Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nE8Xo_fpUw6ElJP9CBp37mVdbvg.roa
File: nE8Xo_fpUw6ElJP9CBp37mVdbvg.roa (raw, json)
Hash identifier: dylbw9FFNOC/9ham5DxR+U09aH9ubZH/opQ+2bz68ow=
Subject key identifier: 9C:4F:17:A3:F7:E9:53:0E:84:94:93:FD:08:1A:77:EE:65:5D:6E:F8
Certificate issuer: /CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Certificate serial: 019741B56AD62D51F64C1DB90E23EEB5990B
Authority key identifier: 8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nE8Xo_fpUw6ElJP9CBp37mVdbvg.roa
Signing time: Thu 05 Jun 2025 20:08:17 +0000
ROA not before: Thu 05 Jun 2025 20:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41114
IP address blocks: 31.11.40.0/21 maxlen: 24
45.151.16.0/22 maxlen: 22
45.157.248.0/22 maxlen: 22
62.192.140.0/22 maxlen: 22
77.83.228.0/22 maxlen: 24
109.106.24.0/22 maxlen: 22
147.78.164.0/22 maxlen: 22
153.92.104.0/21 maxlen: 21
185.42.112.0/22 maxlen: 22
185.98.64.0/22 maxlen: 22
193.148.80.0/22 maxlen: 22
213.226.72.0/22 maxlen: 22
2a00:7aa0::/32 maxlen: 32
2a01:60e0::/32 maxlen: 32
2a09:26c0::/32 maxlen: 32
2a09:4380::/32 maxlen: 32
2a0a:7980::/32 maxlen: 32
2a0d:e6c0::/32 maxlen: 48
2a0f:d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 17:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:41:b5:6a:d6:2d:51:f6:4c:1d:b9:0e:23:ee:b5:99:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cdcf26f74860588cac6bae17f99de22dbc49ae6
Validity
Not Before: Jun 5 20:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c4f17a3f7e9530e849493fd081a77ee655d6ef8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c0:e6:78:6d:57:37:97:c1:27:ef:5b:33:db:
10:bf:2f:71:93:d6:88:23:8c:43:27:55:f5:9e:16:
8a:f5:82:7c:b3:a3:8f:19:d1:12:dc:18:05:24:8c:
e3:2e:4b:99:79:b5:3a:e0:0f:c6:fe:40:5b:95:2b:
18:1c:ea:6d:b6:40:98:51:45:bc:f0:a2:76:06:c4:
09:8e:52:a9:a3:e8:3a:66:ab:97:b5:f6:22:a0:ac:
71:fb:ef:65:d8:53:ea:08:af:78:4c:0c:70:66:72:
a2:fc:71:ed:3f:d6:1c:79:5f:b5:6e:ef:f2:43:58:
26:19:cb:05:fb:71:f7:3c:09:45:e8:e3:91:fb:dc:
12:75:a0:28:6f:87:77:e4:dd:c8:8d:5f:4f:23:b4:
d1:3c:10:66:b3:02:09:4f:e0:62:7d:bd:d5:23:fa:
06:fd:16:58:de:85:97:57:1a:f2:bc:c9:be:8d:cc:
95:b9:8a:91:9c:5f:49:42:cf:8f:41:ec:83:91:a4:
67:43:bb:05:e3:3e:44:5c:5b:7c:7e:c6:35:6e:44:
bb:a5:7d:48:42:a5:b0:b9:2b:7b:b7:52:b8:d7:e1:
d7:6d:1b:6e:39:34:4d:66:7e:56:52:3b:f4:69:17:
b2:21:43:6b:08:d3:c9:2c:a9:6a:4b:56:95:20:e7:
f6:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:4F:17:A3:F7:E9:53:0E:84:94:93:FD:08:1A:77:EE:65:5D:6E:F8
X509v3 Authority Key Identifier:
keyid:8C:DC:F2:6F:74:86:05:88:CA:C6:BA:E1:7F:99:DE:22:DB:C4:9A:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNzyb3SGBYjKxrrhf5neItvEmuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/nE8Xo_fpUw6ElJP9CBp37mVdbvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/d5b1a7-466d-471c-a70c-2fb25abfdc53/1/jNzyb3SGBYjKxrrhf5neItvEmuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.11.40.0/21
