Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a8jcjDkhAgqWJtj7VByICh1WU2E.roa
File: a8jcjDkhAgqWJtj7VByICh1WU2E.roa (raw, json)
Hash identifier: gwqpYsPMfLDJqTk8cegVxMZH/2d/qB6RizByQwula4w=
Subject key identifier: 6B:C8:DC:8C:39:21:02:0A:96:26:D8:FB:54:1C:88:0A:1D:56:53:61
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0197B07EFFF50E0FD5DCF39592EF011E65CA
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a8jcjDkhAgqWJtj7VByICh1WU2E.roa
Signing time: Fri 27 Jun 2025 08:26:42 +0000
ROA not before: Fri 27 Jun 2025 08:26:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8311
IP address blocks: 194.143.196.0/24 maxlen: 24
194.143.200.0/24 maxlen: 24
194.143.211.0/24 maxlen: 24
194.143.212.0/23 maxlen: 23
194.143.214.0/24 maxlen: 24
194.143.215.0/24 maxlen: 24
213.220.10.0/23 maxlen: 23
213.220.12.0/22 maxlen: 22
213.220.24.0/21 maxlen: 24
213.220.32.0/22 maxlen: 22
213.220.40.0/22 maxlen: 22
213.220.44.0/22 maxlen: 22
213.220.58.0/23 maxlen: 24
213.220.60.0/23 maxlen: 24
213.220.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:7e:ff:f5:0e:0f:d5:dc:f3:95:92:ef:01:1e:65:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Jun 27 08:26:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bc8dc8c3921020a9626d8fb541c880a1d565361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:7c:cd:fb:09:92:d2:12:b2:11:83:38:9b:bc:
4f:91:ab:91:a7:40:3b:31:de:6a:06:7e:82:2a:36:
e0:1a:15:98:f5:96:f2:21:ba:87:11:9b:ff:38:0b:
d4:03:93:81:24:1f:8c:eb:7d:b0:0d:9f:31:12:36:
af:63:02:d6:68:21:cf:c1:97:84:19:cb:b2:9a:df:
5e:a7:f6:2c:f7:2f:55:26:17:fe:e3:04:98:d1:a0:
6d:cc:86:3c:96:0d:6d:65:bd:93:d1:ae:07:62:a0:
bd:0e:c3:c2:1e:e4:74:9f:ce:93:ec:15:bf:41:de:
4c:97:93:8f:fc:79:ff:ca:b2:ac:bb:72:3d:7a:39:
fd:de:7b:61:a4:cb:68:fd:ff:18:66:69:5a:8a:ac:
09:64:07:38:1c:1b:c5:af:24:f9:08:c5:7a:b6:df:
08:20:c6:13:50:d7:54:31:02:36:e1:57:f2:d8:f6:
3c:bc:4c:8e:65:90:23:f7:b0:85:7b:09:87:03:71:
6e:41:77:34:9c:26:0d:c6:23:3c:cc:7c:4d:d6:09:
fc:3d:0e:3f:1c:ac:78:2c:c5:50:2c:f2:ca:2d:27:
af:43:27:77:15:79:3e:e6:8e:cb:bd:53:01:74:d7:
89:cd:a9:53:2c:07:e7:95:4d:c6:67:c4:e7:54:f7:
60:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C8:DC:8C:39:21:02:0A:96:26:D8:FB:54:1C:88:0A:1D:56:53:61
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/a8jcjDkhAgqWJtj7VByICh1WU2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.196.0/24
194.143.200.0/24
194.143.211.0-194.143.215.255
