Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/is8dVp921DPXYcHh7pDsTzSoJ-w.roa
File: is8dVp921DPXYcHh7pDsTzSoJ-w.roa (raw, json)
Hash identifier: KpgLLvtSu7nnsU0hZtCzNXV6HCNEWA+tBN4AkkMJjo0=
Subject key identifier: 8A:CF:1D:56:9F:76:D4:33:D7:61:C1:E1:EE:90:EC:4F:34:A8:27:EC
Certificate issuer: /CN=e760126dce78bc16e66c2e6e7635848ac46846af
Certificate serial: 019A071673F74D732FE0BF64B52AFA474520
Authority key identifier: E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/is8dVp921DPXYcHh7pDsTzSoJ-w.roa
Signing time: Tue 21 Oct 2025 14:05:03 +0000
ROA not before: Tue 21 Oct 2025 14:05:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 146.247.104.0/24 maxlen: 24
146.247.107.0/24 maxlen: 24
146.247.111.0/24 maxlen: 24
146.247.115.0/24 maxlen: 24
146.247.116.0/24 maxlen: 24
146.247.117.0/24 maxlen: 24
146.247.118.0/23 maxlen: 23
146.247.118.0/24 maxlen: 24
146.247.119.0/24 maxlen: 24
146.247.120.0/24 maxlen: 24
146.247.122.0/24 maxlen: 24
146.247.126.0/24 maxlen: 24
146.247.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:16:73:f7:4d:73:2f:e0:bf:64:b5:2a:fa:47:45:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e760126dce78bc16e66c2e6e7635848ac46846af
Validity
Not Before: Oct 21 14:05:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8acf1d569f76d433d761c1e1ee90ec4f34a827ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:9b:99:b5:b5:d2:2a:33:1f:98:a5:3f:fc:
bf:e6:db:3c:4d:3a:33:f8:3d:0b:67:b0:8c:ec:9d:
e2:64:ce:99:b3:b5:91:af:b1:bd:df:68:53:df:a5:
2c:81:8d:32:31:7d:27:e5:e7:45:b4:6f:00:17:11:
52:9b:98:11:ba:bb:08:b5:d4:69:1e:a6:31:d8:05:
56:a5:bf:6a:84:9e:32:c8:6d:f4:ce:1d:8b:9f:57:
50:03:3e:2c:38:b4:52:5b:e4:ff:bd:f2:b4:e0:3c:
36:3c:38:6f:76:fc:99:a0:8f:66:f1:bf:f5:fa:cc:
77:c0:62:e6:ac:17:7a:5b:3f:d7:88:b5:88:61:ff:
ad:6d:d1:b9:53:11:c3:68:65:d8:5e:01:70:9a:4f:
41:ca:03:56:d6:33:ea:27:70:21:7b:e8:17:6d:3e:
e3:70:a5:d5:f0:95:2c:32:56:41:89:a8:7d:85:76:
3b:77:4b:30:e4:67:1d:fa:28:55:fa:75:76:7e:bb:
10:eb:dd:90:8d:c3:b5:c6:68:4c:f5:e7:ab:73:83:
80:5a:d5:9d:c9:bf:9e:73:82:69:c7:8d:4c:e7:1e:
3c:36:73:da:d6:05:ca:ff:35:46:6b:84:22:1b:04:
cc:ab:0b:77:ce:21:b2:27:2e:e4:ce:4a:06:25:df:
9a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CF:1D:56:9F:76:D4:33:D7:61:C1:E1:EE:90:EC:4F:34:A8:27:EC
X509v3 Authority Key Identifier:
keyid:E7:60:12:6D:CE:78:BC:16:E6:6C:2E:6E:76:35:84:8A:C4:68:46:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52ASbc54vBbmbC5udjWEisRoRq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/is8dVp921DPXYcHh7pDsTzSoJ-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/488f61-2f00-4639-97b8-d24f562dedd2/1/52ASbc54vBbmbC5udjWEisRoRq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.104.0/24
