Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8WOfV91hbQYdAjxlTShs8uS2qZo.roa
File: 8WOfV91hbQYdAjxlTShs8uS2qZo.roa (raw, json)
Hash identifier: qdOgiq3j/uyZoQiWebZOCQ+/u3LpOi/JdsIzY2Q5Yjw=
Subject key identifier: F1:63:9F:57:DD:61:6D:06:1D:02:3C:65:4D:28:6C:F2:E4:B6:A9:9A
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01982EB0F4A897EE98DA147B9E510ACE1BA7
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8WOfV91hbQYdAjxlTShs8uS2qZo.roa
Signing time: Mon 21 Jul 2025 20:33:25 +0000
ROA not before: Mon 21 Jul 2025 20:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/22 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
92.118.88.0/22 maxlen: 24
92.119.200.0/22 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
171.22.180.0/23 maxlen: 24
176.125.240.0/22 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.121.0/24 maxlen: 24
188.119.122.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
188.119.124.0/24 maxlen: 24
188.119.125.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 18:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2e:b0:f4:a8:97:ee:98:da:14:7b:9e:51:0a:ce:1b:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jul 21 20:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f1639f57dd616d061d023c654d286cf2e4b6a99a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6a:8e:8b:1f:d4:39:d8:21:7d:98:e8:e1:1d:
b4:1a:7f:35:5e:83:57:22:7d:ae:1e:19:4c:32:bc:
36:d4:b3:98:61:d4:12:a7:93:58:03:74:86:45:97:
d2:73:cd:04:be:d8:8f:46:2f:08:fa:a2:33:e8:85:
75:81:13:1f:bf:99:69:43:e2:cd:bf:65:8c:d0:7d:
af:5e:69:e2:1a:ee:2a:b3:ff:e7:5c:9f:be:19:77:
cd:d5:c8:2e:b3:09:ec:b9:c3:a1:73:50:d8:ab:29:
b8:02:91:7a:cf:83:d4:d4:c9:d2:79:c5:ff:5a:b7:
f5:3f:15:3d:5c:b4:d1:0f:06:cc:ac:a7:e0:32:c3:
be:ac:85:96:9c:3f:3f:a3:66:64:8c:bf:9d:73:4e:
54:1d:8d:ca:46:54:ab:bb:e4:59:f3:be:92:25:3f:
fd:6e:57:50:8a:89:f7:31:5c:61:3d:71:ae:00:b2:
d3:cb:07:3f:08:8f:5d:5a:6d:f5:ca:c8:f6:79:ad:
c3:60:58:67:a3:65:00:68:7b:cf:75:4b:47:33:aa:
f3:10:53:a3:22:1c:41:8a:76:ef:28:aa:02:81:cf:
f8:3d:c7:23:b8:04:70:30:6e:61:3e:e8:ff:f6:36:
50:ae:37:a9:18:c4:ce:93:24:ff:74:d4:1b:24:c5:
39:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:63:9F:57:DD:61:6D:06:1D:02:3C:65:4D:28:6C:F2:E4:B6:A9:9A
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/8WOfV91hbQYdAjxlTShs8uS2qZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/23
45.159.248.0/22
92.118.88.0/22
92.119.200.0/22
93.185.166.0/24
141.98.168.0-141.98.170.255
171.22.180.0/23
176.125.240.0/22
185.231.204.0/22
188.119.121.0-188.119.125.255
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
194.4.48.0/22
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
56:17:c8:b7:e3:46:b0:1e:dc:3f:aa:22:66:be:03:ab:f8:29:
47:20:0a:eb:ad:6c:a2:c5:2b:d1:53:98:93:98:47:a9:83:5e:
c4:a8:c3:eb:64:b9:2e:d1:a9:5f:ec:6d:9b:04:32:35:73:f7:
1a:18:8d:7e:8f:ba:d7:34:dc:7b:37:11:94:e4:d2:3d:f2:9f:
c8:8d:81:a7:81:2b:e0:68:58:b8:d8:54:ab:a6:d8:f9:d1:83:
ef:b1:7a:15:09:7f:98:b7:da:01:b2:cf:65:f6:7b:b8:db:ab:
31:4e:58:d3:43:ee:77:5d:1d:e2:0e:dd:2b:63:6d:39:65:2e:
65:33:79:bd:80:16:b6:54:de:77:4b:b2:86:60:db:b0:7c:4f:
65:16:56:12:18:c3:83:6e:e6:2c:e1:55:b2:f3:5b:78:70:92:
e1:fb:e5:41:46:c8:6b:9f:fa:1d:22:5c:5d:81:7c:f8:1a:f9:
39:2c:a8:58:4f:65:10:90:96:f4:3b:e9:6e:56:6d:21:3b:1f:
55:c6:1a:a9:78:b2:51:61:bf:fe:55:79:30:c9:d1:b4:d0:68:
57:83:bb:ca:91:d5:87:60:61:19:b4:e5:84:1f:7b:2f:16:35:
06:1e:0e:13:5b:d3:86:f2:5d:cf:86:74:d1:7d:f4:b7:fc:2d:
4e:46:26:70
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZgusPSol+6Y2hR7nlEKzhunMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNzIxMjAzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTYzOWY1N2RkNjE2ZDA2MWQwMjNjNjU0ZDI4NmNmMmU0YjZhOTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWqOix/UOdghfZjo4R20Gn81XoNX
In2uHhlMMrw21LOYYdQSp5NYA3SGRZfSc80EvtiPRi8I+qIz6IV1gRMfv5lpQ+LN
v2WM0H2vXmniGu4qs//nXJ++GXfN1cguswnsucOhc1DYqym4ApF6z4PU1MnSecX/
Wrf1PxU9XLTRDwbMrKfgMsO+rIWWnD8/o2ZkjL+dc05UHY3KRlSru+RZ876SJT/9
bldQion3MVxhPXGuALLTywc/CI9dWm31ysj2ea3DYFhno2UAaHvPdUtHM6rzEFOj
IhxBinbvKKoCgc/4PccjuARwMG5hPuj/9jZQrjepGMTOkyT/dNQbJMU5gQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFPFjn1fdYW0GHQI8ZU0obPLktqmaMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvOFdPZlY5MWhiUVlkQWp4bFRTaHM4dVMycVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBmwQCAAEwgZQDBAIF
tiQDBAItCJADBAEtQyIDBAAtVAADBAItV5gDBAItWTQDBAEtXQoDBAItn/gDBAJc
dlgDBAJcd8gDBABduaYwDAMEA41iqAMEAI1iqgMEAasWtAMEArB98AMEArnnzDAM
AwQAvHd5AwQBvHd8AwQBwSuSAwQBwS44AwQCwTmIAwQCwgQwAwQBwnSsAwQBwnS+
MA0GCSqGSIb3DQEBCwUAA4IBAQBWF8i340awHtw/qiJmvgOr+ClHIArrrWyixSvR
U5iTmEepg17EqMPrZLku0alf7G2bBDI1c/caGI1+j7rXNNx7NxGU5NI98p/IjYGn
gSvgaFi42FSrptj50YPvsXoVCX+Yt9oBss9l9nu426sxTljTQ+53XR3iDt0rY205
ZS5lM3m9gBa2VN53S7KGYNuwfE9lFlYSGMODbuYs4VWy81t4cJLh++VBRshrn/od
IlxdgXz4Gvk5LKhYT2UQkJb0O+luVm0hOx9VxhqpeLJRYb/+VXkwydG00GhXg7vK
kdWHYGEZtOWEH3svFjUGHg4TW9OG8l3PhnTRffS3/C1ORiZw
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:24:33 2025 by rpki-client