Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/y8-zYgb68sCKmok28fSORVZTV7k.roa
File: y8-zYgb68sCKmok28fSORVZTV7k.roa (raw, json)
Hash identifier: kb393sHwSxydXSQ1l80qzXOkKVqcGzDmY/nU6zerbuU=
Subject key identifier: CB:CF:B3:62:06:FA:F2:C0:8A:9A:89:36:F1:F4:8E:45:56:53:57:B9
Certificate issuer: /CN=e6301b17446b3ecb0817e400e982f72a6d801d31
Certificate serial: 019EB0B249B849F63E8EBB26026BBD95E614
Authority key identifier: E6:30:1B:17:44:6B:3E:CB:08:17:E4:00:E9:82:F7:2A:6D:80:1D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5jAbF0RrPssIF-QA6YL3Km2AHTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/y8-zYgb68sCKmok28fSORVZTV7k.roa
Signing time: Wed 10 Jun 2026 08:42:14 +0000
ROA not before: Wed 10 Jun 2026 08:42:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31736
IP address blocks: 45.8.240.0/22 maxlen: 22
2a0e:9e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/5jAbF0RrPssIF-QA6YL3Km2AHTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/5jAbF0RrPssIF-QA6YL3Km2AHTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/5jAbF0RrPssIF-QA6YL3Km2AHTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:b2:49:b8:49:f6:3e:8e:bb:26:02:6b:bd:95:e6:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6301b17446b3ecb0817e400e982f72a6d801d31
Validity
Not Before: Jun 10 08:42:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cbcfb36206faf2c08a9a8936f1f48e45565357b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8e:e7:cb:b7:fe:b4:0f:6d:c7:9a:5b:7e:4f:
1c:a5:22:55:40:63:31:00:fd:a1:a2:0e:95:51:e9:
98:44:5e:34:c7:62:f2:98:e6:ca:ba:46:57:b3:cb:
09:59:55:10:6e:64:7a:05:e9:8e:28:e7:94:4b:d9:
df:3f:52:e2:a3:65:2e:5c:bd:4c:0d:26:fb:b4:4c:
0d:28:43:67:68:b7:7d:49:76:37:07:aa:75:12:c1:
4b:0a:cb:43:95:7e:71:72:e7:98:55:75:2f:c1:bf:
b9:62:61:08:4f:a9:59:4d:91:8b:6e:6a:c9:87:35:
21:53:22:05:eb:82:0e:9d:ff:5c:f7:e4:12:2f:c8:
a2:34:2a:e4:2c:1f:e7:13:c3:df:0e:6d:91:f7:71:
3d:2b:d6:99:90:9d:25:da:b4:70:92:93:49:ab:fe:
33:0a:4f:ee:78:7a:6d:af:38:62:ea:c9:25:02:f3:
03:68:4d:d6:6a:de:10:14:dd:41:b3:e9:af:a6:8f:
92:6d:0a:ee:b3:85:f1:e8:89:46:2f:9e:47:15:6c:
52:63:76:bc:59:92:e8:cb:c5:63:a7:8c:6f:fa:85:
07:a4:b1:31:46:df:a8:e8:b8:b6:b2:cb:86:11:b0:
70:10:a1:b6:8f:59:70:53:d6:e7:2b:20:22:75:4b:
5f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:CF:B3:62:06:FA:F2:C0:8A:9A:89:36:F1:F4:8E:45:56:53:57:B9
X509v3 Authority Key Identifier:
keyid:E6:30:1B:17:44:6B:3E:CB:08:17:E4:00:E9:82:F7:2A:6D:80:1D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jAbF0RrPssIF-QA6YL3Km2AHTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/y8-zYgb68sCKmok28fSORVZTV7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/3d3b93-03d7-48af-9e96-d7203c56dfef/1/5jAbF0RrPssIF-QA6YL3Km2AHTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.240.0/22
