Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/24DFS1EbVivunv88TCwEtc0Hyi8.roa
File: 24DFS1EbVivunv88TCwEtc0Hyi8.roa (raw, json)
Hash identifier: G7TO3FgoRUSEVfmJEPZO/Q/XwDSAf+gpKcZ9uwufmkM=
Subject key identifier: DB:80:C5:4B:51:1B:56:2B:EE:9E:FF:3C:4C:2C:04:B5:CD:07:CA:2F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0198EB5C3220924B18094AD782CA4FBC1C8D
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/24DFS1EbVivunv88TCwEtc0Hyi8.roa
Signing time: Wed 27 Aug 2025 11:49:04 +0000
ROA not before: Wed 27 Aug 2025 11:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 80.81.39.0/24 maxlen: 24
80.81.48.0/24 maxlen: 24
80.81.53.0/24 maxlen: 24
80.81.58.0/24 maxlen: 24
80.255.224.0/20 maxlen: 20
83.223.130.0/24 maxlen: 24
83.223.134.0/24 maxlen: 24
83.223.135.0/24 maxlen: 24
83.223.137.0/24 maxlen: 24
83.223.142.0/24 maxlen: 24
83.223.153.0/24 maxlen: 24
83.223.154.0/24 maxlen: 24
83.223.157.0/24 maxlen: 24
91.190.47.0/24 maxlen: 24
91.190.61.0/24 maxlen: 24
94.101.226.0/24 maxlen: 24
94.101.237.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.181.0/24 maxlen: 24
159.148.240.0/24 maxlen: 24
185.7.237.0/24 maxlen: 24
185.7.238.0/24 maxlen: 24
185.7.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:5c:32:20:92:4b:18:09:4a:d7:82:ca:4f:bc:1c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 27 11:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db80c54b511b562bee9eff3c4c2c04b5cd07ca2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:0c:6e:86:bc:2a:3b:0b:dc:6e:cd:f1:54:
7f:3a:45:cb:5d:51:3a:96:1b:4e:85:c7:5c:36:71:
72:13:0d:32:0e:b8:f7:04:05:c3:dd:22:9d:b4:7c:
52:63:71:73:1e:3d:3b:e2:42:45:1d:3f:ab:e6:8f:
f9:fd:fd:eb:f0:22:e8:62:7b:a8:e1:b1:b2:84:49:
4b:1d:52:fd:e7:5a:08:47:01:b1:3c:81:16:db:da:
d6:f0:2f:93:00:90:9c:12:63:0f:49:d0:89:b2:bd:
77:c7:7f:c5:5e:97:1f:7e:37:b2:9a:b1:14:74:72:
29:3d:95:e7:d7:01:0f:90:38:6c:fa:e3:5f:f8:d6:
c5:2a:32:ce:7c:34:11:d2:86:18:22:68:2f:5f:1e:
5e:46:09:9b:e2:5c:c6:da:f8:90:43:9d:60:2b:6a:
1d:68:be:29:2e:6f:b1:68:39:ef:2c:fd:b4:d2:ea:
02:25:26:6f:21:fc:9e:33:ad:8b:32:01:1f:58:d4:
53:a4:d7:01:5e:e3:d5:84:82:f9:f5:08:e0:7a:99:
ba:3f:05:32:0a:01:d2:cf:27:b1:29:c4:54:65:a0:
1c:cf:64:70:5a:7e:01:4e:12:e6:ea:07:b3:56:6e:
b4:c4:f1:31:87:58:e1:e9:64:ca:1d:10:a3:75:eb:
65:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:80:C5:4B:51:1B:56:2B:EE:9E:FF:3C:4C:2C:04:B5:CD:07:CA:2F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/24DFS1EbVivunv88TCwEtc0Hyi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.39.0/24
80.81.48.0/24
80.81.53.0/24
80.81.58.0/24
80.255.224.0/20
