Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9hJ82o3XPmxixwKbIaasfujEHR4.roa
File: 9hJ82o3XPmxixwKbIaasfujEHR4.roa (raw, json)
Hash identifier: JIsVrtUMrLnvfmTeq3rvZRZd6nv17o5S8rVtYG81E34=
Subject key identifier: F6:12:7C:DA:8D:D7:3E:6C:62:C7:02:9B:21:A6:AC:7E:E8:C4:1D:1E
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019856D6B8C61E3FA7AF1FE07E3734A2DE22
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9hJ82o3XPmxixwKbIaasfujEHR4.roa
Signing time: Tue 29 Jul 2025 15:39:29 +0000
ROA not before: Tue 29 Jul 2025 15:39:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 107.150.169.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
124.198.140.0/22 maxlen: 24
124.198.148.0/22 maxlen: 24
124.198.152.0/21 maxlen: 24
158.173.136.0/22 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
163.47.104.0/22 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
185.203.149.0/24 maxlen: 24
185.203.150.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.124.0/22 maxlen: 24
203.188.176.0/22 maxlen: 24
203.188.184.0/22 maxlen: 24
203.188.188.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/23 maxlen: 24
212.56.51.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:d6:b8:c6:1e:3f:a7:af:1f:e0:7e:37:34:a2:de:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 15:39:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6127cda8dd73e6c62c7029b21a6ac7ee8c41d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:03:6e:61:cf:cb:df:ce:95:07:72:6a:2d:
a9:ed:06:37:3e:a5:98:66:76:5f:42:81:ca:d5:3c:
fc:85:12:ce:4c:ad:97:c2:71:93:49:d6:e1:51:12:
54:dd:19:90:58:88:48:cc:7a:b0:84:ca:c5:9c:ef:
7d:8a:a1:5c:35:72:4c:e2:87:28:e4:7e:6b:90:82:
95:e1:c6:de:a2:c0:a1:43:3f:bc:ce:39:07:92:b2:
6c:4a:34:01:3f:ce:00:8c:ed:17:d1:c2:9d:36:6f:
00:0d:d3:b8:3e:01:5b:13:20:83:e7:6e:92:cd:14:
e1:cc:10:e5:47:cd:37:12:ff:ac:6b:7b:12:cb:d8:
e2:40:70:40:e9:e0:41:fd:c3:3c:e0:7a:22:dc:9a:
af:30:f4:af:db:dc:95:23:be:29:f9:c2:d2:8c:00:
f1:3e:cc:92:ba:e0:6a:6f:51:e8:f6:85:d6:57:ae:
03:80:8e:49:46:aa:e1:4b:97:2b:d9:c3:f9:62:19:
f6:af:b0:39:30:c9:48:46:c8:74:a9:07:62:a8:e6:
21:bc:19:3e:ee:5e:6f:54:17:2f:b7:07:89:a1:9d:
62:21:e2:1c:d0:ce:9a:e7:d3:0b:e5:69:eb:ec:cb:
01:4e:82:bb:11:a4:64:a2:18:d2:e8:55:0a:17:00:
76:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:12:7C:DA:8D:D7:3E:6C:62:C7:02:9B:21:A6:AC:7E:E8:C4:1D:1E
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/9hJ82o3XPmxixwKbIaasfujEHR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.150.169.0/24
107.150.173.0/24
124.198.140.0/22
124.198.148.0-124.198.159.255
158.173.136.0/22
162.218.177.0-162.218.178.255
163.47.104.0/22
167.160.1.0-167.160.2.255
