Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/8A-P_ORhWgCvGzrDZbvgnuXv8-Q.roa
File: 8A-P_ORhWgCvGzrDZbvgnuXv8-Q.roa (raw, json)
Hash identifier: oBZBRDrJFN8P0rq4HbYuCOhWt6Wuv4vtGNK+w0AylXw=
Subject key identifier: F0:0F:8F:FC:E4:61:5A:00:AF:1B:3A:C3:65:BB:E0:9E:E5:EF:F3:E4
Certificate issuer: /CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Certificate serial: 0196C382C49CAB13E8533922649D40803A56
Authority key identifier: 88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/8A-P_ORhWgCvGzrDZbvgnuXv8-Q.roa
Signing time: Mon 12 May 2025 08:00:49 +0000
ROA not before: Mon 12 May 2025 08:00:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12479
IP address blocks: 62.32.128.0/17 maxlen: 24
62.32.128.0/19 maxlen: 24
62.32.160.0/19 maxlen: 24
62.32.192.0/19 maxlen: 24
62.32.192.0/20 maxlen: 24
62.32.208.0/20 maxlen: 24
62.32.224.0/19 maxlen: 24
83.231.0.0/17 maxlen: 17
83.231.0.0/19 maxlen: 24
83.231.32.0/23 maxlen: 24
83.231.40.0/24 maxlen: 24
83.231.41.0/24 maxlen: 24
83.231.42.0/24 maxlen: 24
83.231.43.0/24 maxlen: 24
83.231.48.0/21 maxlen: 24
83.231.56.0/21 maxlen: 24
83.231.64.0/18 maxlen: 24
185.124.28.0/22 maxlen: 24
212.169.128.0/17 maxlen: 24
213.143.32.0/19 maxlen: 19
213.143.32.0/24 maxlen: 24
213.143.36.0/22 maxlen: 24
213.143.44.0/22 maxlen: 24
213.143.48.0/22 maxlen: 24
213.143.56.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:82:c4:9c:ab:13:e8:53:39:22:64:9d:40:80:3a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88678ca34c3c6365fb616a66077160a494a6e9d6
Validity
Not Before: May 12 08:00:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f00f8ffce4615a00af1b3ac365bbe09ee5eff3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:05:c6:b9:ec:76:f5:92:df:68:31:e4:57:98:
d9:10:bd:ad:e5:6a:6d:e8:93:39:5a:92:43:b6:f9:
01:2d:d4:7c:bf:60:d4:0e:af:91:57:c1:63:3f:67:
5f:0d:f7:e0:20:e2:10:b1:1d:59:28:bd:4e:a4:dc:
02:8e:29:1b:7c:95:7b:e4:94:f4:4f:d2:01:f5:91:
9f:2e:2f:c0:cd:d6:14:50:4c:51:08:d7:40:07:e2:
5e:f0:aa:35:60:ef:b8:d7:78:9a:60:93:46:a7:38:
7c:21:06:14:55:c9:f7:ec:b0:8d:d2:f7:ef:56:79:
e3:cf:a0:dd:cd:99:8b:3f:f1:cb:d0:43:3d:f1:d1:
f9:d5:f6:10:a8:9d:6f:64:68:63:b9:07:12:bd:0a:
a0:42:27:8c:1f:6a:35:27:3f:3b:fd:75:78:bc:a3:
c5:b9:d9:85:1e:e4:d9:2a:30:b3:b3:59:88:1e:d8:
9f:dd:61:bc:18:48:5e:df:91:c8:53:d0:38:4a:ce:
9d:3f:75:a3:ba:0d:1d:1f:86:19:91:0b:38:47:60:
50:68:3f:f3:86:5f:c4:3d:3a:ef:fd:bc:0e:71:29:
32:01:21:45:46:89:42:2f:22:01:e8:7f:ef:83:c7:
bd:89:3a:89:0a:00:2e:cd:30:b6:54:d9:a6:dd:6e:
97:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:0F:8F:FC:E4:61:5A:00:AF:1B:3A:C3:65:BB:E0:9E:E5:EF:F3:E4
X509v3 Authority Key Identifier:
keyid:88:67:8C:A3:4C:3C:63:65:FB:61:6A:66:07:71:60:A4:94:A6:E9:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/8A-P_ORhWgCvGzrDZbvgnuXv8-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/3baacc-4201-4951-8354-f85f721fb1b8/1/iGeMo0w8Y2X7YWpmB3FgpJSm6dY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.128.0/17
83.231.0.0/17
185.124.28.0/22
212.169.128.0/17
213.143.32.0/19
Signature Algorithm: sha256WithRSAEncryption
2f:27:fa:6f:67:27:00:98:5c:00:63:1c:f2:4d:2d:7c:ac:da:
92:58:b3:e0:45:18:51:1c:ca:0c:ab:17:e1:ac:0a:73:7d:7f:
42:19:61:c6:4b:05:54:27:50:7c:bf:84:14:61:a0:35:e1:aa:
29:ef:d1:58:21:c9:52:2c:04:c0:27:e6:03:cb:46:f9:d5:01:
9a:9b:a9:bf:7b:87:8a:e0:2e:58:61:e8:90:ad:5c:93:58:4f:
62:1f:fb:78:fa:ac:9f:e2:5b:5a:67:65:2c:da:69:f1:53:a1:
3e:0b:29:28:c3:1e:b1:3c:93:14:71:cb:62:cd:fc:47:d5:c9:
19:71:86:58:36:d4:82:d8:a7:b4:46:aa:d2:7c:9d:5b:4f:21:
e3:f9:ba:02:89:fb:83:c2:15:31:3d:ab:30:87:ed:6b:36:0f:
16:f3:a5:98:df:06:2d:77:55:ca:3c:0f:90:e6:1e:31:e2:e7:
e6:68:48:c3:e8:74:6d:f9:2a:08:3e:e1:3d:a1:b0:bc:85:cc:
09:79:51:c5:02:44:ce:00:b5:f4:b2:03:39:dc:40:1c:ce:1b:
72:d5:4e:87:48:a6:3e:e0:33:25:7c:fa:be:b3:f9:b2:87:ff:
c5:2e:9c:8d:40:5b:15:d2:59:d2:64:2f:38:46:d8:ae:18:07:
21:7c:a4:fb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZbDgsScqxPoUzkiZJ1AgDpWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4Njc4Y2EzNGMzYzYzNjVmYjYxNmE2NjA3NzE2MGE0OTRh
NmU5ZDYwHhcNMjUwNTEyMDgwMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDBmOGZmY2U0NjE1YTAwYWYxYjNhYzM2NWJiZTA5ZWU1ZWZmM2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgXGuex29ZLfaDHkV5jZEL2t5Wpt
6JM5WpJDtvkBLdR8v2DUDq+RV8FjP2dfDffgIOIQsR1ZKL1OpNwCjikbfJV75JT0
T9IB9ZGfLi/AzdYUUExRCNdAB+Je8Ko1YO+413iaYJNGpzh8IQYUVcn37LCN0vfv
Vnnjz6DdzZmLP/HL0EM98dH51fYQqJ1vZGhjuQcSvQqgQieMH2o1Jz87/XV4vKPF
udmFHuTZKjCzs1mIHtif3WG8GEhe35HIU9A4Ss6dP3Wjug0dH4YZkQs4R2BQaD/z
hl/EPTrv/bwOcSkyASFFRolCLyIB6H/vg8e9iTqJCgAuzTC2VNmm3W6XiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPAPj/zkYVoArxs6w2W74J7l7/PkMB8GA1UdIwQY
MBaAFIhnjKNMPGNl+2FqZgdxYKSUpunWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQt
Zjg1ZjcyMWZiMWI4LzEvOEEtUF9PUmhXZ0N2R3pyRFpidmdudVh2OC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8zYmFhY2MtNDIwMS00OTUxLTgzNTQtZjg1ZjcyMWZiMWI4
LzEvaUdlTW8wdzhZMlg3WVdwbUIzRmdwSlNtNmRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQHPiCAAwQH
U+cAAwQCuXwcAwQH1KmAAwQF1Y8gMA0GCSqGSIb3DQEBCwUAA4IBAQAvJ/pvZycA
mFwAYxzyTS18rNqSWLPgRRhRHMoMqxfhrApzfX9CGWHGSwVUJ1B8v4QUYaA14aop
79FYIclSLATAJ+YDy0b51QGam6m/e4eK4C5YYeiQrVyTWE9iH/t4+qyf4ltaZ2Us
2mnxU6E+Cykowx6xPJMUcctizfxH1ckZcYZYNtSC2Ke0RqrSfJ1bTyHj+boCifuD
whUxPaswh+1rNg8W86WY3wYtd1XKPA+Q5h4x4ufmaEjD6HRt+SoIPuE9obC8hcwJ
eVHFAkTOALX0sgM53EAczhty1U6HSKY+4DMlfPq+s/myh//FLpyNQFsV0lnSZC84
RtiuGAchfKT7
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:44:07 2025 by rpki-client