Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/8ydd8JZX5EAnrnnw2HV2rHK_3p4.roa
File: 8ydd8JZX5EAnrnnw2HV2rHK_3p4.roa (raw, json)
Hash identifier: j4GR32txclZSQHedOrcHnmy9IerE3851xb5yxFpNcdg=
Subject key identifier: F3:27:5D:F0:96:57:E4:40:27:AE:79:F0:D8:75:76:AC:72:BF:DE:9E
Certificate issuer: /CN=4137b6daa20b5e061862b6fb99e236ac2c2e34f8
Certificate serial: 0198EB60C437C3DFAFDB0C3D8263FACCA712
Authority key identifier: 41:37:B6:DA:A2:0B:5E:06:18:62:B6:FB:99:E2:36:AC:2C:2E:34:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QTe22qILXgYYYrb7meI2rCwuNPg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/8ydd8JZX5EAnrnnw2HV2rHK_3p4.roa
Signing time: Wed 27 Aug 2025 11:54:04 +0000
ROA not before: Wed 27 Aug 2025 11:54:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51088
IP address blocks: 62.68.84.0/24 maxlen: 24
92.249.7.0/24 maxlen: 24
2a14:12c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/QTe22qILXgYYYrb7meI2rCwuNPg.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/QTe22qILXgYYYrb7meI2rCwuNPg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QTe22qILXgYYYrb7meI2rCwuNPg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 20:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:60:c4:37:c3:df:af:db:0c:3d:82:63:fa:cc:a7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4137b6daa20b5e061862b6fb99e236ac2c2e34f8
Validity
Not Before: Aug 27 11:54:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3275df09657e44027ae79f0d87576ac72bfde9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:79:86:51:83:46:64:e8:ac:4b:8d:91:31:
bc:cd:1a:65:6e:dd:0d:63:c9:35:58:04:4b:a2:93:
c7:72:f0:4a:02:b1:6d:42:1e:f3:88:4d:eb:60:46:
2c:c6:86:36:50:79:f9:74:0b:cb:d1:b4:bc:19:94:
4b:3d:93:ab:59:28:94:f0:3d:aa:30:88:65:1f:73:
f5:35:d9:a4:11:24:62:1d:53:da:a6:fe:91:b6:fc:
ad:b5:64:b1:2a:82:63:70:d3:66:fb:24:4e:c4:a6:
62:d5:28:e2:bc:21:b0:41:06:f7:9e:cb:9f:c4:e0:
8c:51:63:9e:47:68:cc:ac:97:bc:6a:e5:dd:9e:c1:
1c:a0:4a:e8:22:ec:ff:eb:cc:29:fc:60:9c:cc:c5:
3e:36:7e:20:d8:cb:1a:8b:7c:78:71:7e:5f:7f:60:
3a:9d:cd:45:d9:61:e6:d0:96:c4:b3:a0:a3:96:9c:
74:02:1c:12:55:8c:bf:0b:86:f4:75:d7:21:65:ea:
86:12:f9:ca:93:43:64:25:37:15:40:ed:55:ad:7e:
de:16:b2:5b:02:9b:1f:56:85:b0:6a:d6:e9:ed:55:
c1:c1:1d:2c:68:bd:02:e3:ca:06:56:ee:68:8f:6d:
b6:b7:c2:4d:1d:73:70:c8:97:94:d2:96:f2:8e:d1:
eb:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:27:5D:F0:96:57:E4:40:27:AE:79:F0:D8:75:76:AC:72:BF:DE:9E
X509v3 Authority Key Identifier:
keyid:41:37:B6:DA:A2:0B:5E:06:18:62:B6:FB:99:E2:36:AC:2C:2E:34:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QTe22qILXgYYYrb7meI2rCwuNPg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/8ydd8JZX5EAnrnnw2HV2rHK_3p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/03fd42-6589-46ba-a673-0b02a4732479/1/QTe22qILXgYYYrb7meI2rCwuNPg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.84.0/24
