Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/81yN31-IxQXIZI5PlY-trqqNIno.roa
File: 81yN31-IxQXIZI5PlY-trqqNIno.roa (raw, json)
Hash identifier: v9l8y9I+7ljSUfpIaDADoFiNw5hBtJQ72MRZ64GdbyQ=
Subject key identifier: F3:5C:8D:DF:5F:88:C5:05:C8:64:8E:4F:95:8F:AD:AE:AA:8D:22:7A
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 01982F80C7CBA5C4ADFCEE4506A2399B08D1
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/81yN31-IxQXIZI5PlY-trqqNIno.roa
Signing time: Tue 22 Jul 2025 00:20:25 +0000
ROA not before: Tue 22 Jul 2025 00:20:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8814
IP address blocks: 80.69.52.0/24 maxlen: 24
80.69.54.0/24 maxlen: 24
80.69.55.0/24 maxlen: 24
80.69.58.0/24 maxlen: 24
80.69.59.0/24 maxlen: 24
80.69.61.0/24 maxlen: 24
80.69.62.0/24 maxlen: 24
80.69.63.0/24 maxlen: 24
91.135.245.0/24 maxlen: 24
91.135.246.0/24 maxlen: 24
91.135.247.0/24 maxlen: 24
91.135.248.0/24 maxlen: 24
91.135.249.0/24 maxlen: 24
91.135.250.0/24 maxlen: 24
91.135.251.0/24 maxlen: 24
91.135.254.0/24 maxlen: 24
91.135.255.0/24 maxlen: 24
92.39.88.0/24 maxlen: 24
92.39.89.0/24 maxlen: 24
92.39.95.0/24 maxlen: 24
158.181.32.0/24 maxlen: 24
158.181.33.0/24 maxlen: 24
158.181.35.0/24 maxlen: 24
158.181.36.0/24 maxlen: 24
158.181.40.0/22 maxlen: 22
158.181.44.0/22 maxlen: 22
212.47.128.0/22 maxlen: 22
212.47.132.0/22 maxlen: 22
212.47.136.0/22 maxlen: 22
212.47.140.0/22 maxlen: 22
212.47.144.0/22 maxlen: 22
212.47.148.0/22 maxlen: 22
212.47.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 09:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2f:80:c7:cb:a5:c4:ad:fc:ee:45:06:a2:39:9b:08:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Jul 22 00:20:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f35c8ddf5f88c505c8648e4f958fadaeaa8d227a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:5f:55:1d:8a:8b:63:18:5b:ab:e5:37:0a:e4:
46:7b:60:93:7c:ec:20:3f:52:05:47:93:2a:a3:03:
ad:bb:9f:6c:90:14:6e:6e:1b:ba:33:e1:2d:ca:83:
48:e7:f6:d2:5c:3d:62:6a:40:82:45:79:5e:1b:e5:
14:f2:1c:f8:fe:e0:69:9f:c6:2c:74:e5:1b:ef:93:
a0:d6:b0:90:6d:ef:98:02:91:a1:13:81:2c:a8:c9:
32:e6:f3:d9:7f:77:62:cf:6f:bd:fe:42:40:2e:04:
ff:f0:52:a6:10:b0:cb:a5:f4:a8:44:55:f4:78:52:
db:65:73:60:7e:c4:86:c5:ab:50:a0:4e:de:85:01:
48:56:a2:3d:54:b0:9e:55:39:ab:bd:72:01:c0:be:
cf:4b:81:b6:91:89:fe:b9:9b:ef:7f:09:5e:56:0a:
2a:45:3b:16:a7:61:fd:59:ba:b0:fa:28:fa:f9:a2:
15:4c:1f:69:23:b5:ac:d3:6e:a1:75:df:a5:45:2a:
16:1c:11:9d:f5:2f:83:a5:91:1d:f6:7b:0b:ed:b3:
f0:ad:0c:96:fe:cf:ac:73:81:90:d4:e4:3a:58:67:
f9:00:a1:f4:c2:c7:c5:54:02:e0:2a:60:e6:af:ac:
22:6d:ba:58:86:f1:aa:5e:9d:67:9b:10:f5:3b:38:
bf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:5C:8D:DF:5F:88:C5:05:C8:64:8E:4F:95:8F:AD:AE:AA:8D:22:7A
