Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fB-kfRCLoM-ziEHur10mxLGjjNM.roa
File: fB-kfRCLoM-ziEHur10mxLGjjNM.roa (raw, json)
Hash identifier: wXaYWfaqjKUux+zLoyfb4bqTiKADSxyF9XGBSIIb2pk=
Subject key identifier: 7C:1F:A4:7D:10:8B:A0:CF:B3:88:41:EE:AF:5D:26:C4:B1:A3:8C:D3
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01989EAAFF5ABB3C6335C4EF886A3F118549
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fB-kfRCLoM-ziEHur10mxLGjjNM.roa
Signing time: Tue 12 Aug 2025 14:24:23 +0000
ROA not before: Tue 12 Aug 2025 14:24:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:aa:ff:5a:bb:3c:63:35:c4:ef:88:6a:3f:11:85:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 12 14:24:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c1fa47d108ba0cfb38841eeaf5d26c4b1a38cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:01:f0:0c:a5:98:ef:b2:f7:fb:70:bd:cf:
77:80:e0:30:6f:fd:ce:20:15:b6:c0:7c:5d:aa:74:
c6:26:13:0f:26:bb:e7:cb:9d:bd:3b:3e:54:d7:f3:
2f:75:7a:fa:4d:fd:d2:17:52:1b:19:59:54:c7:f3:
64:20:fa:9d:ab:c7:54:7f:b5:68:75:84:21:ff:13:
a7:bb:b4:2e:71:6a:bc:3b:ef:fe:47:81:39:0a:32:
c8:6b:65:18:2d:a5:3f:ac:68:50:4d:c9:3e:80:6e:
23:5e:a1:e1:d1:ad:6c:49:2b:af:30:b9:03:d6:4e:
11:24:78:6b:3a:2b:20:c7:ec:b0:e9:ef:a3:08:b1:
c2:13:2a:5c:9d:a1:a9:dd:0c:ac:34:58:e9:a6:97:
2a:e4:68:be:cd:47:3e:45:15:aa:ce:cd:22:13:fc:
ff:d3:67:ac:74:4b:55:c7:9d:5e:85:c6:71:13:83:
b6:74:86:f6:2d:a2:95:3b:bb:e1:8b:5d:15:9b:f5:
ca:56:db:89:18:2d:87:18:e9:d0:73:0c:51:9f:1b:
62:7f:9b:b8:66:ef:ab:6d:c1:cc:ba:aa:39:f8:0e:
ef:8b:36:3b:be:59:20:52:ff:01:ef:48:09:ad:a4:
d8:e2:16:35:0b:79:20:f4:83:ea:ce:e4:aa:b9:ec:
0b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1F:A4:7D:10:8B:A0:CF:B3:88:41:EE:AF:5D:26:C4:B1:A3:8C:D3
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/fB-kfRCLoM-ziEHur10mxLGjjNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
89.40.161.0/24
91.242.70.0/24
91.242.73.0-91.242.74.255
91.242.105.0/24
91.242.124.0/24
91.242.126.0/24
185.180.145.0/24
194.50.200.0/23
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:2d:9b:92:e6:c4:62:5e:df:ed:33:4c:a2:96:c6:d3:c6:35:
c6:63:e7:5e:b6:dd:88:34:92:92:f6:40:88:89:d0:36:45:fd:
58:1b:b0:4c:57:92:35:e2:b8:2f:ee:0f:38:3b:4f:36:6f:db:
c5:25:0d:94:b9:74:8e:a4:83:14:17:88:3f:9a:f2:34:9d:a6:
be:cd:8d:8f:db:f1:0a:de:7e:37:7c:ea:92:34:5b:f5:d3:d8:
d5:c1:f2:80:0a:d5:0e:bc:de:fe:ce:0d:76:6f:9c:b4:78:07:
ce:ff:76:5a:10:33:1e:cf:c5:62:a4:2e:66:1d:7f:fd:e4:67:
1a:77:8d:fb:c6:b7:35:98:0c:88:b4:41:96:0f:f1:52:d2:da:
b6:df:50:1f:b8:50:69:1b:c2:2f:eb:2f:ba:a3:e0:24:bc:39:
c4:8a:6b:c3:d5:81:ff:0b:84:f3:47:f3:73:ec:59:38:9d:d0:
ef:9a:24:3c:76:b1:ec:65:71:31:9a:8a:01:35:d6:d4:94:46:
f2:70:28:d1:cd:e8:88:82:b0:df:eb:23:28:3a:65:0d:96:04:
d6:fb:02:d8:6d:14:63:66:a2:c5:f4:3a:01:32:d1:64:33:2e:
02:c5:13:e3:bb:02:fa:9f:18:1e:54:f3:75:b5:94:a9:4d:18:
c0:ef:25:d2
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZieqv9auzxjNcTviGo/EYVJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwODEyMTQyNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFmYTQ3ZDEwOGJhMGNmYjM4ODQxZWVhZjVkMjZjNGIxYTM4Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AIB8AylmO+y9/twvc93gOAwb/3O
IBW2wHxdqnTGJhMPJrvny529Oz5U1/MvdXr6Tf3SF1IbGVlUx/NkIPqdq8dUf7Vo
dYQh/xOnu7QucWq8O+/+R4E5CjLIa2UYLaU/rGhQTck+gG4jXqHh0a1sSSuvMLkD
1k4RJHhrOisgx+yw6e+jCLHCEypcnaGp3QysNFjpppcq5Gi+zUc+RRWqzs0iE/z/
02esdEtVx51ehcZxE4O2dIb2LaKVO7vhi10Vm/XKVtuJGC2HGOnQcwxRnxtif5u4
Zu+rbcHMuqo5+A7vizY7vlkgUv8B70gJraTY4hY1C3kg9IPqzuSquewLXQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFHwfpH0Qi6DPs4hB7q9dJsSxo4zTMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvZkIta2ZSQ0xvTS16aUVIdXIxMG14TEdqak5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQCBbYcAwQA
LUN1AwQAWSihAwQAW/JGMAwDBABb8kkDBABb8koDBABb8mkDBABb8nwDBABb8n4D
BAC5tJEDBAHCMsgwDAMEAMOKZwMEAsOKaAMEAMOKbwMEAMOKcgMEAMOKeDANBgkq
hkiG9w0BAQsFAAOCAQEAOy2bkubEYl7f7TNMopbG08Y1xmPnXrbdiDSSkvZAiInQ
NkX9WBuwTFeSNeK4L+4PODtPNm/bxSUNlLl0jqSDFBeIP5ryNJ2mvs2Nj9vxCt5+
N3zqkjRb9dPY1cHygArVDrze/s4Ndm+ctHgHzv92WhAzHs/FYqQuZh1//eRnGneN
+8a3NZgMiLRBlg/xUtLatt9QH7hQaRvCL+svuqPgJLw5xIprw9WB/wuE80fzc+xZ
OJ3Q75okPHax7GVxMZqKATXW1JRG8nAo0c3oiIKw3+sjKDplDZYE1vsC2G0UY2ai
xfQ6ATLRZDMuAsUT47sC+p8YHlTzdbWUqU0YwO8l0g==
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:42:49 2025 by rpki-client