
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/8DPJokshklZiZ-Wg3NyoXUsggCo.roa
File: 8DPJokshklZiZ-Wg3NyoXUsggCo.roa (raw, json)
Hash identifier: saLQlFoD5jr+b8OXd/uC1s8XxDV1hFFRgD40BfF/jSg=
Subject key identifier: F0:33:C9:A2:4B:21:92:56:62:67:E5:A0:DC:DC:A8:5D:4B:20:80:2A
Certificate issuer: /CN=2fbd908d0c5bd3aacf5280dd81ea20382cd978ea
Certificate serial: 0198566B9990ED724F0C1AFA7065B17D60DD
Authority key identifier: 2F:BD:90:8D:0C:5B:D3:AA:CF:52:80:DD:81:EA:20:38:2C:D9:78:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L72QjQxb06rPUoDdgeogOCzZeOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/8DPJokshklZiZ-Wg3NyoXUsggCo.roa
Signing time: Tue 29 Jul 2025 13:42:28 +0000
ROA not before: Tue 29 Jul 2025 13:42:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39700
IP address blocks: 185.228.196.0/22 maxlen: 24
2a0d:3600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/L72QjQxb06rPUoDdgeogOCzZeOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/L72QjQxb06rPUoDdgeogOCzZeOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/L72QjQxb06rPUoDdgeogOCzZeOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 04:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:6b:99:90:ed:72:4f:0c:1a:fa:70:65:b1:7d:60:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fbd908d0c5bd3aacf5280dd81ea20382cd978ea
Validity
Not Before: Jul 29 13:42:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f033c9a24b2192566267e5a0dcdca85d4b20802a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ea:58:97:fc:07:47:31:1a:54:c9:1f:9a:0d:
e3:ea:65:76:8f:e6:65:bf:c5:1d:64:66:e1:49:5a:
fe:79:79:87:d1:b4:35:36:89:c6:6f:26:5d:f1:58:
5a:3b:1e:97:0f:72:8a:65:58:6c:f4:0f:df:23:9d:
ce:e0:b0:83:bf:42:f5:0e:19:1d:38:0d:99:03:c3:
7d:6e:b3:26:62:d4:98:a4:ad:42:ec:a7:62:5d:4e:
08:1c:64:20:d8:cc:02:5a:c5:8c:07:fe:fe:aa:36:
17:21:52:10:49:ff:72:63:54:43:17:b5:02:08:da:
c0:a4:a7:3d:b2:96:db:65:7b:80:2f:eb:68:f2:a4:
a4:15:23:78:9f:61:0c:3e:2c:e1:b3:99:1d:60:29:
de:d8:e2:9a:4d:a4:07:f1:11:41:e5:21:82:a3:35:
a7:9d:9d:82:a0:7e:03:81:1c:4f:5f:8d:d4:f8:ab:
6c:1d:6b:60:1f:f4:5f:6f:1e:26:6d:da:64:f6:6d:
e4:bc:ec:7f:29:49:f8:98:ce:ce:40:29:fb:8e:c8:
dd:c6:a2:ff:0b:97:83:31:6a:af:e5:71:02:69:dd:
d1:64:ef:77:cb:b4:57:0e:22:de:6f:42:3e:61:f9:
58:f1:4a:af:7e:ca:d7:50:11:c3:eb:b0:fa:1d:47:
d0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:33:C9:A2:4B:21:92:56:62:67:E5:A0:DC:DC:A8:5D:4B:20:80:2A
X509v3 Authority Key Identifier:
keyid:2F:BD:90:8D:0C:5B:D3:AA:CF:52:80:DD:81:EA:20:38:2C:D9:78:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L72QjQxb06rPUoDdgeogOCzZeOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/8DPJokshklZiZ-Wg3NyoXUsggCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e7234c-887e-41e9-ad3c-7ecdd2f64d2d/1/L72QjQxb06rPUoDdgeogOCzZeOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.196.0/22