185.192.213.0-185.192.214.255
185.203.149.0-185.203.150.255
185.212.173.0-185.212.174.255
202.49.244.0/22
202.50.124.0/22
203.188.176.0/22
203.188.184.0-203.188.188.255
212.32.51.0/24
212.32.70.0/24
212.32.77.0-212.32.79.255
212.56.51.0/24
212.56.55.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:30:46:81:21:e3:02:19:6f:f8:44:0c:1d:f1:26:3a:3e:23:
2b:50:b1:29:d2:34:14:11:07:26:10:47:96:54:0e:9b:2d:48:
ea:01:f5:26:f1:35:f8:b1:1c:4c:62:ae:a5:ae:16:05:07:38:
87:16:4d:21:05:67:ed:7c:e3:1b:3c:5d:d9:b3:93:55:6e:1d:
ac:24:50:11:cc:5c:7c:3c:d9:02:e9:68:13:03:24:2c:db:4d:
c7:b1:f7:2a:87:c2:e2:d5:3b:8d:f7:23:51:93:20:15:25:ca:
24:9c:dd:92:71:ea:5e:db:d8:39:5d:ce:a8:10:58:a4:29:ab:
2b:16:17:03:ef:3f:b1:7f:05:b1:5f:6f:9c:54:ae:f3:f9:08:
d4:28:f3:a7:41:93:d6:28:30:28:59:8e:c8:d6:b9:73:a2:1d:
e7:53:83:c9:a2:7d:2b:1d:c7:fe:9d:d0:ea:cb:3a:be:19:83:
eb:5e:0e:57:fa:e3:de:90:62:eb:3a:b1:74:cf:fb:0c:86:9f:
e4:95:5f:72:0d:0e:98:7d:4b:d7:cc:3e:66:b3:0e:52:e6:0b:
2f:2d:b4:12:2d:8d:40:43:b7:aa:df:20:51:66:b2:15:e5:7f:
58:32:5c:89:8c:2f:be:61:76:7d:e7:1e:4a:58:2a:f9:1b:dd:
24:44:e9:77
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAZhW1rjGHj+nrx/gfjc0ot4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MTUzOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjEyN2NkYThkZDczZTZjNjJjNzAyOWIyMWE2YWM3ZWU4YzQxZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkUDbmHPy9/OlQdyai2p7QY3PqWY
ZnZfQoHK1Tz8hRLOTK2XwnGTSdbhURJU3RmQWIhIzHqwhMrFnO99iqFcNXJM4oco
5H5rkIKV4cbeosChQz+8zjkHkrJsSjQBP84AjO0X0cKdNm8ADdO4PgFbEyCD526S
zRThzBDlR803Ev+sa3sSy9jiQHBA6eBB/cM84Hoi3JqvMPSv29yVI74p+cLSjADx
PsySuuBqb1Ho9oXWV64DgI5JRqrhS5cr2cP5Yhn2r7A5MMlIRsh0qQdiqOYhvBk+
7l5vVBcvtweJoZ1iIeIc0M6a59ML5Wnr7MsBToK7EaRkohjS6FUKFwB2LQIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFPYSfNqN1z5sYscCmyGmrH7oxB0eMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvOWhKODJvM1hQbXhpeHdLYklhYXNmdWpFSFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBABr
lqkDBABrlq0DBAJ8xowwDAMEAnzGlAMEBXzGgAMEAp6tiDAMAwQAotqxAwQAotqy
AwQCoy9oMAwDBACnoAEDBACnoAIwDAMEALnA1QMEALnA1jAMAwQAucuVAwQAucuW
MAwDBAC51K0DBAC51K4DBALKMfQDBALKMnwDBALLvLAwDAMEA8u8uAMEAMu8vAME
ANQgMwMEANQgRjAMAwQA1CBNAwQE1CBAAwQA1DgzAwQA1Dg3MA0GCSqGSIb3DQEB
CwUAA4IBAQB9MEaBIeMCGW/4RAwd8SY6PiMrULEp0jQUEQcmEEeWVA6bLUjqAfUm
8TX4sRxMYq6lrhYFBziHFk0hBWftfOMbPF3Zs5NVbh2sJFARzFx8PNkC6WgTAyQs
203Hsfcqh8Li1TuN9yNRkyAVJcoknN2Scepe29g5Xc6oEFikKasrFhcD7z+xfwWx
X2+cVK7z+QjUKPOnQZPWKDAoWY7I1rlzoh3nU4PJon0rHcf+ndDqyzq+GYPrXg5X
+uPekGLrOrF0z/sMhp/klV9yDQ6YfUvXzD5msw5S5gsvLbQSLY1AQ7eq3yBRZrIV
5X9YMlyJjC++YXZ95x5KWCr5G90kROl3
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:31:31 2025 by rpki-client