Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/89EQQCo6Tx4ACaGk_JyA4-a5SnA.roa
File: 89EQQCo6Tx4ACaGk_JyA4-a5SnA.roa (raw, json)
Hash identifier: DER2tNvuAXp0PR1aSNW92ooYvtdX7oI6GzQVCz2YBFM=
Subject key identifier: F3:D1:10:40:2A:3A:4F:1E:00:09:A1:A4:FC:9C:80:E3:E6:B9:4A:70
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 01971A6DD41B4FA44F9E4856E9679580E36B
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/89EQQCo6Tx4ACaGk_JyA4-a5SnA.roa
Signing time: Thu 29 May 2025 05:04:54 +0000
ROA not before: Thu 29 May 2025 05:04:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29600
IP address blocks: 80.70.16.0/20 maxlen: 20
80.70.19.0/24 maxlen: 24
80.70.28.0/24 maxlen: 24
80.70.29.0/24 maxlen: 24
83.136.136.0/21 maxlen: 21
83.136.136.0/24 maxlen: 24
85.15.192.0/18 maxlen: 18
85.15.193.0/24 maxlen: 24
95.131.112.0/21 maxlen: 21
95.131.116.0/23 maxlen: 23
2a01:a880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:6d:d4:1b:4f:a4:4f:9e:48:56:e9:67:95:80:e3:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: May 29 05:04:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3d110402a3a4f1e0009a1a4fc9c80e3e6b94a70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f5:05:d7:20:8d:86:40:28:4b:2a:04:1f:aa:
21:b8:2d:ea:35:96:0e:12:fc:67:16:35:22:5b:77:
35:95:a6:f4:8a:75:e9:46:37:9f:b3:6e:43:ad:76:
7f:d3:38:49:07:76:2e:ff:f7:fb:82:d6:45:aa:fb:
9f:86:53:4b:ed:ad:d5:5f:71:7f:1f:ab:8c:13:ab:
47:80:7a:d5:e5:b8:3c:92:4b:0b:9f:77:0f:12:57:
7d:15:a4:89:13:a5:b5:9a:fa:71:1a:70:93:79:20:
ef:f4:e5:71:ea:77:44:40:22:71:a6:4a:cc:0e:d7:
79:73:66:64:bb:9f:39:49:ea:7c:09:bd:b3:d2:20:
07:ab:68:28:c9:e8:ba:c7:14:36:d7:aa:ba:07:47:
89:2b:36:14:70:96:0e:fc:e6:93:18:6b:07:1e:43:
8c:a5:06:8f:65:5c:1e:ac:f9:48:70:54:97:92:45:
27:e6:11:92:98:ad:a0:b8:2b:2d:01:80:5b:be:5f:
15:7b:ea:5c:6e:20:5b:0f:42:be:f9:af:e4:bd:98:
02:12:84:15:77:48:fa:20:9c:95:f3:95:b3:df:fb:
fd:35:cc:72:af:66:21:b0:33:42:87:83:1c:5c:ea:
21:69:ad:f3:67:13:1c:fe:69:d9:b7:ee:a8:87:ae:
08:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D1:10:40:2A:3A:4F:1E:00:09:A1:A4:FC:9C:80:E3:E6:B9:4A:70
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/89EQQCo6Tx4ACaGk_JyA4-a5SnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.16.0/20
83.136.136.0/21
85.15.192.0/18
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
85:a5:03:d0:50:d8:11:45:b7:8e:74:eb:cf:c6:34:68:57:f9:
b7:24:50:09:fb:fd:5e:99:de:f0:73:e0:18:15:53:db:d0:88:
41:06:5d:61:56:dc:f9:7f:e6:14:2b:d0:94:e8:82:26:64:58:
b2:98:2f:3f:39:2a:d8:03:3e:ac:f1:db:1e:37:10:97:aa:2a:
0b:2a:8d:ae:73:68:cb:05:69:28:29:11:1f:3c:46:2c:37:8f:
41:4f:df:58:15:48:03:cb:a2:0c:72:b0:ff:21:5d:9b:5e:4d:
03:ed:3c:cc:26:42:71:4c:ae:d3:99:77:c2:3d:98:89:51:b9:
04:d6:63:56:85:7d:56:d8:32:32:87:74:fc:5d:55:2f:c8:f2:
a8:bd:8d:23:93:dc:07:85:b5:7d:f0:be:e8:24:79:b4:18:8e:
9e:d3:4a:ec:1f:78:0f:b0:d1:df:2e:cc:6c:bf:bd:9a:5d:37:
85:71:27:41:14:87:32:a1:bc:01:6d:c1:9e:98:80:d6:4c:0e:
c8:40:15:8c:b7:55:54:47:b7:a0:7f:f5:8f:7a:83:cb:61:00:
66:88:35:4b:9c:cf:f3:8b:e2:ce:1c:ce:30:0b:b5:d3:76:cb:
87:ab:16:75:11:0c:bc:6a:7e:b4:23:10:c2:4c:6d:fe:ac:25:
06:ee:6b:99
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZcabdQbT6RPnkhW6WeVgONrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTc1MjI1ZjM4NmNlOTgwMTE5ZjY5ODg0ZjliZTdjNmEy
YjNiMzMwHhcNMjUwNTI5MDUwNDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2QxMTA0MDJhM2E0ZjFlMDAwOWExYTRmYzljODBlM2U2Yjk0YTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfUF1yCNhkAoSyoEH6ohuC3qNZYO
EvxnFjUiW3c1lab0inXpRjefs25DrXZ/0zhJB3Yu//f7gtZFqvufhlNL7a3VX3F/
H6uME6tHgHrV5bg8kksLn3cPEld9FaSJE6W1mvpxGnCTeSDv9OVx6ndEQCJxpkrM
Dtd5c2Zku585Sep8Cb2z0iAHq2goyei6xxQ216q6B0eJKzYUcJYO/OaTGGsHHkOM
pQaPZVwerPlIcFSXkkUn5hGSmK2guCstAYBbvl8Ve+pcbiBbD0K++a/kvZgCEoQV
d0j6IJyV85Wz3/v9Ncxyr2YhsDNCh4McXOohaa3zZxMc/mnZt+6oh64ICQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPPREEAqOk8eAAmhpPycgOPmuUpwMB8GA1UdIwQY
MBaAFI8XUiXzhs6YARn2mIT5vnxqKzszMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjct
NjFiNzcyZDc1MWVjLzEvODlFUVFDbzZUeDRBQ2FHa19KeUE0LWE1U25BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi81ZWM3Y2EtYTQwMi00YzVkLWExYjctNjFiNzcyZDc1MWVj
LzEvanhkU0pmT0d6cGdCR2ZhWWhQbS1mR29yT3pNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUEYQAwQD
U4iIAwQGVQ/AAwQDX4NwMA0EAgACMAcDBQMqAaiAMA0GCSqGSIb3DQEBCwUAA4IB
AQCFpQPQUNgRRbeOdOvPxjRoV/m3JFAJ+/1emd7wc+AYFVPb0IhBBl1hVtz5f+YU
K9CU6IImZFiymC8/OSrYAz6s8dseNxCXqioLKo2uc2jLBWkoKREfPEYsN49BT99Y
FUgDy6IMcrD/IV2bXk0D7TzMJkJxTK7TmXfCPZiJUbkE1mNWhX1W2DIyh3T8XVUv
yPKovY0jk9wHhbV98L7oJHm0GI6e00rsH3gPsNHfLsxsv72aXTeFcSdBFIcyobwB
bcGemIDWTA7IQBWMt1VUR7egf/WPeoPLYQBmiDVLnM/zi+LOHM4wC7XTdsuHqxZ1
EQy8an60IxDCTG3+rCUG7muZ
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:29:07 2025 by rpki-client