Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/S5aHdm30TryFtG2jDVy3wkSOz2Q.roa
File: S5aHdm30TryFtG2jDVy3wkSOz2Q.roa (raw, json)
Hash identifier: gGROgcge0wvbKabdkDSLw/YtICixKaiQd0Hk++1c5Is=
Subject key identifier: 4B:96:87:76:6D:F4:4E:BC:85:B4:6D:A3:0D:5C:B7:C2:44:8E:CF:64
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0196B471FA93FB4E399350D1E6A7F7A21169
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/S5aHdm30TryFtG2jDVy3wkSOz2Q.roa
Signing time: Fri 09 May 2025 09:48:10 +0000
ROA not before: Fri 09 May 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 82.140.187.0/24 maxlen: 24
82.140.188.0/24 maxlen: 24
84.46.131.0/24 maxlen: 24
84.46.145.0/24 maxlen: 24
86.38.98.0/24 maxlen: 24
86.38.100.0/24 maxlen: 24
86.38.102.0/24 maxlen: 24
86.38.103.0/24 maxlen: 24
86.38.104.0/24 maxlen: 24
217.9.244.0/24 maxlen: 24
217.9.245.0/24 maxlen: 24
217.9.247.0/24 maxlen: 24
217.9.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b4:71:fa:93:fb:4e:39:93:50:d1:e6:a7:f7:a2:11:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: May 9 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b9687766df44ebc85b46da30d5cb7c2448ecf64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9f:5d:ba:ca:5e:07:63:ea:d7:b2:fc:d7:af:
52:8e:15:75:f3:e7:00:ea:52:46:97:02:ef:81:6c:
3c:1c:cf:a6:a4:e0:d0:81:df:81:29:ea:51:af:00:
23:45:fb:2f:60:fa:67:b6:0a:ef:6e:22:17:9a:5f:
8b:da:15:7f:a7:18:f3:83:f4:71:22:a8:02:3b:90:
17:f9:a1:9c:d2:83:4d:ff:21:8d:6f:3d:0f:19:2b:
66:bb:2f:da:03:ec:4a:48:f5:f4:f6:34:31:b0:31:
76:96:93:27:9e:8a:bc:01:6f:da:bc:80:2d:4b:5b:
df:78:99:d0:e1:54:b2:32:0d:8b:4a:bf:e8:26:7e:
df:3a:dc:6e:a9:3d:bd:44:32:39:f0:10:b8:1d:fa:
32:d4:66:d0:b1:46:4d:49:c0:7b:36:c6:d4:0b:34:
da:7d:f3:f9:cd:03:ad:56:ec:e8:d1:0d:e9:54:02:
a3:e7:8a:6d:30:02:9d:4a:7d:5d:93:20:4c:67:2d:
be:96:6d:57:26:e6:f7:59:30:87:4b:88:d1:63:f7:
83:78:c9:d0:57:7b:71:18:ed:cb:47:e0:0e:6e:eb:
10:11:5c:71:3a:53:b9:1e:63:f9:74:5f:a5:57:f0:
ca:32:7b:73:74:62:31:9b:fa:27:c3:f9:33:be:d4:
7a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:96:87:76:6D:F4:4E:BC:85:B4:6D:A3:0D:5C:B7:C2:44:8E:CF:64
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/S5aHdm30TryFtG2jDVy3wkSOz2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.187.0-82.140.188.255
84.46.131.0/24
84.46.145.0/24
86.38.98.0/24
86.38.100.0/24
86.38.102.0-86.38.104.255
217.9.244.0/23
217.9.247.0/24
217.9.250.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ae:d8:6f:0e:6f:e0:5d:d5:08:1b:62:32:46:ed:2d:83:d2:
30:c8:1f:3e:ff:0e:bd:14:37:59:0e:49:f8:c1:26:ac:04:d8:
d2:cd:d8:f4:0a:23:3f:5c:ef:cf:8d:39:8e:6b:84:e4:df:5b:
99:94:03:a7:68:7d:b8:28:a8:f8:a7:69:e6:b9:50:ea:87:09:
08:eb:67:0d:01:a0:90:c7:79:87:58:00:32:dc:d0:09:01:36:
5b:a3:c6:87:9d:49:11:dc:86:20:23:11:0c:6d:b9:07:a4:cd:
66:c5:f0:5a:70:44:b2:7d:b9:db:19:6f:b8:2d:98:28:75:dc:
38:c2:0a:ac:a6:47:24:9e:eb:07:d6:fe:11:1d:ec:23:1e:6c:
a2:22:68:4a:33:59:4c:76:df:c2:e2:37:f9:f8:e0:a6:56:96:
55:d8:38:cf:e8:60:1f:38:79:fd:c8:66:bb:1a:ab:de:f3:1e:
b3:dd:c8:4d:50:13:b7:64:13:82:28:a5:9a:e8:e8:33:e4:43:
a7:f2:9d:bf:e1:33:fd:71:ee:23:79:7f:af:5b:53:33:cb:3c:
bd:a8:f3:e5:85:14:01:b9:be:1a:24:b4:cb:f3:5f:83:7b:70:
c4:bf:25:6b:86:6a:f7:17:b0:5f:88:f0:3a:1d:b3:4b:78:11:
a6:78:d1:a4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZa0cfqT+045k1DR5qf3ohFpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjUwNTA5MDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk2ODc3NjZkZjQ0ZWJjODViNDZkYTMwZDVjYjdjMjQ0OGVjZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAup9duspeB2Pq17L8169SjhV18+cA
6lJGlwLvgWw8HM+mpODQgd+BKepRrwAjRfsvYPpntgrvbiIXml+L2hV/pxjzg/Rx
IqgCO5AX+aGc0oNN/yGNbz0PGStmuy/aA+xKSPX09jQxsDF2lpMnnoq8AW/avIAt
S1vfeJnQ4VSyMg2LSr/oJn7fOtxuqT29RDI58BC4Hfoy1GbQsUZNScB7NsbUCzTa
ffP5zQOtVuzo0Q3pVAKj54ptMAKdSn1dkyBMZy2+lm1XJub3WTCHS4jRY/eDeMnQ
V3txGO3LR+AObusQEVxxOlO5HmP5dF+lV/DKMntzdGIxm/onw/kzvtR65wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEuWh3Zt9E68hbRtow1ct8JEjs9kMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvUzVhSGRtMzBUcnlGdEcyakRWeTN3a1NPejJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBABSjLsD
BABSjLwDBABULoMDBABULpEDBABWJmIDBABWJmQwDAMEAVYmZgMEAFYmaAMEAdkJ
9AMEANkJ9wMEANkJ+jANBgkqhkiG9w0BAQsFAAOCAQEAT67Ybw5v4F3VCBtiMkbt
LYPSMMgfPv8OvRQ3WQ5J+MEmrATY0s3Y9AojP1zvz405jmuE5N9bmZQDp2h9uCio
+Kdp5rlQ6ocJCOtnDQGgkMd5h1gAMtzQCQE2W6PGh51JEdyGICMRDG25B6TNZsXw
WnBEsn252xlvuC2YKHXcOMIKrKZHJJ7rB9b+ER3sIx5soiJoSjNZTHbfwuI3+fjg
plaWVdg4z+hgHzh5/chmuxqr3vMes93ITVATt2QTgiilmujoM+RDp/Kdv+Ez/XHu
I3l/r1tTM8s8vajz5YUUAbm+GiS0y/Nfg3twxL8la4Zq9xewX4jwOh2zS3gRpnjR
pA==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:22:05 2025 by rpki-client