IPv6:
2a0e:9e00::/29
Signature Algorithm: sha256WithRSAEncryption
13:42:12:bc:84:20:9f:c6:ff:17:2d:b1:c0:b1:8d:a6:60:4c:
02:4f:d9:55:51:8e:af:e7:6e:aa:45:70:f7:ed:c2:88:f2:98:
8e:ba:54:7f:d1:96:3a:9b:3c:85:bd:5a:6a:2a:93:ea:a5:49:
71:da:72:18:33:32:a8:17:6c:98:54:b0:6d:b3:86:f4:35:c9:
a1:24:dc:4d:8b:c8:02:4b:71:ba:35:6d:9e:0e:0d:57:bb:21:
59:8a:73:fc:81:0a:b8:50:99:7b:b8:ad:73:0e:e5:8b:d4:4f:
c5:25:cc:f9:a5:6c:8a:ea:a7:bc:5c:6c:f9:82:a6:e2:12:52:
9f:5a:ea:3f:cd:f9:a4:5a:4f:22:98:e0:6e:ec:a5:ab:84:18:
7d:ba:2d:a2:94:b6:35:68:6c:17:cd:82:ec:c0:75:00:fb:c7:
4a:28:75:4b:77:78:4d:7f:67:2b:08:78:22:10:ff:54:df:e8:
a1:c0:dd:da:9c:f5:47:3e:91:af:b4:55:96:cb:af:b1:1d:86:
38:8d:d3:de:62:62:21:06:11:b7:d0:31:a1:63:ec:a4:7c:69:
c7:fb:09:72:91:61:33:35:15:7e:a1:c8:f1:fc:2e:7c:f3:e5:
39:00:c0:82:3e:18:5e:64:c3:eb:40:f4:5b:94:4d:aa:a6:31:
c4:84:10:ca
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6wskm4SfY+jrsmAmu9leYUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzAxYjE3NDQ2YjNlY2IwODE3ZTQwMGU5ODJmNzJhNmQ4
MDFkMzEwHhcNMjYwNjEwMDg0MjE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmNmYjM2MjA2ZmFmMmMwOGE5YTg5MzZmMWY0OGU0NTU2NTM1N2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY7ny7f+tA9tx5pbfk8cpSJVQGMx
AP2hog6VUemYRF40x2LymObKukZXs8sJWVUQbmR6BemOKOeUS9nfP1Lio2UuXL1M
DSb7tEwNKENnaLd9SXY3B6p1EsFLCstDlX5xcueYVXUvwb+5YmEIT6lZTZGLbmrJ
hzUhUyIF64IOnf9c9+QSL8iiNCrkLB/nE8PfDm2R93E9K9aZkJ0l2rRwkpNJq/4z
Ck/ueHptrzhi6sklAvMDaE3Wat4QFN1Bs+mvpo+SbQrus4Xx6IlGL55HFWxSY3a8
WZLoy8Vjp4xv+oUHpLExRt+o6Li2ssuGEbBwEKG2j1lwU9bnKyAidUtf8wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMvPs2IG+vLAipqJNvH0jkVWU1e5MB8GA1UdIwQY
MBaAFOYwGxdEaz7LCBfkAOmC9yptgB0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpBYkYwUnJQc3NJRi1RQTZZTDNLbTJBSFRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy8zZDNiOTMtMDNkNy00OGFmLTllOTYt
ZDcyMDNjNTZkZmVmLzEveTgtellnYjY4c0NLbW9rMjhmU09SVlpUVjdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy8zZDNiOTMtMDNkNy00OGFmLTllOTYtZDcyMDNjNTZkZmVm
LzEvNWpBYkYwUnJQc3NJRi1RQTZZTDNLbTJBSFRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQjwMA0E
AgACMAcDBQMqDp4AMA0GCSqGSIb3DQEBCwUAA4IBAQATQhK8hCCfxv8XLbHAsY2m
YEwCT9lVUY6v526qRXD37cKI8piOulR/0ZY6mzyFvVpqKpPqpUlx2nIYMzKoF2yY
VLBts4b0NcmhJNxNi8gCS3G6NW2eDg1XuyFZinP8gQq4UJl7uK1zDuWL1E/FJcz5
pWyK6qe8XGz5gqbiElKfWuo/zfmkWk8imOBu7KWrhBh9ui2ilLY1aGwXzYLswHUA
+8dKKHVLd3hNf2crCHgiEP9U3+ihwN3anPVHPpGvtFWWy6+xHYY4jdPeYmIhBhG3
0DGhY+ykfGnH+wlykWEzNRV+ocjx/C588+U5AMCCPhheZMPrQPRblE2qpjHEhBDK
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:26:54 2026 by rpki-client