Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UxYRiME_CynJL3Z4PeaSszWfcKU.roa
File: UxYRiME_CynJL3Z4PeaSszWfcKU.roa (raw, json)
Hash identifier: TGPUOMFk3KB0382uXjIllR7Ek5Xq7ZkNwkj4QNmYXCo=
Subject key identifier: 53:16:11:88:C1:3F:0B:29:C9:2F:76:78:3D:E6:92:B3:35:9F:70:A5
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0197D4CD29A38164376B033C665FB32C3C4F
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UxYRiME_CynJL3Z4PeaSszWfcKU.roa
Signing time: Fri 04 Jul 2025 09:38:24 +0000
ROA not before: Fri 04 Jul 2025 09:38:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34369
IP address blocks: 84.241.0.0/18 maxlen: 24
94.182.109.0/24 maxlen: 24
94.182.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:cd:29:a3:81:64:37:6b:03:3c:66:5f:b3:2c:3c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jul 4 09:38:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53161188c13f0b29c92f76783de692b3359f70a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:05:e8:6f:13:1e:47:1e:ff:5d:85:cc:30:67:
c3:6c:1f:47:9c:31:b1:24:d7:79:a3:80:5b:91:94:
6a:41:7a:9b:25:bf:54:13:f0:ee:f6:a8:7d:78:87:
72:57:54:85:4b:6d:aa:01:e3:80:82:3f:5b:15:d3:
f6:12:96:19:d6:eb:80:7e:fa:b5:ee:da:20:8e:f8:
d6:aa:8c:bb:06:68:bf:f0:53:fc:b4:01:22:0a:09:
77:75:8c:b9:79:6a:d6:51:ec:ce:68:67:01:18:dd:
53:ac:16:d1:b5:71:76:79:22:75:d9:9d:ed:9e:88:
a3:d8:66:9b:2c:0b:eb:01:a5:b0:d5:90:47:02:5f:
65:16:07:98:b4:cb:66:9d:69:a8:17:16:67:69:50:
9a:5d:ab:03:65:4d:a2:89:bc:18:c1:a3:58:d2:ea:
fa:44:d3:22:f9:43:1f:03:89:a8:f9:28:02:cb:3d:
22:de:dd:f7:4c:bb:5b:2b:c9:6b:bd:a4:ed:0b:d3:
74:26:2a:91:5b:d9:52:68:a7:f5:03:ce:88:d5:e3:
c2:8d:d3:f4:36:c4:e4:8e:9e:33:ee:db:82:2a:82:
cf:13:17:4d:72:60:65:ce:02:d2:23:34:ff:8e:83:
f4:31:e6:0a:6b:03:d8:f4:89:7e:8b:b4:f4:f0:df:
1d:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:16:11:88:C1:3F:0B:29:C9:2F:76:78:3D:E6:92:B3:35:9F:70:A5
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/UxYRiME_CynJL3Z4PeaSszWfcKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.241.0.0/18
94.182.109.0/24
94.182.151.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:e9:94:02:35:c1:cb:7a:47:56:99:08:af:f1:11:54:a5:43:
c2:aa:95:ff:46:8c:ae:37:7f:80:17:67:b2:1e:88:d3:60:b0:
4f:ca:56:fb:77:fb:f6:a3:75:cf:2c:d9:aa:25:fc:22:18:e8:
a3:80:eb:cc:0f:9c:54:48:b3:f1:32:25:b0:d9:74:f3:06:76:
84:31:86:b6:54:a0:97:5d:4e:b8:d0:fb:fe:6f:03:0a:aa:09:
bd:e1:55:f8:a0:21:21:c7:a9:ba:f4:00:ef:22:a1:50:76:b6:
76:71:a7:e2:05:ff:0a:b2:13:2d:60:d7:65:a6:d7:4c:ef:70:
00:dc:5f:11:bf:dc:f6:fd:22:0f:54:7f:b8:09:f9:a9:9f:63:
ae:bf:63:0d:88:f6:58:51:35:da:96:60:f9:91:53:b1:32:9a:
b2:9d:7f:e4:42:44:98:36:7d:93:bb:f3:04:97:06:07:12:b1:
78:31:ac:86:a0:08:be:bb:18:39:73:be:14:71:e3:6e:e4:10:
12:f2:c2:d0:68:3e:48:48:60:3a:4f:99:37:4f:39:17:8e:6f:
74:ad:77:65:d1:fe:5f:70:83:6d:32:44:1a:69:da:cc:66:06:
cf:62:36:7d:83:f2:49:24:5a:31:78:65:64:0e:f9:ac:8e:cb:
ba:30:ca:d2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfUzSmjgWQ3awM8Zl+zLDxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNzA0MDkzODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzE2MTE4OGMxM2YwYjI5YzkyZjc2NzgzZGU2OTJiMzM1OWY3MGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAXobxMeRx7/XYXMMGfDbB9HnDGx
JNd5o4BbkZRqQXqbJb9UE/Du9qh9eIdyV1SFS22qAeOAgj9bFdP2EpYZ1uuAfvq1
7togjvjWqoy7Bmi/8FP8tAEiCgl3dYy5eWrWUezOaGcBGN1TrBbRtXF2eSJ12Z3t
noij2GabLAvrAaWw1ZBHAl9lFgeYtMtmnWmoFxZnaVCaXasDZU2iibwYwaNY0ur6
RNMi+UMfA4mo+SgCyz0i3t33TLtbK8lrvaTtC9N0JiqRW9lSaKf1A86I1ePCjdP0
NsTkjp4z7tuCKoLPExdNcmBlzgLSIzT/joP0MeYKawPY9Il+i7T08N8dcwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFMWEYjBPwspyS92eD3mkrM1n3ClMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvVXhZUmlNRV9DeW5KTDNaNFBlYVNzeldmY0tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGVPEAAwQA
XrZtAwQAXraXMA0GCSqGSIb3DQEBCwUAA4IBAQAK6ZQCNcHLekdWmQiv8RFUpUPC
qpX/RoyuN3+AF2eyHojTYLBPylb7d/v2o3XPLNmqJfwiGOijgOvMD5xUSLPxMiWw
2XTzBnaEMYa2VKCXXU640Pv+bwMKqgm94VX4oCEhx6m69ADvIqFQdrZ2cafiBf8K
shMtYNdlptdM73AA3F8Rv9z2/SIPVH+4Cfmpn2Ouv2MNiPZYUTXalmD5kVOxMpqy
nX/kQkSYNn2Tu/MElwYHErF4MayGoAi+uxg5c74UceNu5BAS8sLQaD5ISGA6T5k3
TzkXjm90rXdl0f5fcINtMkQaadrMZgbPYjZ9g/JJJFoxeGVkDvmsjsu6MMrS
-----END CERTIFICATE-----
Generated at Wed Jul 23 18:49:34 2025 by rpki-client