Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u-gL3ilYbcM5PQJWuJumiZcB5QY.roa
File: u-gL3ilYbcM5PQJWuJumiZcB5QY.roa (raw, json)
Hash identifier: ksJZMciSQz6TRkVQ3sY9eefxYX0H+Mfgyvy+8v2+Xk4=
Subject key identifier: BB:E8:0B:DE:29:58:6D:C3:39:3D:02:56:B8:9B:A6:89:97:01:E5:06
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0197EE437A41B5B7E04F1CD9A36F9B801076
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u-gL3ilYbcM5PQJWuJumiZcB5QY.roa
Signing time: Wed 09 Jul 2025 08:18:09 +0000
ROA not before: Wed 09 Jul 2025 08:18:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 80.240.85.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 09:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:43:7a:41:b5:b7:e0:4f:1c:d9:a3:6f:9b:80:10:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 9 08:18:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbe80bde29586dc3393d0256b89ba6899701e506
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fe:8b:17:5e:1e:0f:76:50:e5:7c:40:31:08:
e7:db:c2:73:56:20:ef:ae:ec:30:e9:9e:a2:76:bc:
c0:39:6c:35:36:4e:8f:fe:e2:2b:20:64:df:20:9a:
6e:44:1e:8a:3a:fc:eb:ae:d1:01:11:ad:b9:1d:cc:
3f:e8:22:c1:4e:59:76:b6:74:49:c6:d5:e9:28:99:
e8:9e:37:40:2e:a0:b5:29:e9:49:da:6a:b4:5c:c7:
8f:3e:a5:1a:45:ae:d5:e8:6f:35:bf:0b:d7:a0:e8:
db:b8:7f:ae:42:b7:3b:e1:1a:e7:53:3a:9d:71:e4:
23:88:4a:73:77:34:1e:1a:77:fe:f1:77:4c:cc:5c:
19:08:6b:ad:b5:93:59:cd:3a:eb:81:16:23:59:d7:
1a:62:29:a9:24:e9:5d:34:b3:39:06:7f:a6:f3:78:
09:b9:c5:f1:54:0f:27:78:7e:e7:95:3b:67:26:95:
d3:0c:8f:44:f7:96:80:5b:d8:df:ef:91:9b:f5:d7:
bd:e5:66:39:2f:10:b3:e4:f7:12:2a:83:65:55:99:
00:da:65:ac:14:bb:18:c6:ff:c9:66:b2:84:e7:b6:
b7:4b:e1:5b:19:bd:af:49:9f:53:d4:a0:3e:01:d6:
d8:25:b8:e9:5d:18:63:62:0a:0a:4e:2e:88:85:b2:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E8:0B:DE:29:58:6D:C3:39:3D:02:56:B8:9B:A6:89:97:01:E5:06
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/u-gL3ilYbcM5PQJWuJumiZcB5QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.85.0/24
89.213.229.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
39:e6:08:00:a8:81:17:bb:88:1b:18:04:a8:38:63:e5:56:8f:
b0:90:11:65:c7:f0:ec:af:d8:72:6b:72:88:3c:97:5f:1e:a0:
ae:16:dd:12:fb:3f:12:c5:48:bc:cb:00:d7:ce:14:e1:e2:17:
34:a8:68:53:d4:88:00:db:a3:10:73:5f:3b:c5:08:c6:33:01:
a2:c5:6f:c4:ed:eb:5e:92:0a:70:90:9e:79:b4:04:f5:cd:42:
8f:2b:d2:28:ea:03:89:b7:30:e5:ba:fe:94:dc:94:cb:18:95:
cf:8d:45:f4:a6:d1:77:b6:3f:9e:39:27:22:10:2c:07:81:17:
d4:e4:1a:68:ea:8d:fa:42:83:6e:4b:61:99:ac:15:01:95:c6:
af:32:32:82:18:10:b4:53:be:1c:be:32:9c:9e:e2:e3:bc:90:
01:84:db:6a:41:e0:0e:42:94:a3:ba:78:b4:6d:10:6f:c7:3a:
3a:7f:15:37:3b:e2:97:11:b6:5e:c4:4c:64:37:46:79:cd:bc:
1e:9e:3b:20:87:d2:90:fb:73:68:d3:5f:de:d5:e7:30:23:76:
d7:e5:da:19:5a:82:5b:29:f2:7f:3d:e6:87:c9:c3:38:2f:ff:
fb:cf:e6:41:fc:ca:34:2f:25:3a:3e:a3:2e:63:dc:ed:5b:de:
ff:16:2c:ba
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfuQ3pBtbfgTxzZo2+bgBB2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzA5MDgxODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmU4MGJkZTI5NTg2ZGMzMzkzZDAyNTZiODliYTY4OTk3MDFlNTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/6LF14eD3ZQ5XxAMQjn28JzViDv
ruww6Z6idrzAOWw1Nk6P/uIrIGTfIJpuRB6KOvzrrtEBEa25Hcw/6CLBTll2tnRJ
xtXpKJnonjdALqC1KelJ2mq0XMePPqUaRa7V6G81vwvXoOjbuH+uQrc74RrnUzqd
ceQjiEpzdzQeGnf+8XdMzFwZCGuttZNZzTrrgRYjWdcaYimpJOldNLM5Bn+m83gJ
ucXxVA8neH7nlTtnJpXTDI9E95aAW9jf75Gb9de95WY5LxCz5PcSKoNlVZkA2mWs
FLsYxv/JZrKE57a3S+FbGb2vSZ9T1KA+AdbYJbjpXRhjYgoKTi6IhbK/wwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLvoC94pWG3DOT0CVribpomXAeUGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdS1nTDNpbFliY001UFFKV3VKdW1pWmNCNVFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUPBVAwQA
WdXlAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQA55ggAqIEXu4gbGASoOGPlVo+w
kBFlx/Dsr9hya3KIPJdfHqCuFt0S+z8SxUi8ywDXzhTh4hc0qGhT1IgA26MQc187
xQjGMwGixW/E7etekgpwkJ55tAT1zUKPK9Io6gOJtzDluv6U3JTLGJXPjUX0ptF3
tj+eOSciECwHgRfU5Bpo6o36QoNuS2GZrBUBlcavMjKCGBC0U74cvjKcnuLjvJAB
hNtqQeAOQpSjuni0bRBvxzo6fxU3O+KXEbZexExkN0Z5zbwenjsgh9KQ+3No01/e
1ecwI3bX5doZWoJbKfJ/PeaHycM4L//7z+ZB/Mo0LyU6PqMuY9ztW97/Fiy6
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:18:24 2025 by rpki-client