Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/8Mo6g9SFP-NIBZd3NEDkngdSZes.roa
File: 8Mo6g9SFP-NIBZd3NEDkngdSZes.roa (raw, json)
Hash identifier: rO3KeiHvbOV2i5W5VXdPAcjCOnY/RKARKqJQlNG3u/Y=
Subject key identifier: F0:CA:3A:83:D4:85:3F:E3:48:05:97:77:34:40:E4:9E:07:52:65:EB
Certificate issuer: /CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Certificate serial: 01990E4E4B97EA0B977C120B89B18327D7E2
Authority key identifier: ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/8Mo6g9SFP-NIBZd3NEDkngdSZes.roa
Signing time: Wed 03 Sep 2025 06:40:36 +0000
ROA not before: Wed 03 Sep 2025 06:40:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208681
IP address blocks: 45.89.128.0/22 maxlen: 22
2a0b:a200::/48 maxlen: 48
2a0b:a200:1::/48 maxlen: 48
2a0b:a200:2::/48 maxlen: 48
2a0b:a200:3::/48 maxlen: 48
2a0b:a200:4::/48 maxlen: 48
2a0b:a200:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:4e:4b:97:ea:0b:97:7c:12:0b:89:b1:83:27:d7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed624c590027a5a8c9eeb369726e4a630cdf414c
Validity
Not Before: Sep 3 06:40:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0ca3a83d4853fe3480597773440e49e075265eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:77:eb:65:fd:07:a3:15:d7:10:80:15:aa:3a:
6c:35:31:22:c9:55:79:61:41:57:49:9b:21:4c:46:
d3:37:bf:61:61:4d:9c:7d:3a:e8:96:6b:27:ac:8c:
00:50:d4:22:be:ab:9b:0b:2a:c5:eb:f5:6f:bb:db:
31:5d:0b:ee:a4:bb:81:60:00:ae:eb:49:23:27:ca:
f2:b6:e5:a5:e7:50:ac:6e:0a:6d:80:f7:18:3a:31:
16:35:4c:09:2f:82:1d:e2:f6:63:5f:96:94:a1:69:
26:49:11:1f:0c:ab:c0:c9:93:e1:ad:da:f3:ec:7c:
76:37:cd:91:aa:1a:10:65:fb:d2:78:eb:9a:88:e9:
95:46:94:91:b8:b5:c4:cf:cb:a4:95:c3:8d:da:f7:
0a:1a:7e:f0:53:6a:ba:86:17:93:0f:b1:60:07:e1:
72:f8:7a:86:cf:5a:02:67:51:12:76:5e:68:f1:b7:
6f:c7:af:58:38:26:e5:67:47:35:9e:fe:bb:11:13:
d7:32:53:a7:43:9f:f0:4f:bf:48:a7:42:3e:d0:01:
71:6b:95:25:66:55:74:27:ae:83:0a:41:23:9b:6c:
8d:3a:99:ad:05:55:0d:4b:06:e0:63:51:43:e1:74:
ba:ae:10:0f:d3:1b:b6:0e:e3:e0:0e:1c:e6:2a:01:
bc:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:CA:3A:83:D4:85:3F:E3:48:05:97:77:34:40:E4:9E:07:52:65:EB
X509v3 Authority Key Identifier:
keyid:ED:62:4C:59:00:27:A5:A8:C9:EE:B3:69:72:6E:4A:63:0C:DF:41:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7WJMWQAnpajJ7rNpcm5KYwzfQUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/8Mo6g9SFP-NIBZd3NEDkngdSZes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/8db67a-c4fc-4c2c-9978-a7be5fa0ff65/1/7WJMWQAnpajJ7rNpcm5KYwzfQUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.128.0/22
