Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/88j0L4AoW0kL5FCWZSGS88GfT8k.roa
File: 88j0L4AoW0kL5FCWZSGS88GfT8k.roa (raw, json)
Hash identifier: sBb4eSSC5QGxwkNYJ+UlZxJs13rMQocjCvBV2Ens3d0=
Subject key identifier: F3:C8:F4:2F:80:28:5B:49:0B:E4:50:96:65:21:92:F3:C1:9F:4F:C9
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B62E96F63271A7F7E2D97DEF426BCB
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/88j0L4AoW0kL5FCWZSGS88GfT8k.roa
Signing time: Mon 14 Jul 2025 16:13:11 +0000
ROA not before: Mon 14 Jul 2025 16:13:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 45.142.122.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b6:2e:96:f6:32:71:a7:f7:e2:d9:7d:ef:42:6b:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:13:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3c8f42f80285b490be45096652192f3c19f4fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c0:be:e9:7d:94:07:15:83:2f:32:bd:90:f5:
f1:5c:9d:fb:9b:07:b7:ea:9a:e3:04:01:fb:c0:9e:
21:66:06:6f:d5:a2:ab:9d:87:f6:36:48:28:ef:71:
8a:be:b0:e1:54:49:ba:67:43:78:c5:d5:9b:75:6d:
b7:94:09:a9:cc:a7:69:ee:d6:a4:1c:5a:40:6c:54:
44:81:44:b7:5e:a2:a1:85:cf:3a:01:de:79:a6:cc:
ff:21:f4:db:bb:25:04:cb:33:33:03:c6:7a:f1:9b:
ed:ba:c2:ef:35:1d:c1:99:96:de:57:a6:4b:f6:8e:
5f:17:f1:ba:02:58:6e:5a:d5:f7:51:cb:08:4f:f1:
a4:b9:a1:ff:8f:51:78:45:d4:14:09:76:4d:c3:4c:
4f:2a:ff:3b:83:ec:f0:64:a9:3e:8a:78:25:dd:c1:
c2:d2:cf:07:b6:67:5e:7d:81:57:74:00:00:0e:10:
e3:b6:17:a6:91:00:9b:fe:fa:d5:c5:4e:9f:81:29:
11:9c:dd:5a:0a:98:3c:c2:e5:5f:70:f6:e0:b0:52:
c5:73:a3:f3:27:b2:b9:a8:7b:98:12:64:62:10:30:
15:60:8e:83:5a:b8:95:bb:26:c5:63:fd:37:6b:4a:
5d:79:53:6c:c5:ee:e9:43:29:c4:4f:a9:8c:82:4c:
12:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C8:F4:2F:80:28:5B:49:0B:E4:50:96:65:21:92:F3:C1:9F:4F:C9
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/88j0L4AoW0kL5FCWZSGS88GfT8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.122.0/24
185.17.0.0/24
185.112.83.0/24
185.174.136.0/24
185.229.66.0/24
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
22:28:12:a3:4e:c4:43:de:cb:b2:85:76:45:ea:5b:2a:ac:b5:
ff:a2:88:ad:b0:50:2b:c9:02:e0:de:57:61:be:6a:e8:e7:5b:
16:63:9b:a0:08:8d:85:f2:d1:c6:1e:5b:87:07:90:2a:69:dc:
87:8a:f6:18:10:b3:79:99:b6:be:8a:c8:f8:7c:c8:6e:f6:e1:
fb:d4:ec:49:b3:cb:3c:db:c8:7a:a2:ba:b1:c8:2b:2a:bc:24:
a9:03:f4:e1:76:5d:f8:39:60:9a:8a:42:70:bb:99:03:cc:62:
13:08:e1:5f:78:b8:32:7b:24:9a:e6:41:7f:b1:97:d4:51:6c:
02:d8:13:2b:26:17:84:a9:9f:7e:d8:fd:90:87:56:2a:d1:da:
a9:5c:12:1b:ef:86:a1:1e:ce:75:0f:a4:ba:8b:bb:8b:77:39:
3c:77:9a:70:d7:c4:06:b0:78:65:be:13:93:c2:f4:01:7e:e7:
4c:e2:c7:9d:42:63:af:47:f1:6c:48:69:44:9a:94:d0:3c:fd:
dd:e9:37:a8:e3:03:e0:98:fd:7e:22:d2:0d:06:91:5f:70:54:
47:69:e9:de:76:a5:7a:66:b9:80:2f:46:c6:90:4f:57:8f:5f:
30:65:5e:c9:04:83:2b:31:9d:cf:13:96:94:a3:98:03:9a:a3:
13:24:4d:c5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgJti6W9jJxp/fi2X3vQmvLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2M4ZjQyZjgwMjg1YjQ5MGJlNDUwOTY2NTIxOTJmM2MxOWY0ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsC+6X2UBxWDLzK9kPXxXJ37mwe3
6prjBAH7wJ4hZgZv1aKrnYf2Nkgo73GKvrDhVEm6Z0N4xdWbdW23lAmpzKdp7tak
HFpAbFREgUS3XqKhhc86Ad55psz/IfTbuyUEyzMzA8Z68ZvtusLvNR3BmZbeV6ZL
9o5fF/G6AlhuWtX3UcsIT/GkuaH/j1F4RdQUCXZNw0xPKv87g+zwZKk+ingl3cHC
0s8HtmdefYFXdAAADhDjthemkQCb/vrVxU6fgSkRnN1aCpg8wuVfcPbgsFLFc6Pz
J7K5qHuYEmRiEDAVYI6DWriVuybFY/03a0pdeVNsxe7pQynET6mMgkwSoQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPPI9C+AKFtJC+RQlmUhkvPBn0/JMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvODhqMEw0QW9XMGtMNUZDV1pTR1M4OEdmVDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALY56AwQA
uREAAwQAuXBTAwQAua6IAwQAueVCAwQAwkPJMA0GCSqGSIb3DQEBCwUAA4IBAQAi
KBKjTsRD3suyhXZF6lsqrLX/ooitsFAryQLg3ldhvmro51sWY5ugCI2F8tHGHluH
B5AqadyHivYYELN5mba+isj4fMhu9uH71OxJs8s828h6orqxyCsqvCSpA/Thdl34
OWCaikJwu5kDzGITCOFfeLgyeySa5kF/sZfUUWwC2BMrJheEqZ9+2P2Qh1Yq0dqp
XBIb74ahHs51D6S6i7uLdzk8d5pw18QGsHhlvhOTwvQBfudM4sedQmOvR/FsSGlE
mpTQPP3d6Teo4wPgmP1+ItINBpFfcFRHaenedqV6ZrmAL0bGkE9Xj18wZV7JBIMr
MZ3PE5aUo5gDmqMTJE3F
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:27:19 2025 by rpki-client