Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8PNxvaXHWjaqqOd0UDs-kmCGRAw.roa
File: 8PNxvaXHWjaqqOd0UDs-kmCGRAw.roa (raw, json)
Hash identifier: xvCpgcFj28AA6pfCtAffPPXzMOo7QkL18w9FefnEUpI=
Subject key identifier: F0:F3:71:BD:A5:C7:5A:36:AA:A8:E7:74:50:3B:3E:92:60:86:44:0C
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0198A8AC9A8A0613961AAC0B20FA5B926DCA
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8PNxvaXHWjaqqOd0UDs-kmCGRAw.roa
Signing time: Thu 14 Aug 2025 13:02:20 +0000
ROA not before: Thu 14 Aug 2025 13:02:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.86.16.0/21 maxlen: 21
89.39.242.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:ac:9a:8a:06:13:96:1a:ac:0b:20:fa:5b:92:6d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 14 13:02:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0f371bda5c75a36aaa8e774503b3e926086440c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e0:76:08:b0:5a:df:9b:76:0d:db:15:6e:ca:
e2:3a:73:19:48:38:dc:7c:97:c1:61:12:74:64:e6:
ef:53:51:d4:b0:4b:bb:30:f3:ce:18:29:fc:7e:6a:
8f:77:95:a7:fd:66:77:a0:88:b5:cd:f8:fe:2b:cd:
17:59:c6:0a:0b:d6:83:0f:43:a2:9e:80:16:ca:94:
ce:78:34:b3:33:22:b5:5a:d7:d1:9b:25:bd:1a:91:
74:6e:6f:e6:06:92:20:d3:c4:47:03:19:6d:8f:4e:
af:6b:ed:f7:16:3f:1e:d8:d5:a0:0c:0f:dd:a5:be:
ba:33:63:9c:0d:0c:0e:44:85:7e:d0:97:41:a2:76:
c2:62:ba:35:61:37:30:6d:1b:bf:fc:32:8e:97:f8:
38:d0:44:58:41:5b:25:03:2b:af:fc:92:e0:26:92:
28:a5:7f:48:d9:3e:7d:ac:cf:7e:50:33:c2:1c:77:
95:7c:f9:e0:8c:fc:c6:17:56:30:2c:6b:23:47:e6:
ae:34:f4:80:0e:8e:9e:2e:fa:10:4e:94:32:6f:88:
e3:99:aa:1f:ec:e2:8c:44:a3:a8:a8:fe:2d:6b:0e:
b0:66:1f:ee:b1:18:dc:ef:f6:95:32:6c:5a:01:b2:
a3:2e:03:64:7d:20:5d:df:86:0c:f3:26:02:f9:3c:
fb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F3:71:BD:A5:C7:5A:36:AA:A8:E7:74:50:3B:3E:92:60:86:44:0C
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/8PNxvaXHWjaqqOd0UDs-kmCGRAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.4.0/22
5.182.28.0/22
45.86.16.0/21
89.39.242.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
94.231.198.0/24
178.175.176.0/22
185.40.105.0/24
185.180.145.0/24
185.212.11.0/24
194.50.206.0/23
195.138.103.0-195.138.107.255
195.138.112.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
61:9a:3e:3b:07:d2:68:cf:c1:36:b6:22:60:17:3b:dd:7f:cf:
dc:87:e9:09:c5:6e:7e:3f:8b:2d:36:9d:fc:e3:4d:55:39:f7:
65:af:3f:52:d8:a4:62:a8:40:69:0c:06:e8:97:aa:8a:9c:bb:
ea:24:f7:22:04:04:44:55:6d:6a:f5:e3:69:fb:03:df:10:87:
ee:68:de:a2:c7:d0:ea:c3:ea:3d:5a:b1:21:ec:8e:a6:ea:3c:
ac:c9:75:a7:27:f9:6d:b0:e7:b7:1f:6e:b0:5d:db:e8:1a:fd:
eb:10:77:f0:ef:f0:6b:50:a5:ff:b8:6e:7a:7f:b3:91:0a:d4:
b9:bf:f8:6f:9c:79:5e:ec:3d:8f:db:84:2c:ad:92:a2:6d:fe:
69:12:50:d3:68:d4:6d:38:41:f1:50:03:d9:43:0b:7a:db:7b:
db:d7:5b:7e:68:ee:7d:44:92:77:6f:1a:4e:81:fc:28:a9:e2:
ac:39:05:f5:f0:74:0a:d6:22:c2:d5:c8:b2:10:ce:4a:55:7e:
8c:29:fd:fc:cb:c5:7c:31:fc:6b:7c:ba:af:97:19:c1:fe:57:
ec:a5:4e:61:aa:59:42:16:ca:0a:fd:96:e9:a6:30:9c:c1:4f:
52:0a:92:7b:a7:ed:87:85:0a:b6:fe:8e:fe:26:39:28:8c:36:
42:77:ad:3c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZiorJqKBhOWGqwLIPpbkm3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwODE0MTMwMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGYzNzFiZGE1Yzc1YTM2YWFhOGU3NzQ1MDNiM2U5MjYwODY0NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+B2CLBa35t2DdsVbsriOnMZSDjc
fJfBYRJ0ZObvU1HUsEu7MPPOGCn8fmqPd5Wn/WZ3oIi1zfj+K80XWcYKC9aDD0Oi
noAWypTOeDSzMyK1WtfRmyW9GpF0bm/mBpIg08RHAxltj06va+33Fj8e2NWgDA/d
pb66M2OcDQwORIV+0JdBonbCYro1YTcwbRu//DKOl/g40ERYQVslAyuv/JLgJpIo
pX9I2T59rM9+UDPCHHeVfPngjPzGF1YwLGsjR+auNPSADo6eLvoQTpQyb4jjmaof
7OKMRKOoqP4taw6wZh/usRjc7/aVMmxaAbKjLgNkfSBd34YM8yYC+Tz7+QIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFPDzcb2lx1o2qqjndFA7PpJghkQMMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvOFBOeHZhWEhXamFxcU9kMFVEcy1rbUNHUkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAgW0
BAMEAgW2HAMEAy1WEAMEAFkn8gMEAlvySAMEAVvyXgMEAFvyZwMEAF7nxgMEArKv
sAMEALkoaQMEALm0kQMEALnUCwMEAcIyzjAMAwQAw4pnAwQCw4poAwQAw4pwAwQA
w4p4MAwDBAHDinoDBAfDigADBALD2JwwDQYJKoZIhvcNAQELBQADggEBAGGaPjsH
0mjPwTa2ImAXO91/z9yH6QnFbn4/iy02nfzjTVU592WvP1LYpGKoQGkMBuiXqoqc
u+ok9yIEBERVbWr142n7A98Qh+5o3qLH0OrD6j1asSHsjqbqPKzJdacn+W2w57cf
brBd2+ga/esQd/Dv8GtQpf+4bnp/s5EK1Lm/+G+ceV7sPY/bhCytkqJt/mkSUNNo
1G04QfFQA9lDC3rbe9vXW35o7n1EkndvGk6B/Cip4qw5BfXwdArWIsLVyLIQzkpV
fowp/fzLxXwx/Gt8uq+XGcH+V+ylTmGqWUIWygr9lummMJzBT1IKknun7YeFCrb+
jv4mOSiMNkJ3rTw=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:44:16 2025 by rpki-client