Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/uv61z40d3R0BhGEMSe4CK996qHI.roa
File: uv61z40d3R0BhGEMSe4CK996qHI.roa (raw, json)
Hash identifier: 7gP0jHA4v081a+JL6cHGooOXzR+RIdoCrl4lWnSeWHM=
Subject key identifier: BA:FE:B5:CF:8D:1D:DD:1D:01:84:61:0C:49:EE:02:2B:DF:7A:A8:72
Certificate issuer: /CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Certificate serial: 019710F66EAF7FC9CD60D18D6EBDE42C4681
Authority key identifier: 50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/uv61z40d3R0BhGEMSe4CK996qHI.roa
Signing time: Tue 27 May 2025 08:57:55 +0000
ROA not before: Tue 27 May 2025 08:57:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8391
IP address blocks: 195.138.32.0/22 maxlen: 22
195.138.38.0/24 maxlen: 24
195.138.41.0/24 maxlen: 24
195.138.54.0/24 maxlen: 24
195.138.57.0/24 maxlen: 24
195.138.58.0/24 maxlen: 24
195.138.60.0/22 maxlen: 22
195.253.0.0/16 maxlen: 24
195.253.6.0/24 maxlen: 24
195.253.96.0/19 maxlen: 24
2a01:5b0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:10:f6:6e:af:7f:c9:cd:60:d1:8d:6e:bd:e4:2c:46:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50c1e426f58e42ae30e56cdb7ff4d8f9ddd85b30
Validity
Not Before: May 27 08:57:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bafeb5cf8d1ddd1d0184610c49ee022bdf7aa872
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ee:ff:e9:5c:2b:d6:c8:1b:5a:ce:4f:32:86:
71:73:d0:04:75:ec:73:74:7e:18:69:5b:11:76:35:
91:6c:5e:71:91:47:c4:c4:82:d4:cf:7c:ad:56:e2:
67:b2:02:40:96:bd:ee:0d:d3:bf:c9:83:8a:21:19:
58:fa:d1:de:34:f2:8d:40:e5:94:93:a3:65:7b:9e:
d3:64:0a:39:a4:9c:09:fa:74:1d:7e:40:3c:3a:db:
12:a3:f7:79:87:9f:f8:2b:0d:3d:07:8a:22:ce:61:
2d:6f:77:cc:48:8e:aa:c0:c1:e6:36:ca:5f:b5:39:
24:e9:b4:c9:2d:46:c5:75:66:c2:17:82:ce:cb:1c:
39:21:21:da:9b:e9:16:16:b6:ea:b5:d1:72:d8:ee:
e4:df:b9:ae:16:77:0d:a6:5c:51:30:24:ce:f7:d3:
60:00:6e:93:10:db:54:7c:78:35:58:d9:30:9b:e6:
c2:b7:d3:56:09:6d:d8:aa:63:01:82:29:61:62:b4:
51:b3:69:0a:29:09:5f:51:52:44:e3:25:fc:2f:4f:
cf:09:65:39:50:49:a4:a3:f2:bf:23:38:03:f7:20:
12:c1:37:1d:55:bf:1b:6b:6c:ff:4c:56:11:a3:92:
6a:31:13:4b:40:a8:7d:09:7b:0a:1e:19:57:2a:60:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:FE:B5:CF:8D:1D:DD:1D:01:84:61:0C:49:EE:02:2B:DF:7A:A8:72
X509v3 Authority Key Identifier:
keyid:50:C1:E4:26:F5:8E:42:AE:30:E5:6C:DB:7F:F4:D8:F9:DD:D8:5B:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/uv61z40d3R0BhGEMSe4CK996qHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/9c6dad-377a-444e-b0dc-063ce6cf460d/1/UMHkJvWOQq4w5Wzbf_TY-d3YWzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.138.32.0/22
195.138.38.0/24
195.138.41.0/24
