Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/rT8y0BCfTCAABxNQ5qnQez4Fr8I.roa
File: rT8y0BCfTCAABxNQ5qnQez4Fr8I.roa (raw, json)
Hash identifier: zR6w/3gh7WRxc5V8iDYO22idpuoYZT3WfKeiyZYkIzc=
Subject key identifier: AD:3F:32:D0:10:9F:4C:20:00:07:13:50:E6:A9:D0:7B:3E:05:AF:C2
Certificate issuer: /CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Certificate serial: 01987A84EFC155FAE7AD621A2B8B45DEB47B
Authority key identifier: 9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/rT8y0BCfTCAABxNQ5qnQez4Fr8I.roa
Signing time: Tue 05 Aug 2025 13:56:29 +0000
ROA not before: Tue 05 Aug 2025 13:56:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51825
IP address blocks: 46.31.96.0/21 maxlen: 21
46.31.96.0/23 maxlen: 23
46.31.96.0/24 maxlen: 24
46.31.97.0/24 maxlen: 24
46.31.98.0/23 maxlen: 23
46.31.98.0/24 maxlen: 24
46.31.99.0/24 maxlen: 24
46.31.100.0/23 maxlen: 23
46.31.100.0/24 maxlen: 24
46.31.101.0/24 maxlen: 24
46.31.102.0/23 maxlen: 23
46.31.102.0/24 maxlen: 24
46.31.103.0/24 maxlen: 24
147.234.92.0/22 maxlen: 22
147.234.96.0/21 maxlen: 21
185.24.204.0/22 maxlen: 22
185.24.204.0/23 maxlen: 23
185.24.204.0/24 maxlen: 24
185.24.205.0/24 maxlen: 24
185.24.206.0/23 maxlen: 23
185.24.206.0/24 maxlen: 24
185.24.207.0/24 maxlen: 24
213.137.64.0/20 maxlen: 20
213.137.64.0/24 maxlen: 24
213.137.65.0/24 maxlen: 24
213.137.66.0/24 maxlen: 24
213.137.67.0/24 maxlen: 24
213.137.70.0/24 maxlen: 24
213.137.71.0/24 maxlen: 24
213.137.72.0/23 maxlen: 23
213.137.73.0/24 maxlen: 24
213.137.77.0/24 maxlen: 24
213.137.78.0/24 maxlen: 24
213.137.79.0/24 maxlen: 24
2a02:5080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7a:84:ef:c1:55:fa:e7:ad:62:1a:2b:8b:45:de:b4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b5895e7f6a6d4aba9c961f713b2e79715f021f0
Validity
Not Before: Aug 5 13:56:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad3f32d0109f4c2000071350e6a9d07b3e05afc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:47:b3:85:90:01:d0:4a:e7:92:0b:53:ff:
df:80:e8:19:73:ce:6e:f4:c8:77:f2:f1:bf:a8:62:
5a:96:8b:b3:f3:7c:7f:dc:25:c5:6c:1c:e3:ff:30:
89:69:5f:9f:2a:d6:10:26:7f:a2:84:b2:f8:52:21:
56:54:22:17:e2:41:d5:de:b3:5b:f7:88:0a:26:00:
f2:bc:35:eb:03:01:c0:bf:94:d3:58:10:1a:d7:d1:
39:f2:87:37:0a:e5:10:7c:af:14:6e:0c:98:45:97:
57:cb:d5:dd:75:70:33:8b:80:3f:7e:93:14:ed:b9:
fe:8c:7f:06:59:de:99:ec:b0:69:2e:e5:75:09:a6:
8b:9b:d3:5d:3a:3e:a1:0d:a3:2e:96:c3:f1:75:0c:
f8:f7:7a:8c:d8:86:af:49:7d:30:40:08:7d:8b:78:
42:3b:6a:72:d7:7c:97:31:35:3d:61:b8:cd:c3:b6:
e8:2b:0d:61:9f:f0:93:90:5c:d5:46:4f:2e:1f:80:
e7:6f:e7:45:5f:b4:f4:57:13:ce:d7:ee:25:a9:10:
50:fe:ad:e7:c8:1a:46:96:61:13:e6:c0:e7:6a:4f:
89:80:39:94:ce:a9:32:e1:93:03:75:ef:75:94:62:
c5:e3:67:49:05:d3:c4:e5:5b:cf:dd:29:4f:93:39:
76:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:3F:32:D0:10:9F:4C:20:00:07:13:50:E6:A9:D0:7B:3E:05:AF:C2
X509v3 Authority Key Identifier:
keyid:9B:58:95:E7:F6:A6:D4:AB:A9:C9:61:F7:13:B2:E7:97:15:F0:21:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m1iV5_am1KupyWH3E7LnlxXwIfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/rT8y0BCfTCAABxNQ5qnQez4Fr8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/134b82-bcfb-445c-bd42-fc2a97b7d53e/1/m1iV5_am1KupyWH3E7LnlxXwIfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.96.0/21
147.234.92.0-147.234.103.255
185.24.204.0/22
213.137.64.0/20
IPv6:
2a02:5080::/32
Signature Algorithm: sha256WithRSAEncryption
54:c2:f6:77:2e:3a:c0:b1:1e:92:dc:c8:91:54:4e:44:eb:5a:
a1:a3:6d:ff:88:ca:27:e9:43:04:bc:f1:37:7b:13:a6:e5:c1:
fd:bd:aa:9a:c3:4a:1f:fa:2f:13:92:77:97:93:53:b1:83:53:
9d:37:eb:68:7d:c7:8d:5a:40:9d:8b:82:51:2e:56:50:d9:53:
49:3a:79:ac:df:be:63:b1:37:29:c7:88:c3:29:95:24:c4:64:
ec:3b:f9:e2:8b:7c:67:b5:fb:86:2d:fb:0e:c8:bb:da:66:3d:
c7:4f:55:53:2c:97:9b:e1:09:be:9b:90:17:cb:a7:8d:fd:86:
69:03:85:4c:5f:5f:ca:00:38:ac:98:16:e9:5b:d9:cf:27:9a:
2d:51:26:d4:6b:19:07:df:0f:80:39:62:94:50:0b:08:d9:93:
93:5c:a5:87:ac:a2:a2:95:01:2b:00:f9:a6:f7:1f:40:6b:ae:
f7:b7:be:d1:76:b0:b3:74:af:07:0d:90:b9:04:15:cf:de:17:
e0:b7:bb:56:df:15:f2:c3:fe:6c:50:df:4c:c6:ae:b7:21:23:
7e:a2:14:3e:a2:e5:c0:b8:26:be:4f:63:6a:b6:37:88:e6:a5:
c8:0d:cf:bc:11:d8:c5:86:7e:c8:55:9a:33:e5:2e:b6:51:0a:
6a:44:18:c7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZh6hO/BVfrnrWIaK4tF3rR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNTg5NWU3ZjZhNmQ0YWJhOWM5NjFmNzEzYjJlNzk3MTVm
MDIxZjAwHhcNMjUwODA1MTM1NjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDNmMzJkMDEwOWY0YzIwMDAwNzEzNTBlNmE5ZDA3YjNlMDVhZmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsExHs4WQAdBK55ILU//fgOgZc85u
9Mh38vG/qGJalouz83x/3CXFbBzj/zCJaV+fKtYQJn+ihLL4UiFWVCIX4kHV3rNb
94gKJgDyvDXrAwHAv5TTWBAa19E58oc3CuUQfK8UbgyYRZdXy9XddXAzi4A/fpMU
7bn+jH8GWd6Z7LBpLuV1CaaLm9NdOj6hDaMulsPxdQz493qM2IavSX0wQAh9i3hC
O2py13yXMTU9YbjNw7boKw1hn/CTkFzVRk8uH4Dnb+dFX7T0VxPO1+4lqRBQ/q3n
yBpGlmET5sDnak+JgDmUzqky4ZMDde91lGLF42dJBdPE5VvP3SlPkzl2xQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFK0/MtAQn0wgAAcTUOap0Hs+Ba/CMB8GA1UdIwQY
MBaAFJtYlef2ptSrqclh9xOy55cV8CHwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDIt
ZmMyYTk3YjdkNTNlLzEvclQ4eTBCQ2ZUQ0FBQnhOUTVxblFlejRGcjhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMzRiODItYmNmYi00NDVjLWJkNDItZmMyYTk3YjdkNTNl
LzEvbTFpVjVfYW0xS3VweVdIM0U3TG5seFh3SWZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQDLh9gMAwD
BAKT6lwDBAOT6mADBAK5GMwDBATViUAwDQQCAAIwBwMFACoCUIAwDQYJKoZIhvcN
AQELBQADggEBAFTC9ncuOsCxHpLcyJFUTkTrWqGjbf+IyifpQwS88Td7E6blwf29
qprDSh/6LxOSd5eTU7GDU50362h9x41aQJ2LglEuVlDZU0k6eazfvmOxNynHiMMp
lSTEZOw7+eKLfGe1+4Yt+w7Iu9pmPcdPVVMsl5vhCb6bkBfLp439hmkDhUxfX8oA
OKyYFulb2c8nmi1RJtRrGQffD4A5YpRQCwjZk5NcpYesoqKVASsA+ab3H0Brrve3
vtF2sLN0rwcNkLkEFc/eF+C3u1bfFfLD/mxQ30zGrrchI36iFD6i5cC4Jr5PY2q2
N4jmpcgNz7wR2MWGfshVmjPlLrZRCmpEGMc=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:46:09 2025 by rpki-client