Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/8-WV0KFzAJRQQFuP9I6yLavMsag.roa
File: 8-WV0KFzAJRQQFuP9I6yLavMsag.roa (raw, json)
Hash identifier: I9thkkCJIm1PtEdyWstVE+kMoQxLauXSjcbMKnMywsw=
Subject key identifier: F3:E5:95:D0:A1:73:00:94:50:40:5B:8F:F4:8E:B2:2D:AB:CC:B1:A8
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 01977E26BEEB07D061AAB74287333F5778DE
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/8-WV0KFzAJRQQFuP9I6yLavMsag.roa
Signing time: Tue 17 Jun 2025 13:49:17 +0000
ROA not before: Tue 17 Jun 2025 13:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48715
IP address blocks: 78.110.120.0/22 maxlen: 24
80.71.149.0/24 maxlen: 24
88.135.36.0/22 maxlen: 22
88.135.36.0/24 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
91.247.171.0/24 maxlen: 24
130.193.77.0/24 maxlen: 24
152.89.44.0/22 maxlen: 22
152.89.44.0/24 maxlen: 24
152.89.45.0/24 maxlen: 24
152.89.46.0/24 maxlen: 24
152.89.47.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.36.228.0/24 maxlen: 24
185.51.200.0/22 maxlen: 22
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.58.240.0/22 maxlen: 24
185.112.149.0/24 maxlen: 24
185.112.150.0/23 maxlen: 23
185.112.150.0/24 maxlen: 24
185.112.151.0/24 maxlen: 24
185.121.130.0/23 maxlen: 23
185.121.130.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.128.136.0/22 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.141.104.0/22 maxlen: 22
185.141.104.0/24 maxlen: 24
185.141.105.0/24 maxlen: 24
185.141.106.0/24 maxlen: 24
185.141.107.0/24 maxlen: 24
185.141.132.0/22 maxlen: 22
185.141.132.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.170.8.0/24 maxlen: 24
185.173.129.0/24 maxlen: 24
185.173.130.0/24 maxlen: 24
185.206.231.0/24 maxlen: 24
185.213.195.0/24 maxlen: 24
185.233.131.0/24 maxlen: 24
185.234.14.0/24 maxlen: 24
185.235.245.0/24 maxlen: 24
185.252.200.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
188.209.152.0/24 maxlen: 24
188.209.153.0/24 maxlen: 24
195.110.38.0/23 maxlen: 23
195.211.44.0/22 maxlen: 22
195.211.44.0/24 maxlen: 24
195.211.45.0/24 maxlen: 24
195.211.46.0/24 maxlen: 24
195.211.47.0/24 maxlen: 24
213.109.199.0/24 maxlen: 24
2a0a:5e80::/29 maxlen: 29
2a0a:5e80::/48 maxlen: 48
2a0a:5e80::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7e:26:be:eb:07:d0:61:aa:b7:42:87:33:3f:57:78:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Jun 17 13:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3e595d0a173009450405b8ff48eb22dabccb1a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cd:d4:c7:e2:62:2b:11:9d:45:e5:ce:b5:36:
61:91:ae:d6:e9:8d:82:6f:29:7b:c9:49:2c:86:6c:
b3:4e:59:1c:e9:f6:08:2e:bd:75:48:43:5f:8d:8c:
03:03:c6:79:23:b7:3e:9b:d1:78:d3:5b:c2:ff:e1:
36:e8:71:da:f3:18:59:96:2f:2f:6a:9a:c6:48:63:
ff:69:c5:9a:4e:92:a6:cb:da:59:5d:8a:d6:fd:13:
6b:61:e0:3a:03:7b:d2:e7:9e:df:8a:2c:77:77:5a:
69:0d:37:89:f4:01:d2:59:63:5c:e8:ba:75:7a:e4:
b7:70:39:1f:a8:7b:af:8d:4f:a6:fc:74:90:83:d6:
bb:2c:53:0e:7a:95:8b:65:c3:33:67:18:af:ca:3f:
3d:9c:c8:b8:39:aa:8a:a8:84:11:dc:a1:bd:33:91:
38:c6:d7:69:3b:96:51:19:13:d1:31:7a:b3:c8:0b:
6f:ca:55:47:25:3e:52:d4:41:9b:5e:1f:41:57:4c:
c4:d9:63:80:fd:e3:98:77:bc:22:d3:fc:84:ba:05:
b5:3d:4c:88:69:2c:7b:00:fc:2d:47:dc:44:b9:38:
68:19:ef:a1:72:ee:cd:39:54:ba:0a:43:75:6d:0d:
ff:36:65:4d:fe:47:08:3e:ba:20:46:10:7f:80:0d:
e0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E5:95:D0:A1:73:00:94:50:40:5B:8F:F4:8E:B2:2D:AB:CC:B1:A8
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/8-WV0KFzAJRQQFuP9I6yLavMsag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.110.120.0/22
80.71.149.0/24
88.135.36.0/22
91.236.168.0/23
91.247.171.0/24
130.193.77.0/24
152.89.44.0/22
185.18.212.0/22
185.36.228.0/24
185.51.200.0/22
185.58.240.0/22
185.112.149.0-185.112.151.255
185.121.130.0/23
185.128.136.0/22
185.141.104.0/22
185.141.132.0/22
185.170.8.0/24
185.173.129.0-185.173.130.255
185.206.231.0/24
185.213.195.0/24
185.233.131.0/24
185.234.14.0/24
185.235.245.0/24
185.252.200.0/24
188.209.152.0/23
195.110.38.0/23
195.211.44.0/22
213.109.199.0/24
IPv6:
2a0a:5e80::/29
Signature Algorithm: sha256WithRSAEncryption
4f:17:ba:39:46:29:58:b8:bd:1f:e4:ee:d7:32:ed:40:14:9d:
cc:3b:ac:45:d1:7b:85:74:bc:6f:90:59:f1:c4:09:bd:57:ee:
ef:8c:62:7d:69:b0:31:b3:07:72:3d:03:94:fc:58:8a:f5:25:
c4:7f:e9:01:dc:53:b4:84:a3:b9:74:27:99:0d:1a:1f:6a:c5:
ee:bb:cf:da:a3:de:72:69:47:98:43:37:4b:dd:0a:c9:94:41:
33:2d:ae:71:21:8f:29:44:0f:1b:0e:43:be:3a:1d:17:0c:43:
c1:61:a6:68:1c:7e:61:06:c9:0d:94:fe:90:91:4a:66:f9:0b:
10:ed:cd:2d:01:41:d2:e7:d4:ec:e0:12:d5:80:5b:87:a0:57:
c8:4d:de:93:1f:27:20:8c:86:72:5e:7a:1c:5c:0b:6e:07:97:
0a:9a:32:19:9d:1a:58:9d:0c:b9:7d:3e:81:d2:c2:39:04:a9:
fb:c7:db:3e:84:4e:e7:c2:d2:5e:6a:0e:19:fe:39:28:7a:db:
f9:cd:8a:9f:92:e5:a8:24:8f:3b:fa:fc:f0:03:6c:5f:50:3a:
22:f0:97:62:46:c9:1e:82:a7:37:0e:cd:c0:50:8a:1d:cc:54:
79:29:78:79:cf:47:f3:4c:64:19:a0:75:a0:ae:b9:fa:b3:9a:
7a:75:23:b7
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAZd+Jr7rB9BhqrdChzM/V3jeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjUwNjE3MTM0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U1OTVkMGExNzMwMDk0NTA0MDViOGZmNDhlYjIyZGFiY2NiMWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s3Ux+JiKxGdReXOtTZhka7W6Y2C
byl7yUkshmyzTlkc6fYILr11SENfjYwDA8Z5I7c+m9F401vC/+E26HHa8xhZli8v
aprGSGP/acWaTpKmy9pZXYrW/RNrYeA6A3vS557fiix3d1ppDTeJ9AHSWWNc6Lp1
euS3cDkfqHuvjU+m/HSQg9a7LFMOepWLZcMzZxivyj89nMi4OaqKqIQR3KG9M5E4
xtdpO5ZRGRPRMXqzyAtvylVHJT5S1EGbXh9BV0zE2WOA/eOYd7wi0/yEugW1PUyI
aSx7APwtR9xEuThoGe+hcu7NOVS6CkN1bQ3/NmVN/kcIProgRhB/gA3gCQIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFPPlldChcwCUUEBbj/SOsi2rzLGoMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvOC1XVjBLRnpBSlJRUUZ1UDlJNnlMYXZNc2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBvwQCAAEwgbgDBAJO
bngDBABQR5UDBAJYhyQDBAFb7KgDBABb96sDBACCwU0DBAKYWSwDBAK5EtQDBAC5
JOQDBAK5M8gDBAK5OvAwDAMEALlwlQMEA7lwkAMEAbl5ggMEArmAiAMEArmNaAME
ArmNhAMEALmqCDAMAwQAua2BAwQAua2CAwQAuc7nAwQAudXDAwQAuemDAwQAueoO
AwQAuev1AwQAufzIAwQBvNGYAwQBw24mAwQCw9MsAwQA1W3HMA0EAgACMAcDBQMq
Cl6AMA0GCSqGSIb3DQEBCwUAA4IBAQBPF7o5RilYuL0f5O7XMu1AFJ3MO6xF0XuF
dLxvkFnxxAm9V+7vjGJ9abAxswdyPQOU/FiK9SXEf+kB3FO0hKO5dCeZDRofasXu
u8/ao95yaUeYQzdL3QrJlEEzLa5xIY8pRA8bDkO+Oh0XDEPBYaZoHH5hBskNlP6Q
kUpm+QsQ7c0tAUHS59Ts4BLVgFuHoFfITd6THycgjIZyXnocXAtuB5cKmjIZnRpY
nQy5fT6B0sI5BKn7x9s+hE7nwtJeag4Z/jkoetv5zYqfkuWoJI87+vzwA2xfUDoi
8JdiRskegqc3Ds3AUIodzFR5KXh5z0fzTGQZoHWgrrn6s5p6dSO3
-----END CERTIFICATE-----
Generated at Sun Jun 29 18:36:10 2025 by rpki-client