Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/0YS8AQvr8ByNBG7KTwD6sIOGH8A.roa
File: 0YS8AQvr8ByNBG7KTwD6sIOGH8A.roa (raw, json)
Hash identifier: k8sO4Fn23jLZke1eiUIEXbtdN/A5BluF8j3tNYbaMCM=
Subject key identifier: D1:84:BC:01:0B:EB:F0:1C:8D:04:6E:CA:4F:00:FA:B0:83:86:1F:C0
Certificate issuer: /CN=8e3875a80ad233e9c28715988371f77eec3f620c
Certificate serial: 0196C9AF4A99CE51E10F99D5AE0D386CEA5C
Authority key identifier: 8E:38:75:A8:0A:D2:33:E9:C2:87:15:98:83:71:F7:7E:EC:3F:62:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jjh1qArSM-nChxWYg3H3fuw_Ygw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/0YS8AQvr8ByNBG7KTwD6sIOGH8A.roa
Signing time: Tue 13 May 2025 12:47:10 +0000
ROA not before: Tue 13 May 2025 12:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39120
IP address blocks: 5.56.8.0/22 maxlen: 22
5.56.12.0/22 maxlen: 22
5.83.120.0/22 maxlen: 22
5.83.124.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
45.80.172.0/23 maxlen: 23
45.90.232.0/22 maxlen: 22
78.138.32.0/22 maxlen: 24
78.138.32.0/24 maxlen: 24
78.138.33.0/24 maxlen: 24
78.138.35.0/24 maxlen: 24
83.229.8.0/22 maxlen: 22
89.21.192.0/23 maxlen: 23
89.21.194.0/23 maxlen: 23
89.21.196.0/23 maxlen: 23
89.21.198.0/23 maxlen: 23
89.21.200.0/21 maxlen: 21
89.21.208.0/20 maxlen: 20
91.214.72.0/22 maxlen: 22
93.88.96.0/20 maxlen: 20
94.101.48.0/22 maxlen: 22
94.101.52.0/22 maxlen: 22
94.101.56.0/22 maxlen: 22
94.101.60.0/22 maxlen: 22
185.9.208.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
185.104.124.0/22 maxlen: 22
185.105.92.0/22 maxlen: 22
185.105.104.0/22 maxlen: 22
185.105.128.0/22 maxlen: 22
185.105.212.0/22 maxlen: 22
185.195.8.0/22 maxlen: 22
185.217.228.0/22 maxlen: 22
195.60.190.0/23 maxlen: 23
213.167.232.0/21 maxlen: 21
217.28.68.0/22 maxlen: 22
2a01:9a80::/32 maxlen: 32
2a01:9a81::/32 maxlen: 32
2a01:9a82::/32 maxlen: 32
2a01:9a83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/jjh1qArSM-nChxWYg3H3fuw_Ygw.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/jjh1qArSM-nChxWYg3H3fuw_Ygw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jjh1qArSM-nChxWYg3H3fuw_Ygw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Jun 2025 06:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:af:4a:99:ce:51:e1:0f:99:d5:ae:0d:38:6c:ea:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e3875a80ad233e9c28715988371f77eec3f620c
Validity
Not Before: May 13 12:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d184bc010bebf01c8d046eca4f00fab083861fc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:6c:b6:79:62:38:5b:e3:38:b6:80:53:ee:
50:fa:13:2f:4c:0a:f5:83:c3:5c:4a:95:80:aa:90:
9a:d2:23:04:30:1e:06:41:71:f4:43:72:2a:69:41:
33:dc:98:40:05:f8:21:9a:76:e9:84:8f:d7:72:31:
68:3e:2a:b9:e0:01:25:da:e0:46:59:92:f4:6d:12:
b9:1e:ea:01:5e:e7:e6:f1:87:bd:1a:c5:2b:aa:c2:
de:ee:a2:e1:1f:a8:6c:db:4c:b4:d1:6e:24:84:01:
68:4f:e9:3e:72:8e:33:4b:7d:9f:bc:57:48:e0:a2:
e8:52:bd:d9:60:63:85:57:8b:da:e2:29:7b:7e:dd:
c3:27:54:f9:32:3c:c7:54:dc:4d:68:05:9a:d7:1f:
e5:b0:a7:3c:83:61:34:2f:23:b4:4f:69:c3:d4:49:
02:bd:0a:bd:b0:7a:af:e4:ee:db:f9:6c:6d:66:eb:
8b:55:56:05:ea:10:0f:a9:50:a0:32:b1:ad:e1:71:
52:48:a7:35:1d:51:dd:2e:de:aa:47:99:8e:17:3a:
55:09:3c:11:6e:f6:17:20:58:08:30:3b:f3:84:87:
f3:b0:35:a2:ab:e3:91:97:31:75:4f:3e:d2:c1:ce:
9e:da:22:07:65:f6:63:18:34:77:00:59:86:9c:ec:
01:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:84:BC:01:0B:EB:F0:1C:8D:04:6E:CA:4F:00:FA:B0:83:86:1F:C0
X509v3 Authority Key Identifier:
