Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/umpj4TmNb7-i6gRBMv2efJMNJXU.roa
File: umpj4TmNb7-i6gRBMv2efJMNJXU.roa (raw, json)
Hash identifier: 4c4cs6z/w6EGiSeq0CBgum5+NabWoSLkBUFZtdWiCkw=
Subject key identifier: BA:6A:63:E1:39:8D:6F:BF:A2:EA:04:41:32:FD:9E:7C:93:0D:25:75
Certificate issuer: /CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Certificate serial: 01980E63A7E93565A59D0D9B12BCC30B3041
Authority key identifier: EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/umpj4TmNb7-i6gRBMv2efJMNJXU.roa
Signing time: Tue 15 Jul 2025 14:01:08 +0000
ROA not before: Tue 15 Jul 2025 14:01:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215120
IP address blocks: 91.227.33.0/24 maxlen: 24
91.244.70.0/24 maxlen: 24
91.244.71.0/24 maxlen: 24
93.157.138.0/24 maxlen: 24
93.157.139.0/24 maxlen: 24
193.178.186.0/24 maxlen: 24
2a07:cec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.mft
rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:63:a7:e9:35:65:a5:9d:0d:9b:12:bc:c3:0b:30:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa5b62347a1b64cea49a2ab3ab4983c34861fb2
Validity
Not Before: Jul 15 14:01:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba6a63e1398d6fbfa2ea044132fd9e7c930d2575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:04:ad:b0:97:bf:22:29:65:48:c7:3c:86:61:
ab:78:6b:3b:b1:6f:2a:c9:3d:69:ef:e8:6f:6f:76:
a9:30:64:e6:88:49:18:c7:32:2f:b9:db:5f:48:37:
ee:9c:e6:d0:dd:d3:73:9f:81:f5:e0:55:64:e9:c2:
0d:48:ae:89:9c:ea:1b:95:78:08:03:91:4f:3f:9e:
21:1b:0d:ec:11:9a:0b:de:43:2a:12:e7:00:8a:e6:
94:a0:42:10:bb:cb:9d:59:0a:b3:95:76:80:91:0c:
c5:c7:fd:1d:cf:c3:03:dd:16:95:cd:54:9c:b5:73:
7a:fe:66:43:2c:e1:02:a1:c0:d1:ff:ba:7f:a3:37:
4f:a9:e9:76:4f:ce:3c:f4:f9:5a:8c:9d:b1:e5:d3:
76:f2:91:99:13:03:a1:a4:de:d4:48:e5:d7:67:71:
b8:67:9c:b1:a7:90:e4:14:61:0b:c7:cf:bb:ba:37:
74:36:36:9f:3c:46:60:d5:a2:11:5a:6f:f7:9b:f7:
ab:d2:da:e3:0b:74:d8:7e:aa:72:48:2d:f9:2c:41:
16:5b:28:41:fd:f7:24:f3:6d:8e:df:f5:8c:93:56:
4e:3c:51:b0:04:36:df:61:35:f6:1f:98:c1:06:21:
d9:f1:1e:b2:1c:75:ae:8d:ca:b4:01:0d:ca:af:b9:
26:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:6A:63:E1:39:8D:6F:BF:A2:EA:04:41:32:FD:9E:7C:93:0D:25:75
X509v3 Authority Key Identifier:
keyid:EF:A5:B6:23:47:A1:B6:4C:EA:49:A2:AB:3A:B4:98:3C:34:86:1F:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76W2I0ehtkzqSaKrOrSYPDSGH7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/umpj4TmNb7-i6gRBMv2efJMNJXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/24db21-efb9-407e-96ad-013d2a11c0a5/1/76W2I0ehtkzqSaKrOrSYPDSGH7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.33.0/24
