Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UY3muR0INg99lrl6RyVRpmXQiVA.roa
File: UY3muR0INg99lrl6RyVRpmXQiVA.roa (raw, json)
Hash identifier: ngURFLpCNaHMjBAmks8mIdx4bSEFdYIbp1DYncrQTsw=
Subject key identifier: 51:8D:E6:B9:1D:08:36:0F:7D:96:B9:7A:47:25:51:A6:65:D0:89:50
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01983175936A92FEB011EF425973E4BE7A98
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UY3muR0INg99lrl6RyVRpmXQiVA.roa
Signing time: Tue 22 Jul 2025 09:27:25 +0000
ROA not before: Tue 22 Jul 2025 09:27:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 77.83.244.0/24 maxlen: 24
92.118.168.0/24 maxlen: 24
95.81.72.0/24 maxlen: 24
95.81.73.0/24 maxlen: 24
95.81.74.0/24 maxlen: 24
95.81.75.0/24 maxlen: 24
109.122.194.0/24 maxlen: 24
109.122.195.0/24 maxlen: 24
160.20.158.0/24 maxlen: 24
160.20.159.0/24 maxlen: 24
185.79.139.0/24 maxlen: 24
185.113.138.0/24 maxlen: 24
193.221.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:75:93:6a:92:fe:b0:11:ef:42:59:73:e4:be:7a:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Jul 22 09:27:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=518de6b91d08360f7d96b97a472551a665d08950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0a:72:d5:f3:cf:e5:10:9d:6f:b4:9c:d5:00:
aa:74:2c:8b:7a:9c:58:a0:0d:ec:6a:12:de:cb:b4:
74:e1:b3:a7:89:bf:ee:5c:a0:fd:85:8c:b3:59:b6:
7c:99:09:d1:bd:c3:f6:69:03:1d:06:b9:fd:90:60:
f9:79:1e:99:92:70:8a:d5:7e:27:08:83:e4:92:cb:
93:61:42:17:dd:c0:64:87:7d:4f:b8:3c:89:35:c4:
d0:91:e1:ea:3b:bc:ae:ca:0f:54:99:d7:32:b0:06:
bc:a6:ae:bb:1a:39:91:40:c0:d8:4a:96:5a:e7:51:
fd:e1:8f:8b:f9:dc:20:d1:8e:a5:37:50:af:d4:67:
ae:ee:86:97:fa:b1:26:b2:24:f4:37:73:f3:ed:48:
18:a9:cb:32:f3:23:3e:e8:8a:fb:63:ef:23:5e:1f:
67:dc:f5:6b:d5:cc:ee:de:91:bf:4d:7a:37:27:94:
fb:9b:ed:cd:53:be:65:32:03:ec:5d:d7:b9:6e:41:
89:c6:57:e5:a1:d9:09:56:1e:dd:6d:6f:7d:6d:1d:
fe:b0:8e:c3:e5:88:bc:d9:ae:7e:a0:06:ad:61:87:
86:04:24:f4:13:92:d4:7c:c6:7a:14:f3:0a:94:57:
c9:48:ac:71:6d:22:b8:8a:d0:bd:14:4c:4e:07:21:
06:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:8D:E6:B9:1D:08:36:0F:7D:96:B9:7A:47:25:51:A6:65:D0:89:50
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/UY3muR0INg99lrl6RyVRpmXQiVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.244.0/24
92.118.168.0/24
95.81.72.0/22
109.122.194.0/23
160.20.158.0/23
185.79.139.0/24
185.113.138.0/24
193.221.202.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ac:fe:3a:74:64:56:b8:5c:9d:bd:2c:a0:57:eb:a2:7d:4a:
7a:cd:08:3a:a9:e9:84:db:e2:3c:8c:2f:0a:23:c7:1c:dc:e6:
f1:fa:41:9e:cd:a4:50:7d:d4:e9:d9:75:72:a9:fd:78:95:72:
b7:88:b4:c4:e4:44:a1:7e:3f:1e:a9:9b:a7:1b:07:e5:b7:01:
76:59:f6:f4:6f:88:47:83:6d:f4:b4:2a:46:a9:63:71:03:f9:
fe:68:14:79:ff:f5:4c:14:8f:ec:00:a6:b9:23:b3:08:3a:e4:
b4:86:e0:ff:b9:31:06:3f:72:53:fc:45:80:54:a8:56:92:76:
1b:0e:22:b3:b5:1f:e8:e6:db:2c:d7:ab:c7:b3:8f:49:30:df:
72:b1:b9:b0:93:60:5e:7d:92:22:4e:6e:69:47:f0:ab:9a:8a:
61:05:3f:33:e4:2f:70:da:e7:c0:10:61:ab:af:d3:f2:13:bf:
ed:37:6a:3e:33:37:22:61:c5:5b:12:0f:f0:c4:62:72:62:53:
99:22:f9:28:ff:64:81:2d:26:80:a7:c6:3d:23:23:14:89:08:
b7:de:0e:83:38:3e:0c:49:7a:a6:a3:22:ad:69:83:bd:63:42:
10:7a:8c:d1:f3:13:89:8f:4f:aa:12:6c:ce:d1:96:36:1c:4c:
f8:32:bf:0a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZgxdZNqkv6wEe9CWXPkvnqYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwNzIyMDkyNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MThkZTZiOTFkMDgzNjBmN2Q5NmI5N2E0NzI1NTFhNjY1ZDA4OTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlgpy1fPP5RCdb7Sc1QCqdCyLepxY
oA3sahLey7R04bOnib/uXKD9hYyzWbZ8mQnRvcP2aQMdBrn9kGD5eR6ZknCK1X4n
CIPkksuTYUIX3cBkh31PuDyJNcTQkeHqO7yuyg9UmdcysAa8pq67GjmRQMDYSpZa
51H94Y+L+dwg0Y6lN1Cv1Geu7oaX+rEmsiT0N3Pz7UgYqcsy8yM+6Ir7Y+8jXh9n
3PVr1czu3pG/TXo3J5T7m+3NU75lMgPsXde5bkGJxlflodkJVh7dbW99bR3+sI7D
5Yi82a5+oAatYYeGBCT0E5LUfMZ6FPMKlFfJSKxxbSK4itC9FExOByEGrwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFGN5rkdCDYPfZa5ekclUaZl0IlQMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvVVkzbXVSMElOZzk5bHJsNlJ5VlJwbVhRaVZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATVP0AwQA
XHaoAwQCX1FIAwQBbXrCAwQBoBSeAwQAuU+LAwQAuXGKAwQAwd3KMA0GCSqGSIb3
DQEBCwUAA4IBAQBhrP46dGRWuFydvSygV+uifUp6zQg6qemE2+I8jC8KI8cc3Obx
+kGezaRQfdTp2XVyqf14lXK3iLTE5EShfj8eqZunGwfltwF2Wfb0b4hHg230tCpG
qWNxA/n+aBR5//VMFI/sAKa5I7MIOuS0huD/uTEGP3JT/EWAVKhWknYbDiKztR/o
5tss16vHs49JMN9ysbmwk2BefZIiTm5pR/CrmophBT8z5C9w2ufAEGGrr9PyE7/t
N2o+MzciYcVbEg/wxGJyYlOZIvko/2SBLSaAp8Y9IyMUiQi33g6DOD4MSXqmoyKt
aYO9Y0IQeozR8xOJj0+qEmzO0ZY2HEz4Mr8K
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:42:08 2025 by rpki-client