Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uMXDrACThc26icpD18V5fcKG0oU.roa
File: uMXDrACThc26icpD18V5fcKG0oU.roa (raw, json)
Hash identifier: NToRUaJ9Ywwc/hK/68MMK07smcYc8qi6Xb8tAjCkCsE=
Subject key identifier: B8:C5:C3:AC:00:93:85:CD:BA:89:CA:43:D7:C5:79:7D:C2:86:D2:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01973A92F31D62B5AE957D62F14A840789DC
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uMXDrACThc26icpD18V5fcKG0oU.roa
Signing time: Wed 04 Jun 2025 10:53:18 +0000
ROA not before: Wed 04 Jun 2025 10:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.8.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
193.124.94.0/24 maxlen: 24
193.124.133.0/24 maxlen: 24
193.124.226.0/24 maxlen: 24
194.58.43.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.60.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.87.6.0/24 maxlen: 24
194.87.7.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.34.0/24 maxlen: 24
194.87.42.0/24 maxlen: 24
194.87.63.0/24 maxlen: 24
194.87.78.0/24 maxlen: 24
194.87.116.0/24 maxlen: 24
194.87.117.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.160.0/24 maxlen: 24
194.87.163.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.177.0/24 maxlen: 24
194.87.180.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.182.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.58.56.0/24 maxlen: 24
195.58.59.0/24 maxlen: 24
195.58.62.0/24 maxlen: 24
195.133.0.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.80.0/24 maxlen: 24
195.133.82.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.193.10.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 06:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3a:92:f3:1d:62:b5:ae:95:7d:62:f1:4a:84:07:89:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 4 10:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8c5c3ac009385cdba89ca43d7c5797dc286d285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:ea:e9:66:03:30:b7:61:f7:47:4c:f3:98:
e0:26:3e:0a:c4:6e:6b:75:5f:5a:b9:34:7a:6f:e9:
1a:76:45:b0:81:1b:6f:f8:21:12:29:25:00:b1:14:
c1:8e:2e:fb:55:19:66:79:77:62:fd:8c:30:00:ff:
d1:f7:21:14:0a:7a:ed:a2:f1:02:1c:be:28:16:97:
3d:68:7b:6f:dd:47:30:96:61:ca:69:0c:01:c7:34:
5e:61:93:72:2d:b9:76:26:14:1c:34:ee:cf:3d:13:
1b:ca:69:17:73:3c:fe:a0:d4:44:3b:6e:ec:3a:2f:
09:ea:19:7e:d8:fa:d7:58:19:b5:f4:9a:85:6c:e7:
ab:ca:2c:fa:e7:ca:ed:f3:4f:52:19:26:a6:b3:19:
ba:4d:72:5f:1d:46:0d:ec:49:a0:76:ac:83:b5:49:
c8:6d:5c:ba:82:e9:4b:5e:43:56:79:eb:1e:15:22:
7c:9d:b5:31:5f:2c:44:7f:d7:92:fe:af:f0:1f:3f:
c8:d0:ab:00:79:28:60:d6:1b:f4:9b:58:5b:80:8f:
eb:81:e9:f9:af:d6:c8:e7:05:60:e1:80:47:91:7d:
1d:4a:8c:d4:ec:9b:31:63:09:4e:a3:98:f0:89:3e:
e8:cd:b8:31:ce:bf:59:f7:9f:c5:d3:bf:ab:5a:fe:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:C5:C3:AC:00:93:85:CD:BA:89:CA:43:D7:C5:79:7D:C2:86:D2:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uMXDrACThc26icpD18V5fcKG0oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
193.124.3.0/24
193.124.6.0/24
193.124.8.0/24
