Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/j8MuNPnho8nXpAsXxV2kZPJrMCA.roa
File: j8MuNPnho8nXpAsXxV2kZPJrMCA.roa (raw, json)
Hash identifier: UN1KPdlbXzXQtk4CUTg5AbSHbZo9i+9+Gnm8bK+O9hg=
Subject key identifier: 8F:C3:2E:34:F9:E1:A3:C9:D7:A4:0B:17:C5:5D:A4:64:F2:6B:30:20
Certificate issuer: /CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
Certificate serial: 019A0B9718FFE98944FC27D09E152F4BF22A
Authority key identifier: BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/j8MuNPnho8nXpAsXxV2kZPJrMCA.roa
Signing time: Wed 22 Oct 2025 11:04:02 +0000
ROA not before: Wed 22 Oct 2025 11:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209055
IP address blocks: 45.8.40.0/22 maxlen: 22
45.8.40.0/24 maxlen: 24
45.8.41.0/24 maxlen: 24
45.8.42.0/24 maxlen: 24
2a0e:7d00::/29 maxlen: 32
2a0e:7d00::/32 maxlen: 32
2a0e:7d01::/32 maxlen: 32
2a0e:7d02::/32 maxlen: 32
2a0e:7d03::/32 maxlen: 32
2a0e:7d04::/32 maxlen: 32
2a0e:7d05::/32 maxlen: 32
2a0e:7d06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.mft
rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:97:18:ff:e9:89:44:fc:27:d0:9e:15:2f:4b:f2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bea6ca03a8c135ceeae232c937c1ee0bab87e782
Validity
Not Before: Oct 22 11:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8fc32e34f9e1a3c9d7a40b17c55da464f26b3020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:1d:b5:7c:f7:12:7c:b3:12:c2:2f:d4:ff:
69:70:4f:58:39:92:bb:1d:48:15:fd:d6:9a:b1:49:
b4:6a:3c:1c:05:45:60:a7:fe:fe:c5:7b:90:db:c8:
35:90:c6:58:fe:9c:18:f4:be:83:47:d5:53:71:25:
d4:75:a6:73:a0:32:c5:f9:6a:1c:e1:2e:ac:e7:f5:
9a:8e:67:c1:7a:25:ab:c0:82:0b:12:99:3a:42:3c:
72:cf:13:5e:a6:c7:de:4d:ba:94:18:5c:e1:24:bc:
c9:84:9f:ce:f9:ed:9a:95:6a:ab:79:bd:86:25:26:
a8:d4:a7:45:33:2c:36:5b:18:a9:d3:10:33:b8:75:
ec:a5:c6:39:8d:0b:c3:4a:ab:69:f7:3a:0b:ac:d2:
13:d9:ff:82:b2:9a:aa:d2:73:06:ca:b5:4a:03:01:
ad:fa:91:22:b8:23:e4:c0:3b:ab:e0:cd:cd:4a:2b:
8b:83:22:e5:bc:1a:9b:e7:c8:eb:d9:17:1a:37:d3:
a4:16:6c:20:8e:a1:17:1a:48:d7:a5:13:8c:57:2c:
9d:9c:63:2e:6e:3b:00:9b:fd:29:4d:68:1c:31:86:
6d:43:52:58:ce:59:0c:62:35:f9:eb:26:93:b0:bf:
f6:6a:bb:b5:df:32:40:87:de:39:bd:e3:3c:7b:dc:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:C3:2E:34:F9:E1:A3:C9:D7:A4:0B:17:C5:5D:A4:64:F2:6B:30:20
X509v3 Authority Key Identifier:
keyid:BE:A6:CA:03:A8:C1:35:CE:EA:E2:32:C9:37:C1:EE:0B:AB:87:E7:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vqbKA6jBNc7q4jLJN8HuC6uH54I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/j8MuNPnho8nXpAsXxV2kZPJrMCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/bc65f6-0c3b-404e-bfad-9fa4228c02ea/1/vqbKA6jBNc7q4jLJN8HuC6uH54I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.40.0/22
