Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/C_sMvxHNdPmSHw93VkDtr4klUC8.roa
File: C_sMvxHNdPmSHw93VkDtr4klUC8.roa (raw, json)
Hash identifier: yg9HL2scVzlwZ7UhGJik+kb1tOqaR5WAmKacXUpYiN0=
Subject key identifier: 0B:FB:0C:BF:11:CD:74:F9:92:1F:0F:77:56:40:ED:AF:89:25:50:2F
Certificate issuer: /CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Certificate serial: 0198B221EDFA35786E13183797B6EE82F81E
Authority key identifier: 8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/C_sMvxHNdPmSHw93VkDtr4klUC8.roa
Signing time: Sat 16 Aug 2025 09:07:04 +0000
ROA not before: Sat 16 Aug 2025 09:07:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39130
IP address blocks: 5.102.36.0/23 maxlen: 23
195.5.124.0/24 maxlen: 24
195.5.125.0/24 maxlen: 24
2a10:d80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b2:21:ed:fa:35:78:6e:13:18:37:97:b6:ee:82:f8:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bdf76c54b9e6935c30a9b4c9ba9309ac470ec02
Validity
Not Before: Aug 16 09:07:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bfb0cbf11cd74f9921f0f775640edaf8925502f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a8:d5:67:36:75:e9:80:5e:c4:b7:b0:49:a1:
75:2b:c1:e1:ce:09:8c:fb:bc:a8:18:34:d4:7a:f7:
32:0a:dd:eb:5f:31:3a:84:11:4d:a4:d0:f9:ba:91:
79:79:7d:5b:13:c5:45:b2:94:a2:86:52:4f:af:ce:
13:fd:82:ae:ea:d5:6e:da:0c:20:90:54:8c:3a:41:
5a:12:a5:a0:41:62:e6:82:02:80:5d:4d:69:d8:56:
e1:ad:a4:c1:e7:ce:91:45:44:2b:39:95:9f:03:cf:
00:40:de:e7:a3:4a:28:7d:49:17:47:6c:3e:c2:91:
e2:1e:86:ba:3d:df:86:80:a2:a7:d8:11:2e:4b:17:
dc:74:56:d5:2f:ad:0b:99:0a:49:18:b9:a7:80:42:
a7:a4:51:b4:62:c4:8d:b0:97:d1:0c:08:a5:bb:7c:
fd:f8:35:78:fb:01:b9:82:10:cc:a0:bb:e0:ba:5a:
b1:fe:99:ca:af:f4:f5:33:26:4c:b1:e3:5e:1d:d2:
4f:82:df:6a:a9:9b:02:08:0b:74:43:65:2d:f9:32:
f8:ee:d0:22:9b:de:08:7c:8d:50:c8:08:6b:27:cb:
86:05:ca:9b:8c:33:1c:df:0c:9d:66:1e:47:54:ce:
bb:1e:9f:f5:74:7e:25:73:e1:78:31:f5:76:08:09:
88:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FB:0C:BF:11:CD:74:F9:92:1F:0F:77:56:40:ED:AF:89:25:50:2F
X509v3 Authority Key Identifier:
keyid:8B:DF:76:C5:4B:9E:69:35:C3:0A:9B:4C:9B:A9:30:9A:C4:70:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i992xUueaTXDCptMm6kwmsRw7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/C_sMvxHNdPmSHw93VkDtr4klUC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/21519e-b8dc-4240-aa78-8d218665027d/1/i992xUueaTXDCptMm6kwmsRw7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.36.0/23
