Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/pgtyHRABE5BH4U--tAeSXYEFuMI.roa
File: pgtyHRABE5BH4U--tAeSXYEFuMI.roa (raw, json)
Hash identifier: w+QHB6r7lbUuZwSYdh0vhSEsQOOVkbCo0xAow5cZw80=
Subject key identifier: A6:0B:72:1D:10:01:13:90:47:E1:4F:BE:B4:07:92:5D:81:05:B8:C2
Certificate issuer: /CN=73e373fee780eeab2a90422d0ad514e084a8d611
Certificate serial: 019818A1FBE478FA0A36CDA9F56271639159
Authority key identifier: 73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/pgtyHRABE5BH4U--tAeSXYEFuMI.roa
Signing time: Thu 17 Jul 2025 13:45:25 +0000
ROA not before: Thu 17 Jul 2025 13:45:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8468
IP address blocks: 88.83.96.0/24 maxlen: 24
88.83.104.0/24 maxlen: 24
88.83.106.0/24 maxlen: 24
88.83.109.0/24 maxlen: 24
88.83.111.0/24 maxlen: 24
88.83.116.0/24 maxlen: 24
88.83.118.0/23 maxlen: 24
88.83.124.0/23 maxlen: 24
88.83.126.0/24 maxlen: 24
195.80.1.0/24 maxlen: 24
195.80.2.0/24 maxlen: 24
195.80.5.0/24 maxlen: 24
195.80.14.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.mft
rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:a1:fb:e4:78:fa:0a:36:cd:a9:f5:62:71:63:91:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e373fee780eeab2a90422d0ad514e084a8d611
Validity
Not Before: Jul 17 13:45:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a60b721d1001139047e14fbeb407925d8105b8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:09:e6:74:f5:f5:ee:f8:b8:6d:62:bc:62:ae:
e1:4e:85:3e:d6:86:47:8a:7c:90:22:0a:aa:6b:9c:
bb:f3:0b:16:9e:9b:f3:93:1f:06:aa:91:8b:5c:71:
ba:16:61:8d:39:77:56:a7:23:a2:d3:63:c5:35:c5:
49:5e:e0:c5:0d:72:dd:94:e4:7a:8c:cf:36:cc:97:
0f:e7:d6:a8:d0:b3:0b:02:fc:52:3b:1b:4f:e3:47:
0b:dc:89:06:f6:2d:75:9a:eb:21:19:86:70:db:ff:
ea:a3:ba:5b:a1:f4:b9:8d:e8:47:7b:4c:cf:b7:17:
40:34:bc:de:75:f7:70:ab:de:ea:d2:0d:03:d0:c1:
be:9a:89:6b:9b:48:d1:d4:47:5b:75:1c:0d:fe:1e:
a7:90:be:c9:f6:00:15:2e:23:10:83:26:b8:d3:f6:
af:12:1d:8f:ab:40:5b:89:81:96:2e:50:1b:c9:fc:
f5:df:06:48:77:d1:d3:ad:12:af:de:db:90:73:3f:
3a:57:44:2f:81:ee:78:8b:fa:b9:72:0d:43:82:61:
fe:74:e6:7d:05:ca:7e:1c:a2:b6:51:6f:0b:0c:a5:
a0:95:0c:34:23:c1:79:d4:e3:c3:7d:89:a6:01:43:
5e:fe:39:8b:a0:5c:a9:6a:2c:71:5b:d7:19:79:5e:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:0B:72:1D:10:01:13:90:47:E1:4F:BE:B4:07:92:5D:81:05:B8:C2
X509v3 Authority Key Identifier:
keyid:73:E3:73:FE:E7:80:EE:AB:2A:90:42:2D:0A:D5:14:E0:84:A8:D6:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-Nz_ueA7qsqkEItCtUU4ISo1hE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/pgtyHRABE5BH4U--tAeSXYEFuMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/e0e433-9b36-47a6-93a2-041fd4c6ffd4/1/c-Nz_ueA7qsqkEItCtUU4ISo1hE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.83.96.0/24
