Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xoROdYabXJbzgPbusnDc8Pkps2c.roa
File: xoROdYabXJbzgPbusnDc8Pkps2c.roa (raw, json)
Hash identifier: e/hKt2lY3Z1DpjfDA2tgR/KGIic+n2LgW1eqaF+tN7s=
Subject key identifier: C6:84:4E:75:86:9B:5C:96:F3:80:F6:EE:B2:70:DC:F0:F9:29:B3:67
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01973BAFB13893436997719F24C8141F364B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xoROdYabXJbzgPbusnDc8Pkps2c.roa
Signing time: Wed 04 Jun 2025 16:04:19 +0000
ROA not before: Wed 04 Jun 2025 16:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
89.213.50.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:af:b1:38:93:43:69:97:71:9f:24:c8:14:1f:36:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 4 16:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6844e75869b5c96f380f6eeb270dcf0f929b367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:be:e5:39:3f:c7:77:17:2f:67:e6:5f:e3:82:
43:15:59:2a:13:87:2d:78:c4:43:ce:46:94:86:08:
dd:97:a9:d1:19:96:34:df:ae:e0:14:09:fe:98:51:
f8:72:c1:a1:ab:0e:47:76:b4:e2:6b:16:5b:4b:c4:
5e:7e:f7:d0:e0:67:25:10:5e:1b:73:cb:c6:59:ef:
50:87:49:f5:ce:c6:32:80:40:5d:2a:48:f8:4b:f3:
12:66:d0:60:86:95:46:56:1a:bb:42:8c:6e:05:a8:
80:29:e9:95:b3:00:d5:b9:cf:65:c5:24:ac:0a:77:
76:8e:3c:80:96:69:ab:12:87:8a:43:64:96:a5:ac:
cc:db:0e:13:5c:51:cb:3e:8c:1d:f7:7e:b5:09:03:
d0:08:c6:cc:3f:5f:db:68:dd:29:d7:a2:41:a5:93:
ed:1e:0d:66:4c:9f:4e:68:77:d4:14:67:33:e6:4f:
10:97:9d:55:57:88:9f:2e:c4:da:bc:04:a1:b9:da:
d2:67:e8:f5:27:54:9a:48:86:37:5d:77:86:88:fb:
34:01:06:ad:97:fb:da:a9:f6:53:8c:6a:98:cf:8c:
c3:88:ae:9c:26:13:50:8f:62:c8:ab:46:4f:f0:39:
7c:aa:9f:cc:2b:dc:27:2d:d3:b6:fb:b2:67:d7:6d:
fe:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:84:4E:75:86:9B:5C:96:F3:80:F6:EE:B2:70:DC:F0:F9:29:B3:67
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xoROdYabXJbzgPbusnDc8Pkps2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.98.0/24
82.153.205.0/24
82.153.217.0/24
89.213.50.0/24
109.176.244.0/24
212.38.79.0/24
213.210.54.0/24
213.218.234.0/24
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
53:c5:b7:44:61:1a:51:af:66:21:09:a7:9c:c5:9f:c8:b5:fc:
c1:c1:fc:c7:13:e3:ed:2a:3c:54:08:f4:ae:67:59:df:e6:e1:
23:07:9f:05:b4:a5:5e:30:56:6b:5a:57:e8:fc:8b:d5:87:c8:
35:8e:93:95:4a:90:24:bd:1f:c8:20:b7:61:30:24:91:4c:b2:
29:c6:27:3a:16:0a:8c:41:a2:df:ca:b2:9a:0d:a2:0c:69:4f:
19:7d:93:18:d5:fc:60:4e:66:91:92:ca:b8:6d:2b:f0:ce:a3:
de:18:ad:df:da:ae:2c:bf:86:d3:71:1b:91:10:7e:15:44:66:
35:ca:2f:ad:67:f9:8c:a5:9c:46:9e:a6:67:e1:82:6e:90:3e:
82:0b:69:79:bd:f6:0f:37:7d:fe:c1:27:63:8d:1b:50:90:7e:
a7:f7:89:d7:28:04:ae:bf:71:10:dd:6b:35:d0:74:b1:dc:a5:
9f:0d:ea:a6:da:49:68:43:2a:f0:09:a5:00:45:c5:0c:81:60:
77:4c:ea:d6:fb:31:84:13:4b:1f:ea:ba:c6:23:8c:bd:f1:4b:
61:d2:bd:8e:61:38:3e:82:de:10:d9:95:18:19:d2:39:9d:50:
5b:a8:b5:39:70:76:04:2e:86:94:68:2f:61:a4:72:7b:6e:8b:
91:49:dc:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZc7r7E4k0Npl3GfJMgUHzZLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjA0MTYwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg0NGU3NTg2OWI1Yzk2ZjM4MGY2ZWViMjcwZGNmMGY5MjliMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb7lOT/HdxcvZ+Zf44JDFVkqE4ct
eMRDzkaUhgjdl6nRGZY0367gFAn+mFH4csGhqw5HdrTiaxZbS8RefvfQ4GclEF4b
c8vGWe9Qh0n1zsYygEBdKkj4S/MSZtBghpVGVhq7QoxuBaiAKemVswDVuc9lxSSs
Cnd2jjyAlmmrEoeKQ2SWpazM2w4TXFHLPowd9361CQPQCMbMP1/baN0p16JBpZPt
Hg1mTJ9OaHfUFGcz5k8Ql51VV4ifLsTavAShudrSZ+j1J1SaSIY3XXeGiPs0AQat
l/vaqfZTjGqYz4zDiK6cJhNQj2LIq0ZP8Dl8qp/MK9wnLdO2+7Jn123+ywIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMaETnWGm1yW84D27rJw3PD5KbNnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveG9ST2RZYWJYSmJ6Z1BidXNuRGM4UGtwczJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUpgIAwQA
UphiAwQAUpnNAwQAUpnZAwQAWdUyAwQAbbD0AwQA1CZPAwQA1dI2AwQA1drqAwQA
1druMA0GCSqGSIb3DQEBCwUAA4IBAQBTxbdEYRpRr2YhCaecxZ/ItfzBwfzHE+Pt
KjxUCPSuZ1nf5uEjB58FtKVeMFZrWlfo/IvVh8g1jpOVSpAkvR/IILdhMCSRTLIp
xic6FgqMQaLfyrKaDaIMaU8ZfZMY1fxgTmaRksq4bSvwzqPeGK3f2q4sv4bTcRuR
EH4VRGY1yi+tZ/mMpZxGnqZn4YJukD6CC2l5vfYPN33+wSdjjRtQkH6n94nXKASu
v3EQ3Ws10HSx3KWfDeqm2kloQyrwCaUARcUMgWB3TOrW+zGEE0sf6rrGI4y98Uth
0r2OYTg+gt4Q2ZUYGdI5nVBbqLU5cHYELoaUaC9hpHJ7bouRSdz7
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:00:56 2025 by rpki-client