Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UFM7V0QaEQk5iMcLePQNtrCnBuU.roa
File: UFM7V0QaEQk5iMcLePQNtrCnBuU.roa (raw, json)
Hash identifier: 1KCm2LnslOt1Go2n1GlY4KXw/ywbLjggHVGzM3KYrZI=
Subject key identifier: 50:53:3B:57:44:1A:11:09:39:88:C7:0B:78:F4:0D:B6:B0:A7:06:E5
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01977DE4D388AE2ECA5E408ABCCDD4BC4D20
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UFM7V0QaEQk5iMcLePQNtrCnBuU.roa
Signing time: Tue 17 Jun 2025 12:37:17 +0000
ROA not before: Tue 17 Jun 2025 12:37:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22516
IP address blocks: 88.209.203.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:06:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:e4:d3:88:ae:2e:ca:5e:40:8a:bc:cd:d4:bc:4d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 17 12:37:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50533b57441a11093988c70b78f40db6b0a706e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:5c:3f:c2:3c:bb:37:e6:a8:7e:1d:23:ba:
72:35:b4:ae:c4:f4:90:b1:1d:75:f2:18:51:34:e7:
a4:a4:15:4b:bf:26:af:1e:67:fd:2f:a9:d5:80:2f:
25:56:e3:25:2b:f9:09:74:08:4a:56:c1:aa:0f:60:
18:54:06:d3:20:11:b8:9d:4b:7d:ab:4a:13:92:40:
4e:9b:5f:0c:45:10:91:77:8d:6c:0f:b8:97:42:6b:
0c:01:6e:cc:86:a1:56:8d:f4:22:1d:12:b9:62:9c:
39:f6:40:95:93:b4:6e:71:e4:38:53:ba:41:2d:d5:
63:a7:42:f1:74:1b:85:e8:c3:ea:ce:22:ad:e2:a0:
9a:29:1e:f6:50:f9:5d:23:78:ab:42:ba:d8:37:d6:
35:13:8f:f0:5a:9e:fd:f2:09:4c:19:82:91:8f:ba:
74:0e:83:cc:c8:66:cc:b7:61:69:78:e2:e1:d2:97:
17:6b:e9:12:f9:f3:c2:17:7a:de:70:d2:6f:a2:db:
b2:56:b0:8e:f9:7f:b9:6a:f6:71:a3:7e:c3:49:70:
bc:55:b6:7a:88:46:0b:03:74:d3:e9:e8:d1:cf:77:
e7:10:29:fa:ac:cb:6d:55:4e:2e:6e:25:9f:a5:6a:
a8:ac:7c:94:01:c6:83:65:48:40:14:15:42:64:a1:
7c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:53:3B:57:44:1A:11:09:39:88:C7:0B:78:F4:0D:B6:B0:A7:06:E5
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/UFM7V0QaEQk5iMcLePQNtrCnBuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.203.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:6c:20:88:75:cd:25:48:72:1e:16:6a:8c:27:fd:a1:bd:a9:
ee:70:91:c6:78:7a:20:ca:3e:7b:f6:a5:59:4c:b4:40:e3:43:
30:3b:5f:d1:47:9b:90:6b:47:ae:d3:09:ce:8d:45:1d:3a:eb:
3e:8a:90:9b:37:4f:a0:f1:9d:f9:10:c7:1e:94:04:16:85:e4:
de:2e:dd:9d:98:48:db:bc:fc:4d:74:ad:cf:78:0b:92:f4:79:
f7:12:b1:a8:ea:a4:e3:3b:c6:e2:a3:c2:a4:df:b2:79:8f:58:
96:37:ed:73:ba:65:77:b1:54:63:07:3b:37:24:74:2b:70:2c:
3b:06:b4:77:c9:fa:7b:f2:47:13:4e:54:6c:38:ab:ca:06:f8:
b2:1a:d4:a2:a6:89:92:53:76:ab:54:a8:e4:a4:bd:80:a5:1d:
7a:da:a4:f9:e2:18:5b:70:e9:65:f6:5d:57:09:73:b9:3a:7e:
8d:f4:9e:75:7c:d2:d9:c2:11:ff:35:37:b8:ea:71:9d:64:ec:
23:28:92:a0:dd:62:a8:f8:f6:62:62:f9:5e:57:b9:f6:47:33:
53:b8:da:37:64:8c:21:ec:9f:56:6d:5e:93:38:c8:20:88:49:
e3:c0:a4:05:d5:37:a8:ef:d9:25:ef:26:de:e2:5a:24:2d:03:
6a:79:66:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZd95NOIri7KXkCKvM3UvE0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjE3MTIzNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDUzM2I1NzQ0MWExMTA5Mzk4OGM3MGI3OGY0MGRiNmIwYTcwNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWxcP8I8uzfmqH4dI7pyNbSuxPSQ
sR118hhRNOekpBVLvyavHmf9L6nVgC8lVuMlK/kJdAhKVsGqD2AYVAbTIBG4nUt9
q0oTkkBOm18MRRCRd41sD7iXQmsMAW7MhqFWjfQiHRK5Ypw59kCVk7RuceQ4U7pB
LdVjp0LxdBuF6MPqziKt4qCaKR72UPldI3irQrrYN9Y1E4/wWp798glMGYKRj7p0
DoPMyGbMt2FpeOLh0pcXa+kS+fPCF3recNJvotuyVrCO+X+5avZxo37DSXC8VbZ6
iEYLA3TT6ejRz3fnECn6rMttVU4ubiWfpWqorHyUAcaDZUhAFBVCZKF8fwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFBTO1dEGhEJOYjHC3j0DbawpwblMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVUZNN1YwUWFFUWs1aU1jTGVQUU50ckNuQnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNHLAwQA
WNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQC9bCCIdc0lSHIeFmqMJ/2hvanu
cJHGeHogyj579qVZTLRA40MwO1/RR5uQa0eu0wnOjUUdOus+ipCbN0+g8Z35EMce
lAQWheTeLt2dmEjbvPxNdK3PeAuS9Hn3ErGo6qTjO8bio8Kk37J5j1iWN+1zumV3
sVRjBzs3JHQrcCw7BrR3yfp78kcTTlRsOKvKBviyGtSipomSU3arVKjkpL2ApR16
2qT54hhbcOll9l1XCXO5On6N9J51fNLZwhH/NTe46nGdZOwjKJKg3WKo+PZiYvle
V7n2RzNTuNo3ZIwh7J9WbV6TOMggiEnjwKQF1Teo79kl7ybe4lokLQNqeWY7
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:41:04 2025 by rpki-client