146.247.107.0/24
146.247.111.0/24
146.247.115.0-146.247.120.255
146.247.122.0/24
146.247.126.0/23
Signature Algorithm: sha256WithRSAEncryption
36:cc:b7:a4:70:40:c4:6b:2b:56:8a:63:43:b0:61:b4:05:c1:
3e:e7:eb:45:60:cb:5d:44:3d:a1:35:ff:14:ed:18:13:d9:e5:
b8:01:c2:93:72:84:58:c1:f4:4c:3b:78:10:4d:4d:2f:8d:40:
46:d1:01:ba:75:91:2c:f8:0d:b3:e2:e9:18:7f:37:67:b6:48:
c4:bf:44:02:4e:f6:96:33:92:c7:fe:dc:f0:33:92:cb:82:d5:
ba:6d:5a:b9:8f:f5:f2:c6:33:af:45:77:89:b9:f6:75:b7:6d:
3c:1e:41:00:83:b3:60:12:79:7c:59:5b:9e:d6:5a:c8:49:8b:
ed:59:d1:21:ca:8e:36:9c:7d:e6:44:01:bf:63:82:bf:55:a3:
0e:38:58:ad:36:95:7b:87:5d:6b:81:1d:e7:64:d5:df:14:65:
a9:a2:d6:e4:56:0c:69:d4:b2:54:46:71:2d:55:ab:d8:fe:6e:
01:c1:82:05:77:39:9c:69:4a:46:b2:58:60:97:c5:0e:ab:58:
55:8f:f8:17:9d:30:4d:54:d6:a4:05:93:14:15:99:ef:55:4d:
79:69:f8:f7:3c:18:f6:20:9b:a4:20:62:1b:9a:cd:eb:b6:0f:
84:7f:97:57:2f:00:f6:24:d9:94:21:b6:69:83:2d:9e:72:65:
0d:9a:b3:61
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZoHFnP3TXMv4L9ktSr6R0UgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjAxMjZkY2U3OGJjMTZlNjZjMmU2ZTc2MzU4NDhhYzQ2
ODQ2YWYwHhcNMjUxMDIxMTQwNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWNmMWQ1NjlmNzZkNDMzZDc2MWMxZTFlZTkwZWM0ZjM0YTgyN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YmbmbW10iozH5ilP/y/5ts8TToz
+D0LZ7CM7J3iZM6Zs7WRr7G932hT36UsgY0yMX0n5edFtG8AFxFSm5gRursItdRp
HqYx2AVWpb9qhJ4yyG30zh2Ln1dQAz4sOLRSW+T/vfK04Dw2PDhvdvyZoI9m8b/1
+sx3wGLmrBd6Wz/XiLWIYf+tbdG5UxHDaGXYXgFwmk9BygNW1jPqJ3Ahe+gXbT7j
cKXV8JUsMlZBiah9hXY7d0sw5Gcd+ihV+nV2frsQ692QjcO1xmhM9eerc4OAWtWd
yb+ec4Jpx41M5x48NnPa1gXK/zVGa4QiGwTMqwt3ziGyJy7kzkoGJd+aowIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIrPHVafdtQz12HB4e6Q7E80qCfsMB8GA1UdIwQY
MBaAFOdgEm3OeLwW5mwubnY1hIrEaEavMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3Yjgt
ZDI0ZjU2MmRlZGQyLzEvaXM4ZFZwOTIxRFBYWWNIaDdwRHNUelNvSi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS80ODhmNjEtMmYwMC00NjM5LTk3YjgtZDI0ZjU2MmRlZGQy
LzEvNTJBU2JjNTR2QmJtYkM1dWRqV0Vpc1JvUnE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAkvdoAwQA
kvdrAwQAkvdvMAwDBACS93MDBACS93gDBACS93oDBAGS934wDQYJKoZIhvcNAQEL
BQADggEBADbMt6RwQMRrK1aKY0OwYbQFwT7n60Vgy11EPaE1/xTtGBPZ5bgBwpNy
hFjB9Ew7eBBNTS+NQEbRAbp1kSz4DbPi6Rh/N2e2SMS/RAJO9pYzksf+3PAzksuC
1bptWrmP9fLGM69Fd4m59nW3bTweQQCDs2ASeXxZW57WWshJi+1Z0SHKjjacfeZE
Ab9jgr9Vow44WK02lXuHXWuBHedk1d8UZami1uRWDGnUslRGcS1Vq9j+bgHBggV3
OZxpSkayWGCXxQ6rWFWP+BedME1U1qQFkxQVme9VTXlp+Pc8GPYgm6QgYhuazeu2
D4R/l1cvAPYk2ZQhtmmDLZ5yZQ2as2E=
-----END CERTIFICATE-----
Generated at Sat Oct 25 22:14:41 2025 by rpki-client