IPv6:
2a0d:3600::/29
Signature Algorithm: sha256WithRSAEncryption
39:64:7b:90:4d:0c:ad:fb:21:ba:96:c2:db:82:41:75:87:3f:
f2:c6:ac:00:2c:b4:60:9e:90:b8:f6:f4:41:d8:1d:98:13:13:
e5:71:85:1f:cb:36:27:a3:58:45:6c:c1:a3:77:7e:5d:dc:6b:
e6:57:e6:c8:98:aa:3d:5a:96:70:47:98:ac:94:e0:a3:ff:19:
57:53:79:8f:75:e5:46:2b:b7:16:f0:59:54:d6:0c:16:5e:b3:
2c:0e:28:52:ab:d7:66:21:77:87:a1:12:9a:5c:28:ae:5b:de:
43:27:5d:e0:04:90:e4:7c:c0:de:46:9c:1b:bc:af:f8:18:49:
3e:71:17:14:8f:47:7c:63:a0:1d:6f:73:c6:48:b7:1a:2a:9f:
e3:50:db:07:1d:18:5d:e6:db:07:a0:56:54:58:f1:8b:bd:d9:
ee:54:f8:a8:4e:e2:a4:d3:46:21:b1:3f:71:e8:79:2f:dd:ed:
57:27:12:77:1b:e2:fa:f2:b0:5d:15:0d:75:97:a8:b1:d7:ac:
b6:83:d1:d8:4e:cb:b1:ee:7d:98:3c:c5:99:ad:1e:ab:9f:66:
c3:3d:89:f6:f0:25:ec:aa:f3:c2:c4:d1:cc:7b:79:6e:2f:00:
06:64:a1:e6:04:0f:d6:cc:3a:d8:c6:66:38:a6:47:b1:ad:76:
ef:fa:d4:0c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZhWa5mQ7XJPDBr6cGWxfWDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYmQ5MDhkMGM1YmQzYWFjZjUyODBkZDgxZWEyMDM4MmNk
OTc4ZWEwHhcNMjUwNzI5MTM0MjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDMzYzlhMjRiMjE5MjU2NjI2N2U1YTBkY2RjYTg1ZDRiMjA4MDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1upYl/wHRzEaVMkfmg3j6mV2j+Zl
v8UdZGbhSVr+eXmH0bQ1NonGbyZd8VhaOx6XD3KKZVhs9A/fI53O4LCDv0L1Dhkd
OA2ZA8N9brMmYtSYpK1C7KdiXU4IHGQg2MwCWsWMB/7+qjYXIVIQSf9yY1RDF7UC
CNrApKc9spbbZXuAL+to8qSkFSN4n2EMPizhs5kdYCne2OKaTaQH8RFB5SGCozWn
nZ2CoH4DgRxPX43U+KtsHWtgH/Rfbx4mbdpk9m3kvOx/KUn4mM7OQCn7jsjdxqL/
C5eDMWqv5XECad3RZO93y7RXDiLeb0I+YflY8UqvfsrXUBHD67D6HUfQxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPAzyaJLIZJWYmfloNzcqF1LIIAqMB8GA1UdIwQY
MBaAFC+9kI0MW9Oqz1KA3YHqIDgs2XjqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDcyUWpReGIwNnJQVW9EZGdlb2dPQ3paZU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNzIzNGMtODg3ZS00MWU5LWFkM2Mt
N2VjZGQyZjY0ZDJkLzEvOERQSm9rc2hrbFppWi1XZzNOeW9YVXNnZ0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNzIzNGMtODg3ZS00MWU5LWFkM2MtN2VjZGQyZjY0ZDJk
LzEvTDcyUWpReGIwNnJQVW9EZGdlb2dPQ3paZU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCueTEMA0E
AgACMAcDBQMqDTYAMA0GCSqGSIb3DQEBCwUAA4IBAQA5ZHuQTQyt+yG6lsLbgkF1
hz/yxqwALLRgnpC49vRB2B2YExPlcYUfyzYno1hFbMGjd35d3GvmV+bImKo9WpZw
R5islOCj/xlXU3mPdeVGK7cW8FlU1gwWXrMsDihSq9dmIXeHoRKaXCiuW95DJ13g
BJDkfMDeRpwbvK/4GEk+cRcUj0d8Y6Adb3PGSLcaKp/jUNsHHRhd5tsHoFZUWPGL
vdnuVPioTuKk00YhsT9x6Hkv3e1XJxJ3G+L68rBdFQ11l6ix16y2g9HYTsux7n2Y
PMWZrR6rn2bDPYn28CXsqvPCxNHMe3luLwAGZKHmBA/WzDrYxmY4pkexrXbv+tQM
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:41:54 2025 by rpki-client