Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/8XxcMxxrVVQjkadFhJ-aG8jPxJw.roa
File: 8XxcMxxrVVQjkadFhJ-aG8jPxJw.roa (raw, json)
Hash identifier: pYrFYkfoOrtMH2ZxFsYlf0Pfr2PLJ/V0F6ADz/ZY6f0=
Subject key identifier: F1:7C:5C:33:1C:6B:55:54:23:91:A7:45:84:9F:9A:1B:C8:CF:C4:9C
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 01982DB0C72606CAEA606DDF1BE0725F4DFC
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/8XxcMxxrVVQjkadFhJ-aG8jPxJw.roa
Signing time: Mon 21 Jul 2025 15:53:36 +0000
ROA not before: Mon 21 Jul 2025 15:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 18
83.170.69.0/24 maxlen: 24
88.202.176.0/23 maxlen: 23
88.202.177.0/24 maxlen: 24
88.202.178.0/24 maxlen: 24
88.202.179.0/24 maxlen: 24
88.202.180.0/22 maxlen: 22
88.202.184.0/24 maxlen: 24
88.202.185.0/24 maxlen: 24
88.202.186.0/23 maxlen: 23
88.202.188.0/22 maxlen: 22
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 21
109.123.64.0/18 maxlen: 24
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/47 maxlen: 47
2a02:2498:4::/48 maxlen: 48
2a02:2498:5::/48 maxlen: 48
2a02:2498:16::/48 maxlen: 48
2a02:2498:1000::/36 maxlen: 36
2a02:2498:257b::/48 maxlen: 48
2a02:2498:53aa::/48 maxlen: 48
2a02:2498:6d7b::/48 maxlen: 48
2a02:2498:8000::/36 maxlen: 36
2a02:2498:9000::/36 maxlen: 36
2a02:2498:a000::/36 maxlen: 36
2a02:2498:b000::/36 maxlen: 36
2a02:2498:e000::/36 maxlen: 36
2a02:2498:f000::/36 maxlen: 36
2a02:2498:f000::/48 maxlen: 48
2a02:2498:f001::/48 maxlen: 48
2a02:2498:f002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:b0:c7:26:06:ca:ea:60:6d:df:1b:e0:72:5f:4d:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Jul 21 15:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f17c5c331c6b55542391a745849f9a1bc8cfc49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:45:1f:82:4c:49:86:3a:ff:9b:9a:99:99:05:
d2:3f:5d:06:2d:d5:1e:bb:68:f4:05:bd:4d:c5:21:
ba:b2:f7:15:c8:f2:fd:e5:b6:0a:cf:46:84:6c:b5:
15:b3:bd:f1:95:ae:a6:87:35:e6:97:87:90:e5:49:
7c:a4:a3:7d:52:b8:a8:8a:61:4b:da:68:de:00:ef:
27:87:69:9d:3f:77:19:f9:2e:07:f2:89:77:af:42:
23:c7:c0:a1:3e:6e:b3:53:78:a3:21:8c:d7:54:3d:
2f:41:2c:62:79:61:84:ef:00:5d:29:28:34:47:63:
18:c2:ec:04:ab:a2:06:e0:42:20:64:ce:e7:14:36:
01:ca:be:b4:c3:55:6a:43:3d:1f:eb:e3:bf:87:79:
08:e7:23:89:79:83:74:9c:bd:c3:6d:08:4a:81:ac:
f6:c3:d0:66:4c:b6:d1:9a:1d:02:3d:0f:34:ba:03:
87:22:04:b7:fa:d1:06:eb:41:a5:e0:c3:68:0e:fd:
53:73:41:33:ef:b9:95:b5:56:6e:95:2a:fc:ed:76:
c9:c5:12:d1:77:a2:c7:a2:92:da:8f:0e:89:04:bd:
df:4c:21:8b:16:57:ae:0e:a3:e3:ab:78:ba:9f:8b:
13:b3:ee:ba:81:9c:3d:73:71:18:43:16:40:a9:1b:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:7C:5C:33:1C:6B:55:54:23:91:A7:45:84:9F:9A:1B:C8:CF:C4:9C
