Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/8mP0iBUR46aSI-0zZ75mMuOSEt8.roa
File: 8mP0iBUR46aSI-0zZ75mMuOSEt8.roa (raw, json)
Hash identifier: pQA3H2LIkDc+BXjWOyNSpNYt5s6iEOOJ48EHA7ePKoo=
Subject key identifier: F2:63:F4:88:15:11:E3:A6:92:23:ED:33:67:BE:66:32:E3:92:12:DF
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0197B83B4A95C5995AB40ADECB9A273DBF4B
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/8mP0iBUR46aSI-0zZ75mMuOSEt8.roa
Signing time: Sat 28 Jun 2025 20:29:42 +0000
ROA not before: Sat 28 Jun 2025 20:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 46.243.7.0/24 maxlen: 24
91.200.12.0/24 maxlen: 24
92.62.119.0/24 maxlen: 24
94.232.248.0/24 maxlen: 24
95.81.114.0/24 maxlen: 24
95.81.115.0/24 maxlen: 24
109.69.60.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 14:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:3b:4a:95:c5:99:5a:b4:0a:de:cb:9a:27:3d:bf:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jun 28 20:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f263f4881511e3a69223ed3367be6632e39212df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:eb:a9:1c:e9:88:1b:7a:c1:10:4e:df:1a:34:
ea:aa:69:c4:f9:86:ce:64:b4:5d:32:84:e0:98:18:
dc:a2:fd:79:57:87:3a:0d:6f:b6:1a:1a:a4:3a:6b:
db:f9:81:9b:c0:b3:79:c0:75:c4:64:e1:48:99:d6:
0b:29:15:9b:0b:5d:48:72:bd:f1:a4:4e:f2:98:db:
a6:6b:88:0e:53:7c:21:e1:54:6d:20:d6:17:fa:b9:
f3:6a:72:1d:3e:20:b2:59:5f:33:4d:8f:8c:8f:34:
51:a5:ad:8f:d7:44:52:32:86:20:9e:c5:c8:ed:4e:
b7:86:c4:22:10:67:d5:bc:51:18:64:0f:28:58:d2:
c5:4e:5f:82:95:23:67:9e:6d:a9:42:6e:65:ff:70:
aa:c1:2f:89:1e:43:2e:b3:38:4d:b5:4c:df:e5:df:
a1:a3:ef:a4:3c:f0:aa:dd:04:45:a3:ee:c3:7e:c2:
56:6b:5a:a2:f1:96:31:e4:9e:91:76:ec:00:0f:11:
57:24:80:2e:63:1d:15:c2:d4:6d:4e:bc:46:75:51:
14:2c:6b:6a:1b:f6:c6:cb:11:3f:39:b6:8a:f3:77:
0f:01:38:78:67:85:dd:06:cd:3c:35:0a:55:65:ef:
eb:cc:a0:0d:60:fa:aa:79:f3:a3:3e:49:38:bc:7e:
5e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:63:F4:88:15:11:E3:A6:92:23:ED:33:67:BE:66:32:E3:92:12:DF
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/8mP0iBUR46aSI-0zZ75mMuOSEt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.7.0/24
91.200.12.0/24
92.62.119.0/24
94.232.248.0/24
95.81.114.0/23
109.69.60.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
11:17:53:c1:51:b6:d6:db:32:c6:bd:c5:b1:3e:1b:da:2c:f5:
c9:70:ab:fc:10:07:a3:75:ac:e8:1a:a8:83:8f:f6:d4:ae:52:
0a:c7:b9:27:e1:13:00:ae:3b:51:69:d9:db:13:43:9d:37:49:
5e:1f:3a:77:31:ab:f3:b7:25:30:1f:08:b6:6c:8d:01:1d:71:
34:db:ab:c2:7d:d4:87:29:ab:e6:87:6f:dc:b2:cc:92:c6:ac:
7a:6b:0b:1e:a7:c3:00:e2:45:7d:7c:d6:97:20:6f:ea:3b:b2:
65:79:2b:b8:c2:8c:cd:14:e0:a7:53:e4:d4:30:19:1f:c3:ed:
e8:31:b9:62:0b:03:e1:f8:e6:be:bb:ff:f2:ea:a5:5b:c4:6c:
fe:86:8f:95:8f:0b:f0:15:22:2a:fb:2a:e8:b5:2c:31:77:cf:
7a:79:b4:b2:ad:5e:7b:ea:77:d2:32:d4:44:42:99:3b:2b:9c:
e5:39:41:2a:32:6d:49:ab:98:6f:73:7d:7e:a4:70:29:b4:63:
35:9b:c5:84:29:36:a3:84:e6:df:a1:0b:36:98:8f:0d:e7:f8:
f4:a5:37:64:2f:81:c2:4a:8d:30:a6:2b:16:28:8f:85:73:38:
fe:e1:36:1f:3f:bc:ad:59:50:37:22:05:e2:a7:2e:0b:24:60:
87:82:66:f5
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZe4O0qVxZlatArey5onPb9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNjI4MjAyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjYzZjQ4ODE1MTFlM2E2OTIyM2VkMzM2N2JlNjYzMmUzOTIxMmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveupHOmIG3rBEE7fGjTqqmnE+YbO
ZLRdMoTgmBjcov15V4c6DW+2GhqkOmvb+YGbwLN5wHXEZOFImdYLKRWbC11Icr3x
pE7ymNuma4gOU3wh4VRtINYX+rnzanIdPiCyWV8zTY+MjzRRpa2P10RSMoYgnsXI
7U63hsQiEGfVvFEYZA8oWNLFTl+ClSNnnm2pQm5l/3CqwS+JHkMuszhNtUzf5d+h
o++kPPCq3QRFo+7DfsJWa1qi8ZYx5J6RduwADxFXJIAuYx0VwtRtTrxGdVEULGtq
G/bGyxE/ObaK83cPATh4Z4XdBs08NQpVZe/rzKANYPqqefOjPkk4vH5eTQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFPJj9IgVEeOmkiPtM2e+ZjLjkhLfMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvOG1QMGlCVVI0NmFTSS0welo3NW1NdU9TRXQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQALvMHAwQA
W8gMAwQAXD53AwQAXuj4AwQBX1FyAwQAbUU8MBsEAgACMBUDBQMqBt3AAwUDKguA
QAMFACoM9kIwDQYJKoZIhvcNAQELBQADggEBABEXU8FRttbbMsa9xbE+G9os9clw
q/wQB6N1rOgaqIOP9tSuUgrHuSfhEwCuO1Fp2dsTQ503SV4fOncxq/O3JTAfCLZs
jQEdcTTbq8J91Icpq+aHb9yyzJLGrHprCx6nwwDiRX181pcgb+o7smV5K7jCjM0U
4KdT5NQwGR/D7egxuWILA+H45r67//LqpVvEbP6Gj5WPC/AVIir7Kui1LDF3z3p5
tLKtXnvqd9Iy1ERCmTsrnOU5QSoybUmrmG9zfX6kcCm0YzWbxYQpNqOE5t+hCzaY
jw3n+PSlN2QvgcJKjTCmKxYoj4VzOP7hNh8/vK1ZUDciBeKnLgskYIeCZvU=
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:04:52 2025 by rpki-client