Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/gI8FHF_izRDz4HHZpobs4Zj05J0.roa
File: gI8FHF_izRDz4HHZpobs4Zj05J0.roa (raw, json)
Hash identifier: GbcMauDvpSu6wVwWHbPZUYa52/CtjqOFFexRC6qtGdE=
Subject key identifier: 80:8F:05:1C:5F:E2:CD:10:F3:E0:71:D9:A6:86:EC:E1:98:F4:E4:9D
Certificate issuer: /CN=86e99134171b5863f62f22b7d7abf740349528ec
Certificate serial: 0196C907C00783AA2F23B02D36B9C85DF0EB
Authority key identifier: 86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/gI8FHF_izRDz4HHZpobs4Zj05J0.roa
Signing time: Tue 13 May 2025 09:44:10 +0000
ROA not before: Tue 13 May 2025 09:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60439
IP address blocks: 45.82.92.0/22 maxlen: 24
45.90.148.0/22 maxlen: 24
45.94.80.0/22 maxlen: 24
45.131.112.0/22 maxlen: 24
45.136.212.0/22 maxlen: 24
45.141.224.0/22 maxlen: 24
45.151.80.0/24 maxlen: 24
45.151.81.0/24 maxlen: 24
45.151.82.0/24 maxlen: 24
45.151.83.0/24 maxlen: 24
85.208.196.0/24 maxlen: 24
85.208.197.0/24 maxlen: 24
85.208.198.0/24 maxlen: 24
85.208.199.0/24 maxlen: 24
139.28.16.0/22 maxlen: 24
193.160.22.0/24 maxlen: 24
193.160.23.0/24 maxlen: 24
193.160.30.0/24 maxlen: 24
193.160.31.0/24 maxlen: 24
2a13:8240::/40 maxlen: 48
2a13:8240:100::/40 maxlen: 48
2a13:8240:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 15:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:07:c0:07:83:aa:2f:23:b0:2d:36:b9:c8:5d:f0:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e99134171b5863f62f22b7d7abf740349528ec
Validity
Not Before: May 13 09:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=808f051c5fe2cd10f3e071d9a686ece198f4e49d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:39:83:09:d9:13:4b:38:da:bc:e5:13:04:c2:
09:5e:84:92:b6:94:31:47:5c:1d:a5:93:f0:a3:db:
df:a2:18:2c:eb:1c:c2:e1:e2:cb:01:e8:89:49:bd:
1f:7e:02:03:cd:54:6c:04:f0:cd:b1:7f:d1:e9:ca:
18:85:a6:e5:c5:08:4d:cf:57:83:10:99:5f:92:ec:
32:39:77:cc:73:a5:4c:74:24:39:1c:6a:f1:86:85:
05:3c:02:07:25:8e:61:57:79:d3:12:ad:d0:dc:4b:
9c:81:9d:7d:d2:55:09:f6:39:96:44:4a:cd:0b:4e:
3b:e8:a4:41:d3:05:c3:4a:2d:cc:3f:58:40:5c:16:
aa:32:de:db:75:7b:3e:7c:39:db:18:c6:6b:66:35:
b9:1f:9b:91:35:06:c9:8a:a6:12:47:ef:fe:df:31:
1c:e4:87:41:f0:f1:a4:67:8e:e3:4a:59:ee:70:76:
38:2d:1a:c9:ef:21:3c:38:eb:27:42:79:e6:1a:ab:
fa:d0:39:4f:0c:a1:a5:b1:3e:77:ee:f2:fc:51:13:
e5:2f:73:95:86:ca:c1:f8:01:a6:bd:ae:63:1d:cd:
6e:81:cd:5b:23:5c:ba:d4:ef:9d:38:2b:d2:75:12:
df:1a:45:05:e0:34:1f:11:18:48:ff:83:12:a7:d1:
98:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:8F:05:1C:5F:E2:CD:10:F3:E0:71:D9:A6:86:EC:E1:98:F4:E4:9D
X509v3 Authority Key Identifier:
keyid:86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/gI8FHF_izRDz4HHZpobs4Zj05J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.92.0/22
