Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/UHF50-X1kfLl8ymSpr0q0MvYkqg.roa
File: UHF50-X1kfLl8ymSpr0q0MvYkqg.roa (raw, json)
Hash identifier: u1f/OlFMMgpp8lHhTMzBpjfYXwZYOD3VKp49YUOpiWQ=
Subject key identifier: 50:71:79:D3:E5:F5:91:F2:E5:F3:29:92:A6:BD:2A:D0:CB:D8:92:A8
Certificate issuer: /CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Certificate serial: 0197C5F33FDF72A3E10B27CFF2F4D6630BDB
Authority key identifier: 72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/UHF50-X1kfLl8ymSpr0q0MvYkqg.roa
Signing time: Tue 01 Jul 2025 12:25:42 +0000
ROA not before: Tue 01 Jul 2025 12:25:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25291
IP address blocks: 37.44.0.0/21 maxlen: 24
37.49.152.0/21 maxlen: 24
37.123.104.0/21 maxlen: 24
45.153.82.0/23 maxlen: 24
77.247.80.0/21 maxlen: 24
109.68.224.0/21 maxlen: 24
147.93.208.0/22 maxlen: 24
151.252.40.0/21 maxlen: 24
176.74.56.0/21 maxlen: 24
185.46.136.0/22 maxlen: 24
185.54.232.0/22 maxlen: 24
185.56.104.0/23 maxlen: 24
185.56.128.0/21 maxlen: 24
195.192.128.0/18 maxlen: 24
2a00:13c8::/32 maxlen: 48
2a00:7fc0::/32 maxlen: 48
2a00:7fc0::/33 maxlen: 48
2a04:d480::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.mft
rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:f3:3f:df:72:a3:e1:0b:27:cf:f2:f4:d6:63:0b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72c26abc9e06c1afef9b5fd2da40412e7aee6b47
Validity
Not Before: Jul 1 12:25:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=507179d3e5f591f2e5f32992a6bd2ad0cbd892a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7a:bd:49:5e:8f:69:22:6d:c1:96:4e:b6:7f:
16:5d:2e:7f:ba:e5:08:33:21:d2:e2:12:48:dc:4e:
90:da:2e:b8:a3:2a:45:2d:2a:ae:d3:be:7b:b8:9f:
5f:7c:81:a9:23:29:dc:c3:00:05:38:1f:9f:32:40:
26:10:fb:a2:c6:a9:94:3c:07:66:de:03:58:f2:a2:
57:60:e0:d5:c1:3e:e3:49:4c:a5:66:1a:61:36:31:
b2:d8:c4:e0:12:b5:f5:a8:5f:69:14:a1:7f:8f:e8:
21:41:e4:c2:24:5d:47:fd:16:5d:53:1c:70:3a:58:
52:bc:3d:a2:3b:5c:53:03:03:a8:4e:4d:c0:c0:c7:
e0:39:86:b7:b4:c7:3b:08:41:d6:32:38:18:5a:7d:
d5:84:6b:b8:da:74:13:90:12:cd:89:33:97:3f:22:
29:5f:95:70:12:de:99:15:cb:e4:d0:36:29:10:3d:
80:c2:18:88:51:34:8c:ba:dd:b9:db:25:cb:bb:33:
1d:74:36:00:b3:2d:35:fa:4a:17:9f:27:b8:7d:1d:
57:a9:9e:27:4d:76:60:99:9a:55:e4:fe:b8:10:4f:
0e:5c:d1:d9:56:79:ba:34:bf:aa:5c:78:c5:ab:d5:
e5:45:da:0e:9e:23:78:84:14:6b:67:d0:3d:a6:d4:
8a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:71:79:D3:E5:F5:91:F2:E5:F3:29:92:A6:BD:2A:D0:CB:D8:92:A8
X509v3 Authority Key Identifier:
keyid:72:C2:6A:BC:9E:06:C1:AF:EF:9B:5F:D2:DA:40:41:2E:7A:EE:6B:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/csJqvJ4Gwa_vm1_S2kBBLnrua0c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/UHF50-X1kfLl8ymSpr0q0MvYkqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6c0530-1074-4b35-be0c-cd7d61913288/1/csJqvJ4Gwa_vm1_S2kBBLnrua0c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.0.0/21