92.249.7.0/24
IPv6:
2a14:12c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:c6:0d:22:c8:77:fa:f5:2c:f4:8f:eb:f5:34:82:61:ae:ee:
bd:65:31:64:eb:ed:85:da:33:9b:73:2e:60:33:21:b0:bd:d4:
94:ca:ac:d0:61:de:0a:fa:5d:5f:1d:71:47:9d:6d:8c:d6:9b:
12:56:78:6a:94:8f:79:94:a7:d0:db:82:6b:33:68:c5:b0:14:
8d:78:b3:8b:ec:a5:8e:7d:36:6d:94:21:c6:9c:3d:1d:f4:72:
cb:8f:7f:6d:ef:c7:29:23:77:bf:e8:04:00:b6:9c:60:ff:49:
7e:bc:99:4b:a0:fd:15:6d:d4:bb:75:5f:8f:2f:0f:6f:2e:c5:
2d:86:bc:71:4a:f2:c2:e1:85:c2:9a:d6:50:4d:57:cc:07:ac:
71:80:e3:c6:1f:10:67:80:d3:c3:e3:19:4e:7b:be:78:47:74:
43:05:59:7c:4c:f2:2a:4c:c2:e2:a0:71:e5:c4:f2:bd:48:53:
a0:0d:f4:59:db:3b:f6:32:d6:75:78:91:2f:73:55:65:f6:de:
08:70:e9:7e:b2:e1:ca:a1:ab:02:3b:c5:e3:a1:16:5f:ce:3d:
ab:a3:0a:b3:b6:27:50:bd:e3:03:f3:b9:c8:0f:e1:f2:d1:0b:
e0:48:85:46:9a:8c:cb:ce:2d:21:ed:5c:a3:67:67:34:8f:ec:
62:f7:00:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZjrYMQ3w9+v2ww9gmP6zKcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMzdiNmRhYTIwYjVlMDYxODYyYjZmYjk5ZTIzNmFjMmMy
ZTM0ZjgwHhcNMjUwODI3MTE1NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzI3NWRmMDk2NTdlNDQwMjdhZTc5ZjBkODc1NzZhYzcyYmZkZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHp5hlGDRmTorEuNkTG8zRplbt0N
Y8k1WARLopPHcvBKArFtQh7ziE3rYEYsxoY2UHn5dAvL0bS8GZRLPZOrWSiU8D2q
MIhlH3P1NdmkESRiHVPapv6RtvyttWSxKoJjcNNm+yROxKZi1SjivCGwQQb3nsuf
xOCMUWOeR2jMrJe8auXdnsEcoEroIuz/68wp/GCczMU+Nn4g2Msai3x4cX5ff2A6
nc1F2WHm0JbEs6Cjlpx0AhwSVYy/C4b0ddchZeqGEvnKk0NkJTcVQO1VrX7eFrJb
ApsfVoWwatbp7VXBwR0saL0C48oGVu5oj222t8JNHXNwyJeU0pbyjtHrXwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPMnXfCWV+RAJ6558Nh1dqxyv96eMB8GA1UdIwQY
MBaAFEE3ttqiC14GGGK2+5niNqwsLjT4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVRlMjJxSUxYZ1lZWXJiN21lSTJyQ3d1TlBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8wM2ZkNDItNjU4OS00NmJhLWE2NzMt
MGIwMmE0NzMyNDc5LzEvOHlkZDhKWlg1RUFucm5udzJIVjJySEtfM3A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8wM2ZkNDItNjU4OS00NmJhLWE2NzMtMGIwMmE0NzMyNDc5
LzEvUVRlMjJxSUxYZ1lZWXJiN21lSTJyQ3d1TlBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPkRUAwQA
XPkHMA0EAgACMAcDBQAqFBLAMA0GCSqGSIb3DQEBCwUAA4IBAQCLxg0iyHf69Sz0
j+v1NIJhru69ZTFk6+2F2jObcy5gMyGwvdSUyqzQYd4K+l1fHXFHnW2M1psSVnhq
lI95lKfQ24JrM2jFsBSNeLOL7KWOfTZtlCHGnD0d9HLLj39t78cpI3e/6AQAtpxg
/0l+vJlLoP0VbdS7dV+PLw9vLsUthrxxSvLC4YXCmtZQTVfMB6xxgOPGHxBngNPD
4xlOe754R3RDBVl8TPIqTMLioHHlxPK9SFOgDfRZ2zv2MtZ1eJEvc1Vl9t4IcOl+
suHKoasCO8XjoRZfzj2rowqztidQveMD87nID+Hy0QvgSIVGmozLzi0h7VyjZ2c0
j+xi9wBk
-----END CERTIFICATE-----
Generated at Tue Sep 9 04:07:42 2025 by rpki-client