Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-5OS7lxMD5lIiGD_YIetubfR6I.roa
File: v-5OS7lxMD5lIiGD_YIetubfR6I.roa (raw, json)
Hash identifier: hP6hJkyWdsittdn7P3ColeqaKlJ02G/OrIJAjBL9VFE=
Subject key identifier: BF:EE:4E:4B:B9:71:30:3E:65:22:21:83:FD:82:1E:B6:E6:DF:47:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198048D0B82584B8CEDF7F2A6C6F20ED5E5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-5OS7lxMD5lIiGD_YIetubfR6I.roa
Signing time: Sun 13 Jul 2025 16:10:09 +0000
ROA not before: Sun 13 Jul 2025 16:10:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:04:8d:0b:82:58:4b:8c:ed:f7:f2:a6:c6:f2:0e:d5:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 13 16:10:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfee4e4bb971303e65222183fd821eb6e6df47a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e8:6f:54:e3:68:90:f1:92:c1:34:8a:eb:58:
5e:8b:c1:33:c1:6e:43:4d:78:d0:00:bd:f4:29:2e:
ac:77:3c:85:82:a9:86:95:a9:5f:83:7d:fa:72:f4:
d1:77:9e:43:61:92:15:a8:92:60:df:9b:79:de:b5:
1a:9a:e1:96:75:44:14:02:f2:29:a4:ff:4e:39:fd:
a1:67:f7:26:c0:cf:d4:8a:74:04:a3:01:28:9a:13:
74:53:08:3b:33:df:08:fe:86:b7:37:9f:db:e7:2e:
c9:9c:6a:0c:5f:f1:a7:0a:60:14:62:40:c5:09:de:
2a:24:e1:63:b8:72:9d:27:f0:e0:d5:b7:cf:5e:ee:
30:4b:b9:46:c8:c8:72:68:57:61:c8:fa:4f:54:12:
d5:8b:6e:79:75:6a:8c:bd:9c:fc:9d:40:d6:69:bc:
ad:33:c8:c2:fb:fd:e4:48:5e:94:2d:4e:97:a9:38:
79:99:6c:e1:d4:e9:b0:94:d9:1e:a0:b2:44:bb:95:
06:65:8a:ac:80:f9:12:28:00:fc:5a:70:e5:7b:8d:
c6:0b:4c:0d:91:49:f5:a4:26:fb:47:a5:bb:b0:a3:
74:b9:64:3d:d4:6d:fa:8f:65:8f:c3:9f:2a:6c:c2:
4c:0b:e1:64:bc:95:36:c9:3f:39:95:85:1f:88:b0:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EE:4E:4B:B9:71:30:3E:65:22:21:83:FD:82:1E:B6:E6:DF:47:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/v-5OS7lxMD5lIiGD_YIetubfR6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.98.0/24
82.152.109.0/24
82.153.205.0/24
82.153.217.0/24
82.163.23.0/24
89.213.50.0/24
89.213.164.0/24
109.176.40.0-109.176.55.255
109.176.244.0/24
212.38.79.0/24
213.130.130.0/24
213.130.149.0/24
213.210.54.0/24
213.218.214.0/24
213.218.234.0/24
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
41:99:3d:57:93:00:7f:31:fd:59:87:f9:30:c1:54:c3:d7:49:
04:b3:94:7b:3e:78:ad:23:0b:5b:27:28:e4:52:6e:ee:77:80:
dd:12:07:97:c7:2e:06:b3:6b:8d:49:40:a6:3f:8a:66:0a:a7:
f3:56:6d:e1:e6:3c:d9:3b:22:fc:e8:e6:86:63:c9:80:ed:ac:
18:0f:f0:a2:e4:d9:87:f0:52:a5:18:82:5b:38:c4:85:4f:df:
03:95:4b:43:58:83:dc:9d:8f:ca:25:10:e0:06:7f:72:09:0e:
9b:78:8f:6f:34:3b:70:8f:d7:00:5e:6d:fc:59:2e:69:ab:59:
ec:a1:92:ad:99:a0:d4:1e:83:f8:93:11:6e:cb:cb:0d:80:c2:
99:aa:46:79:af:0f:20:7d:2a:65:f8:19:41:d0:55:bd:dc:c3:
95:4a:ac:a3:18:7d:65:ba:a0:e2:e0:e0:5d:52:c3:a0:68:3a:
e5:c9:71:7b:06:f3:75:34:68:b2:e2:82:3c:fa:d6:f6:04:c9:
39:af:2d:d4:f4:b0:21:fd:96:3a:79:b2:d6:ce:27:8d:49:77:
69:54:c0:1b:fc:20:aa:2a:1d:5e:fb:40:2c:2f:92:14:b3:a7:
40:0d:5e:04:a9:f6:24:62:27:43:27:62:59:6f:3b:c3:dd:89:
c5:0e:68:8e
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZgEjQuCWEuM7ffypsbyDtXlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzEzMTYxMDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmVlNGU0YmI5NzEzMDNlNjUyMjIxODNmZDgyMWViNmU2ZGY0N2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquhvVONokPGSwTSK61hei8EzwW5D
TXjQAL30KS6sdzyFgqmGlalfg336cvTRd55DYZIVqJJg35t53rUamuGWdUQUAvIp
pP9OOf2hZ/cmwM/UinQEowEomhN0Uwg7M98I/oa3N5/b5y7JnGoMX/GnCmAUYkDF
Cd4qJOFjuHKdJ/Dg1bfPXu4wS7lGyMhyaFdhyPpPVBLVi255dWqMvZz8nUDWabyt
M8jC+/3kSF6ULU6XqTh5mWzh1OmwlNkeoLJEu5UGZYqsgPkSKAD8WnDle43GC0wN
kUn1pCb7R6W7sKN0uWQ91G36j2WPw58qbMJMC+FkvJU2yT85lYUfiLBDfwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFL/uTku5cTA+ZSIhg/2CHrbm30eiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdi01T1M3bHhNRDVsSWlHRF9ZSWV0dWJmUjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFKYCAME
AFKYYgMEAFKYbQMEAFKZzQMEAFKZ2QMEAFKjFwMEAFnVMgMEAFnVpDAMAwQDbbAo
AwQDbbAwAwQAbbD0AwQA1CZPAwQA1YKCAwQA1YKVAwQA1dI2AwQA1drWAwQA1drq
AwQA1druMA0GCSqGSIb3DQEBCwUAA4IBAQBBmT1XkwB/Mf1Zh/kwwVTD10kEs5R7
PnitIwtbJyjkUm7ud4DdEgeXxy4Gs2uNSUCmP4pmCqfzVm3h5jzZOyL86OaGY8mA
7awYD/Ci5NmH8FKlGIJbOMSFT98DlUtDWIPcnY/KJRDgBn9yCQ6beI9vNDtwj9cA
Xm38WS5pq1nsoZKtmaDUHoP4kxFuy8sNgMKZqkZ5rw8gfSpl+BlB0FW93MOVSqyj
GH1luqDi4OBdUsOgaDrlyXF7BvN1NGiy4oI8+tb2BMk5ry3U9LAh/ZY6ebLWzieN
SXdpVMAb/CCqKh1e+0AsL5IUs6dADV4EqfYkYidDJ2JZbzvD3YnFDmiO
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:13:56 2025 by rpki-client