0-213.180.230.255
213.180.247.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
21:d6:c2:b9:ed:9c:f0:69:c5:d4:08:d1:e0:18:ce:20:8d:57:
42:9f:59:d8:0a:f4:9d:6f:6e:7f:aa:a7:37:ef:73:0f:71:77:
18:d7:f9:aa:29:bf:37:9d:8e:cb:ec:8a:e6:1d:66:1d:1c:95:
bb:75:96:0c:73:f1:5f:36:eb:0e:13:18:8b:92:87:c8:6a:73:
c8:f9:bd:f1:65:cd:cd:4d:36:38:9c:a0:52:3b:f6:e5:23:cc:
5b:1e:0c:73:36:5f:82:07:31:8f:a7:28:45:ac:80:6c:bd:9a:
d4:a5:b3:e4:e4:ac:00:41:ee:db:4b:cb:55:6f:e0:a4:f4:ad:
54:d6:42:89:ee:64:75:0e:f5:13:05:27:d6:e7:5b:dd:2e:f5:
b7:76:7a:9f:8d:11:c9:99:9f:d0:31:45:6a:cd:f9:69:b4:1f:
f8:00:e0:88:58:02:93:9f:cf:7e:44:25:9e:2f:fe:af:6e:89:
ac:e1:80:bf:b1:8b:64:14:aa:73:0a:29:5e:d6:0e:34:c0:7a:
ba:d8:4c:3d:89:a8:7c:0f:86:a5:f2:22:06:32:35:9d:0b:a8:
92:61:1e:14:fd:84:2e:1d:32:82:32:34:85:0d:7a:99:12:1a:
c2:8b:85:73:01:b0:81:e9:aa:a7:5e:20:e5:db:e2:45:38:46:
0c:29:61:9e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZd821LqO3n9XzN7HGdyIfqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjUwNjE3MDc0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTlhZjUxMmUxMjRkMTVjNmY3MWNkYTRlNjk1ZWVjMmJjM2UwMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqJ8C47XxDBOVFswgVN3ASdwwxsL
xMb8Aw0jd4yYcnagzmf98ZwCFQghmD8UTO4X6Nj1MWWCuNzeU0GjsGxchFnH4Zj4
oNGaabJ2HBlOfMzbHSnsGPAMMGPkIcBD9tp7b/c12zQ1G2j8Ntz3+KKTRcaMcc9X
GNr/YrB5CXCljOO48V9jhjuAI+BhjiNgbE55I2qzUnvZxAGcnKDYJa8WhQiZ/Efh
e5sJy7smEaSSh48RFZOmRET7HXU6ll9QL2P8SN9WU7fANLhqsnfvishOZi/RoSdc
Ji5U7hcLOHAkKmj9NVBh/ojEhxBpUVF3kNgWEu2bMhyj4HphBBxWIqi2cQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFPGa9RLhJNFcb3HNpOaV7sK8PgAQMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvOFpyMUV1RWswVnh2Y2MyazVwWHV3cnctQUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBVBZAMAwD
BABUFkMDBABUFkQDBABUFk8DBABUFlYDBASAjIADBAG5F2ADBAC5F2MwDAMEANW0
4QMEANW04jAMAwQC1bTkAwQA1bTmAwQA1bT3AwQC1bT8MA0GCSqGSIb3DQEBCwUA
A4IBAQAh1sK57ZzwacXUCNHgGM4gjVdCn1nYCvSdb25/qqc373MPcXcY1/mqKb83
nY7L7IrmHWYdHJW7dZYMc/FfNusOExiLkofIanPI+b3xZc3NTTY4nKBSO/blI8xb
HgxzNl+CBzGPpyhFrIBsvZrUpbPk5KwAQe7bS8tVb+Ck9K1U1kKJ7mR1DvUTBSfW
51vdLvW3dnqfjRHJmZ/QMUVqzflptB/4AOCIWAKTn89+RCWeL/6vboms4YC/sYtk
FKpzCile1g40wHq62Ew9iah8D4al8iIGMjWdC6iSYR4U/YQuHTKCMjSFDXqZEhrC
i4VzAbCB6aqnXiDl2+JFOEYMKWGe
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:01:08 2025 by rpki-client