37.49.152.0/21
37.123.104.0/21
45.153.82.0/23
77.247.80.0/21
109.68.224.0/21
147.93.208.0/22
151.252.40.0/21
176.74.56.0/21
185.46.136.0/22
185.54.232.0/22
185.56.104.0/23
185.56.128.0/21
195.192.128.0/18
IPv6:
2a00:13c8::/32
2a00:7fc0::/32
2a04:d480::/29
Signature Algorithm: sha256WithRSAEncryption
b5:cf:5c:5a:65:96:5a:f0:db:ec:72:8b:80:5e:35:6b:92:64:
9d:80:95:b6:d8:36:db:9f:41:a6:7d:2f:d9:73:d0:63:74:6f:
66:35:4f:e0:ed:4e:7a:96:ce:2b:0e:89:8d:c5:e6:f6:b0:c4:
e0:b7:b2:7f:6f:0a:7d:ca:e0:74:59:34:23:32:58:6f:e0:68:
66:f0:9a:57:df:89:4b:e4:6b:7a:d3:15:29:88:06:d3:c0:3a:
ae:fb:20:3f:0e:98:0b:75:81:88:b1:31:6b:68:33:cd:36:a8:
dc:b5:a0:57:3b:53:4d:2e:49:a0:81:10:b2:e8:94:e1:20:9a:
07:56:e3:5b:46:56:db:fc:68:2f:0d:5e:9b:db:d6:fc:aa:37:
08:3f:eb:a7:22:56:0c:b6:07:8c:22:23:52:15:1c:e4:ac:09:
ea:0c:d1:da:f5:c8:2e:34:64:91:27:2e:fd:23:4d:31:fd:b2:
92:d8:42:f3:e9:1d:41:9a:46:df:af:29:96:53:b2:67:92:1e:
28:2a:65:86:b2:16:e4:18:61:c4:15:a1:ad:c3:17:07:84:54:
2e:21:38:ff:a1:13:fd:20:b8:f3:e8:9e:44:20:0e:a6:b9:fa:
6e:12:7e:c2:4d:99:9a:6f:00:d9:ae:81:64:e2:8a:d1:91:11:
48:25:74:c8
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAZfF8z/fcqPhCyfP8vTWYwvbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYzI2YWJjOWUwNmMxYWZlZjliNWZkMmRhNDA0MTJlN2Fl
ZTZiNDcwHhcNMjUwNzAxMTIyNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDcxNzlkM2U1ZjU5MWYyZTVmMzI5OTJhNmJkMmFkMGNiZDg5MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3q9SV6PaSJtwZZOtn8WXS5/uuUI
MyHS4hJI3E6Q2i64oypFLSqu0757uJ9ffIGpIyncwwAFOB+fMkAmEPuixqmUPAdm
3gNY8qJXYODVwT7jSUylZhphNjGy2MTgErX1qF9pFKF/j+ghQeTCJF1H/RZdUxxw
OlhSvD2iO1xTAwOoTk3AwMfgOYa3tMc7CEHWMjgYWn3VhGu42nQTkBLNiTOXPyIp
X5VwEt6ZFcvk0DYpED2AwhiIUTSMut252yXLuzMddDYAsy01+koXnye4fR1XqZ4n
TXZgmZpV5P64EE8OXNHZVnm6NL+qXHjFq9XlRdoOniN4hBRrZ9A9ptSK5wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFFBxedPl9ZHy5fMpkqa9KtDL2JKoMB8GA1UdIwQY
MBaAFHLCaryeBsGv75tf0tpAQS567mtHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMt
Y2Q3ZDYxOTEzMjg4LzEvVUhGNTAtWDFrZkxsOHltU3ByMHEwTXZZa3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82YzA1MzAtMTA3NC00YjM1LWJlMGMtY2Q3ZDYxOTEzMjg4
LzEvY3NKcXZKNEd3YV92bTFfUzJrQkJMbnJ1YTBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEAyUsAAME
AyUxmAMEAyV7aAMEAS2ZUgMEA033UAMEA21E4AMEApNd0AMEA5f8KAMEA7BKOAME
ArkuiAMEArk26AMEAbk4aAMEA7k4gAMEBsPAgDAbBAIAAjAVAwUAKgATyAMFACoA
f8ADBQMqBNSAMA0GCSqGSIb3DQEBCwUAA4IBAQC1z1xaZZZa8NvscouAXjVrkmSd
gJW22Dbbn0GmfS/Zc9BjdG9mNU/g7U56ls4rDomNxeb2sMTgt7J/bwp9yuB0WTQj
Mlhv4Ghm8JpX34lL5Gt60xUpiAbTwDqu+yA/DpgLdYGIsTFraDPNNqjctaBXO1NN
LkmggRCy6JThIJoHVuNbRlbb/GgvDV6b29b8qjcIP+unIlYMtgeMIiNSFRzkrAnq
DNHa9cguNGSRJy79I00x/bKS2ELz6R1BmkbfrymWU7Jnkh4oKmWGshbkGGHEFaGt
wxcHhFQuITj/oRP9ILjz6J5EIA6mufpuEn7CTZmabwDZroFk4orRkRFIJXTI
-----END CERTIFICATE-----
Generated at Fri Jul 25 15:38:35 2025 by rpki-client