Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/8TiiymF_qXe5_0OSXGhXtrvPRF8.roa
File: 8TiiymF_qXe5_0OSXGhXtrvPRF8.roa (raw, json)
Hash identifier: GluSxaIDrro0bR3RvWbGWujqLOuubQy6kwNOc8o6hgc=
Subject key identifier: F1:38:A2:CA:61:7F:A9:77:B9:FF:43:92:5C:68:57:B6:BB:CF:44:5F
Certificate issuer: /CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Certificate serial: 0197562B25A9B03DD2EE00C783499E36B645
Authority key identifier: A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/8TiiymF_qXe5_0OSXGhXtrvPRF8.roa
Signing time: Mon 09 Jun 2025 19:29:17 +0000
ROA not before: Mon 09 Jun 2025 19:29:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48091
IP address blocks: 185.140.236.0/23 maxlen: 24
185.140.238.0/24 maxlen: 24
195.93.216.0/23 maxlen: 24
2001:67c:256c::/48 maxlen: 48
2a05:37c0::/32 maxlen: 48
2a05:37c7:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:2b:25:a9:b0:3d:d2:ee:00:c7:83:49:9e:36:b6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a98cfb9b5f445fd2f6ccfa179c37c53449b2af06
Validity
Not Before: Jun 9 19:29:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f138a2ca617fa977b9ff43925c6857b6bbcf445f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:fe:c5:89:39:51:0c:7c:00:5c:51:aa:e3:2b:
be:89:cf:0c:07:f1:0c:40:d0:da:b5:d0:8b:96:0b:
21:3a:c9:fd:7d:2f:37:b3:a0:3c:e9:1a:bb:8a:27:
7b:7e:e1:80:e6:91:d8:eb:d0:77:2a:df:d0:64:f1:
e3:57:31:d7:fa:3e:7b:46:c7:45:59:4c:4f:55:24:
99:83:e9:e1:25:ab:0f:80:08:c7:11:be:58:09:9b:
ae:80:9b:96:0b:cb:e8:e9:09:7d:32:08:5c:b8:02:
8c:0b:1d:29:e1:80:4e:2d:95:c7:02:ec:5a:61:69:
6f:c7:56:ff:76:09:0f:00:b4:76:eb:c0:43:ed:b5:
4b:5a:c8:1e:f3:bf:34:a5:43:ec:48:d2:3d:fb:aa:
c8:1b:33:c2:ab:b5:85:a5:14:10:27:98:d0:dc:e7:
6d:f5:a6:c9:ab:10:2b:df:47:ef:9e:5d:7b:53:ae:
1d:a1:d3:a1:da:91:fd:fb:12:6b:83:2d:b5:3b:44:
e3:24:0b:f2:c3:9a:d1:4d:04:76:d8:82:b0:1e:c5:
8e:e1:f3:2e:b7:72:ac:b5:05:2a:2e:94:21:7b:c2:
d4:19:d9:5e:c1:f0:e3:3c:c3:94:dc:0d:d0:1c:fb:
25:14:ae:0e:d7:0c:92:a9:82:39:a4:8d:af:3f:5f:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:38:A2:CA:61:7F:A9:77:B9:FF:43:92:5C:68:57:B6:BB:CF:44:5F
X509v3 Authority Key Identifier:
keyid:A9:8C:FB:9B:5F:44:5F:D2:F6:CC:FA:17:9C:37:C5:34:49:B2:AF:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYz7m19EX9L2zPoXnDfFNEmyrwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/8TiiymF_qXe5_0OSXGhXtrvPRF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/df8551-3f9f-44b2-b7e4-886593f7dce0/1/qYz7m19EX9L2zPoXnDfFNEmyrwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.236.0-185.140.238.255
195.93.216.0/23