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/8XxcMxxrVVQjkadFhJ-aG8jPxJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/47
2a02:2498:4::/47
2a02:2498:16::/48
2a02:2498:1000::/36
2a02:2498:257b::/48
2a02:2498:53aa::/48
2a02:2498:6d7b::/48
2a02:2498:8000::/34
2a02:2498:e000::/35
Signature Algorithm: sha256WithRSAEncryption
88:74:78:4b:5b:89:7f:06:b8:4e:4e:d7:42:6c:35:d8:6e:48:
f5:18:21:fb:76:52:c8:ed:a5:8f:81:d9:69:26:4c:13:76:b7:
d8:0c:e7:76:73:f5:f7:07:61:14:a7:7d:ce:79:ae:be:32:d5:
51:23:05:ba:96:d4:55:a4:e4:7d:bf:3c:46:57:8f:45:88:76:
38:98:bb:90:86:b4:08:1c:91:87:50:61:db:63:41:9c:b4:b7:
38:2e:89:09:af:ba:31:ff:62:4f:7b:90:70:66:ce:0d:f8:c3:
4d:13:d7:8d:c3:01:7d:aa:cd:d7:fd:d6:cb:ac:a0:39:1f:f1:
34:17:33:3c:63:aa:0a:16:51:9a:a6:14:bb:21:61:a2:9a:f2:
39:b1:33:03:47:9f:cd:8f:23:bd:25:5f:8d:f7:5f:7d:bf:2f:
cd:ba:e4:e3:5b:9e:66:e9:dd:8a:95:12:f5:0b:86:08:dc:13:
34:60:c5:c1:e8:61:34:f9:a1:05:aa:55:3b:f9:f2:e9:41:ae:
29:0c:82:0a:c5:0d:71:31:09:4c:92:a7:88:c5:bf:f7:a2:23:
17:36:91:e0:e1:ea:3f:ad:c5:75:66:ae:63:e8:79:33:5b:8d:
6b:b0:16:e9:35:c8:f4:b1:70:70:1f:28:29:90:54:68:fa:78:
eb:78:cb:58
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZgtsMcmBsrqYG3fG+ByX038MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwNzIxMTU1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTdjNWMzMzFjNmI1NTU0MjM5MWE3NDU4NDlmOWExYmM4Y2ZjNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUUfgkxJhjr/m5qZmQXSP10GLdUe
u2j0Bb1NxSG6svcVyPL95bYKz0aEbLUVs73xla6mhzXml4eQ5Ul8pKN9UrioimFL
2mjeAO8nh2mdP3cZ+S4H8ol3r0Ijx8ChPm6zU3ijIYzXVD0vQSxieWGE7wBdKSg0
R2MYwuwEq6IG4EIgZM7nFDYByr60w1VqQz0f6+O/h3kI5yOJeYN0nL3DbQhKgaz2
w9BmTLbRmh0CPQ80ugOHIgS3+tEG60Gl4MNoDv1Tc0Ez77mVtVZulSr87XbJxRLR
d6LHopLajw6JBL3fTCGLFleuDqPjq3i6n4sTs+66gZw9c3EYQxZAqRuuSwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFPF8XDMca1VUI5GnRYSfmhvIz8ScMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvOFh4Y014eHJWVlFqa2FkRmhKLWFHOGpQeEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujBiBAIAATBcAwQDHxjg
AwQDJXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23w
AwQGbXtAAwQDsEOgAwQAsEOpMAwDBACwQ6sDBASwQ6ADBAK5B+AwVAQCAAIwTgMH
ASoCJJgAAAMHASoCJJgABAMHACoCJJgAFgMGBCoCJJgQAwcAKgIkmCV7AwcAKgIk
mFOqAwcAKgIkmG17AwYGKgIkmIADBgUqAiSY4DANBgkqhkiG9w0BAQsFAAOCAQEA
iHR4S1uJfwa4Tk7XQmw12G5I9Rgh+3ZSyO2lj4HZaSZME3a32AzndnP19wdhFKd9
znmuvjLVUSMFupbUVaTkfb88RlePRYh2OJi7kIa0CByRh1Bh22NBnLS3OC6JCa+6
Mf9iT3uQcGbODfjDTRPXjcMBfarN1/3Wy6ygOR/xNBczPGOqChZRmqYUuyFhopry
ObEzA0efzY8jvSVfjfdffb8vzbrk41ueZundipUS9QuGCNwTNGDFwehhNPmhBapV
O/ny6UGuKQyCCsUNcTEJTJKniMW/96IjFzaR4OHqP63FdWauY+h5M1uNa7AW6TXI
9LFwcB8oKZBUaPp463jLWA==
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:55:54 2025 by rpki-client