Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/1UU6MCTnDEDobHzSg4UMqiaaRjc.roa
File: 1UU6MCTnDEDobHzSg4UMqiaaRjc.roa (raw, json)
Hash identifier: CB73txk5aBRpEFRR6hDmWxMjlF9JGNg97hQM2Aq5Bgw=
Subject key identifier: D5:45:3A:30:24:E7:0C:40:E8:6C:7C:D2:83:85:0C:AA:26:9A:46:37
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 0198EC8EE44CA97499883DFA3D9EEF2C55EF
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/1UU6MCTnDEDobHzSg4UMqiaaRjc.roa
Signing time: Wed 27 Aug 2025 17:24:04 +0000
ROA not before: Wed 27 Aug 2025 17:24:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 78.153.131.0/24 maxlen: 24
78.153.139.0/24 maxlen: 24
78.153.144.0/24 maxlen: 24
78.153.150.0/24 maxlen: 24
78.153.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:8e:e4:4c:a9:74:99:88:3d:fa:3d:9e:ef:2c:55:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Aug 27 17:24:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5453a3024e70c40e86c7cd283850caa269a4637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:01:f4:4c:62:7a:fd:8b:89:ca:06:bb:40:52:
c3:d9:34:9c:01:ca:25:62:75:d2:79:b1:e4:9f:6f:
bb:23:1b:f7:ca:1f:1a:de:78:2c:dc:e2:b4:c6:9c:
32:1f:be:79:fc:92:0d:35:8e:d6:96:cc:4f:13:e6:
4d:46:f8:e2:81:0e:03:85:2e:60:ba:4e:26:56:ca:
9d:01:98:00:8d:b5:1e:fc:06:46:18:b7:72:1c:d5:
4c:f4:eb:e7:67:b7:9a:f3:43:4b:ff:ff:e1:13:7c:
1c:0b:d3:a5:48:c0:e3:b5:39:17:41:7f:c0:23:9d:
2f:46:1e:93:73:5f:25:89:4b:77:0c:48:ce:09:3a:
12:a1:d5:aa:39:e8:f9:db:fc:d2:81:8d:a0:08:f8:
f4:14:9f:37:ee:14:97:f1:75:ef:7a:7b:a9:44:00:
c0:52:bd:83:e7:45:21:c2:a0:1f:c8:8c:3c:f2:a5:
21:70:cf:e0:b8:40:fd:88:0e:de:33:dd:9d:70:1f:
54:d5:c6:5a:ad:78:49:7e:61:d3:db:3a:1d:44:71:
9b:0c:d5:ce:22:25:9b:6e:f1:d5:03:de:06:a0:7e:
e6:48:48:d1:e7:fa:b7:5a:86:af:90:15:40:c4:3e:
1b:d8:79:a3:15:20:ec:d0:47:cd:be:be:58:2b:de:
9b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:45:3A:30:24:E7:0C:40:E8:6C:7C:D2:83:85:0C:AA:26:9A:46:37
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/1UU6MCTnDEDobHzSg4UMqiaaRjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.131.0/24
78.153.139.0/24
78.153.144.0/24
78.153.150.0/23
Signature Algorithm: sha256WithRSAEncryption
86:b8:33:54:35:f5:10:75:7f:ff:28:83:2f:31:b0:c5:70:6c:
24:56:09:2b:76:92:88:72:c1:f6:12:22:5a:ba:b6:de:f3:52:
ba:a8:8b:10:0f:d0:b1:90:64:65:7c:d4:a3:b4:31:78:b7:08:
65:de:4e:e1:78:2c:cb:30:35:47:f7:00:90:49:e0:49:4e:90:
15:c3:31:67:50:c5:e9:d3:88:ef:3c:2f:ee:1c:f0:04:3c:f1:
e3:86:72:97:3f:fd:1a:2f:0b:a3:dd:f7:a8:43:cb:6c:31:6f:
69:15:38:8f:cf:c5:77:68:9e:6a:18:69:41:02:94:81:ef:e4:
71:b2:8f:06:66:35:89:26:f6:0a:c2:9c:27:3c:08:d8:35:dc:
36:0a:f8:aa:c1:dd:8f:11:b8:9a:d4:04:6e:75:ad:9f:dd:28:
a3:13:74:cc:12:2b:5c:20:c8:6f:37:07:18:79:1e:c0:8c:2a:
c8:0b:6f:6d:95:da:48:0f:2d:05:00:57:f5:1e:64:ed:83:f1:
2f:da:a3:82:02:67:d2:fd:5f:3e:4b:f9:cc:1f:b0:4c:bb:09:
86:d9:b0:92:b8:2e:93:4b:d9:fa:61:17:38:04:4c:38:80:17:
d2:5c:2f:be:dc:ce:1f:0c:77:6d:33:13:0f:c2:cd:f3:93:23:
14:28:b7:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjsjuRMqXSZiD36PZ7vLFXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjUwODI3MTcyNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQ1M2EzMDI0ZTcwYzQwZTg2YzdjZDI4Mzg1MGNhYTI2OWE0NjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgH0TGJ6/YuJyga7QFLD2TScAcol
YnXSebHkn2+7Ixv3yh8a3ngs3OK0xpwyH755/JINNY7WlsxPE+ZNRvjigQ4DhS5g
uk4mVsqdAZgAjbUe/AZGGLdyHNVM9OvnZ7ea80NL///hE3wcC9OlSMDjtTkXQX/A
I50vRh6Tc18liUt3DEjOCToSodWqOej52/zSgY2gCPj0FJ837hSX8XXvenupRADA
Ur2D50UhwqAfyIw88qUhcM/guED9iA7eM92dcB9U1cZarXhJfmHT2zodRHGbDNXO
IiWbbvHVA94GoH7mSEjR5/q3WoavkBVAxD4b2HmjFSDs0EfNvr5YK96btQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNVFOjAk5wxA6Gx80oOFDKommkY3MB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvMVVVNk1DVG5ERURvYkh6U2c0VU1xaWFhUmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATpmDAwQA
TpmLAwQATpmQAwQBTpmWMA0GCSqGSIb3DQEBCwUAA4IBAQCGuDNUNfUQdX//KIMv
MbDFcGwkVgkrdpKIcsH2EiJaurbe81K6qIsQD9CxkGRlfNSjtDF4twhl3k7heCzL
MDVH9wCQSeBJTpAVwzFnUMXp04jvPC/uHPAEPPHjhnKXP/0aLwuj3feoQ8tsMW9p
FTiPz8V3aJ5qGGlBApSB7+Rxso8GZjWJJvYKwpwnPAjYNdw2Cviqwd2PEbia1ARu
da2f3SijE3TMEitcIMhvNwcYeR7AjCrIC29tldpIDy0FAFf1HmTtg/Ev2qOCAmfS
/V8+S/nMH7BMuwmG2bCSuC6TS9n6YRc4BEw4gBfSXC++3M4fDHdtMxMPws3zkyMU
KLfd
-----END CERTIFICATE-----
Generated at Sat Sep 6 17:17:51 2025 by rpki-client