Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8PvXYjHwCPa0_igTR8PYk191iGM.roa
File: 8PvXYjHwCPa0_igTR8PYk191iGM.roa (raw, json)
Hash identifier: 4z7xLgimPlKxUhqc9/VyE9MbrFGf6Yr1fGmhw9G1V54=
Subject key identifier: F0:FB:D7:62:31:F0:08:F6:B4:FE:28:13:47:C3:D8:93:5F:75:88:63
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019EA6800D75AC84A614F9778A5B933B3C68
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8PvXYjHwCPa0_igTR8PYk191iGM.roa
Signing time: Mon 08 Jun 2026 09:11:10 +0000
ROA not before: Mon 08 Jun 2026 09:11:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 5.180.50.0/24 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.1.0/24 maxlen: 24
85.208.115.0/24 maxlen: 24
85.209.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:80:0d:75:ac:84:a6:14:f9:77:8a:5b:93:3b:3c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 8 09:11:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f0fbd76231f008f6b4fe281347c3d8935f758863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:be:72:ae:0c:76:99:4d:94:36:b3:fc:09:8d:
91:1a:df:0f:c6:31:8c:c0:d8:ee:47:75:bd:0f:ca:
63:cf:d7:08:4d:32:bd:a6:fc:fc:b9:32:c1:2a:45:
22:91:76:8a:62:1e:62:d5:a3:6a:aa:92:a6:ab:9f:
f0:4f:30:0d:d5:dc:c1:e6:a3:3d:b9:d5:12:a0:e1:
31:09:ad:31:1d:1a:35:8f:55:f0:81:c5:e6:5f:84:
50:f5:fc:73:28:cb:b3:b3:7b:10:2d:1e:42:2a:cb:
ed:7f:53:c2:8d:80:f0:ea:62:f1:c1:7c:e3:59:51:
2a:9d:84:f5:92:d6:78:04:e4:76:c0:dd:c7:7a:ca:
9c:36:0c:7d:77:af:58:f2:c3:86:47:48:72:7c:db:
bb:97:b0:1d:92:c4:43:86:2c:a8:8e:cd:5e:80:7f:
40:90:e6:a2:40:f8:3f:3a:e2:3a:72:6f:0e:0a:b3:
04:6f:e4:c3:a2:7e:b4:21:5b:fc:38:70:9f:96:65:
42:d4:19:2d:fa:27:0c:84:c1:d0:6a:0b:36:fb:e9:
43:ea:8d:dc:fc:dc:74:9b:1a:96:0b:b0:5c:51:40:
d5:8b:d3:84:1a:62:0b:f0:c9:4f:7e:a2:71:2b:6c:
59:88:cc:55:75:a2:21:8c:73:7c:17:7f:02:95:19:
4c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:FB:D7:62:31:F0:08:F6:B4:FE:28:13:47:C3:D8:93:5F:75:88:63
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/8PvXYjHwCPa0_igTR8PYk191iGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.50.0/23
5.180.80.0/24
45.8.188.0-45.8.195.255
45.8.199.0/24
45.8.255.0/24
45.9.1.0/24
85.208.115.0/24
85.209.160.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:6e:de:53:43:c9:fa:43:91:71:46:de:c7:d1:b4:43:1a:93:
95:13:c6:44:1d:ac:a3:b7:fd:9a:57:f1:84:b3:8a:7e:c4:85:
5a:4e:e5:0d:0a:a6:29:e4:aa:48:33:e0:c8:56:f2:1c:f7:5b:
83:4d:67:ed:65:09:d1:41:05:6b:4e:9e:c7:11:09:63:73:97:
27:72:73:eb:cd:3e:c6:45:68:0c:6b:5a:e5:15:16:4f:67:1d:
d7:2b:d0:fd:c7:11:f6:e9:53:16:d8:cb:d6:53:b6:2b:be:89:
6a:26:4f:5b:26:cf:07:d6:28:12:ef:35:e4:64:c6:7c:b4:9e:
dc:22:b7:1b:f9:e5:25:bd:6e:6e:f9:86:95:7c:6d:2e:96:c1:
fb:30:c0:ae:c6:a2:43:8c:79:66:98:df:58:1a:6c:ba:48:15:
5a:46:76:ab:c4:fb:9d:48:f8:a6:a3:06:c2:08:a8:c0:55:56:
b5:7a:f6:1d:be:7d:97:44:a0:c5:f8:18:50:74:3a:91:c1:15:
3e:8d:f0:94:5c:7b:3d:a6:17:89:84:93:7d:1c:d2:c4:08:b2:
5e:c6:6c:25:4c:f5:0c:f1:06:62:3b:71:31:9a:f4:f0:f0:3d:
da:4d:f3:5a:90:17:08:cc:a5:4c:a8:ee:7b:8b:b0:e0:6f:16:
f8:a2:fa:5f
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6mgA11rISmFPl3iluTOzxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjA4MDkxMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGZiZDc2MjMxZjAwOGY2YjRmZTI4MTM0N2MzZDg5MzVmNzU4ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj75yrgx2mU2UNrP8CY2RGt8PxjGM
wNjuR3W9D8pjz9cITTK9pvz8uTLBKkUikXaKYh5i1aNqqpKmq5/wTzAN1dzB5qM9
udUSoOExCa0xHRo1j1XwgcXmX4RQ9fxzKMuzs3sQLR5CKsvtf1PCjYDw6mLxwXzj
WVEqnYT1ktZ4BOR2wN3HesqcNgx9d69Y8sOGR0hyfNu7l7AdksRDhiyojs1egH9A
kOaiQPg/OuI6cm8OCrMEb+TDon60IVv8OHCflmVC1Bkt+icMhMHQags2++lD6o3c
/Nx0mxqWC7BcUUDVi9OEGmIL8MlPfqJxK2xZiMxVdaIhjHN8F38ClRlMeQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPD712Ix8Aj2tP4oE0fD2JNfdYhjMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvOFB2WFlqSHdDUGEwX2lnVFI4UFlrMTkxaUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBBbQyAwQA
BbRQMAwDBAItCLwDBAItCMADBAAtCMcDBAAtCP8DBAAtCQEDBABV0HMDBABV0aAw
DQYJKoZIhvcNAQELBQADggEBAE1u3lNDyfpDkXFG3sfRtEMak5UTxkQdrKO3/ZpX
8YSzin7EhVpO5Q0Kpinkqkgz4MhW8hz3W4NNZ+1lCdFBBWtOnscRCWNzlydyc+vN
PsZFaAxrWuUVFk9nHdcr0P3HEfbpUxbYy9ZTtiu+iWomT1smzwfWKBLvNeRkxny0
ntwitxv55SW9bm75hpV8bS6WwfswwK7GokOMeWaY31gabLpIFVpGdqvE+51I+Kaj
BsIIqMBVVrV69h2+fZdEoMX4GFB0OpHBFT6N8JRcez2mF4mEk30c0sQIsl7GbCVM
9QzxBmI7cTGa9PDwPdpN81qQFwjMpUyo7nuLsOBvFvii+l8=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:35:36 2026 by rpki-client