Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/h8ilMiP7HJgOgIsoKYWfUWeXP80.roa
File: h8ilMiP7HJgOgIsoKYWfUWeXP80.roa (raw, json)
Hash identifier: LiAS1BWzWxTd8L80cC3ykdlY2BwAq7rxVFgqhH9JLgg=
Subject key identifier: 87:C8:A5:32:23:FB:1C:98:0E:80:8B:28:29:85:9F:51:67:97:3F:CD
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0198D805F004028785A743834201EB0B56A4
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/h8ilMiP7HJgOgIsoKYWfUWeXP80.roa
Signing time: Sat 23 Aug 2025 17:42:04 +0000
ROA not before: Sat 23 Aug 2025 17:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 89.44.84.0/23 maxlen: 23
89.44.84.0/24 maxlen: 24
89.44.85.0/24 maxlen: 24
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d8:05:f0:04:02:87:85:a7:43:83:42:01:eb:0b:56:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 23 17:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c8a53223fb1c980e808b2829859f5167973fcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9c:e8:f6:9d:4b:0e:e9:db:79:19:e7:4d:96:
82:d7:38:2a:fb:e4:a4:c2:61:ca:2b:14:92:7a:ee:
36:f9:ac:2e:77:11:95:d0:9c:06:47:bf:a0:06:c1:
56:8b:83:de:1c:ab:a4:bb:60:58:32:5f:6e:7c:9b:
9c:f8:be:33:69:f4:25:3e:ca:27:80:14:b5:27:a4:
91:66:99:9b:59:98:9d:f6:a0:72:e6:af:9c:c4:5c:
2e:31:79:43:9a:88:8d:26:81:97:dc:d8:f2:23:fb:
4a:d2:34:b1:a2:79:0e:25:15:9d:cd:1f:26:bf:cc:
62:90:1c:12:2a:f8:3a:f4:b4:1a:ca:55:38:90:40:
bf:b6:8f:a7:cb:fe:20:87:93:5a:b3:50:e4:3d:32:
30:dd:85:08:1c:3f:9f:84:84:1b:2f:2e:01:fe:18:
55:93:f6:e5:9e:2f:80:b2:00:f9:45:68:35:6a:80:
71:05:1f:15:74:50:07:84:0d:e4:a2:69:82:48:74:
9f:4d:4b:14:19:2e:f6:aa:55:c9:73:42:f8:c6:0e:
ff:6c:9b:9c:aa:cc:3a:96:16:d6:6a:81:b5:95:18:
7c:14:19:ee:1c:e4:88:c5:a7:af:c5:fa:9d:61:c9:
3a:e8:7e:89:c3:f9:22:39:76:a7:9b:7a:96:01:8f:
43:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C8:A5:32:23:FB:1C:98:0E:80:8B:28:29:85:9F:51:67:97:3F:CD
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/h8ilMiP7HJgOgIsoKYWfUWeXP80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.84.0/23
95.81.112.0/23
95.81.120.0/24
Signature Algorithm: sha256WithRSAEncryption
77:86:cb:c3:ec:a9:09:5a:d3:b3:b5:e7:1c:fe:28:9d:4b:bc:
35:23:66:d0:66:56:eb:e9:a5:63:0a:ec:c8:b5:44:1c:88:41:
0a:f9:51:95:a9:90:ac:4f:14:23:02:fa:c9:19:8e:f1:1e:22:
43:b1:4d:6b:42:54:73:46:05:bd:27:0a:56:5e:fe:48:02:86:
0b:20:75:0c:0c:3e:2d:89:f2:f0:4a:1d:43:70:5e:92:9d:c0:
d3:84:62:c2:d2:e1:6d:82:63:0b:0a:19:82:cf:ec:ad:99:2e:
c4:fd:1e:72:8e:4d:4c:0e:ae:7c:cc:24:d9:eb:88:94:d1:03:
e0:e9:42:f6:75:19:9d:3c:63:67:fa:2f:7c:1a:5c:8f:1e:87:
55:71:6a:40:dd:d2:36:10:9a:36:81:d2:5f:f0:4d:14:1c:3b:
b3:98:d1:ab:a0:f6:63:b8:0e:12:af:bd:33:23:b8:c1:3c:c1:
3a:32:3e:31:e9:01:91:b5:f1:29:eb:4c:7b:f9:7f:62:f9:8f:
25:fb:4b:05:0d:ce:25:65:f0:4b:f2:dc:75:e8:d0:04:62:e5:
fe:47:5c:99:75:01:ac:1d:39:5e:19:55:ff:5a:65:a3:42:85:
90:9a:2e:fb:8d:27:ba:64:06:18:7a:73:29:c2:fe:7c:d6:8e:
cb:a4:fb:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjYBfAEAoeFp0ODQgHrC1akMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODIzMTc0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M4YTUzMjIzZmIxYzk4MGU4MDhiMjgyOTg1OWY1MTY3OTczZmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZzo9p1LDunbeRnnTZaC1zgq++Sk
wmHKKxSSeu42+awudxGV0JwGR7+gBsFWi4PeHKuku2BYMl9ufJuc+L4zafQlPson
gBS1J6SRZpmbWZid9qBy5q+cxFwuMXlDmoiNJoGX3NjyI/tK0jSxonkOJRWdzR8m
v8xikBwSKvg69LQaylU4kEC/to+ny/4gh5Nas1DkPTIw3YUIHD+fhIQbLy4B/hhV
k/blni+AsgD5RWg1aoBxBR8VdFAHhA3kommCSHSfTUsUGS72qlXJc0L4xg7/bJuc
qsw6lhbWaoG1lRh8FBnuHOSIxaevxfqdYck66H6Jw/kiOXanm3qWAY9DRQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIfIpTIj+xyYDoCLKCmFn1Fnlz/NMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvaDhpbE1pUDdISmdPZ0lzb0tZV2ZVV2VYUDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSxUAwQB
X1FwAwQAX1F4MA0GCSqGSIb3DQEBCwUAA4IBAQB3hsvD7KkJWtOztecc/iidS7w1
I2bQZlbr6aVjCuzItUQciEEK+VGVqZCsTxQjAvrJGY7xHiJDsU1rQlRzRgW9JwpW
Xv5IAoYLIHUMDD4tifLwSh1DcF6SncDThGLC0uFtgmMLChmCz+ytmS7E/R5yjk1M
Dq58zCTZ64iU0QPg6UL2dRmdPGNn+i98GlyPHodVcWpA3dI2EJo2gdJf8E0UHDuz
mNGroPZjuA4Sr70zI7jBPME6Mj4x6QGRtfEp60x7+X9i+Y8l+0sFDc4lZfBL8tx1
6NAEYuX+R1yZdQGsHTleGVX/WmWjQoWQmi77jSe6ZAYYenMpwv581o7LpPs4
-----END CERTIFICATE-----
Generated at Sun Aug 24 06:39:25 2025 by rpki-client