Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8W2O_KuQnI7bIbuFhSLvQnEtuHw.roa
File: 8W2O_KuQnI7bIbuFhSLvQnEtuHw.roa (raw, json)
Hash identifier: psf57bAMDHh167XfAqBA7W5c0gogDEfaZtuJD0DtFGY=
Subject key identifier: F1:6D:8E:FC:AB:90:9C:8E:DB:21:BB:85:85:22:EF:42:71:2D:B8:7C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019905B734CF0C7FFDC94C60891D202B7FB1
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8W2O_KuQnI7bIbuFhSLvQnEtuHw.roa
Signing time: Mon 01 Sep 2025 14:38:36 +0000
ROA not before: Mon 01 Sep 2025 14:38:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.200.0/23 maxlen: 24
79.172.250.0/23 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:b7:34:cf:0c:7f:fd:c9:4c:60:89:1d:20:2b:7f:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Sep 1 14:38:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f16d8efcab909c8edb21bb858522ef42712db87c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:87:6c:c8:f0:fe:cd:83:79:0d:e6:3e:ed:c8:
05:53:f6:98:8b:96:3a:24:87:b2:7e:0b:47:c3:8f:
00:1a:5c:ee:c3:75:3f:38:af:ba:98:63:b8:ec:87:
81:ee:1c:12:80:0d:72:a1:e0:4f:3d:1a:08:10:ca:
0a:80:0e:86:68:0e:75:1b:19:ae:2d:6d:15:46:3f:
f8:48:a6:9f:06:05:6c:b6:54:2e:c2:04:fe:b1:0b:
35:46:94:97:ef:26:25:da:89:43:56:9f:62:c0:78:
0b:84:df:c7:76:0d:3c:1d:f0:e7:c9:a5:8d:47:d2:
06:e5:cc:ea:77:07:6d:80:9d:32:b1:ad:42:37:bd:
76:7e:20:7a:40:0d:0b:74:04:2d:3e:9f:8d:91:5d:
4b:dd:8c:d2:b5:dc:6a:17:d9:86:c1:61:7d:a2:26:
9d:e0:cb:2a:55:85:e7:56:fc:3c:21:67:c5:ea:24:
94:07:a5:b0:72:e1:f6:49:73:cf:c2:5d:02:4c:75:
80:a0:66:3d:ca:1b:05:49:f6:03:bf:5d:c5:9f:4b:
e2:5a:4f:47:ff:c6:91:c5:ca:a9:b9:ad:38:51:6b:
ea:67:6c:6b:a4:31:7b:22:5f:00:6d:6a:30:3d:bf:
2a:05:3a:6d:1c:fa:19:15:b4:4c:c6:4f:e4:fc:37:
9f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6D:8E:FC:AB:90:9C:8E:DB:21:BB:85:85:22:EF:42:71:2D:B8:7C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8W2O_KuQnI7bIbuFhSLvQnEtuHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.200.0/23
79.172.250.0/23
87.229.8.0/22
87.229.23.0/24
Signature Algorithm: sha256WithRSAEncryption
19:5c:b2:09:07:a3:cc:8c:d1:87:23:4f:68:c3:2b:e1:97:01:
9f:39:15:82:38:93:52:5f:e7:3c:93:bf:d2:85:d7:94:30:e7:
11:15:f7:7c:ca:75:48:1a:0d:4b:17:16:5c:94:e8:b3:6a:6e:
a3:0f:a4:a5:53:1b:3d:a4:5f:35:aa:ba:6f:97:0a:b4:63:0e:
8d:6f:36:07:53:eb:38:08:d6:b3:66:9a:29:38:b3:fd:64:99:
de:b7:1a:b2:a1:ad:29:fc:36:07:e2:21:82:87:ff:5f:1a:aa:
04:79:5d:a7:a5:31:c6:06:36:09:d8:4c:1b:f4:a8:37:2c:62:
14:88:29:7c:e9:f3:d1:12:c4:db:82:93:96:c4:e1:d3:ed:73:
ea:bf:ba:e8:75:4f:07:23:64:55:29:7b:4f:46:19:2c:9a:06:
b9:84:b7:8d:d4:60:51:99:84:7f:cf:47:f5:83:58:ff:2c:53:
56:de:e0:15:36:75:b8:36:f3:94:20:ef:7c:ca:4b:02:ea:71:
5c:41:c5:53:fc:c3:5c:75:d3:6e:48:bd:d1:c1:4f:2e:2d:67:
24:a6:b2:cd:64:a6:be:ea:7b:ed:fd:53:64:53:47:a3:95:80:
9e:95:78:da:c5:07:1c:fd:98:71:5e:28:d5:ac:ba:16:17:25:
22:42:5d:10
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkFtzTPDH/9yUxgiR0gK3+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwOTAxMTQzODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTZkOGVmY2FiOTA5YzhlZGIyMWJiODU4NTIyZWY0MjcxMmRiODdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IdsyPD+zYN5DeY+7cgFU/aYi5Y6
JIeyfgtHw48AGlzuw3U/OK+6mGO47IeB7hwSgA1yoeBPPRoIEMoKgA6GaA51Gxmu
LW0VRj/4SKafBgVstlQuwgT+sQs1RpSX7yYl2olDVp9iwHgLhN/Hdg08HfDnyaWN
R9IG5czqdwdtgJ0ysa1CN712fiB6QA0LdAQtPp+NkV1L3YzStdxqF9mGwWF9oiad
4MsqVYXnVvw8IWfF6iSUB6WwcuH2SXPPwl0CTHWAoGY9yhsFSfYDv13Fn0viWk9H
/8aRxcqpua04UWvqZ2xrpDF7Il8AbWowPb8qBTptHPoZFbRMxk/k/Def7wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPFtjvyrkJyO2yG7hYUi70JxLbh8MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvOFcyT19LdVFuSTdiSWJ1RmhTTHZRbkV0dUh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBT6zIAwQB
T6z6AwQCV+UIAwQAV+UXMA0GCSqGSIb3DQEBCwUAA4IBAQAZXLIJB6PMjNGHI09o
wyvhlwGfORWCOJNSX+c8k7/ShdeUMOcRFfd8ynVIGg1LFxZclOizam6jD6SlUxs9
pF81qrpvlwq0Yw6NbzYHU+s4CNazZpopOLP9ZJnetxqyoa0p/DYH4iGCh/9fGqoE
eV2npTHGBjYJ2Ewb9Kg3LGIUiCl86fPREsTbgpOWxOHT7XPqv7rodU8HI2RVKXtP
Rhksmga5hLeN1GBRmYR/z0f1g1j/LFNW3uAVNnW4NvOUIO98yksC6nFcQcVT/MNc
ddNuSL3RwU8uLWckprLNZKa+6nvt/VNkU0ejlYCelXjaxQcc/ZhxXijVrLoWFyUi
Ql0Q
-----END CERTIFICATE-----
Generated at Mon Sep 8 10:33:41 2025 by rpki-client