195.138.54.0/24
195.138.57.0-195.138.58.255
195.138.60.0/22
195.253.0.0/16
IPv6:
2a01:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
73:84:7a:7c:cc:e8:19:f5:ef:32:c3:33:29:5f:09:6c:25:cf:
1a:6b:21:66:4e:08:12:7d:13:99:c4:9d:86:1a:a4:f3:11:60:
e1:2b:f6:f8:91:86:31:0d:9d:48:fd:0f:ed:24:ad:19:15:f3:
f5:46:fb:ea:aa:43:74:d2:7a:4a:6b:27:11:5d:2f:9d:d7:cb:
c8:b7:97:73:3b:95:ac:a1:f7:e2:5c:55:e2:df:17:f0:54:7b:
f4:69:98:58:62:92:e8:80:54:b6:4c:3e:44:e2:10:a7:09:df:
b7:55:7d:db:b5:54:dd:bf:f9:e5:85:e7:42:6b:91:05:7a:ee:
52:61:ee:eb:64:97:91:fa:b2:7f:0f:50:07:59:9e:a0:99:4b:
b6:ad:87:4b:6e:54:cc:8c:d1:46:21:56:54:d2:4e:fa:9d:c4:
00:c2:08:d2:82:75:01:ec:aa:19:03:c9:12:59:d7:9f:71:ff:
e2:f8:bf:a1:ed:d0:66:13:42:de:f2:98:9e:fc:0b:fc:8e:33:
d7:a5:76:22:29:3b:d2:27:e3:4c:5e:6c:c6:2f:d3:ff:50:0d:
77:4d:e1:e4:0c:c7:be:8e:15:c9:7a:ff:3f:84:d7:c3:f4:be:
55:b3:2c:b9:2a:8b:6d:2b:d4:59:d9:f1:0b:20:4e:54:f6:3e:
0b:a8:a9:19
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZcQ9m6vf8nNYNGNbr3kLEaBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwYzFlNDI2ZjU4ZTQyYWUzMGU1NmNkYjdmZjRkOGY5ZGRk
ODViMzAwHhcNMjUwNTI3MDg1NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWZlYjVjZjhkMWRkZDFkMDE4NDYxMGM0OWVlMDIyYmRmN2FhODcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+7/6Vwr1sgbWs5PMoZxc9AEdexz
dH4YaVsRdjWRbF5xkUfExILUz3ytVuJnsgJAlr3uDdO/yYOKIRlY+tHeNPKNQOWU
k6Nle57TZAo5pJwJ+nQdfkA8OtsSo/d5h5/4Kw09B4oizmEtb3fMSI6qwMHmNspf
tTkk6bTJLUbFdWbCF4LOyxw5ISHam+kWFrbqtdFy2O7k37muFncNplxRMCTO99Ng
AG6TENtUfHg1WNkwm+bCt9NWCW3YqmMBgilhYrRRs2kKKQlfUVJE4yX8L0/PCWU5
UEmko/K/IzgD9yASwTcdVb8ba2z/TFYRo5JqMRNLQKh9CXsKHhlXKmCBGwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFLr+tc+NHd0dAYRhDEnuAivfeqhyMB8GA1UdIwQY
MBaAFFDB5Cb1jkKuMOVs23/02Pnd2FswMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMt
MDYzY2U2Y2Y0NjBkLzEvdXY2MXo0MGQzUjBCaEdFTVNlNENLOTk2cUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85YzZkYWQtMzc3YS00NDRlLWIwZGMtMDYzY2U2Y2Y0NjBk
LzEvVU1Ia0p2V09RcTR3NVd6YmZfVFktZDNZV3pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA3BAIAATAxAwQCw4ogAwQA
w4omAwQAw4opAwQAw4o2MAwDBADDijkDBADDijoDBALDijwDAwDD/TANBAIAAjAH
AwUAKgEFsDANBgkqhkiG9w0BAQsFAAOCAQEAc4R6fMzoGfXvMsMzKV8JbCXPGmsh
Zk4IEn0TmcSdhhqk8xFg4Sv2+JGGMQ2dSP0P7SStGRXz9Ub76qpDdNJ6SmsnEV0v
ndfLyLeXczuVrKH34lxV4t8X8FR79GmYWGKS6IBUtkw+ROIQpwnft1V927VU3b/5
5YXnQmuRBXruUmHu62SXkfqyfw9QB1meoJlLtq2HS25UzIzRRiFWVNJO+p3EAMII
0oJ1AeyqGQPJElnXn3H/4vi/oe3QZhNC3vKYnvwL/I4z16V2Iik70ifjTF5sxi/T
/1ANd03h5AzHvo4VyXr/P4TXw/S+VbMsuSqLbSvUWdnxCyBOVPY+C6ipGQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:38:42 2025 by rpki-client