193.124.91.0/24
193.124.94.0/24
193.124.133.0/24
193.124.226.0/24
194.58.43.0/24
194.58.58.0/24
194.58.60.0/24
194.58.67.0/24
194.87.6.0/23
194.87.16.0/24
194.87.34.0/24
194.87.42.0/24
194.87.63.0/24
194.87.78.0/24
194.87.116.0/23
194.87.120.0/23
194.87.160.0/24
194.87.163.0/24
194.87.176.0/23
194.87.180.0-194.87.182.255
194.135.23.0/24
195.58.55.0-195.58.56.255
195.58.59.0/24
195.58.62.0/24
195.133.0.0/24
195.133.12.0/24
195.133.19.0/24
195.133.58.0/24
195.133.80.0/24
195.133.82.0/24
212.192.210.0/23
212.193.10.0/24
212.193.15.0/24
Signature Algorithm: sha256WithRSAEncryption
33:c1:bb:d5:93:e8:20:51:17:be:d7:d8:71:c6:87:66:cf:41:
50:bb:bb:9f:3f:62:bf:c1:c0:77:18:fc:ff:d4:06:97:b0:f5:
1c:2b:d9:30:a1:87:5e:66:cc:7c:96:89:a3:bb:1e:f8:22:33:
03:48:b9:4b:be:35:28:00:cd:75:2b:25:55:47:d9:75:bb:98:
bf:5e:8c:92:84:da:50:80:27:eb:78:78:04:88:cd:2a:6e:ee:
53:87:4d:4b:f9:da:db:70:5f:e8:98:c9:37:6f:51:26:38:c3:
ef:a8:0e:1c:b2:e0:6c:3f:97:96:fa:8b:2c:9b:da:4c:1b:2f:
de:71:3f:e8:94:44:9f:c8:1a:cc:7b:ce:02:8d:27:c9:8d:5f:
e4:73:74:c2:1b:6c:cd:ee:81:66:ab:90:fc:bc:31:fe:08:8d:
c5:28:d1:ee:a5:55:a2:36:70:de:7d:28:94:e1:2c:e8:31:cb:
e8:f2:d2:52:d2:93:74:b0:f7:34:27:02:90:2a:5d:ef:22:d5:
32:2b:7f:1e:f7:26:1e:51:a7:9a:ad:1d:53:0a:bc:ef:93:dc:
b1:39:6c:ae:62:aa:d9:ac:ae:28:5d:75:fa:fc:d9:c5:6d:ea:
82:9c:98:f6:39:77:65:64:2f:8d:8b:e5:9a:67:60:a3:45:c4:
b7:3a:1f:9c
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZc6kvMdYrWulX1i8UqEB4ncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNjA0MTA1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGM1YzNhYzAwOTM4NWNkYmE4OWNhNDNkN2M1Nzk3ZGMyODZkMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvPq6WYDMLdh90dM85jgJj4KxG5r
dV9auTR6b+kadkWwgRtv+CESKSUAsRTBji77VRlmeXdi/YwwAP/R9yEUCnrtovEC
HL4oFpc9aHtv3UcwlmHKaQwBxzReYZNyLbl2JhQcNO7PPRMbymkXczz+oNREO27s
Oi8J6hl+2PrXWBm19JqFbOeryiz658rt809SGSamsxm6TXJfHUYN7EmgdqyDtUnI
bVy6gulLXkNWeeseFSJ8nbUxXyxEf9eS/q/wHz/I0KsAeShg1hv0m1hbgI/rgen5
r9bI5wVg4YBHkX0dSozU7JsxYwlOo5jwiT7ozbgxzr9Z95/F07+rWv7vRwIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFLjFw6wAk4XNuonKQ9fFeX3ChtKFMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdU1YRHJBQ1RoYzI2aWNwRDE4VjVmY0tHMG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AD5M5wMEAD5M6wMEAMF8AwMEAMF8BgMEAMF8CAMEAMF8WwMEAMF8XgMEAMF8hQME
AMF84gMEAMI6KwMEAMI6OgMEAMI6PAMEAMI6QwMEAcJXBgMEAMJXEAMEAMJXIgME
AMJXKgMEAMJXPwMEAMJXTgMEAcJXdAMEAcJXeAMEAMJXoAMEAMJXowMEAcJXsDAM
AwQCwle0AwQAwle2AwQAwocXMAwDBADDOjcDBADDOjgDBADDOjsDBADDOj4DBADD
hQADBADDhQwDBADDhRMDBADDhToDBADDhVADBADDhVIDBAHUwNIDBADUwQoDBADU
wQ8wDQYJKoZIhvcNAQELBQADggEBADPBu9WT6CBRF77X2HHGh2bPQVC7u58/Yr/B
wHcY/P/UBpew9Rwr2TChh15mzHyWiaO7HvgiMwNIuUu+NSgAzXUrJVVH2XW7mL9e
jJKE2lCAJ+t4eASIzSpu7lOHTUv52ttwX+iYyTdvUSY4w++oDhyy4Gw/l5b6iyyb
2kwbL95xP+iURJ/IGsx7zgKNJ8mNX+RzdMIbbM3ugWarkPy8Mf4IjcUo0e6lVaI2
cN59KJThLOgxy+jy0lLSk3Sw9zQnApAqXe8i1TIrfx73Jh5Rp5qtHVMKvO+T3LE5
bK5iqtmsrihddfr82cVt6oKcmPY5d2VkL42L5ZpnYKNFxLc6H5w=
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:18:49 2025 by rpki-client