Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UhdKStrY7ge3O79gcsKMAFdQEE0.roa
File: UhdKStrY7ge3O79gcsKMAFdQEE0.roa (raw, json)
Hash identifier: uUaWvhNbKerhBSKaNDcuU9NMkCA8zbBcmrjWTjNUCoE=
Subject key identifier: 52:17:4A:4A:DA:D8:EE:07:B7:3B:BF:60:72:C2:8C:00:57:50:10:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0198EC7AEF8FB5D9D300F80E874759857B15
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UhdKStrY7ge3O79gcsKMAFdQEE0.roa
Signing time: Wed 27 Aug 2025 17:02:16 +0000
ROA not before: Wed 27 Aug 2025 17:02:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31404
IP address blocks: 87.120.112.0/22 maxlen: 24
87.120.116.0/23 maxlen: 24
87.120.120.0/23 maxlen: 24
193.148.48.0/22 maxlen: 24
194.11.196.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:7a:ef:8f:b5:d9:d3:00:f8:0e:87:47:59:85:7b:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 27 17:02:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52174a4adad8ee07b73bbf6072c28c005750104d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:04:9c:54:21:53:28:01:04:dd:e9:fa:f2:6c:
e3:20:29:4d:69:2f:d0:7c:cd:bf:7a:77:28:fc:68:
38:f6:11:9f:98:9e:7c:b3:ff:e3:cb:ff:0f:dc:93:
0e:1a:0d:e2:34:80:38:6d:32:13:25:a5:45:78:83:
c1:06:57:56:18:84:fb:7d:a1:79:bc:55:b8:bb:e6:
3c:08:9f:9d:86:75:c4:99:62:a6:32:93:da:1d:30:
ad:a6:1e:27:ca:53:86:81:24:e8:06:1e:22:27:75:
b2:03:38:d3:af:cc:12:27:26:e4:45:b7:0f:0a:1f:
98:67:5c:fc:ae:33:4f:21:9b:c3:df:07:25:c1:bc:
e8:7c:88:03:ad:51:4f:b1:fe:98:f6:12:d7:7a:d5:
8e:88:7b:df:2f:d9:f0:a1:67:19:71:d1:f2:19:36:
df:b2:cb:2d:32:96:61:a8:dd:c5:6f:08:dd:db:af:
eb:cb:cd:c6:c5:a0:19:a6:91:3e:5b:82:31:64:52:
0e:a6:eb:3f:0e:97:d1:a1:01:ae:9d:6d:98:ea:1a:
0f:e3:ce:f9:53:8c:3a:11:6d:fd:d2:ad:ae:ba:d4:
5a:ea:e8:2c:38:8d:46:ee:8a:3c:7f:a2:7a:30:ea:
ec:b1:9c:7d:90:b0:92:60:0e:5b:83:5c:95:33:e6:
df:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:17:4A:4A:DA:D8:EE:07:B7:3B:BF:60:72:C2:8C:00:57:50:10:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UhdKStrY7ge3O79gcsKMAFdQEE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.112.0-87.120.117.255
87.120.120.0/23
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
18:25:db:1e:ae:ae:63:d6:f4:ce:0d:14:45:fb:25:38:48:3b:
a9:56:9b:f5:ab:f4:0e:2a:4c:9a:9f:b4:7f:38:8c:65:b6:b6:
42:1b:b2:70:17:82:35:75:2e:8a:20:4d:09:e9:1d:03:d8:7d:
ae:8e:6d:e7:84:da:34:29:72:20:cf:b2:63:68:e8:a2:5c:16:
54:0b:5b:07:7e:0b:b6:8d:ad:b5:1a:59:13:5a:6c:bc:99:d7:
0b:1c:ac:78:91:f2:bf:39:a9:28:1d:8f:40:b1:13:30:77:6a:
f3:04:f9:50:97:a2:ab:dc:89:8b:ff:f6:0e:85:8f:2d:1f:eb:
66:5e:94:09:09:ba:4c:a4:1a:7b:e0:6f:3f:8f:b5:89:dd:31:
b6:bc:61:55:59:b1:16:cf:27:c5:9f:af:ab:8d:42:45:76:95:
4a:f7:7e:f1:9b:88:44:89:05:67:c7:2f:a7:c7:57:32:fc:c8:
e4:b4:a4:55:8a:8a:06:68:c0:45:c4:49:9d:d1:e7:13:b1:05:
25:58:0d:da:9c:36:64:47:66:d9:d1:c6:d1:6e:ec:01:ea:f0:
d1:16:79:73:b7:12:2c:62:4a:3d:58:81:f5:99:2a:16:58:6a:
f3:90:a4:1f:9f:20:78:78:67:af:29:09:d1:c3:7b:49:f9:4a:
fc:f2:83:a4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZjseu+PtdnTAPgOh0dZhXsVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwODI3MTcwMjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE3NGE0YWRhZDhlZTA3YjczYmJmNjA3MmMyOGMwMDU3NTAxMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AScVCFTKAEE3en68mzjIClNaS/Q
fM2/enco/Gg49hGfmJ58s//jy/8P3JMOGg3iNIA4bTITJaVFeIPBBldWGIT7faF5
vFW4u+Y8CJ+dhnXEmWKmMpPaHTCtph4nylOGgSToBh4iJ3WyAzjTr8wSJybkRbcP
Ch+YZ1z8rjNPIZvD3wclwbzofIgDrVFPsf6Y9hLXetWOiHvfL9nwoWcZcdHyGTbf
ssstMpZhqN3Fbwjd26/ry83GxaAZppE+W4IxZFIOpus/DpfRoQGunW2Y6hoP4875
U4w6EW390q2uutRa6ugsOI1G7oo8f6J6MOrssZx9kLCSYA5bg1yVM+bfWwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFFIXSkra2O4Htzu/YHLCjABXUBBNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVWhkS1N0clk3Z2UzTzc5Z2NzS01BRmRRRUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBARXeHAD
BAFXeHQDBAFXeHgDBALBlDADBALCC8QwDQYJKoZIhvcNAQELBQADggEBABgl2x6u
rmPW9M4NFEX7JThIO6lWm/Wr9A4qTJqftH84jGW2tkIbsnAXgjV1LoogTQnpHQPY
fa6ObeeE2jQpciDPsmNo6KJcFlQLWwd+C7aNrbUaWRNabLyZ1wscrHiR8r85qSgd
j0CxEzB3avME+VCXoqvciYv/9g6Fjy0f62ZelAkJukykGnvgbz+PtYndMba8YVVZ
sRbPJ8Wfr6uNQkV2lUr3fvGbiESJBWfHL6fHVzL8yOS0pFWKigZowEXESZ3R5xOx
BSVYDdqcNmRHZtnRxtFu7AHq8NEWeXO3EixiSj1YgfWZKhZYavOQpB+fIHh4Z68p
CdHDe0n5Svzyg6Q=
-----END CERTIFICATE-----
Generated at Thu Sep 18 01:35:19 2025 by rpki-client