Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/YUVOjg-NYPKdbH7CLgzYF0Szw-M.roa
File: YUVOjg-NYPKdbH7CLgzYF0Szw-M.roa (raw, json)
Hash identifier: ObWVxdFnXdJBDsdI7ajxP2E88epWKo+qtgn94PpqTw4=
Subject key identifier: 61:45:4E:8E:0F:8D:60:F2:9D:6C:7E:C2:2E:0C:D8:17:44:B3:C3:E3
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 0197F48779F9372BEAC8F8B8229D590269F3
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/YUVOjg-NYPKdbH7CLgzYF0Szw-M.roa
Signing time: Thu 10 Jul 2025 13:30:08 +0000
ROA not before: Thu 10 Jul 2025 13:30:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
93.180.218.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
138.124.156.0/24 maxlen: 24
138.124.157.0/24 maxlen: 24
138.124.158.0/24 maxlen: 24
138.124.159.0/24 maxlen: 24
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
185.138.120.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.123.0/24 maxlen: 24
185.254.12.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.14.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
199.74.188.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:87:79:f9:37:2b:ea:c8:f8:b8:22:9d:59:02:69:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jul 10 13:30:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61454e8e0f8d60f29d6c7ec22e0cd81744b3c3e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:cb:01:39:83:eb:99:96:8b:28:7e:29:ed:29:
50:be:c1:e3:fa:b2:34:22:c7:7f:6b:9a:17:7b:12:
cb:34:f1:2e:96:9c:74:c7:72:c2:b0:0e:01:36:47:
14:9e:3c:44:3b:63:de:72:9e:f6:19:0e:72:7d:96:
b3:86:b9:a2:ad:b9:30:c5:18:d3:d9:ee:ab:05:5b:
18:4e:07:ae:7b:03:df:10:19:a5:d3:4c:67:2e:cd:
dc:ea:52:18:29:f7:0a:d0:2e:f2:56:02:ff:82:cc:
5c:98:d3:12:99:2f:a4:2a:84:e5:6d:30:ea:72:b2:
a3:0f:11:85:ad:aa:a6:60:58:2f:fe:b1:72:3e:85:
6e:4a:19:67:29:4d:50:b3:5a:be:0d:4b:17:2a:90:
ed:98:2e:ba:d1:54:49:7c:49:23:2c:c1:ec:12:e2:
71:80:50:92:d9:78:85:11:b0:a9:26:5a:b6:34:81:
a8:37:61:71:d1:c6:9b:47:17:aa:80:ee:af:36:ba:
18:a5:ce:dc:98:54:f7:07:d8:35:f7:1d:15:1b:50:
ef:ce:9e:df:1d:65:bf:5c:16:94:68:1d:07:bb:31:
fa:fd:49:81:e0:d9:e7:71:cc:b7:37:46:4c:12:e1:
cc:74:92:be:00:a3:ef:1b:43:dc:70:ce:d5:75:b4:
5c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:45:4E:8E:0F:8D:60:F2:9D:6C:7E:C2:2E:0C:D8:17:44:B3:C3:E3
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/YUVOjg-NYPKdbH7CLgzYF0Szw-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:72:81:7a:d2:93:db:d1:be:1a:91:ee:7e:46:75:7e:a0:ed:
1f:a5:43:ab:c4:73:ae:1f:4d:93:cf:8b:81:94:41:84:0b:84:
62:b4:3d:79:6f:6f:b1:78:27:6b:3e:8b:df:42:e3:ab:e2:26:
88:7d:e1:2c:ea:ae:70:39:5a:4a:c5:79:05:08:b4:08:71:1e:
60:72:b8:5e:ef:5a:de:a6:d4:4e:8f:b3:b9:6a:f5:a4:12:33:
9f:b1:56:ba:17:6d:51:a9:e8:30:5a:01:80:b7:00:5b:a7:92:
eb:31:c5:4d:28:88:81:58:71:38:33:36:f4:81:59:e8:9e:06:
22:e4:4b:87:38:2c:3b:96:62:55:4e:51:18:ac:6e:ee:39:18:
f2:50:b9:08:8f:63:d0:d1:12:9a:07:a1:a1:ef:f2:8e:21:23:
0c:50:11:97:1a:3c:3d:c4:bd:b7:5a:ba:4e:64:f3:0f:ad:12:
d8:cf:44:8a:fa:a5:3a:91:fc:86:33:a2:c2:91:8b:59:be:da:
59:d4:ab:b2:66:9b:47:92:64:e5:5d:ad:09:30:6b:2c:d1:82:
c3:c5:26:78:b4:f8:c6:30:fc:c7:e5:9a:5c:cf:fa:7f:ac:77:
a2:47:e4:4b:7c:ec:dd:b8:88:87:f1:26:6a:0d:33:ec:98:f3:
c3:14:b2:34
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZf0h3n5NyvqyPi4Ip1ZAmnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUwNzEwMTMzMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTQ1NGU4ZTBmOGQ2MGYyOWQ2YzdlYzIyZTBjZDgxNzQ0YjNjM2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3csBOYPrmZaLKH4p7SlQvsHj+rI0
Isd/a5oXexLLNPEulpx0x3LCsA4BNkcUnjxEO2Pecp72GQ5yfZazhrmirbkwxRjT
2e6rBVsYTgeuewPfEBml00xnLs3c6lIYKfcK0C7yVgL/gsxcmNMSmS+kKoTlbTDq
crKjDxGFraqmYFgv/rFyPoVuShlnKU1Qs1q+DUsXKpDtmC660VRJfEkjLMHsEuJx
gFCS2XiFEbCpJlq2NIGoN2Fx0cabRxeqgO6vNroYpc7cmFT3B9g19x0VG1Dvzp7f
HWW/XBaUaB0HuzH6/UmB4Nnnccy3N0ZMEuHMdJK+AKPvG0PccM7VdbRcoQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGFFTo4PjWDynWx+wi4M2BdEs8PjMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvWVVWT2pnLU5ZUEtkYkg3Q0xnellGMFN6dy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0GCSqGSIb3
DQEBCwUAA4IBAQCpcoF60pPb0b4ake5+RnV+oO0fpUOrxHOuH02Tz4uBlEGEC4Ri
tD15b2+xeCdrPovfQuOr4iaIfeEs6q5wOVpKxXkFCLQIcR5gcrhe71reptROj7O5
avWkEjOfsVa6F21RqegwWgGAtwBbp5LrMcVNKIiBWHE4Mzb0gVnongYi5EuHOCw7
lmJVTlEYrG7uORjyULkIj2PQ0RKaB6Gh7/KOISMMUBGXGjw9xL23WrpOZPMPrRLY
z0SK+qU6kfyGM6LCkYtZvtpZ1KuyZptHkmTlXa0JMGss0YLDxSZ4tPjGMPzH5Zpc
z/p/rHeiR+RLfOzduIiH8SZqDTPsmPPDFLI0
-----END CERTIFICATE-----
Generated at Sun Jul 20 09:37:53 2025 by rpki-client