IPv6:
2a0e:7d00::/29
Signature Algorithm: sha256WithRSAEncryption
0a:55:88:ad:c8:0f:f0:48:f9:24:1e:8c:9b:48:cf:3a:41:ef:
6f:a7:27:d2:3e:c5:e9:c7:ee:b1:b0:34:10:03:6c:bf:b5:12:
24:01:68:1a:b2:8a:9c:ce:5c:b6:06:a0:e7:10:11:13:58:bf:
3a:5a:90:bf:ab:9b:e8:c4:c4:ad:db:3d:27:bc:31:f3:21:c6:
07:e8:40:13:99:2e:9b:e7:81:49:cc:dc:34:c2:16:fb:68:5e:
43:d3:8a:ae:9c:16:da:f2:c5:47:57:c0:2f:42:a5:9d:c4:5e:
3e:f3:57:2d:f7:c4:13:f6:72:f8:67:11:f5:83:40:0b:b3:ee:
b2:ea:8f:57:f4:de:c7:57:df:f8:f9:12:7b:b8:74:5f:69:57:
8c:a1:58:ca:af:6e:21:4c:38:8c:03:11:09:5e:c2:b8:60:44:
6d:72:1f:c5:e2:d6:15:a0:f7:4c:ec:47:56:19:00:6c:7d:a5:
8f:45:cc:dd:63:a9:ee:b9:48:d3:f6:bf:42:6f:54:cc:1b:7f:
fb:32:a7:ff:47:10:fc:4f:53:79:cd:b2:4c:ff:a8:46:f9:6b:
58:d2:e9:3b:e4:f9:22:e3:da:9c:4e:aa:4c:ae:eb:6c:fc:3e:
42:0e:b1:85:0e:84:b2:d0:2c:8e:0a:d0:1c:29:df:13:ca:56:
e0:b9:cd:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZoLlxj/6YlE/CfQnhUvS/IqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYTZjYTAzYThjMTM1Y2VlYWUyMzJjOTM3YzFlZTBiYWI4
N2U3ODIwHhcNMjUxMDIyMTEwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmMzMmUzNGY5ZTFhM2M5ZDdhNDBiMTdjNTVkYTQ2NGYyNmIzMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmMdtXz3EnyzEsIv1P9pcE9YOZK7
HUgV/daasUm0ajwcBUVgp/7+xXuQ28g1kMZY/pwY9L6DR9VTcSXUdaZzoDLF+Woc
4S6s5/WajmfBeiWrwIILEpk6QjxyzxNepsfeTbqUGFzhJLzJhJ/O+e2alWqreb2G
JSao1KdFMyw2Wxip0xAzuHXspcY5jQvDSqtp9zoLrNIT2f+Cspqq0nMGyrVKAwGt
+pEiuCPkwDur4M3NSiuLgyLlvBqb58jr2RcaN9OkFmwgjqEXGkjXpROMVyydnGMu
bjsAm/0pTWgcMYZtQ1JYzlkMYjX56yaTsL/2aru13zJAh945veM8e9wxrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFI/DLjT54aPJ16QLF8VdpGTyazAgMB8GA1UdIwQY
MBaAFL6mygOowTXO6uIyyTfB7gurh+eCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnFiS0E2akJOYzdxNGpMSk44SHVDNnVINTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iYzY1ZjYtMGMzYi00MDRlLWJmYWQt
OWZhNDIyOGMwMmVhLzEvajhNdU5QbmhvOG5YcEFzWHhWMmtaUEpyTUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iYzY1ZjYtMGMzYi00MDRlLWJmYWQtOWZhNDIyOGMwMmVh
LzEvdnFiS0E2akJOYzdxNGpMSk44SHVDNnVINTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQgoMA0E
AgACMAcDBQMqDn0AMA0GCSqGSIb3DQEBCwUAA4IBAQAKVYityA/wSPkkHoybSM86
Qe9vpyfSPsXpx+6xsDQQA2y/tRIkAWgasoqczly2BqDnEBETWL86WpC/q5voxMSt
2z0nvDHzIcYH6EATmS6b54FJzNw0whb7aF5D04qunBba8sVHV8AvQqWdxF4+81ct
98QT9nL4ZxH1g0ALs+6y6o9X9N7HV9/4+RJ7uHRfaVeMoVjKr24hTDiMAxEJXsK4
YERtch/F4tYVoPdM7EdWGQBsfaWPRczdY6nuuUjT9r9Cb1TMG3/7Mqf/RxD8T1N5
zbJM/6hG+WtY0uk75Pki49qcTqpMruts/D5CDrGFDoSy0CyOCtAcKd8Tylbguc1r
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:00:26 2025 by rpki-client