83.223.130.0/24
83.223.134.0/23
83.223.137.0/24
83.223.142.0/24
83.223.153.0-83.223.154.255
83.223.157.0/24
91.190.47.0/24
91.190.61.0/24
94.101.226.0/24
94.101.237.0/24
159.148.149.0/24
159.148.181.0/24
159.148.240.0/24
185.7.237.0-185.7.239.255
Signature Algorithm: sha256WithRSAEncryption
5b:65:11:d8:f7:f8:34:35:11:5d:d0:d6:d3:d9:73:ab:49:77:
70:f9:48:d5:0b:5a:ec:b6:0e:b6:5f:e8:e7:7a:82:e4:fe:e3:
9f:43:82:ec:80:26:ab:bd:b6:f2:2e:da:0f:82:fc:88:82:5d:
5d:71:31:87:8d:89:4f:62:00:52:01:b8:2c:ce:2f:6f:84:30:
cd:67:52:79:b0:a5:22:e8:85:ae:4f:a4:10:db:54:4c:cf:c1:
90:73:a3:66:0e:de:b2:a4:56:54:8b:0c:80:a3:57:9d:06:86:
b2:f0:e4:33:a3:db:e5:ec:eb:1c:78:df:cb:10:7e:42:f1:71:
c0:ba:39:d4:b2:7b:df:c0:b7:44:ac:0e:f4:88:9d:c6:d8:fd:
e4:af:48:1b:38:0f:80:5a:df:97:5e:18:ee:13:32:b0:87:80:
9d:d5:f2:ec:a4:e5:2a:02:f7:3a:03:5b:a5:55:79:15:9c:ee:
2d:0d:b7:62:ec:97:81:3b:c7:9f:db:43:e0:71:f5:1c:b0:48:
b8:55:bd:49:69:c1:e9:67:51:9c:d5:f7:55:83:e5:1a:4f:10:
a1:1b:69:22:af:de:12:ef:ea:9d:f0:eb:12:17:a7:35:c2:d0:
43:b6:7b:13:6d:9d:98:9c:0a:24:d6:e3:7f:50:d8:99:1e:71:
c4:25:45:fa
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZjrXDIgkksYCUrXgspPvByNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwODI3MTE0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgwYzU0YjUxMWI1NjJiZWU5ZWZmM2M0YzJjMDRiNWNkMDdjYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfkMboa8KjsL3G7N8VR/OkXLXVE6
lhtOhcdcNnFyEw0yDrj3BAXD3SKdtHxSY3FzHj074kJFHT+r5o/5/f3r8CLoYnuo
4bGyhElLHVL951oIRwGxPIEW29rW8C+TAJCcEmMPSdCJsr13x3/FXpcffjeymrEU
dHIpPZXn1wEPkDhs+uNf+NbFKjLOfDQR0oYYImgvXx5eRgmb4lzG2viQQ51gK2od
aL4pLm+xaDnvLP200uoCJSZvIfyeM62LMgEfWNRTpNcBXuPVhIL59Qjgepm6PwUy
CgHSzyexKcRUZaAcz2RwWn4BThLm6gezVm60xPExh1jh6WTKHRCjdetlQQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNuAxUtRG1Yr7p7/PEwsBLXNB8ovMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvMjRERlMxRWJWaXZ1bnY4OFRDd0V0YzBIeWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABQ
UScDBABQUTADBABQUTUDBABQUToDBARQ/+ADBABT34IDBAFT34YDBABT34kDBABT
344wDAMEAFPfmQMEAFPfmgMEAFPfnQMEAFu+LwMEAFu+PQMEAF5l4gMEAF5l7QME
AJ+UlQMEAJ+UtQMEAJ+U8DAMAwQAuQftAwQEuQfgMA0GCSqGSIb3DQEBCwUAA4IB
AQBbZRHY9/g0NRFd0NbT2XOrSXdw+UjVC1rstg62X+jneoLk/uOfQ4LsgCarvbby
LtoPgvyIgl1dcTGHjYlPYgBSAbgszi9vhDDNZ1J5sKUi6IWuT6QQ21RMz8GQc6Nm
Dt6ypFZUiwyAo1edBoay8OQzo9vl7OsceN/LEH5C8XHAujnUsnvfwLdErA70iJ3G
2P3kr0gbOA+AWt+XXhjuEzKwh4Cd1fLspOUqAvc6A1ulVXkVnO4tDbdi7JeBO8ef
20PgcfUcsEi4Vb1JacHpZ1Gc1fdVg+UaTxChG2kir94S7+qd8OsSF6c1wtBDtnsT
bZ2YnAok1uN/UNiZHnHEJUX6
-----END CERTIFICATE-----
Generated at Sat Sep 6 02:15:22 2025 by rpki-client