Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/UVdJ6rkBr4eKgNxEkOLstufV6r8.roa
File: UVdJ6rkBr4eKgNxEkOLstufV6r8.roa (raw, json)
Hash identifier: +gXeK3tudL2I9QvUvgp4q5Jq/oJHp1PYKMtr+laCpNs=
Subject key identifier: 51:57:49:EA:B9:01:AF:87:8A:80:DC:44:90:E2:EC:B6:E7:D5:EA:BF
Certificate issuer: /CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Certificate serial: 019707EA2576226EC05DCF143C88D159C016
Authority key identifier: B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/UVdJ6rkBr4eKgNxEkOLstufV6r8.roa
Signing time: Sun 25 May 2025 14:47:54 +0000
ROA not before: Sun 25 May 2025 14:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43139
IP address blocks: 91.196.148.0/22 maxlen: 22
94.158.80.0/20 maxlen: 20
109.207.192.0/20 maxlen: 20
178.158.192.0/18 maxlen: 24
185.199.96.0/22 maxlen: 22
195.128.25.0/24 maxlen: 24
195.128.26.0/23 maxlen: 23
195.128.27.0/24 maxlen: 24
2001:67c:738::/48 maxlen: 48
2a0a:9b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:07:ea:25:76:22:6e:c0:5d:cf:14:3c:88:d1:59:c0:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b393df877bf2f0cf01a9718973eaeee87b0697d9
Validity
Not Before: May 25 14:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=515749eab901af878a80dc4490e2ecb6e7d5eabf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a5:01:80:a1:32:bd:d1:66:66:c5:fb:d3:7d:
36:28:f3:53:99:e3:30:97:c0:5b:e1:9a:f2:6a:b2:
8b:a0:2f:5c:be:e4:08:fa:c7:79:4a:8b:42:8b:c1:
94:c7:89:e6:44:2a:33:81:40:8e:3f:12:a1:ce:7c:
76:d4:00:da:f7:2c:a6:16:20:a9:2f:3b:49:5f:50:
b8:74:82:cd:85:ac:68:53:1e:f9:bc:f1:f9:1e:ef:
a9:fa:77:06:b5:9c:49:e9:5e:f8:d4:9e:4d:06:d9:
d8:2b:d2:c3:e8:31:d6:8b:5a:a1:fa:de:ba:d2:31:
54:71:17:bf:2d:dc:4e:91:f6:68:7f:7e:79:f3:ed:
10:82:2c:d6:4d:bc:98:42:02:43:f8:69:91:cd:64:
1b:8a:cb:3e:d0:2c:ad:c8:a3:bc:03:a5:f5:77:66:
36:1e:52:df:aa:9c:82:f3:fc:df:ee:58:10:ae:74:
fb:2b:d0:1c:ca:de:d3:f3:1f:bc:cc:e3:8c:ac:46:
a3:22:7b:96:0d:d3:ba:1b:fb:e1:92:82:e1:53:08:
b0:9c:c2:bb:07:2c:87:34:b5:dc:07:f9:61:c4:61:
98:bf:ab:7f:33:79:70:80:b0:5e:79:67:eb:6d:da:
c1:1c:a1:af:cb:93:97:05:2f:48:68:0d:f8:2e:ec:
ac:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:57:49:EA:B9:01:AF:87:8A:80:DC:44:90:E2:EC:B6:E7:D5:EA:BF
X509v3 Authority Key Identifier:
keyid:B3:93:DF:87:7B:F2:F0:CF:01:A9:71:89:73:EA:EE:E8:7B:06:97:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/UVdJ6rkBr4eKgNxEkOLstufV6r8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/9375e3-377e-4b70-ba36-396bc720e2b4/1/s5Pfh3vy8M8BqXGJc-ru6HsGl9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.148.0/22
94.158.80.0/20
109.207.192.0/20
178.158.192.0/18
