
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/s8Nv2shiay0ajNuDErtrpeqAX7A.roa
File: s8Nv2shiay0ajNuDErtrpeqAX7A.roa (raw, json)
Hash identifier: 4Yn2a4P977R6B0svZ8JXcviKY1eUPuqoIGptDpenqVY=
Subject key identifier: B3:C3:6F:DA:C8:62:6B:2D:1A:8C:DB:83:12:BB:6B:A5:EA:80:5F:B0
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 01981E203E1CEB034C34B2D30E6FD77D9E56
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/s8Nv2shiay0ajNuDErtrpeqAX7A.roa
Signing time: Fri 18 Jul 2025 15:21:26 +0000
ROA not before: Fri 18 Jul 2025 15:21:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209181
IP address blocks: 5.252.117.0/24 maxlen: 24
193.34.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:20:3e:1c:eb:03:4c:34:b2:d3:0e:6f:d7:7d:9e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 18 15:21:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3c36fdac8626b2d1a8cdb8312bb6ba5ea805fb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:41:33:de:05:64:ba:e8:9c:8d:47:07:86:e5:
36:0b:96:db:97:ba:4a:cc:b0:0a:77:d1:72:30:bc:
4b:4b:c0:9c:ac:d3:40:cf:7a:a5:8a:12:32:e2:b7:
9c:11:89:a0:ca:27:ff:5a:48:cf:a8:22:1f:bf:24:
01:45:f1:3a:b5:b1:31:95:63:8a:8e:8c:e4:d2:1e:
77:82:f6:3d:ae:52:32:ce:d0:0d:b0:d8:4b:1a:fe:
4b:27:57:6c:62:05:71:6c:b3:34:3f:b0:2b:cf:bc:
21:8b:a3:f5:17:9c:21:65:9e:e1:5b:cf:bd:b2:aa:
f0:ed:28:85:62:65:07:4a:47:9c:6b:fb:3c:31:0e:
de:6b:90:e6:7b:95:6e:b1:3f:7d:71:d8:b7:18:74:
fb:17:eb:c6:da:cf:90:44:c5:da:c3:a5:2a:4f:01:
e4:83:6a:cd:36:81:e6:76:fc:58:ae:2c:df:f8:5c:
02:47:4f:67:b5:8e:e5:1a:69:80:ca:a2:f1:f0:5c:
8c:14:f5:80:fd:b6:90:3d:bd:22:7b:88:ce:24:5f:
7a:30:62:a3:b0:12:6a:71:a2:8d:83:32:b7:6b:07:
a8:50:d7:16:43:9f:58:aa:de:32:85:8b:b4:bf:d6:
7b:5c:92:ac:18:72:81:02:75:f5:4f:d9:90:60:5f:
13:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C3:6F:DA:C8:62:6B:2D:1A:8C:DB:83:12:BB:6B:A5:EA:80:5F:B0
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/s8Nv2shiay0ajNuDErtrpeqAX7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.117.0/24
193.34.232.0/24
Signature Algorithm: sha256WithRSAEncryption
42:4a:a4:e8:b7:3f:91:bf:0f:89:39:a3:02:09:3e:35:20:65:
76:83:ac:08:35:f2:16:3a:70:71:2b:69:8d:b0:81:c9:55:72:
b7:ab:51:a7:7c:b5:a6:16:7e:a9:2d:af:bf:b0:9b:eb:7d:6c:
7c:69:36:b6:ec:0c:b4:a5:dd:54:5c:09:7b:b4:fc:80:e9:35:
5d:30:e5:57:d7:82:1f:09:85:f4:2b:f9:da:4d:ee:92:e4:75:
5a:d3:1f:9e:f8:2b:2e:dc:5a:a1:51:ec:64:82:6f:f7:18:3a:
87:44:d8:88:3b:51:68:53:e4:f4:79:a3:5e:01:a5:cc:8b:b7:
51:26:c2:b4:c1:f3:cc:37:75:29:5c:72:98:59:03:36:43:9c:
cc:85:c1:57:d1:29:25:19:29:9c:a2:54:bf:63:d0:09:39:c5:
04:ea:c5:bf:b9:cd:3f:9e:1b:ca:8e:d6:66:48:ef:c7:57:7e:
81:f5:28:09:02:52:44:2e:58:a2:0e:0f:f7:c3:c5:e7:03:9a:
b2:9a:82:1d:90:d5:70:6d:24:43:e5:44:cb:f7:4f:37:ed:97:
52:7c:42:41:6e:7b:a6:91:a8:ed:3c:17:3f:5d:a2:77:84:a8:
c0:91:02:1a:15:70:35:ea:db:d0:be:0d:dc:02:bc:b6:31:37:
09:11:93:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgeID4c6wNMNLLTDm/XfZ5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE4MTUyMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MzNmZkYWM4NjI2YjJkMWE4Y2RiODMxMmJiNmJhNWVhODA1ZmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0Ez3gVkuuicjUcHhuU2C5bbl7pK
zLAKd9FyMLxLS8CcrNNAz3qlihIy4recEYmgyif/WkjPqCIfvyQBRfE6tbExlWOK
jozk0h53gvY9rlIyztANsNhLGv5LJ1dsYgVxbLM0P7Arz7whi6P1F5whZZ7hW8+9
sqrw7SiFYmUHSkeca/s8MQ7ea5Dme5VusT99cdi3GHT7F+vG2s+QRMXaw6UqTwHk
g2rNNoHmdvxYrizf+FwCR09ntY7lGmmAyqLx8FyMFPWA/baQPb0ie4jOJF96MGKj
sBJqcaKNgzK3aweoUNcWQ59Yqt4yhYu0v9Z7XJKsGHKBAnX1T9mQYF8ThQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLPDb9rIYmstGozbgxK7a6XqgF+wMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvczhOdjJzaGlheTBhak51REVydHJwZXFBWDdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABfx1AwQA
wSLoMA0GCSqGSIb3DQEBCwUAA4IBAQBCSqTotz+Rvw+JOaMCCT41IGV2g6wINfIW
OnBxK2mNsIHJVXK3q1GnfLWmFn6pLa+/sJvrfWx8aTa27Ay0pd1UXAl7tPyA6TVd
MOVX14IfCYX0K/naTe6S5HVa0x+e+Csu3FqhUexkgm/3GDqHRNiIO1FoU+T0eaNe
AaXMi7dRJsK0wfPMN3UpXHKYWQM2Q5zMhcFX0SklGSmcolS/Y9AJOcUE6sW/uc0/
nhvKjtZmSO/HV36B9SgJAlJELliiDg/3w8XnA5qymoIdkNVwbSRD5UTL90837ZdS
fEJBbnumkajtPBc/XaJ3hKjAkQIaFXA16tvQvg3cAry2MTcJEZN6
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:28:09 2025 by rpki-client