Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uGMyNz40Ty2jprHDxhOpxPD28xY.roa
File: uGMyNz40Ty2jprHDxhOpxPD28xY.roa (raw, json)
Hash identifier: 4UqFdsj2PvYss0fu/Sz+CcIqyWtugoEK7/X56uF0n/k=
Subject key identifier: B8:63:32:37:3E:34:4F:2D:A3:A6:B1:C3:C6:13:A9:C4:F0:F6:F3:16
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019820DF5C8D0D6C7D85EC1E98804902FF3C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uGMyNz40Ty2jprHDxhOpxPD28xY.roa
Signing time: Sat 19 Jul 2025 04:09:25 +0000
ROA not before: Sat 19 Jul 2025 04:09:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
5.231.30.0/24 maxlen: 24
77.90.54.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.233.0/24 maxlen: 24
217.69.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:20:df:5c:8d:0d:6c:7d:85:ec:1e:98:80:49:02:ff:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 19 04:09:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b86332373e344f2da3a6b1c3c613a9c4f0f6f316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:f4:99:68:f0:59:5e:4d:00:45:67:17:28:
bf:ac:ad:dc:d2:09:51:a0:db:5c:48:cd:e2:dd:60:
14:84:06:df:8a:7e:dd:e4:a3:70:64:54:e2:b9:0d:
2d:73:6b:14:92:26:bc:8f:87:1a:c1:6e:a5:bb:7e:
e0:70:62:c1:26:1d:45:65:41:3f:78:c4:f9:6d:b6:
82:f2:88:08:3e:52:d2:0e:f6:75:1a:dd:c8:5b:29:
92:93:6e:93:f4:c2:2d:ec:e9:88:ef:cd:e9:b0:1c:
e4:0f:56:a2:21:ee:c9:4a:9a:cd:97:07:dc:aa:34:
08:d5:51:ff:04:c3:db:9d:50:75:01:23:dd:d6:82:
29:8a:b4:06:53:ee:b1:20:e8:92:b8:1c:bd:37:c4:
f8:72:0a:44:fe:18:08:e7:4f:8f:7d:61:d7:76:17:
8b:1e:59:e2:82:d2:08:79:69:9b:1d:88:a2:c5:7c:
1b:e5:58:22:d1:5a:4b:18:46:c2:0e:6e:77:c8:56:
dd:f1:52:a5:e8:82:7b:c2:c7:e5:ca:eb:b0:88:ea:
20:f8:d1:88:02:89:7b:fc:b6:4a:4a:01:9c:eb:83:
f7:91:f3:c6:dc:f5:20:66:6b:86:da:cb:a6:6a:0d:
52:88:5c:f1:fe:dc:49:20:84:96:41:a4:9b:ba:a2:
56:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:63:32:37:3E:34:4F:2D:A3:A6:B1:C3:C6:13:A9:C4:F0:F6:F3:16
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uGMyNz40Ty2jprHDxhOpxPD28xY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
5.231.30.0/24
77.90.54.0/24
87.239.131.0/24
94.249.233.0/24
217.69.166.0/24
Signature Algorithm: sha256WithRSAEncryption
45:66:88:8d:a6:7f:99:dd:e0:53:09:36:5c:64:a7:71:d2:4f:
a5:34:85:93:71:dc:ea:33:65:e0:0a:ae:52:fd:a2:36:56:2e:
62:bd:83:38:21:a1:ee:cd:69:7e:a9:49:ef:56:63:ef:8f:f3:
1d:62:19:17:81:9b:9f:f5:a0:26:a0:3f:8c:da:90:87:6b:ff:
de:43:de:66:ed:7e:40:68:42:bc:ad:49:0f:a0:bb:c8:29:4f:
73:35:bd:b5:4e:1f:27:0c:e7:cc:a0:62:7f:a3:d2:6a:17:aa:
39:81:66:cd:cc:eb:cd:6a:cc:43:ab:b3:85:f0:b9:de:9c:74:
81:d3:57:fa:7b:7b:04:d9:a9:3b:eb:93:e0:2a:93:c7:82:f7:
ef:25:db:1f:58:9e:b3:35:73:73:73:86:bc:e1:12:c5:b3:92:
52:c6:76:4a:83:07:31:25:a8:9c:2e:5b:6f:1b:e1:7e:53:6e:
1d:25:c0:ea:6f:15:81:8f:99:a0:43:45:99:f0:61:6d:28:19:
b4:86:28:cd:11:9b:11:d1:85:96:6e:fc:73:fa:5f:50:25:17:
25:48:df:7e:77:75:1b:22:bc:f2:38:ae:28:c1:ca:f1:45:26:
38:87:1e:56:b4:2c:57:e9:89:57:c7:69:7b:78:23:9c:45:5f:
cb:5a:9e:a4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZgg31yNDWx9hewemIBJAv88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzE5MDQwOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYzMzIzNzNlMzQ0ZjJkYTNhNmIxYzNjNjEzYTljNGYwZjZmMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiL0mWjwWV5NAEVnFyi/rK3c0glR
oNtcSM3i3WAUhAbfin7d5KNwZFTiuQ0tc2sUkia8j4cawW6lu37gcGLBJh1FZUE/
eMT5bbaC8ogIPlLSDvZ1Gt3IWymSk26T9MIt7OmI783psBzkD1aiIe7JSprNlwfc
qjQI1VH/BMPbnVB1ASPd1oIpirQGU+6xIOiSuBy9N8T4cgpE/hgI50+PfWHXdheL
HlnigtIIeWmbHYiixXwb5Vgi0VpLGEbCDm53yFbd8VKl6IJ7wsflyuuwiOog+NGI
Aol7/LZKSgGc64P3kfPG3PUgZmuG2sumag1SiFzx/txJIISWQaSbuqJWDQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLhjMjc+NE8to6axw8YTqcTw9vMWMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdUdNeU56NDBUeTJqcHJIRHhoT3B4UEQyOHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOBAwQA
BeceAwQATVo2AwQAV++DAwQAXvnpAwQA2UWmMA0GCSqGSIb3DQEBCwUAA4IBAQBF
ZoiNpn+Z3eBTCTZcZKdx0k+lNIWTcdzqM2XgCq5S/aI2Vi5ivYM4IaHuzWl+qUnv
VmPvj/MdYhkXgZuf9aAmoD+M2pCHa//eQ95m7X5AaEK8rUkPoLvIKU9zNb21Th8n
DOfMoGJ/o9JqF6o5gWbNzOvNasxDq7OF8LnenHSB01f6e3sE2ak765PgKpPHgvfv
JdsfWJ6zNXNzc4a84RLFs5JSxnZKgwcxJaicLltvG+F+U24dJcDqbxWBj5mgQ0WZ
8GFtKBm0hijNEZsR0YWWbvxz+l9QJRclSN9+d3UbIrzyOK4owcrxRSY4hx5WtCxX
6YlXx2l7eCOcRV/LWp6k
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:31:58 2025 by rpki-client