185.199.96.0/22
195.128.25.0-195.128.27.255
IPv6:
2001:67c:738::/48
2a0a:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
24:72:72:32:d2:0a:23:60:4d:07:13:c2:4e:98:c0:6a:b7:0d:
3b:4b:56:9f:25:29:8f:05:06:cf:27:d4:10:16:1b:97:73:3d:
f7:a8:03:b6:90:52:c1:c4:a6:a8:82:9a:22:21:3a:a2:d2:c4:
25:44:3f:77:7b:43:38:f2:43:5a:4d:c9:78:fb:f0:10:bd:e4:
fd:31:49:e0:dc:e2:f5:fc:68:f8:21:f6:44:ec:a7:87:12:7b:
ba:af:92:f0:19:d1:b2:c7:22:9d:8b:d0:db:54:ef:07:f3:80:
ff:d2:c5:98:df:de:9d:a9:3f:23:08:e1:23:a7:ca:f3:c6:e2:
f5:77:43:ae:c8:f1:72:af:61:e4:0a:b8:fe:25:4e:71:07:07:
6a:c0:ca:51:dc:d3:8f:64:70:c1:3e:a2:ef:20:9c:75:6c:78:
49:fd:b8:e5:dd:1d:63:69:a3:89:9e:3b:cd:24:f5:21:39:e1:
90:ad:15:d4:d6:7c:10:e5:92:8a:b2:34:d3:f7:b0:a0:67:89:
fd:7c:90:c8:18:ff:08:8e:e8:e3:86:f5:03:5e:bd:9c:6f:0b:
ba:2d:3b:b5:ec:a7:7c:48:86:b9:d9:1e:b7:df:7f:84:30:96:
36:1b:b4:0a:89:a6:b1:c1:41:b0:8b:f6:ee:39:3f:a1:d4:cf:
79:b1:4b:90
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZcH6iV2Im7AXc8UPIjRWcAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzOTNkZjg3N2JmMmYwY2YwMWE5NzE4OTczZWFlZWU4N2Iw
Njk3ZDkwHhcNMjUwNTI1MTQ0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTU3NDllYWI5MDFhZjg3OGE4MGRjNDQ5MGUyZWNiNmU3ZDVlYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76UBgKEyvdFmZsX70302KPNTmeMw
l8Bb4ZryarKLoC9cvuQI+sd5SotCi8GUx4nmRCozgUCOPxKhznx21ADa9yymFiCp
LztJX1C4dILNhaxoUx75vPH5Hu+p+ncGtZxJ6V741J5NBtnYK9LD6DHWi1qh+t66
0jFUcRe/LdxOkfZof3558+0QgizWTbyYQgJD+GmRzWQbiss+0CytyKO8A6X1d2Y2
HlLfqpyC8/zf7lgQrnT7K9Acyt7T8x+8zOOMrEajInuWDdO6G/vhkoLhUwiwnMK7
ByyHNLXcB/lhxGGYv6t/M3lwgLBeeWfrbdrBHKGvy5OXBS9IaA34LuysnQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFFXSeq5Aa+HioDcRJDi7Lbn1eq/MB8GA1UdIwQY
MBaAFLOT34d78vDPAalxiXPq7uh7BpfZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYt
Mzk2YmM3MjBlMmI0LzEvVVZkSjZya0JyNGVLZ054RWtPTHN0dWZWNnI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85Mzc1ZTMtMzc3ZS00YjcwLWJhMzYtMzk2YmM3MjBlMmI0
LzEvczVQZmgzdnk4TThCcVhHSmMtcnU2SHNHbDlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAyBAIAATAsAwQCW8SUAwQE
Xp5QAwQEbc/AAwQGsp7AAwQCucdgMAwDBADDgBkDBALDgBgwFgQCAAIwEAMHACAB
BnwHOAMFAyoKm0AwDQYJKoZIhvcNAQELBQADggEBACRycjLSCiNgTQcTwk6YwGq3
DTtLVp8lKY8FBs8n1BAWG5dzPfeoA7aQUsHEpqiCmiIhOqLSxCVEP3d7QzjyQ1pN
yXj78BC95P0xSeDc4vX8aPgh9kTsp4cSe7qvkvAZ0bLHIp2L0NtU7wfzgP/SxZjf
3p2pPyMI4SOnyvPG4vV3Q67I8XKvYeQKuP4lTnEHB2rAylHc049kcME+ou8gnHVs
eEn9uOXdHWNpo4meO80k9SE54ZCtFdTWfBDlkoqyNNP3sKBnif18kMgY/wiO6OOG
9QNevZxvC7otO7Xsp3xIhrnZHrfff4QwljYbtAqJprHBQbCL9u45P6HUz3mxS5A=
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:46:07 2025 by rpki-client