Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/8D0SgcE22-jKRyHTI51t7V8NcjA.roa
File: 8D0SgcE22-jKRyHTI51t7V8NcjA.roa (raw, json)
Hash identifier: ZXV9vvWvbV2B2BZGTQ3fbU0rYCU11Zmayta/6q9b25w=
Subject key identifier: F0:3D:12:81:C1:36:DB:E8:CA:47:21:D3:23:9D:6D:ED:5F:0D:72:30
Certificate issuer: /CN=f58acd43c0033b13b88bb397415583aa51d9303a
Certificate serial: 0197CA921C628B5B473C0AC24783FB55EE73
Authority key identifier: F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/8D0SgcE22-jKRyHTI51t7V8NcjA.roa
Signing time: Wed 02 Jul 2025 09:57:42 +0000
ROA not before: Wed 02 Jul 2025 09:57:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204672
IP address blocks: 91.137.80.0/22 maxlen: 22
91.137.84.0/23 maxlen: 23
91.137.86.0/23 maxlen: 23
91.137.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 Aug 2025 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:92:1c:62:8b:5b:47:3c:0a:c2:47:83:fb:55:ee:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58acd43c0033b13b88bb397415583aa51d9303a
Validity
Not Before: Jul 2 09:57:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f03d1281c136dbe8ca4721d3239d6ded5f0d7230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f6:a6:ee:1c:b4:31:a0:fb:af:82:bb:a8:87:
56:80:1e:1c:ef:e7:28:bb:e8:b7:4e:48:40:45:06:
4f:ad:6f:2d:63:69:9d:3c:66:b6:8b:b5:78:e6:7c:
0c:c9:19:34:b1:11:7c:39:10:d1:d3:5a:58:b5:47:
53:80:bb:61:2b:61:d4:dd:b8:2b:c7:86:0f:7d:ef:
c7:46:83:0a:b3:ab:6f:d7:d5:d5:3e:f0:9d:85:2d:
1f:4b:9e:54:20:28:d9:1e:5c:da:1b:a1:81:79:d9:
7b:21:67:04:d8:b6:ab:c8:31:54:2e:be:be:20:94:
9f:3b:89:d9:ef:d0:20:8e:09:86:b5:74:83:07:82:
ff:99:3e:56:30:90:0f:cc:92:9c:54:46:bd:e3:50:
ea:c5:e1:0f:4a:67:6d:13:93:bb:3e:3b:0c:d2:1c:
c2:b3:1c:9e:dd:f3:a2:df:af:3c:9a:ab:66:32:66:
83:8c:7c:45:0c:ff:02:4c:98:fc:43:48:7e:f4:54:
68:98:80:8d:b6:52:c9:6d:df:dd:64:13:dc:b0:af:
c4:c4:80:0e:df:1d:54:a8:7a:43:18:4a:c4:3d:0e:
c1:bc:af:fd:c9:86:26:ea:11:2e:74:e0:05:fe:53:
22:55:8a:5e:ec:82:e0:f6:de:36:02:a9:50:f7:ac:
87:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:3D:12:81:C1:36:DB:E8:CA:47:21:D3:23:9D:6D:ED:5F:0D:72:30
X509v3 Authority Key Identifier:
keyid:F5:8A:CD:43:C0:03:3B:13:B8:8B:B3:97:41:55:83:AA:51:D9:30:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/8D0SgcE22-jKRyHTI51t7V8NcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0e66e9-cf2d-40df-aaae-cf2d58d0e0ee/1/9YrNQ8ADOxO4i7OXQVWDqlHZMDo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.80.0/21