IPv6:
2a0b:a200::-2a0b:a200:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c0:69:57:4d:66:f0:be:af:78:7f:03:10:44:7d:02:8c:b5:14:
7e:cb:c4:4e:b4:26:a4:9a:98:44:98:2c:bd:47:cc:36:06:95:
6c:1e:ab:63:16:b2:b1:0b:ff:a3:b0:5b:6d:01:58:d9:14:cb:
3d:dc:4a:7e:b3:a4:fc:4d:9e:69:03:cd:39:2a:98:58:da:35:
27:df:c6:88:ab:df:11:ef:1c:cb:40:9a:39:4f:85:72:95:47:
54:c5:54:a3:a3:60:b9:b7:92:08:9b:56:1d:cc:4f:7d:84:f4:
4d:1f:03:7d:af:18:bf:38:1a:95:e8:30:71:67:7a:b6:b4:7e:
9b:07:40:5c:12:6f:e9:aa:8f:c4:63:a3:b8:53:1b:91:31:31:
38:96:01:50:bd:55:a9:88:8d:a6:10:60:c2:c1:05:d8:b8:30:
d5:87:cb:26:05:69:40:b7:85:ac:f3:4c:14:38:7d:a3:a8:70:
ad:08:59:e0:c8:7e:75:a6:55:29:3c:bb:71:22:eb:35:5a:21:
96:d5:60:6f:c4:2b:05:d1:45:a5:4e:99:cf:a6:70:a8:bb:92:
86:db:23:49:eb:40:a1:fe:12:79:9e:b1:be:6e:de:af:6b:2b:
7a:05:ba:87:fd:37:a8:30:03:28:47:f3:a6:6a:63:f1:0d:a7:
76:ef:31:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkOTkuX6guXfBILibGDJ9fiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNjI0YzU5MDAyN2E1YThjOWVlYjM2OTcyNmU0YTYzMGNk
ZjQxNGMwHhcNMjUwOTAzMDY0MDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGNhM2E4M2Q0ODUzZmUzNDgwNTk3NzczNDQwZTQ5ZTA3NTI2NWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnfrZf0HoxXXEIAVqjpsNTEiyVV5
YUFXSZshTEbTN79hYU2cfTrolmsnrIwAUNQivqubCyrF6/Vvu9sxXQvupLuBYACu
60kjJ8rytuWl51CsbgptgPcYOjEWNUwJL4Id4vZjX5aUoWkmSREfDKvAyZPhrdrz
7Hx2N82RqhoQZfvSeOuaiOmVRpSRuLXEz8uklcON2vcKGn7wU2q6hheTD7FgB+Fy
+HqGz1oCZ1ESdl5o8bdvx69YOCblZ0c1nv67ERPXMlOnQ5/wT79Ip0I+0AFxa5Ul
ZlV0J66DCkEjm2yNOpmtBVUNSwbgY1FD4XS6rhAP0xu2DuPgDhzmKgG8WwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPDKOoPUhT/jSAWXdzRA5J4HUmXrMB8GA1UdIwQY
MBaAFO1iTFkAJ6Woye6zaXJuSmMM30FMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5Nzgt
YTdiZTVmYTBmZjY1LzEvOE1vNmc5U0ZQLU5JQlpkM05FRGtuZ2RTWmVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy84ZGI2N2EtYzRmYy00YzJjLTk5NzgtYTdiZTVmYTBmZjY1
LzEvN1dKTVdRQW5wYWpKN3JOcGNtNUtZd3pmUVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCLVmAMBcE
AgACMBEwDwMEASoLogMHASoLogAABDANBgkqhkiG9w0BAQsFAAOCAQEAwGlXTWbw
vq94fwMQRH0CjLUUfsvETrQmpJqYRJgsvUfMNgaVbB6rYxaysQv/o7BbbQFY2RTL
PdxKfrOk/E2eaQPNOSqYWNo1J9/GiKvfEe8cy0CaOU+FcpVHVMVUo6NgubeSCJtW
HcxPfYT0TR8Dfa8YvzgalegwcWd6trR+mwdAXBJv6aqPxGOjuFMbkTExOJYBUL1V
qYiNphBgwsEF2Lgw1YfLJgVpQLeFrPNMFDh9o6hwrQhZ4Mh+daZVKTy7cSLrNVoh
ltVgb8QrBdFFpU6Zz6ZwqLuShtsjSetAof4SeZ6xvm7er2sregW6h/03qDADKEfz
pmpj8Q2ndu8xzA==
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:13:00 2025 by rpki-client