Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_UJMKsGPwamcQhOrT3OPz0FI23Q.roa
File: _UJMKsGPwamcQhOrT3OPz0FI23Q.roa (raw, json)
Hash identifier: LwUdCFc15088/Mz7yq4gpAefhu/Wlb1xviL3VVZMP6Q=
Subject key identifier: FD:42:4C:2A:C1:8F:C1:A9:9C:42:13:AB:4F:73:8F:CF:41:48:DB:74
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019927FF41A810E38838627C36C0E9638DD8
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_UJMKsGPwamcQhOrT3OPz0FI23Q.roa
Signing time: Mon 08 Sep 2025 06:24:23 +0000
ROA not before: Mon 08 Sep 2025 06:24:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214413
IP address blocks: 195.40.72.0/22 maxlen: 24
195.40.76.0/23 maxlen: 24
195.40.82.0/23 maxlen: 24
195.40.94.0/23 maxlen: 24
195.40.176.0/22 maxlen: 24
195.40.182.0/23 maxlen: 24
212.134.8.0/23 maxlen: 24
212.134.12.0/22 maxlen: 24
212.134.66.0/23 maxlen: 24
212.134.68.0/22 maxlen: 24
212.135.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:27:ff:41:a8:10:e3:88:38:62:7c:36:c0:e9:63:8d:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 8 06:24:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd424c2ac18fc1a99c4213ab4f738fcf4148db74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ff:38:10:7e:be:1a:05:46:0f:99:bb:a9:4c:
11:00:5d:de:d9:0a:39:19:f1:55:90:15:4e:0b:1a:
bc:ce:f8:61:13:b7:1d:aa:c0:06:82:7f:47:d4:5f:
b3:fe:61:10:71:13:df:8c:0e:6e:d8:0b:a1:2b:89:
db:77:21:9b:06:3f:f0:18:cd:7c:2a:96:59:20:17:
f3:78:ee:f4:29:0f:fd:3b:93:ad:b8:af:85:65:48:
db:11:96:de:02:30:4b:01:33:e5:e6:44:85:6c:6f:
8f:8f:03:de:7c:b0:45:c0:11:73:72:73:40:2a:08:
fa:f5:af:bd:35:ca:1d:3f:52:78:62:c2:d2:30:dd:
e1:61:41:be:1a:e2:d1:05:43:5c:68:dc:12:cd:5b:
b5:6b:29:89:70:0f:7d:c0:d3:bc:89:7b:fe:51:0c:
c0:3b:23:fe:36:0d:fd:73:d2:22:dd:a6:33:e2:bd:
45:e7:1b:d2:1d:6e:a1:85:53:eb:2b:82:a4:99:dc:
54:9b:9f:f2:9b:5b:9d:f0:4b:68:4f:36:68:9e:79:
39:15:b5:27:77:a8:e2:36:eb:17:7b:a5:51:27:2e:
cb:55:e8:e7:27:79:91:ae:77:55:9c:39:f8:96:18:
6f:0f:eb:c6:64:37:46:98:cc:35:5c:b1:95:c6:40:
49:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:42:4C:2A:C1:8F:C1:A9:9C:42:13:AB:4F:73:8F:CF:41:48:DB:74
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/_UJMKsGPwamcQhOrT3OPz0FI23Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.72.0-195.40.77.255
195.40.82.0/23
195.40.94.0/23
195.40.176.0/22
195.40.182.0/23
212.134.8.0/23
212.134.12.0/22
212.134.66.0-212.134.71.255
212.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:bb:3c:1e:59:81:95:a7:60:de:a1:6c:9f:d4:20:24:d6:ce:
2d:eb:ef:f5:a1:79:d3:2d:f0:2c:03:bb:dd:8b:d8:08:6f:3a:
3f:8c:c4:a9:3e:e9:97:aa:68:b9:df:f8:cd:ec:7c:37:01:5c:
bc:9b:ad:f1:93:69:2c:5d:20:85:34:07:d1:97:d8:88:e9:b4:
b1:61:81:16:9b:a7:92:9b:85:1a:c0:6d:8f:84:4b:a9:46:b6:
fd:c5:69:a5:99:1a:43:7d:a9:68:19:e1:8a:be:dd:d2:61:68:
b3:08:56:c9:cf:62:e4:95:47:c4:9b:e0:bf:fc:29:15:ef:7c:
5e:d1:77:93:6f:54:71:f9:f5:0c:81:75:c2:cc:27:6c:af:4b:
0f:eb:4b:7c:f8:53:f6:d5:6e:d4:3a:57:77:62:00:e3:27:45:
57:70:f3:07:c9:e7:85:ef:f8:32:5a:f9:87:10:5d:6f:7d:fa:
b3:4d:22:94:25:42:20:da:e1:55:38:9c:af:88:33:ef:7d:56:
bb:85:bd:bf:82:8a:2e:40:7e:00:8c:de:b4:64:12:95:7b:61:
a8:19:87:ce:e8:32:6e:26:50:78:28:d5:f0:b6:7e:76:db:57:
42:70:b8:55:50:41:63:1d:0d:7a:8f:4d:2f:e5:5e:e5:e8:8a:
94:fc:a2:42
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZkn/0GoEOOIOGJ8NsDpY43YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTA4MDYyNDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQyNGMyYWMxOGZjMWE5OWM0MjEzYWI0ZjczOGZjZjQxNDhkYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf84EH6+GgVGD5m7qUwRAF3e2Qo5
GfFVkBVOCxq8zvhhE7cdqsAGgn9H1F+z/mEQcRPfjA5u2AuhK4nbdyGbBj/wGM18
KpZZIBfzeO70KQ/9O5OtuK+FZUjbEZbeAjBLATPl5kSFbG+PjwPefLBFwBFzcnNA
Kgj69a+9NcodP1J4YsLSMN3hYUG+GuLRBUNcaNwSzVu1aymJcA99wNO8iXv+UQzA
OyP+Ng39c9Ii3aYz4r1F5xvSHW6hhVPrK4KkmdxUm5/ym1ud8EtoTzZonnk5FbUn
d6jiNusXe6VRJy7LVejnJ3mRrndVnDn4lhhvD+vGZDdGmMw1XLGVxkBJoQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFP1CTCrBj8GpnEITq09zj89BSNt0MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvX1VKTUtzR1B3YW1jUWhPclQzT1B6MEZJMjNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAPDKEgD
BAHDKEwDBAHDKFIDBAHDKF4DBALDKLADBAHDKLYDBAHUhggDBALUhgwwDAMEAdSG
QgMEA9SGQAMEAtSH3DANBgkqhkiG9w0BAQsFAAOCAQEAOrs8HlmBladg3qFsn9Qg
JNbOLevv9aF50y3wLAO73YvYCG86P4zEqT7pl6poud/4zex8NwFcvJut8ZNpLF0g
hTQH0ZfYiOm0sWGBFpunkpuFGsBtj4RLqUa2/cVppZkaQ32paBnhir7d0mFoswhW
yc9i5JVHxJvgv/wpFe98XtF3k29Ucfn1DIF1wswnbK9LD+tLfPhT9tVu1DpXd2IA
4ydFV3DzB8nnhe/4Mlr5hxBdb336s00ilCVCINrhVTicr4gz731Wu4W9v4KKLkB+
AIzetGQSlXthqBmHzugybiZQeCjV8LZ+dttXQnC4VVBBYx0Neo9NL+Ve5eiKlPyi
Qg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:31 2025 by rpki-client