IPv6:
2001:67c:256c::/48
2a05:37c0::/32
2a05:37c7:100::/40
Signature Algorithm: sha256WithRSAEncryption
35:1b:34:bc:21:b7:2c:a8:97:ae:c1:62:25:0a:67:c2:ef:a1:
0c:ec:7e:56:4f:31:35:09:3c:32:c4:02:74:60:16:b2:a0:e6:
76:38:eb:c9:40:f6:fc:a9:ee:9c:d7:c1:5b:f8:8e:6f:d5:5f:
8d:3f:26:71:4a:91:8a:3c:4c:ca:61:2b:24:9a:4f:e5:c3:94:
4f:cd:ef:5c:a0:e4:5d:61:0f:80:cc:d8:50:be:de:8c:5e:a4:
1c:f0:db:da:30:21:e6:52:9e:7a:b7:8f:d2:cd:4d:dc:f5:0f:
53:e0:06:c7:9f:50:0c:69:4c:23:ae:f1:63:77:c0:d1:3f:71:
e3:2b:3e:a6:ee:23:3f:41:61:ff:ed:de:6f:92:df:4d:7b:0c:
c1:50:4f:55:7c:35:2a:cc:1b:da:67:7b:06:15:ea:17:e4:ef:
b1:97:bd:97:e5:00:0c:96:df:86:d0:05:fb:3f:41:72:c2:ae:
e4:09:3c:e8:fc:8e:ff:3a:c7:05:86:c8:0d:04:67:31:dd:cf:
ee:cd:dc:8b:ff:a4:81:fb:c0:a3:70:d4:e9:05:a7:39:1a:64:
8c:c5:12:72:51:37:61:27:a3:a5:c0:e1:6a:61:14:95:f8:24:
4a:5b:a8:ef:67:fc:d6:a2:8b:86:11:87:ab:1c:83:90:9e:da:
d9:e1:bf:47
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZdWKyWpsD3S7gDHg0meNrZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OGNmYjliNWY0NDVmZDJmNmNjZmExNzljMzdjNTM0NDli
MmFmMDYwHhcNMjUwNjA5MTkyOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTM4YTJjYTYxN2ZhOTc3YjlmZjQzOTI1YzY4NTdiNmJiY2Y0NDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsf7FiTlRDHwAXFGq4yu+ic8MB/EM
QNDatdCLlgshOsn9fS83s6A86Rq7iid7fuGA5pHY69B3Kt/QZPHjVzHX+j57RsdF
WUxPVSSZg+nhJasPgAjHEb5YCZuugJuWC8vo6Ql9MghcuAKMCx0p4YBOLZXHAuxa
YWlvx1b/dgkPALR268BD7bVLWsge8780pUPsSNI9+6rIGzPCq7WFpRQQJ5jQ3Odt
9abJqxAr30fvnl17U64dodOh2pH9+xJrgy21O0TjJAvyw5rRTQR22IKwHsWO4fMu
t3KstQUqLpQhe8LUGdlewfDjPMOU3A3QHPslFK4O1wySqYI5pI2vP1/F/wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPE4osphf6l3uf9DklxoV7a7z0RfMB8GA1UdIwQY
MBaAFKmM+5tfRF/S9sz6F5w3xTRJsq8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQt
ODg2NTkzZjdkY2UwLzEvOFRpaXltRl9xWGU1XzBPU1hHaFh0cnZQUkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9kZjg1NTEtM2Y5Zi00NGIyLWI3ZTQtODg2NTkzZjdkY2Uw
LzEvcVl6N20xOUVYOUwyelBvWG5EZkZORW15cndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAaBAIAATAUMAwDBAK5jOwD
BAC5jO4DBAHDXdgwHgQCAAIwGAMHACABBnwlbAMFACoFN8ADBgAqBTfHATANBgkq
hkiG9w0BAQsFAAOCAQEANRs0vCG3LKiXrsFiJQpnwu+hDOx+Vk8xNQk8MsQCdGAW
sqDmdjjryUD2/KnunNfBW/iOb9VfjT8mcUqRijxMymErJJpP5cOUT83vXKDkXWEP
gMzYUL7ejF6kHPDb2jAh5lKeereP0s1N3PUPU+AGx59QDGlMI67xY3fA0T9x4ys+
pu4jP0Fh/+3eb5LfTXsMwVBPVXw1Kswb2md7BhXqF+TvsZe9l+UADJbfhtAF+z9B
csKu5Ak86PyO/zrHBYbIDQRnMd3P7s3ci/+kgfvAo3DU6QWnORpkjMUSclE3YSej
pcDhamEUlfgkSluo72f81qKLhhGHqxyDkJ7a2eG/Rw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:25:42 2025 by rpki-client