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/81yN31-IxQXIZI5PlY-trqqNIno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.52.0/24
80.69.54.0/23
80.69.58.0/23
80.69.61.0-80.69.63.255
91.135.245.0-91.135.251.255
91.135.254.0/23
92.39.88.0/23
92.39.95.0/24
158.181.32.0/23
158.181.35.0-158.181.36.255
158.181.40.0/21
212.47.128.0-212.47.151.255
212.47.159.0/24
Signature Algorithm: sha256WithRSAEncryption
71:8f:bc:d3:1f:32:ee:6d:4b:53:0b:26:72:9e:79:ee:a0:84:
30:fa:3b:a0:17:ef:87:2e:2a:03:52:0d:a9:6b:f4:87:60:7b:
f9:ef:80:21:f0:b3:c9:6a:c6:d8:64:cb:13:50:fb:36:5b:ea:
2a:d4:d7:8f:c9:8e:33:4d:ec:98:29:4e:58:13:03:41:7a:4e:
fa:64:68:25:6a:65:ad:23:ae:45:71:a4:43:26:b1:25:08:62:
b3:14:89:10:81:b7:39:38:81:3f:01:da:84:db:1d:ee:2e:35:
3f:f1:77:1e:36:5e:d3:ef:62:bf:03:0e:e3:f5:6c:ba:35:d0:
22:1d:1a:13:9c:4d:92:0e:fa:36:d5:53:f0:c7:41:7d:70:6a:
ac:fb:1a:03:54:18:15:9c:1a:aa:54:57:b2:84:9c:04:43:65:
46:a3:93:cd:c5:5c:4a:e7:f3:e0:fe:45:9a:1e:9c:84:cd:78:
c7:ea:cb:93:ac:7b:6d:77:c7:93:0a:6e:7f:32:25:5a:9b:af:
48:7f:a8:74:dd:e7:2a:df:30:6d:63:fe:f8:6c:be:35:6b:04:
e1:61:81:dd:f0:af:4d:09:21:52:a2:73:bf:38:75:5c:9d:ae:
da:bf:ce:ff:4f:b3:62:1e:8a:83:23:64:b5:d7:4b:ed:99:ce:
c6:51:1d:6e
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZgvgMfLpcSt/O5FBqI5mwjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjUwNzIyMDAyMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzVjOGRkZjVmODhjNTA1Yzg2NDhlNGY5NThmYWRhZWFhOGQyMjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3F9VHYqLYxhbq+U3CuRGe2CTfOwg
P1IFR5MqowOtu59skBRubhu6M+EtyoNI5/bSXD1iakCCRXleG+UU8hz4/uBpn8Ys
dOUb75Og1rCQbe+YApGhE4EsqMky5vPZf3diz2+9/kJALgT/8FKmELDLpfSoRFX0
eFLbZXNgfsSGxatQoE7ehQFIVqI9VLCeVTmrvXIBwL7PS4G2kYn+uZvvfwleVgoq
RTsWp2H9Wbqw+ij6+aIVTB9pI7Ws026hdd+lRSoWHBGd9S+DpZEd9nsL7bPwrQyW
/s+sc4GQ1OQ6WGf5AKH0wsfFVALgKmDmr6wibbpYhvGqXp1nmxD1Ozi/eQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFPNcjd9fiMUFyGSOT5WPra6qjSJ6MB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvODF5TjMxLUl4UVhJWkk1UGxZLXRycXFOSW5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFBFNAME
AVBFNgMEAVBFOjAMAwQAUEU9AwQGUEUAMAwDBABbh/UDBAJbh/gDBAFbh/4DBAFc
J1gDBABcJ18DBAGetSAwDAMEAJ61IwMEAJ61JAMEA561KDAMAwQH1C+AAwQD1C+Q
AwQA1C+fMA0GCSqGSIb3DQEBCwUAA4IBAQBxj7zTHzLubUtTCyZynnnuoIQw+jug
F++HLioDUg2pa/SHYHv574Ah8LPJasbYZMsTUPs2W+oq1NePyY4zTeyYKU5YEwNB
ek76ZGglamWtI65FcaRDJrElCGKzFIkQgbc5OIE/AdqE2x3uLjU/8XceNl7T72K/
Aw7j9Wy6NdAiHRoTnE2SDvo21VPwx0F9cGqs+xoDVBgVnBqqVFeyhJwEQ2VGo5PN
xVxK5/Pg/kWaHpyEzXjH6suTrHttd8eTCm5/MiVam69If6h03ecq3zBtY/74bL41
awThYYHd8K9NCSFSonO/OHVcna7av87/T7NiHoqDI2S110vtmc7GUR1u
-----END CERTIFICATE-----
Generated at Sun Jul 27 17:52:56 2025 by rpki-client