Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8m52WXmC6DqVDLH9lI-6WR69u6s.roa
File: 8m52WXmC6DqVDLH9lI-6WR69u6s.roa (raw, json)
Hash identifier: 0BZo5xqp89NE8ExAG9qblE2VcBVND0AxeF/zdrSRKa8=
Subject key identifier: F2:6E:76:59:79:82:E8:3A:95:0C:B1:FD:94:8F:BA:59:1E:BD:BB:AB
Certificate issuer: /CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Certificate serial: 0195F647699A039BC22D56CD89FC2683432E
Authority key identifier: 7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8m52WXmC6DqVDLH9lI-6WR69u6s.roa
Signing time: Wed 02 Apr 2025 11:33:49 +0000
ROA not before: Wed 02 Apr 2025 11:33:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39563
IP address blocks: 85.8.131.0/24 maxlen: 24
185.80.8.0/22 maxlen: 24
185.231.16.0/24 maxlen: 24
185.231.17.0/24 maxlen: 24
185.231.18.0/24 maxlen: 24
185.231.19.0/24 maxlen: 24
2a0c:3900::/29 maxlen: 36
2a0c:3900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f6:47:69:9a:03:9b:c2:2d:56:cd:89:fc:26:83:43:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e080bab55bf3473188c20c7366a6cb044c7195c
Validity
Not Before: Apr 2 11:33:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f26e76597982e83a950cb1fd948fba591ebdbbab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b4:e8:6d:9e:d7:c9:0f:6f:05:50:fb:97:a9:
d8:8d:66:ee:82:12:48:68:24:93:1f:c5:eb:71:06:
63:ba:80:71:1c:e7:1d:1d:df:ad:94:1e:8c:26:3f:
cc:60:68:9c:2d:c9:90:47:8d:45:42:30:88:d6:25:
f3:f3:73:27:3e:54:31:f9:74:31:8e:95:1c:9e:70:
da:b4:14:3b:88:7b:ef:5a:1a:80:f7:cc:e2:85:25:
2f:25:ee:46:f5:ee:0c:6b:65:a8:5d:9c:fd:0b:c0:
b3:c0:85:4c:46:aa:b8:a2:c8:f8:03:d9:5b:7b:e2:
3d:19:20:f5:35:da:6a:da:01:44:0c:ff:b2:69:55:
38:5c:cf:69:be:62:b9:b5:6d:53:2f:13:7a:7e:e4:
07:3e:c1:98:24:6c:3c:07:d6:b1:db:d1:05:25:d8:
0c:02:61:cb:11:fe:e6:34:1a:2c:b9:4c:32:89:40:
b3:58:23:70:2e:50:69:bc:9c:d6:ee:dc:e5:44:7d:
41:87:e3:f9:d9:8e:d0:05:0f:8d:7d:05:21:57:ac:
df:e8:99:e8:12:6a:00:e0:dd:df:0d:c5:4c:9c:5b:
00:aa:43:d9:0c:e4:4c:b6:a9:8a:da:a0:cb:69:46:
bf:e7:b1:18:ba:97:bc:22:64:3e:92:11:90:d6:24:
57:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:6E:76:59:79:82:E8:3A:95:0C:B1:FD:94:8F:BA:59:1E:BD:BB:AB
X509v3 Authority Key Identifier:
keyid:7E:08:0B:AB:55:BF:34:73:18:8C:20:C7:36:6A:6C:B0:44:C7:19:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fggLq1W_NHMYjCDHNmpssETHGVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/8m52WXmC6DqVDLH9lI-6WR69u6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fda8c9-6efa-4954-a5c3-630bd73ce267/1/fggLq1W_NHMYjCDHNmpssETHGVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.131.0/24