45.151.16.0/22
45.157.248.0/22
62.192.140.0/22
77.83.228.0/22
109.106.24.0/22
147.78.164.0/22
153.92.104.0/21
185.42.112.0/22
185.98.64.0/22
193.148.80.0/22
213.226.72.0/22
IPv6:
2a00:7aa0::/32
2a01:60e0::/32
2a09:26c0::/32
2a09:4380::/32
2a0a:7980::/32
2a0d:e6c0::/32
2a0f:d00::/32
Signature Algorithm: sha256WithRSAEncryption
68:be:25:d5:a0:2b:da:e4:21:08:1e:22:7a:8f:c3:d6:dd:fa:
d5:8f:e2:38:ae:62:f1:b6:f2:ee:15:08:e8:c9:5e:a1:6e:7a:
ad:01:28:62:a6:c7:ad:91:4a:82:cd:44:db:e8:e5:9e:a6:4e:
d0:06:f7:5c:5f:a0:cb:c5:aa:f7:94:c0:db:b8:e6:83:65:b7:
ca:37:f7:a0:d4:e9:85:a2:15:a3:c6:04:fc:ce:95:db:aa:cc:
82:98:cc:c1:b3:d7:61:07:12:ec:ae:b3:33:e3:dd:d3:6e:04:
56:ac:bf:ad:28:43:c0:6b:80:b7:9f:dd:56:14:24:af:51:37:
ab:07:e9:78:59:89:95:9e:f1:00:ab:56:d3:75:61:6d:eb:e6:
13:db:0d:aa:ef:1c:e8:52:c0:88:5f:26:66:6e:8d:34:9f:2f:
5e:00:39:27:07:3f:4a:80:da:c2:7a:44:a2:8c:a8:98:31:af:
6a:7f:90:7d:e9:a8:fd:df:cd:dd:25:7a:88:a9:06:a4:14:b2:
84:97:db:ca:6a:be:29:c2:59:89:c0:77:c8:e8:49:83:8e:7f:
00:52:4f:88:e8:b6:a8:dd:ca:a8:09:f3:52:c8:a2:ae:5c:15:
76:b4:4f:e5:31:18:5e:da:87:95:c8:49:30:2f:6a:2a:8b:d9:
b3:63:71:a7
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZdBtWrWLVH2TB25DiPutZkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjZGNmMjZmNzQ4NjA1ODhjYWM2YmFlMTdmOTlkZTIyZGJj
NDlhZTYwHhcNMjUwNjA1MjAwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzRmMTdhM2Y3ZTk1MzBlODQ5NDkzZmQwODFhNzdlZTY1NWQ2ZWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncDmeG1XN5fBJ+9bM9sQvy9xk9aI
I4xDJ1X1nhaK9YJ8s6OPGdES3BgFJIzjLkuZebU64A/G/kBblSsYHOpttkCYUUW8
8KJ2BsQJjlKpo+g6ZquXtfYioKxx++9l2FPqCK94TAxwZnKi/HHtP9YceV+1bu/y
Q1gmGcsF+3H3PAlF6OOR+9wSdaAob4d35N3IjV9PI7TRPBBmswIJT+Bifb3VI/oG
/RZY3oWXVxryvMm+jcyVuYqRnF9JQs+PQeyDkaRnQ7sF4z5EXFt8fsY1bkS7pX1I
QqWwuSt7t1K41+HXbRtuOTRNZn5WUjv0aReyIUNrCNPJLKlqS1aVIOf29QIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFJxPF6P36VMOhJST/Qgad+5lXW74MB8GA1UdIwQY
MBaAFIzc8m90hgWIysa64X+Z3iLbxJrmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMt
MmZiMjVhYmZkYzUzLzEvbkU4WG9fZnBVdzZFbEpQOUNCcDM3bVZkYnZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9kNWIxYTctNDY2ZC00NzFjLWE3MGMtMmZiMjVhYmZkYzUz
LzEvak56eWIzU0dCWWpLeHJyaGY1bmVJdHZFbXVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBOBAIAATBIAwQDHwso
AwQCLZcQAwQCLZ34AwQCPsCMAwQCTVPkAwQCbWoYAwQCk06kAwQDmVxoAwQCuSpw
AwQCuWJAAwQCwZRQAwQC1eJIMDcEAgACMDEDBQAqAHqgAwUAKgFg4AMFACoJJsAD
BQAqCUOAAwUAKgp5gAMFACoN5sADBQAqDw0AMA0GCSqGSIb3DQEBCwUAA4IBAQBo
viXVoCva5CEIHiJ6j8PW3frVj+I4rmLxtvLuFQjoyV6hbnqtAShipsetkUqCzUTb
6OWepk7QBvdcX6DLxar3lMDbuOaDZbfKN/eg1OmFohWjxgT8zpXbqsyCmMzBs9dh
BxLsrrMz493TbgRWrL+tKEPAa4C3n91WFCSvUTerB+l4WYmVnvEAq1bTdWFt6+YT
2w2q7xzoUsCIXyZmbo00ny9eADknBz9KgNrCekSijKiYMa9qf5B96aj9383dJXqI
qQakFLKEl9vKar4pwlmJwHfI6EmDjn8AUk+I6Lao3cqoCfNSyKKuXBV2tE/lMRhe
2oeVyEkwL2oqi9mzY3Gn
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:24:21 2025 by rpki-client