91.137.118.0/23
Signature Algorithm: sha256WithRSAEncryption
22:a7:59:e5:ea:d6:72:e9:dc:49:39:03:f3:f7:6a:16:dc:49:
ad:31:c1:d5:22:b6:a6:6c:e8:d5:ff:f5:53:93:0c:13:85:f3:
13:2e:1d:92:18:d3:0d:90:48:0b:a3:c2:df:75:a6:98:68:93:
6a:35:16:6c:9b:37:4f:73:79:25:b0:8d:22:ed:82:d6:ce:71:
62:9b:aa:98:ef:f8:49:78:8a:8d:40:90:6d:84:fd:a1:2d:1a:
fa:10:b2:6f:6d:69:29:46:fa:92:06:05:52:57:3e:5d:22:3e:
0a:41:47:f1:a8:36:4f:c3:75:e2:f7:27:d2:14:28:3a:54:78:
52:2d:0f:4e:d2:99:d4:98:37:b3:4d:8f:fe:0e:49:b8:2c:59:
9c:f6:ac:92:55:4a:2f:d8:e4:0e:f7:cb:4b:b6:c5:e8:68:33:
59:ec:09:2e:4d:18:aa:5f:96:9f:05:ec:c0:ce:47:65:48:c3:
2b:07:96:00:40:67:4b:6b:c9:93:60:4d:25:92:da:34:85:b7:
43:98:16:77:95:46:cc:80:5c:d4:d4:cb:c5:2c:95:4c:ad:f0:
48:06:f4:5b:b8:34:ef:0c:f4:49:e2:47:48:3b:ad:33:08:13:
d8:95:f4:67:a7:dd:77:f9:0a:88:cb:97:0a:97:59:f7:46:71:
d8:57:9f:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfKkhxii1tHPArCR4P7Ve5zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGFjZDQzYzAwMzNiMTNiODhiYjM5NzQxNTU4M2FhNTFk
OTMwM2EwHhcNMjUwNzAyMDk1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDNkMTI4MWMxMzZkYmU4Y2E0NzIxZDMyMzlkNmRlZDVmMGQ3MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvam7hy0MaD7r4K7qIdWgB4c7+co
u+i3TkhARQZPrW8tY2mdPGa2i7V45nwMyRk0sRF8ORDR01pYtUdTgLthK2HU3bgr
x4YPfe/HRoMKs6tv19XVPvCdhS0fS55UICjZHlzaG6GBedl7IWcE2LaryDFULr6+
IJSfO4nZ79AgjgmGtXSDB4L/mT5WMJAPzJKcVEa941DqxeEPSmdtE5O7PjsM0hzC
sxye3fOi3688mqtmMmaDjHxFDP8CTJj8Q0h+9FRomICNtlLJbd/dZBPcsK/ExIAO
3x1UqHpDGErEPQ7BvK/9yYYm6hEudOAF/lMiVYpe7ILg9t42AqlQ96yHqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPA9EoHBNtvoykch0yOdbe1fDXIwMB8GA1UdIwQY
MBaAFPWKzUPAAzsTuIuzl0FVg6pR2TA6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUt
Y2YyZDU4ZDBlMGVlLzEvOEQwU2djRTIyLWpLUnlIVEk1MXQ3VjhOY2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8wZTY2ZTktY2YyZC00MGRmLWFhYWUtY2YyZDU4ZDBlMGVl
LzEvOVlyTlE4QURPeE80aTdPWFFWV0RxbEhaTURvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW4lQAwQB
W4l2MA0GCSqGSIb3DQEBCwUAA4IBAQAip1nl6tZy6dxJOQPz92oW3EmtMcHVIram
bOjV//VTkwwThfMTLh2SGNMNkEgLo8LfdaaYaJNqNRZsmzdPc3klsI0i7YLWznFi
m6qY7/hJeIqNQJBthP2hLRr6ELJvbWkpRvqSBgVSVz5dIj4KQUfxqDZPw3Xi9yfS
FCg6VHhSLQ9O0pnUmDezTY/+Dkm4LFmc9qySVUov2OQO98tLtsXoaDNZ7AkuTRiq
X5afBezAzkdlSMMrB5YAQGdLa8mTYE0lkto0hbdDmBZ3lUbMgFzU1MvFLJVMrfBI
BvRbuDTvDPRJ4kdIO60zCBPYlfRnp913+QqIy5cKl1n3RnHYV58H
-----END CERTIFICATE-----
Generated at Sat Aug 2 13:47:40 2025 by rpki-client