185.80.8.0/22
185.231.16.0/22
IPv6:
2a0c:3900::/29
Signature Algorithm: sha256WithRSAEncryption
42:6a:6f:5f:a4:36:b1:0f:29:1c:c0:42:85:a6:a2:18:83:29:
c5:48:e9:c3:6e:48:39:54:3a:34:0d:a0:70:f7:15:4b:07:31:
3d:6e:06:00:32:a0:9f:10:be:59:8f:b1:c1:71:f0:67:cb:60:
98:ba:c3:82:d2:2d:6b:2c:ba:0b:13:70:20:c1:4a:59:55:73:
b9:7a:59:d8:af:07:4d:39:b8:6e:e1:fd:30:2c:79:2f:72:1a:
a1:65:46:83:ce:e2:00:85:45:33:ec:2b:f7:1b:2a:6b:18:43:
b2:b7:92:0f:f9:8f:5c:2e:a9:28:e4:a3:7f:c8:0a:a6:e9:18:
32:c1:90:20:8e:fb:2d:50:54:f2:93:db:ba:ef:9e:25:62:91:
22:8c:d6:2a:3f:a3:11:af:71:b3:bd:35:02:c0:48:24:f2:50:
c6:80:23:81:95:5a:1f:99:26:dd:cf:f9:6f:c6:a1:8f:fb:1c:
04:77:11:c7:1b:52:8a:2a:47:c6:d8:6d:f9:2a:e2:93:68:1b:
b3:59:5c:e6:a2:49:e7:55:58:8b:87:36:54:a1:f5:3b:a5:03:
dc:bc:ab:f1:ab:c2:c2:ba:2d:ec:40:47:d0:be:b6:49:83:0e:
3e:3a:b6:63:01:bf:41:20:36:1d:b3:2d:e5:89:26:ac:63:7c:
c3:2f:60:ec
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZX2R2maA5vCLVbNifwmg0MuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMDgwYmFiNTViZjM0NzMxODhjMjBjNzM2NmE2Y2IwNDRj
NzE5NWMwHhcNMjUwNDAyMTEzMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjZlNzY1OTc5ODJlODNhOTUwY2IxZmQ5NDhmYmE1OTFlYmRiYmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprTobZ7XyQ9vBVD7l6nYjWbughJI
aCSTH8XrcQZjuoBxHOcdHd+tlB6MJj/MYGicLcmQR41FQjCI1iXz83MnPlQx+XQx
jpUcnnDatBQ7iHvvWhqA98zihSUvJe5G9e4Ma2WoXZz9C8CzwIVMRqq4osj4A9lb
e+I9GSD1Ndpq2gFEDP+yaVU4XM9pvmK5tW1TLxN6fuQHPsGYJGw8B9ax29EFJdgM
AmHLEf7mNBosuUwyiUCzWCNwLlBpvJzW7tzlRH1Bh+P52Y7QBQ+NfQUhV6zf6Jno
EmoA4N3fDcVMnFsAqkPZDORMtqmK2qDLaUa/57EYupe8ImQ+khGQ1iRXCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPJudll5gug6lQyx/ZSPulkevburMB8GA1UdIwQY
MBaAFH4IC6tVvzRzGIwgxzZqbLBExxlcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMt
NjMwYmQ3M2NlMjY3LzEvOG01MldYbUM2RHFWRExIOWxJLTZXUjY5dTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mZGE4YzktNmVmYS00OTU0LWE1YzMtNjMwYmQ3M2NlMjY3
LzEvZmdnTHExV19OSE1ZakNESE5tcHNzRVRIR1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAVQiDAwQC
uVAIAwQCuecQMA0EAgACMAcDBQMqDDkAMA0GCSqGSIb3DQEBCwUAA4IBAQBCam9f
pDaxDykcwEKFpqIYgynFSOnDbkg5VDo0DaBw9xVLBzE9bgYAMqCfEL5Zj7HBcfBn
y2CYusOC0i1rLLoLE3AgwUpZVXO5elnYrwdNObhu4f0wLHkvchqhZUaDzuIAhUUz
7Cv3GyprGEOyt5IP+Y9cLqko5KN/yAqm6RgywZAgjvstUFTyk9u6754lYpEijNYq
P6MRr3GzvTUCwEgk8lDGgCOBlVofmSbdz/lvxqGP+xwEdxHHG1KKKkfG2G35KuKT
aBuzWVzmoknnVViLhzZUofU7pQPcvKvxq8LCui3sQEfQvrZJgw4+OrZjAb9BIDYd
sy3liSasY3zDL2Ds
-----END CERTIFICATE-----
Generated at Wed Apr 23 07:26:42 2025 by rpki-client