Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/sI4PiDRoDbx5a6N6DEWl54OUDb4.roa
File: sI4PiDRoDbx5a6N6DEWl54OUDb4.roa (raw, json)
Hash identifier: BuRl5VT0o+3ibVPsQDpCnLVNhSHwLDG5LED3ZzJ2yPk=
Subject key identifier: B0:8E:0F:88:34:68:0D:BC:79:6B:A3:7A:0C:45:A5:E7:83:94:0D:BE
Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Certificate serial: 0198559DAB0B231AE3099ACC28763596BE11
Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/sI4PiDRoDbx5a6N6DEWl54OUDb4.roa
Signing time: Tue 29 Jul 2025 09:57:32 +0000
ROA not before: Tue 29 Jul 2025 09:57:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 93.94.32.0/24 maxlen: 24
93.94.33.0/24 maxlen: 24
93.94.34.0/24 maxlen: 24
93.94.35.0/24 maxlen: 24
93.94.37.0/24 maxlen: 24
93.94.38.0/24 maxlen: 24
93.174.64.0/21 maxlen: 24
158.58.136.0/21 maxlen: 24
185.84.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:9d:ab:0b:23:1a:e3:09:9a:cc:28:76:35:96:be:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121
Validity
Not Before: Jul 29 09:57:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b08e0f8834680dbc796ba37a0c45a5e783940dbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c4:f3:61:03:6b:96:66:61:ec:d7:7a:f9:8a:
17:70:94:c5:48:c6:1f:6c:1d:81:07:cc:6f:d1:6e:
74:f3:3c:e8:74:1c:7d:4a:ca:39:67:60:c9:e0:60:
f6:86:7b:b5:da:d4:e2:78:41:c3:d2:b8:86:3f:9c:
25:1e:5b:c5:8e:30:94:4d:8d:c5:af:b0:d8:3c:1f:
b1:07:91:75:9b:40:a8:18:40:ab:bb:f3:9e:f1:61:
3f:20:b1:70:0a:48:6d:c4:b2:75:86:07:15:20:44:
c6:69:9e:85:e9:ee:08:1a:33:e8:64:48:8f:08:95:
d5:c0:7c:09:2b:2e:36:3c:99:e1:1b:43:7b:92:b2:
b5:0a:4b:42:bf:61:64:1f:d1:a7:74:80:ce:b2:cf:
ab:5d:25:0b:e6:da:c0:88:26:1f:6f:f3:f2:40:9b:
28:9e:1e:03:a1:1d:62:ff:00:be:81:ef:18:66:05:
a0:76:c0:49:3a:eb:6d:78:7e:90:24:f6:41:e8:6b:
ba:0d:62:b0:41:34:b9:b3:46:5d:ac:f3:c2:ea:14:
28:3f:a5:fd:ad:1b:02:f6:e6:e7:fa:8e:df:1e:35:
a7:f6:a1:75:b0:e5:db:20:c3:82:d2:70:34:6a:36:
49:02:08:93:ef:09:90:ae:c5:1c:18:26:09:b4:f7:
8b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:8E:0F:88:34:68:0D:BC:79:6B:A3:7A:0C:45:A5:E7:83:94:0D:BE
X509v3 Authority Key Identifier:
keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/sI4PiDRoDbx5a6N6DEWl54OUDb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.32.0/22
93.94.37.0-93.94.38.255
93.174.64.0/21
158.58.136.0/21
185.84.176.0/22
Signature Algorithm: sha256WithRSAEncryption
10:19:c3:4c:f5:6e:74:a4:0d:50:45:f3:85:16:00:03:72:ea:
07:55:c5:86:9f:1d:c7:f7:68:88:c0:f5:93:2d:ad:60:4b:70:
50:49:16:11:ef:76:6e:05:f1:b3:f9:bc:3f:a9:33:7f:cd:f9:
18:63:63:e8:23:38:9a:b6:ff:31:a8:a0:97:09:39:09:53:70:
98:87:08:7b:1b:41:de:69:5e:ba:10:b0:3f:c5:6a:bc:74:da:
77:27:ba:a6:65:e4:bf:19:bc:f6:e9:31:57:d0:80:cc:aa:af:
ee:ed:71:af:94:6d:0c:5a:2d:94:7c:c6:28:4c:5c:ba:84:23:
62:5e:0d:e7:dc:c1:4c:23:39:ff:3f:67:70:97:0e:33:bf:1f:
77:68:48:ef:5e:99:ef:76:1c:c6:db:0e:6d:68:db:bc:c6:ac:
d9:72:6d:c4:8e:a4:3b:d1:92:0a:34:98:0d:de:bb:aa:31:a1:
45:74:dd:43:b5:7b:cd:c8:37:eb:82:a6:5b:f9:78:84:ae:30:
8f:20:33:f5:29:4f:71:30:50:6d:ba:42:08:69:89:ad:4b:f1:
23:13:a7:1e:6f:b8:c4:6a:21:0d:9a:19:4e:0d:b8:d9:ad:f7:
ff:93:fb:fa:e6:e0:e9:21:61:46:41:30:14:9d:7b:d7:16:7a:
48:be:ab:bf
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZhVnasLIxrjCZrMKHY1lr4RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk
N2ExMjEwHhcNMjUwNzI5MDk1NzMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDhlMGY4ODM0NjgwZGJjNzk2YmEzN2EwYzQ1YTVlNzgzOTQwZGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMTzYQNrlmZh7Nd6+YoXcJTFSMYf
bB2BB8xv0W508zzodBx9Sso5Z2DJ4GD2hnu12tTieEHD0riGP5wlHlvFjjCUTY3F
r7DYPB+xB5F1m0CoGECru/Oe8WE/ILFwCkhtxLJ1hgcVIETGaZ6F6e4IGjPoZEiP
CJXVwHwJKy42PJnhG0N7krK1CktCv2FkH9GndIDOss+rXSUL5trAiCYfb/PyQJso
nh4DoR1i/wC+ge8YZgWgdsBJOutteH6QJPZB6Gu6DWKwQTS5s0ZdrPPC6hQoP6X9
rRsC9ubn+o7fHjWn9qF1sOXbIMOC0nA0ajZJAgiT7wmQrsUcGCYJtPeLoQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLCOD4g0aA28eWujegxFpeeDlA2+MB8GA1UdIwQY
MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt
MjM3MzliNWZkODRjLzEvc0k0UGlEUm9EYng1YTZONkRFV2w1NE9VRGI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj
LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCXV4gMAwD
BABdXiUDBABdXiYDBANdrkADBAOeOogDBAK5VLAwDQYJKoZIhvcNAQELBQADggEB
ABAZw0z1bnSkDVBF84UWAANy6gdVxYafHcf3aIjA9ZMtrWBLcFBJFhHvdm4F8bP5
vD+pM3/N+RhjY+gjOJq2/zGooJcJOQlTcJiHCHsbQd5pXroQsD/Farx02ncnuqZl
5L8ZvPbpMVfQgMyqr+7tca+UbQxaLZR8xihMXLqEI2JeDefcwUwjOf8/Z3CXDjO/
H3doSO9eme92HMbbDm1o27zGrNlybcSOpDvRkgo0mA3eu6oxoUV03UO1e83IN+uC
plv5eISuMI8gM/UpT3EwUG26Qghpia1L8SMTpx5vuMRqIQ2aGU4NuNmt9/+T+/rm
4OkhYUZBMBSde9cWeki+q78=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:57:23 2025 by rpki-client