195.5.124.0/23
IPv6:
2a10:d80::/29
Signature Algorithm: sha256WithRSAEncryption
34:e8:51:4f:b8:8a:9e:56:7b:e7:e6:67:5d:41:c2:06:03:6d:
c3:fe:58:62:54:d1:ae:17:da:21:f7:72:3e:f2:4f:ca:b1:80:
17:e1:33:18:ec:f4:1d:9e:f3:23:cf:2a:d3:81:dd:1d:1e:59:
db:23:83:d7:1a:f9:87:fc:cb:de:aa:ee:dd:fd:0d:aa:4f:b6:
6a:8f:c4:83:f6:65:20:3d:c3:d3:e5:4a:97:ea:a6:a2:47:13:
06:c7:d0:38:fc:3b:8b:72:de:88:f5:84:f3:c8:68:a6:47:53:
df:f4:14:f8:bc:87:52:41:cf:94:26:9a:55:91:76:88:68:3d:
eb:46:80:68:1b:f6:5b:40:23:ea:5f:2e:c2:e5:48:10:2f:91:
fd:82:75:13:35:71:a0:70:d4:b5:02:6d:62:ab:00:e8:ce:3a:
f8:6c:b7:e1:cb:af:d3:0c:b3:11:b1:d4:9a:be:dc:d1:da:95:
06:71:9a:73:55:78:4d:99:a1:5a:be:18:cc:40:dd:a3:89:6a:
a6:cb:e8:df:bc:3f:54:0b:6e:eb:72:79:8a:57:6d:2d:92:38:
4a:ef:2b:f1:3a:f7:97:76:7c:35:63:80:50:8e:40:54:cc:bf:
c4:95:22:9c:44:9a:87:5b:9c:bc:4c:56:b9:48:6c:b9:83:2d:
05:24:dd:fb
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZiyIe36NXhuExg3l7bugvgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZGY3NmM1NGI5ZTY5MzVjMzBhOWI0YzliYTkzMDlhYzQ3
MGVjMDIwHhcNMjUwODE2MDkwNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmZiMGNiZjExY2Q3NGY5OTIxZjBmNzc1NjQwZWRhZjg5MjU1MDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6jVZzZ16YBexLewSaF1K8HhzgmM
+7yoGDTUevcyCt3rXzE6hBFNpND5upF5eX1bE8VFspSihlJPr84T/YKu6tVu2gwg
kFSMOkFaEqWgQWLmggKAXU1p2FbhraTB586RRUQrOZWfA88AQN7no0oofUkXR2w+
wpHiHoa6Pd+GgKKn2BEuSxfcdFbVL60LmQpJGLmngEKnpFG0YsSNsJfRDAilu3z9
+DV4+wG5ghDMoLvgulqx/pnKr/T1MyZMseNeHdJPgt9qqZsCCAt0Q2Ut+TL47tAi
m94IfI1QyAhrJ8uGBcqbjDMc3wydZh5HVM67Hp/1dH4lc+F4MfV2CAmIzQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAv7DL8RzXT5kh8Pd1ZA7a+JJVAvMB8GA1UdIwQY
MBaAFIvfdsVLnmk1wwqbTJupMJrEcOwCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgt
OGQyMTg2NjUwMjdkLzEvQ19zTXZ4SE5kUG1TSHc5M1ZrRHRyNGtsVUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yMTUxOWUtYjhkYy00MjQwLWFhNzgtOGQyMTg2NjUwMjdk
LzEvaTk5MnhVdWVhVFhEQ3B0TW02a3dtc1J3N0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBWYkAwQB
wwV8MA0EAgACMAcDBQMqEA2AMA0GCSqGSIb3DQEBCwUAA4IBAQA06FFPuIqeVnvn
5mddQcIGA23D/lhiVNGuF9oh93I+8k/KsYAX4TMY7PQdnvMjzyrTgd0dHlnbI4PX
GvmH/Mvequ7d/Q2qT7Zqj8SD9mUgPcPT5UqX6qaiRxMGx9A4/DuLct6I9YTzyGim
R1Pf9BT4vIdSQc+UJppVkXaIaD3rRoBoG/ZbQCPqXy7C5UgQL5H9gnUTNXGgcNS1
Am1iqwDozjr4bLfhy6/TDLMRsdSavtzR2pUGcZpzVXhNmaFavhjMQN2jiWqmy+jf
vD9UC27rcnmKV20tkjhK7yvxOveXdnw1Y4BQjkBUzL/ElSKcRJqHW5y8TFa5SGy5
gy0FJN37
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:37:10 2025 by rpki-client