213.220.10.0-213.220.15.255
213.220.24.0-213.220.35.255
213.220.40.0/21
213.220.58.0-213.220.61.255
213.220.63.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:cd:c0:fc:4e:2c:98:d1:a5:33:41:67:1e:70:22:2c:88:26:
a4:a0:fd:f3:dd:a6:0e:a3:e5:cf:dd:19:b9:72:66:2e:44:f6:
75:1e:cf:1f:7c:b3:e5:2b:c8:1d:2c:87:60:e4:57:63:fc:ee:
01:e7:42:10:ae:58:85:5e:c8:7a:f6:5b:5b:17:6c:4a:73:3b:
9d:a3:14:9d:46:36:ac:e0:8b:92:33:5b:64:e1:16:9f:cb:ac:
fa:46:eb:0d:e0:c4:cf:8f:da:1f:d4:8f:9a:68:8d:6f:8c:73:
65:e0:50:4e:8b:fc:bc:15:6a:a5:41:66:62:eb:b1:0a:ba:a9:
e6:df:6d:03:ac:05:0f:0d:fa:54:fe:ac:70:e6:e7:98:af:8a:
ef:07:d8:c3:c6:26:fb:7e:ff:68:55:2d:ab:80:0f:92:97:f5:
1c:a7:92:f5:c0:38:4c:b0:db:dd:0c:af:84:e4:18:fb:4a:96:
38:11:32:dd:3e:39:3a:0a:df:0b:f9:7c:d8:fd:24:cc:17:5a:
33:a3:9a:85:d7:47:12:fc:6a:a9:6e:c0:e6:b9:95:0d:e9:36:
5f:72:ba:6d:22:85:ac:00:c9:1b:18:76:04:5e:73:88:88:2f:
c4:c7:0a:be:e3:19:eb:cf:7a:ea:a0:ac:e7:e9:ad:99:1d:3a:
54:78:97:7b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZewfv/1Dg/V3POVku8BHmXKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwNjI3MDgyNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmM4ZGM4YzM5MjEwMjBhOTYyNmQ4ZmI1NDFjODgwYTFkNTY1MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6HzN+wmS0hKyEYM4m7xPkauRp0A7
Md5qBn6CKjbgGhWY9ZbyIbqHEZv/OAvUA5OBJB+M632wDZ8xEjavYwLWaCHPwZeE
Gcuymt9ep/Ys9y9VJhf+4wSY0aBtzIY8lg1tZb2T0a4HYqC9DsPCHuR0n86T7BW/
Qd5Ml5OP/Hn/yrKsu3I9ejn93nthpMto/f8YZmlaiqwJZAc4HBvFryT5CMV6tt8I
IMYTUNdUMQI24Vfy2PY8vEyOZZAj97CFewmHA3FuQXc0nCYNxiM8zHxN1gn8PQ4/
HKx4LMVQLPLKLSevQyd3FXk+5o7LvVMBdNeJzalTLAfnlU3GZ8TnVPdgKQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFGvI3Iw5IQIKlibY+1QciAodVlNhMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvYThqY2pEa2hBZ3FXSnRqN1ZCeUlDaDFXVTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAwo/EAwQA
wo/IMAwDBADCj9MDBAPCj9AwDAMEAdXcCgMEBNXcADAMAwQD1dwYAwQC1dwgAwQD
1dwoMAwDBAHV3DoDBAHV3DwDBADV3D8wDQYJKoZIhvcNAQELBQADggEBAKPNwPxO
LJjRpTNBZx5wIiyIJqSg/fPdpg6j5c/dGblyZi5E9nUezx98s+UryB0sh2DkV2P8
7gHnQhCuWIVeyHr2W1sXbEpzO52jFJ1GNqzgi5IzW2ThFp/LrPpG6w3gxM+P2h/U
j5pojW+Mc2XgUE6L/LwVaqVBZmLrsQq6qebfbQOsBQ8N+lT+rHDm55iviu8H2MPG
Jvt+/2hVLauAD5KX9RynkvXAOEyw290Mr4TkGPtKljgRMt0+OToK3wv5fNj9JMwX
WjOjmoXXRxL8aqluwOa5lQ3pNl9yum0ihawAyRsYdgRec4iIL8THCr7jGevPeuqg
rOfprZkdOlR4l3s=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:07:16 2025 by rpki-client