45.90.148.0/22
45.94.80.0/22
45.131.112.0/22
45.136.212.0/22
45.141.224.0/22
45.151.80.0/22
85.208.196.0/22
139.28.16.0/22
193.160.22.0/23
193.160.30.0/23
IPv6:
2a13:8240::-2a13:8240:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
03:37:6f:b2:21:ae:5d:98:90:08:7c:71:8d:a8:3a:b9:9f:c6:
58:b9:60:b6:80:5a:54:0f:41:23:b2:9c:d9:7e:bf:f4:53:af:
26:94:3a:6b:f4:28:8a:2e:a4:08:21:87:5f:8c:0a:74:22:e2:
fa:db:31:24:bc:c9:4a:40:0c:c2:c2:99:41:7b:7d:2b:8b:d0:
8d:9b:79:ba:47:73:43:46:fe:60:dc:00:d5:ba:71:91:27:40:
37:86:75:8e:7c:32:84:66:69:f8:68:05:07:eb:a7:16:52:7d:
1e:88:20:24:42:ec:58:96:19:6f:3c:eb:93:a2:f2:86:2e:79:
3d:5c:c4:5e:4c:bc:35:c7:f5:2b:d1:5e:34:6c:16:ff:97:1e:
6f:c2:cb:be:94:e3:0d:0e:2d:08:1e:9a:78:71:eb:8b:f7:4e:
0c:1e:5d:09:4a:dd:27:e0:88:bc:45:8d:b6:93:37:82:85:63:
d0:c9:cb:38:20:5b:67:3e:42:71:8c:0c:df:a2:4a:93:eb:19:
11:eb:c2:b4:f5:7e:81:82:a7:b9:11:aa:05:32:41:d0:7c:1e:
02:34:df:c8:49:bd:af:50:18:a7:67:d0:70:10:61:93:c6:b9:
4a:5e:88:33:95:f0:b9:7f:c7:79:5d:b8:86:43:51:1b:0b:a9:
d5:1e:b9:bc
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZbJB8AHg6ovI7AtNrnIXfDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTk5MTM0MTcxYjU4NjNmNjJmMjJiN2Q3YWJmNzQwMzQ5
NTI4ZWMwHhcNMjUwNTEzMDk0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDhmMDUxYzVmZTJjZDEwZjNlMDcxZDlhNjg2ZWNlMTk4ZjRlNDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzmDCdkTSzjavOUTBMIJXoSStpQx
R1wdpZPwo9vfohgs6xzC4eLLAeiJSb0ffgIDzVRsBPDNsX/R6coYhablxQhNz1eD
EJlfkuwyOXfMc6VMdCQ5HGrxhoUFPAIHJY5hV3nTEq3Q3EucgZ190lUJ9jmWRErN
C0476KRB0wXDSi3MP1hAXBaqMt7bdXs+fDnbGMZrZjW5H5uRNQbJiqYSR+/+3zEc
5IdB8PGkZ47jSlnucHY4LRrJ7yE8OOsnQnnmGqv60DlPDKGlsT537vL8URPlL3OV
hsrB+AGmva5jHc1ugc1bI1y61O+dOCvSdRLfGkUF4DQfERhI/4MSp9GYBwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFICPBRxf4s0Q8+Bx2aaG7OGY9OSdMB8GA1UdIwQY
MBaAFIbpkTQXG1hj9i8it9er90A0lSjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQt
ZGE5NTgwOGJhMmMxLzEvZ0k4RkhGX2l6UkR6NEhIWnBvYnM0WmowNUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQtZGE5NTgwOGJhMmMx
LzEvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBIBAIAATBCAwQCLVJcAwQC
LVqUAwQCLV5QAwQCLYNwAwQCLYjUAwQCLY3gAwQCLZdQAwQCVdDEAwQCixwQAwQB
waAWAwQBwaAeMBcEAgACMBEwDwMFBioTgkADBgAqE4JAAjANBgkqhkiG9w0BAQsF
AAOCAQEAAzdvsiGuXZiQCHxxjag6uZ/GWLlgtoBaVA9BI7Kc2X6/9FOvJpQ6a/Qo
ii6kCCGHX4wKdCLi+tsxJLzJSkAMwsKZQXt9K4vQjZt5ukdzQ0b+YNwA1bpxkSdA
N4Z1jnwyhGZp+GgFB+unFlJ9HoggJELsWJYZbzzrk6Lyhi55PVzEXky8Ncf1K9Fe
NGwW/5ceb8LLvpTjDQ4tCB6aeHHri/dODB5dCUrdJ+CIvEWNtpM3goVj0MnLOCBb
Zz5CcYwM36JKk+sZEevCtPV+gYKnuRGqBTJB0HweAjTfyEm9r1AYp2fQcBBhk8a5
Sl6IM5XwuX/HeV24hkNRGwup1R65vA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:55:12 2025 by rpki-client