keyid:8E:38:75:A8:0A:D2:33:E9:C2:87:15:98:83:71:F7:7E:EC:3F:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jjh1qArSM-nChxWYg3H3fuw_Ygw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/0YS8AQvr8ByNBG7KTwD6sIOGH8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/866599-3fa0-4230-ba9a-19c4ff1877bb/1/jjh1qArSM-nChxWYg3H3fuw_Ygw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.8.0/21
5.83.120.0/21
31.7.144.0/20
45.80.172.0/23
45.90.232.0/22
78.138.32.0/22
83.229.8.0/22
89.21.192.0/19
91.214.72.0/22
93.88.96.0/20
94.101.48.0/20
185.9.208.0/22
185.29.248.0/22
185.104.124.0/22
185.105.92.0/22
185.105.104.0/22
185.105.128.0/22
185.105.212.0/22
185.195.8.0/22
185.217.228.0/22
195.60.190.0/23
213.167.232.0/21
217.28.68.0/22
IPv6:
2a01:9a80::/30
Signature Algorithm: sha256WithRSAEncryption
19:1f:0a:5b:34:e0:8b:f7:3d:8a:0a:d8:5c:52:79:a0:b0:9a:
68:6f:f0:bd:be:d2:35:86:67:92:e8:fa:c3:21:82:38:2e:a1:
dd:9b:b8:60:5b:23:69:6c:f3:99:9c:30:b6:d0:b3:a6:bd:35:
13:56:76:ab:b8:d7:99:41:a7:2f:2e:a6:fc:39:e6:82:c4:08:
5b:c8:45:9e:99:fb:ee:18:73:15:89:eb:01:26:0d:ec:e2:ed:
85:be:08:c6:32:39:1a:57:32:ea:1b:f7:5e:db:3b:c6:e2:91:
2b:e2:a7:66:6d:7f:73:2b:0c:42:11:12:47:96:9f:81:14:52:
f7:f5:14:e7:bd:95:eb:3f:36:c1:8e:0c:02:38:4a:a0:58:8e:
f2:f2:2a:b9:0d:81:e3:86:3d:40:97:d4:0a:41:fa:4d:80:26:
80:eb:d4:30:64:ab:76:02:ae:68:cb:f4:18:a0:d0:59:b7:d4:
35:0e:8b:c0:84:89:71:a3:d6:ee:b6:fc:20:c2:ee:7a:75:c8:
35:b9:64:78:14:69:34:74:15:7a:fe:97:b4:23:72:29:b4:9c:
1b:47:e1:c5:5b:f7:10:6e:44:48:fa:3b:d8:d5:18:49:f7:60:
98:f3:bc:c9:92:44:b0:c5:98:e2:ec:56:cb:c3:2a:9a:6a:fb:
03:68:e2:e0
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgISAZbJr0qZzlHhD5nVrg04bOpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMzg3NWE4MGFkMjMzZTljMjg3MTU5ODgzNzFmNzdlZWMz
ZjYyMGMwHhcNMjUwNTEzMTI0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg0YmMwMTBiZWJmMDFjOGQwNDZlY2E0ZjAwZmFiMDgzODYxZmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YlstnliOFvjOLaAU+5Q+hMvTAr1
g8NcSpWAqpCa0iMEMB4GQXH0Q3IqaUEz3JhABfghmnbphI/XcjFoPiq54AEl2uBG
WZL0bRK5HuoBXufm8Ye9GsUrqsLe7qLhH6hs20y00W4khAFoT+k+co4zS32fvFdI
4KLoUr3ZYGOFV4va4il7ft3DJ1T5MjzHVNxNaAWa1x/lsKc8g2E0LyO0T2nD1EkC
vQq9sHqv5O7b+WxtZuuLVVYF6hAPqVCgMrGt4XFSSKc1HVHdLt6qR5mOFzpVCTwR
bvYXIFgIMDvzhIfzsDWiq+ORlzF1Tz7Swc6e2iIHZfZjGDR3AFmGnOwBRwIDAQAB
o4ICoTCCAp0wHQYDVR0OBBYEFNGEvAEL6/AcjQRuyk8A+rCDhh/AMB8GA1UdIwQY
MBaAFI44dagK0jPpwocVmINx937sP2IMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvampoMXFBclNNLW5DaHhXWWczSDNmdXdfWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NjY1OTktM2ZhMC00MjMwLWJhOWEt
MTljNGZmMTg3N2JiLzEvMFlTOEFRdnI4QnlOQkc3S1R3RDZzSU9HSDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84NjY1OTktM2ZhMC00MjMwLWJhOWEtMTljNGZmMTg3N2Ji
LzEvampoMXFBclNNLW5DaHhXWWczSDNmdXdfWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG2BggrBgEFBQcBBwEB/wSBpjCBozCBkQQCAAEwgYoDBAMF
OAgDBAMFU3gDBAQfB5ADBAEtUKwDBAItWugDBAJOiiADBAJT5QgDBAVZFcADBAJb
1kgDBARdWGADBAReZTADBAK5CdADBAK5HfgDBAK5aHwDBAK5aVwDBAK5aWgDBAK5
aYADBAK5adQDBAK5wwgDBAK52eQDBAHDPL4DBAPVp+gDBALZHEQwDQQCAAIwBwMF
AioBmoAwDQYJKoZIhvcNAQELBQADggEBABkfCls04Iv3PYoK2FxSeaCwmmhv8L2+
0jWGZ5Lo+sMhgjguod2buGBbI2ls85mcMLbQs6a9NRNWdqu415lBpy8upvw55oLE
CFvIRZ6Z++4YcxWJ6wEmDezi7YW+CMYyORpXMuob917bO8bikSvip2Ztf3MrDEIR
EkeWn4EUUvf1FOe9les/NsGODAI4SqBYjvLyKrkNgeOGPUCX1ApB+k2AJoDr1DBk
q3YCrmjL9Big0Fm31DUOi8CEiXGj1u62/CDC7np1yDW5ZHgUaTR0FXr+l7Qjcim0
nBtH4cVb9xBuREj6O9jVGEn3YJjzvMmSRLDFmOLsVsvDKppq+wNo4uA=
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:07:49 2025 by rpki-client