88.83.104.0/24
88.83.106.0/24
88.83.109.0/24
88.83.111.0/24
88.83.116.0/24
88.83.118.0/23
88.83.124.0-88.83.126.255
195.80.1.0-195.80.2.255
195.80.5.0/24
195.80.14.0/23
Signature Algorithm: sha256WithRSAEncryption
40:83:75:41:80:46:48:4d:a0:58:17:52:0f:8b:7c:11:ad:47:
2d:55:c6:d7:bc:ee:fb:55:68:fd:d8:2d:a2:bf:0b:1a:de:56:
65:73:6a:af:04:0d:13:1a:4d:f5:e5:8e:68:42:33:84:83:98:
20:dc:ac:a9:24:ba:b2:7c:71:c5:1d:8b:f8:fd:47:ee:03:dd:
96:d5:9b:cb:a7:48:1e:47:da:c7:03:15:22:45:98:b5:69:f7:
f1:50:ee:3c:45:d8:6c:16:c9:ee:bb:e1:9d:75:0e:2b:16:0c:
fb:75:97:70:c4:3a:5a:36:64:f5:16:87:4f:78:d3:0f:9b:df:
0b:ae:34:2a:d9:aa:3e:5e:fd:e4:6a:06:61:36:f3:09:92:a7:
d9:a1:52:5f:fd:27:2b:8b:fb:9e:eb:77:84:da:4d:e1:21:38:
65:e1:95:4c:52:3b:2a:af:3e:fb:a7:d9:97:85:dc:bf:74:f2:
9d:46:c1:6c:cf:cc:bb:40:18:69:ca:32:36:b4:da:6d:51:48:
a0:52:bc:ee:60:66:22:0f:fe:b9:eb:01:5b:ef:f5:bf:2e:9c:
c4:14:df:04:1e:c1:20:d9:c9:c1:1e:f6:87:95:c0:62:9a:ae:
e7:ce:e4:d8:fc:fd:88:9e:fd:cd:df:a4:54:d6:9e:5f:a1:a2:
7b:17:28:7f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZgYofvkePoKNs2p9WJxY5FZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTM3M2ZlZTc4MGVlYWIyYTkwNDIyZDBhZDUxNGUwODRh
OGQ2MTEwHhcNMjUwNzE3MTM0NTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjBiNzIxZDEwMDExMzkwNDdlMTRmYmViNDA3OTI1ZDgxMDViOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvgnmdPX17vi4bWK8Yq7hToU+1oZH
inyQIgqqa5y78wsWnpvzkx8GqpGLXHG6FmGNOXdWpyOi02PFNcVJXuDFDXLdlOR6
jM82zJcP59ao0LMLAvxSOxtP40cL3IkG9i11mushGYZw2//qo7pbofS5jehHe0zP
txdANLzedfdwq97q0g0D0MG+molrm0jR1EdbdRwN/h6nkL7J9gAVLiMQgya40/av
Eh2Pq0BbiYGWLlAbyfz13wZId9HTrRKv3tuQcz86V0Qvge54i/q5cg1DgmH+dOZ9
Bcp+HKK2UW8LDKWglQw0I8F51OPDfYmmAUNe/jmLoFypaixxW9cZeV5FnwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFKYLch0QAROQR+FPvrQHkl2BBbjCMB8GA1UdIwQY
MBaAFHPjc/7ngO6rKpBCLQrVFOCEqNYRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTIt
MDQxZmQ0YzZmZmQ0LzEvcGd0eUhSQUJFNUJINFUtLXRBZVNYWUVGdU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9lMGU0MzMtOWIzNi00N2E2LTkzYTItMDQxZmQ0YzZmZmQ0
LzEvYy1Oel91ZUE3cXNxa0VJdEN0VVU0SVNvMWhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAWFNgAwQA
WFNoAwQAWFNqAwQAWFNtAwQAWFNvAwQAWFN0AwQBWFN2MAwDBAJYU3wDBABYU34w
DAMEAMNQAQMEAMNQAgMEAMNQBQMEAcNQDjANBgkqhkiG9w0BAQsFAAOCAQEAQIN1
QYBGSE2gWBdSD4t8Ea1HLVXG17zu+1Vo/dgtor8LGt5WZXNqrwQNExpN9eWOaEIz
hIOYINysqSS6snxxxR2L+P1H7gPdltWby6dIHkfaxwMVIkWYtWn38VDuPEXYbBbJ
7rvhnXUOKxYM+3WXcMQ6WjZk9RaHT3jTD5vfC640KtmqPl795GoGYTbzCZKn2aFS
X/0nK4v7nut3hNpN4SE4ZeGVTFI7Kq8++6fZl4Xcv3TynUbBbM/Mu0AYacoyNrTa
bVFIoFK87mBmIg/+uesBW+/1vy6cxBTfBB7BINnJwR72h5XAYpqu587k2Pz9iJ79
zd+kVNaeX6Giexcofw==
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:42:07 2025 by rpki-client