91.244.70.0/23
93.157.138.0/23
193.178.186.0/24
IPv6:
2a07:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
14:49:1b:6b:d2:67:b3:48:52:d0:80:68:03:a8:36:7b:d9:94:
6c:72:9d:15:60:38:7a:73:81:a5:52:4b:c0:3f:0f:97:b6:c8:
c1:9e:92:92:fc:75:b3:ea:c7:16:33:ce:07:17:4e:cd:17:9e:
16:8d:5b:46:82:9e:51:97:76:5d:f9:ba:80:89:4d:82:dd:13:
78:a4:7b:98:5b:ee:4c:80:11:27:7a:2d:0e:0e:1d:55:7a:4e:
05:dc:6d:38:4b:cc:3a:8d:a0:dc:79:24:0c:39:ab:40:25:65:
cf:58:a4:16:22:d6:bb:46:71:b8:44:c0:49:80:30:f0:e2:9c:
9e:42:f4:95:e7:41:1f:88:e5:46:ad:08:7a:cf:37:49:5f:d1:
a9:bf:9e:ec:40:a7:be:21:76:0f:55:63:dc:94:25:da:d7:80:
ae:5c:d3:ea:95:ad:4a:4d:e3:42:9d:23:b9:b4:7d:ef:eb:84:
6d:95:1b:38:f5:70:eb:cf:3c:05:e2:a7:4e:7a:55:e0:d3:16:
6c:88:5f:f7:99:1c:4e:b2:97:a6:e3:d6:07:a2:ad:5a:e6:eb:
10:57:c8:17:1a:d7:11:71:37:af:00:a7:ce:bd:e8:c1:1f:d9:
1a:09:8e:d4:18:58:43:7b:a5:b1:79:b9:4f:60:1e:c3:95:e8:
d1:63:2d:6a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZgOY6fpNWWlnQ2bErzDCzBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTViNjIzNDdhMWI2NGNlYTQ5YTJhYjNhYjQ5ODNjMzQ4
NjFmYjIwHhcNMjUwNzE1MTQwMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTZhNjNlMTM5OGQ2ZmJmYTJlYTA0NDEzMmZkOWU3YzkzMGQyNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9QStsJe/IillSMc8hmGreGs7sW8q
yT1p7+hvb3apMGTmiEkYxzIvudtfSDfunObQ3dNzn4H14FVk6cINSK6JnOoblXgI
A5FPP54hGw3sEZoL3kMqEucAiuaUoEIQu8udWQqzlXaAkQzFx/0dz8MD3RaVzVSc
tXN6/mZDLOECocDR/7p/ozdPqel2T8489PlajJ2x5dN28pGZEwOhpN7USOXXZ3G4
Z5yxp5DkFGELx8+7ujd0NjafPEZg1aIRWm/3m/er0trjC3TYfqpySC35LEEWWyhB
/fck822O3/WMk1ZOPFGwBDbfYTX2H5jBBiHZ8R6yHHWujcq0AQ3Kr7kmqwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLpqY+E5jW+/ouoEQTL9nnyTDSV1MB8GA1UdIwQY
MBaAFO+ltiNHobZM6kmiqzq0mDw0hh+yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQt
MDEzZDJhMTFjMGE1LzEvdW1wajRUbU5iNy1pNmdSQk12MmVmSk1OSlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yNGRiMjEtZWZiOS00MDdlLTk2YWQtMDEzZDJhMTFjMGE1
LzEvNzZXMkkwZWh0a3pxU2FLck9yU1lQRFNHSDdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW+MhAwQB
W/RGAwQBXZ2KAwQAwbK6MA0EAgACMAcDBQMqB87AMA0GCSqGSIb3DQEBCwUAA4IB
AQAUSRtr0mezSFLQgGgDqDZ72ZRscp0VYDh6c4GlUkvAPw+XtsjBnpKS/HWz6scW
M84HF07NF54WjVtGgp5Rl3Zd+bqAiU2C3RN4pHuYW+5MgBEnei0ODh1Vek4F3G04
S8w6jaDceSQMOatAJWXPWKQWIta7RnG4RMBJgDDw4pyeQvSV50EfiOVGrQh6zzdJ
X9Gpv57sQKe+IXYPVWPclCXa14CuXNPqla1KTeNCnSO5tH3v64RtlRs49XDrzzwF
4qdOelXg0xZsiF/3mRxOspem49YHoq1a5usQV8gXGtcRcTevAKfOvejBH9kaCY7U
GFhDe6WxeblPYB7DlejRYy1q
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:15:22 2025 by rpki-client