Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/UEpNb3wmOOdCK7UvN3lXTC2DcUk.roa
File: UEpNb3wmOOdCK7UvN3lXTC2DcUk.roa (raw, json)
Hash identifier: pmS4hRe0q9ReL0MLHSlxbOJsASxbtpyjkGhM1kcVhvc=
Subject key identifier: 50:4A:4D:6F:7C:26:38:E7:42:2B:B5:2F:37:79:57:4C:2D:83:71:49
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 019842100D82F0D69E832886CEA69CBD827D
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/UEpNb3wmOOdCK7UvN3lXTC2DcUk.roa
Signing time: Fri 25 Jul 2025 14:50:05 +0000
ROA not before: Fri 25 Jul 2025 14:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207551
IP address blocks: 89.35.53.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
194.54.146.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
203.28.15.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 29
2a10:2080::/48 maxlen: 48
2a10:2080:1::/48 maxlen: 48
2a10:2080:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:42:10:0d:82:f0:d6:9e:83:28:86:ce:a6:9c:bd:82:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Jul 25 14:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=504a4d6f7c2638e7422bb52f3779574c2d837149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:aa:74:71:a4:73:84:06:0c:04:91:33:82:
d2:49:54:3d:ed:e0:47:d9:ca:d9:0c:ac:e4:a2:14:
47:c6:da:a3:6a:f5:ca:d5:1e:49:b9:8a:05:4b:e0:
06:4b:95:01:69:3e:97:5a:e0:32:03:55:a7:7c:f5:
ba:14:a8:75:03:61:f7:0a:8c:7f:e3:f4:b2:76:83:
05:bc:7f:8f:09:56:ac:32:a2:5d:ca:07:d1:05:71:
7f:64:2d:f3:69:b6:9b:ea:d2:67:0b:43:04:1c:26:
8f:78:b8:76:20:e6:d3:dd:75:cd:64:db:23:df:81:
7f:08:82:21:4d:c0:aa:25:2e:a4:a3:4e:67:3c:fd:
3b:79:5a:d8:15:13:fb:47:fc:cb:19:21:b3:b3:38:
45:4e:32:79:06:fd:60:32:c9:fc:9e:1c:7c:29:fc:
67:1f:72:7a:ad:61:09:38:c5:dc:07:b7:e3:bb:5a:
b0:1e:f8:b2:32:ac:ef:85:6a:e1:53:0d:e6:b2:ce:
1d:b6:ac:43:0b:87:ea:1d:b5:bf:31:43:ba:06:26:
94:3e:70:1a:30:63:89:a1:a2:34:c2:3d:f0:a8:89:
f4:72:9f:30:50:7f:19:01:54:5b:e8:bf:39:94:f9:
66:85:68:f2:e9:bc:55:0f:fb:33:46:0a:46:5b:a7:
b3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4A:4D:6F:7C:26:38:E7:42:2B:B5:2F:37:79:57:4C:2D:83:71:49
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/UEpNb3wmOOdCK7UvN3lXTC2DcUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.53.0/24
117.55.199.0/24
194.54.146.0/24
194.164.87.0/24
202.181.153.0/24
203.28.15.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
5b:b3:5a:98:b9:db:6d:8a:85:11:f0:d0:e3:fc:57:2c:cd:7c:
93:47:0a:69:6b:f9:7b:5e:b0:21:45:50:8b:5e:84:01:0a:84:
9c:0c:ee:76:d8:5b:a8:09:e3:10:3f:ce:fa:4f:64:98:92:5e:
ad:2b:61:36:e9:8b:03:9e:a4:8a:7e:dd:3f:9f:c0:81:a1:45:
d7:50:d5:f5:c2:58:92:91:3d:53:7d:0e:40:bf:2c:a9:71:3f:
31:36:26:02:1b:14:ca:bb:1b:ed:c9:f9:3b:4b:57:b6:31:72:
3d:c4:70:1e:5e:a5:ed:be:6d:54:97:b7:bb:62:de:19:06:aa:
67:c2:32:5f:36:2d:92:10:64:42:e4:c4:c0:b8:c8:37:57:d9:
19:62:0c:bc:41:de:80:a9:50:04:20:aa:66:aa:14:e9:74:ae:
08:e9:be:27:cc:c0:86:7a:d7:f1:30:3e:5e:20:a5:93:58:ad:
9a:ff:72:36:4f:55:3c:aa:cd:4e:6c:9b:aa:f9:87:bc:3d:a9:
1a:76:b5:59:6c:6f:00:1c:6f:48:c9:08:43:f7:d7:c7:0c:9b:
57:36:ed:8f:cf:55:ad:ba:9d:66:82:ee:26:17:b5:b5:53:e5:
5b:76:3c:ea:5d:7b:08:9a:e0:33:e6:fc:46:b3:dc:4c:48:9d:
93:4b:40:d2
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZhCEA2C8NaegyiGzqacvYJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjUwNzI1MTQ1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDRhNGQ2ZjdjMjYzOGU3NDIyYmI1MmYzNzc5NTc0YzJkODM3MTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqWqdHGkc4QGDASRM4LSSVQ97eBH
2crZDKzkohRHxtqjavXK1R5JuYoFS+AGS5UBaT6XWuAyA1WnfPW6FKh1A2H3Cox/
4/SydoMFvH+PCVasMqJdygfRBXF/ZC3zabab6tJnC0MEHCaPeLh2IObT3XXNZNsj
34F/CIIhTcCqJS6ko05nPP07eVrYFRP7R/zLGSGzszhFTjJ5Bv1gMsn8nhx8Kfxn
H3J6rWEJOMXcB7fju1qwHviyMqzvhWrhUw3mss4dtqxDC4fqHbW/MUO6BiaUPnAa
MGOJoaI0wj3wqIn0cp8wUH8ZAVRb6L85lPlmhWjy6bxVD/szRgpGW6ezNwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFBKTW98JjjnQiu1Lzd5V0wtg3FJMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvVUVwTmIzd21PT2RDSzdVdk4zbFhUQzJEY1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAWSM1AwQA
dTfHAwQAwjaSAwQAwqRXAwQAyrWZAwQAyxwPAwQA1AY1MA0EAgACMAcDBQMqECCA
MA0GCSqGSIb3DQEBCwUAA4IBAQBbs1qYudttioUR8NDj/FcszXyTRwppa/l7XrAh
RVCLXoQBCoScDO522FuoCeMQP876T2SYkl6tK2E26YsDnqSKft0/n8CBoUXXUNX1
wliSkT1TfQ5AvyypcT8xNiYCGxTKuxvtyfk7S1e2MXI9xHAeXqXtvm1Ul7e7Yt4Z
BqpnwjJfNi2SEGRC5MTAuMg3V9kZYgy8Qd6AqVAEIKpmqhTpdK4I6b4nzMCGetfx
MD5eIKWTWK2a/3I2T1U8qs1ObJuq+Ye8PakadrVZbG8AHG9IyQhD99fHDJtXNu2P
z1Wtup1mgu4mF7W1U+VbdjzqXXsImuAz5vxGs9xMSJ2TS0DS
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:55:37 2025 by rpki-client