Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/UdICj6zPcID-7_Hf3d1V7ttrE0M.roa
File: UdICj6zPcID-7_Hf3d1V7ttrE0M.roa (raw, json)
Hash identifier: 1plINgz643oMJ6Sr7Nq6vQNGyijqcXnzXvCmKpTHyIY=
Subject key identifier: 51:D2:02:8F:AC:CF:70:80:FE:EF:F1:DF:DD:DD:55:EE:DB:6B:13:43
Certificate issuer: /CN=699ee08ff671600d4034a3e1d9d5a90245cc9c15
Certificate serial: 0199293EC68A69F1433715783E3BFAACF350
Authority key identifier: 69:9E:E0:8F:F6:71:60:0D:40:34:A3:E1:D9:D5:A9:02:45:CC:9C:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/UdICj6zPcID-7_Hf3d1V7ttrE0M.roa
Signing time: Mon 08 Sep 2025 12:13:23 +0000
ROA not before: Mon 08 Sep 2025 12:13:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3209
IP address blocks: 178.216.10.0/24 maxlen: 24
2001:67c:818::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:3e:c6:8a:69:f1:43:37:15:78:3e:3b:fa:ac:f3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=699ee08ff671600d4034a3e1d9d5a90245cc9c15
Validity
Not Before: Sep 8 12:13:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=51d2028faccf7080feeff1dfdddd55eedb6b1343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:18:ef:27:50:d1:65:e8:a8:a8:db:60:b5:35:
c0:5b:d7:9d:32:18:05:11:ed:b5:70:72:e3:ae:73:
90:07:2b:c7:40:61:71:40:33:32:e7:5f:e1:f4:10:
83:11:cd:9b:d9:0e:96:47:6c:3c:0c:e3:73:d2:d7:
12:31:1b:a2:67:0a:87:da:9a:c0:80:62:02:8c:a2:
64:af:e8:9e:59:13:d8:45:0c:18:64:44:ef:a6:c9:
ee:78:01:06:51:4f:a4:50:1b:86:01:7f:5f:bd:de:
9a:a9:69:15:d3:19:95:e6:55:58:f7:01:af:8e:cc:
16:6f:f9:87:64:70:f1:c4:55:e9:07:3b:5f:5d:31:
b9:a6:6d:cd:9e:43:71:a5:5a:4d:44:10:ec:f4:8e:
80:44:d7:90:2a:f7:37:8e:ed:c0:5e:b4:b5:12:a8:
5b:4d:be:89:d6:92:12:ca:14:1c:c0:c8:6a:38:5a:
5c:0a:d3:1a:85:92:77:39:cc:e6:28:68:79:b7:e0:
8a:3b:7e:88:e6:9c:b2:3e:fc:41:d8:e3:2d:5f:b0:
89:96:6c:ce:90:85:69:84:4c:0e:56:ff:1d:80:fb:
a8:4c:60:c5:83:10:ab:5e:b6:47:33:b5:19:9f:db:
bb:df:4c:d4:9c:6f:83:91:7b:b6:ba:06:af:49:d9:
41:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D2:02:8F:AC:CF:70:80:FE:EF:F1:DF:DD:DD:55:EE:DB:6B:13:43
X509v3 Authority Key Identifier:
keyid:69:9E:E0:8F:F6:71:60:0D:40:34:A3:E1:D9:D5:A9:02:45:CC:9C:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/UdICj6zPcID-7_Hf3d1V7ttrE0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/e6727c-0803-4a03-9771-1d08addca271/1/aZ7gj_ZxYA1ANKPh2dWpAkXMnBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.216.10.0/24
IPv6:
2001:67c:818::/48
Signature Algorithm: sha256WithRSAEncryption
52:af:44:0a:c6:96:1d:96:48:fe:02:3c:13:b0:14:f9:fe:0b:
da:a6:69:ac:91:b2:8f:aa:c7:8e:1a:f2:b4:35:a1:76:bd:7e:
8b:72:87:cf:e3:32:6f:40:86:a5:17:6d:83:b1:6e:d2:35:21:
38:29:29:bc:0e:87:df:db:d9:86:c1:0d:72:1c:02:71:28:5e:
92:ae:45:ec:b3:1c:08:b0:93:76:a8:1e:91:3a:e3:6a:c2:f7:
b4:04:02:a2:b3:bc:61:fd:44:e2:44:e3:4e:4f:84:08:58:dd:
58:87:1b:62:b2:74:c2:18:33:25:cf:1d:d1:a3:4a:77:aa:29:
6b:fe:52:9c:bb:93:87:e2:47:8d:40:71:a8:44:8f:f7:08:e2:
7b:cd:cd:4e:3e:12:e5:33:ff:53:9f:0c:75:e2:df:c5:66:9e:
8a:ed:f8:a8:a4:ad:bd:7d:13:73:96:72:5f:3f:3a:12:fa:e8:
1f:f8:5a:39:e7:84:e6:4c:b9:d9:53:e7:dd:cf:cd:05:e9:ec:
3c:37:73:ac:b6:54:e4:1d:43:34:c3:e7:b2:50:5b:06:44:9d:
61:62:38:0a:22:25:94:64:b0:a8:6a:ba:a8:7f:26:f8:ed:4b:
ba:53:36:85:93:08:3a:5a:30:5c:8e:eb:67:0e:e3:92:83:c2:
51:cb:67:c2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZkpPsaKafFDNxV4Pjv6rPNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OWVlMDhmZjY3MTYwMGQ0MDM0YTNlMWQ5ZDVhOTAyNDVj
YzljMTUwHhcNMjUwOTA4MTIxMzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQyMDI4ZmFjY2Y3MDgwZmVlZmYxZGZkZGRkNTVlZWRiNmIxMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohjvJ1DRZeioqNtgtTXAW9edMhgF
Ee21cHLjrnOQByvHQGFxQDMy51/h9BCDEc2b2Q6WR2w8DONz0tcSMRuiZwqH2prA
gGICjKJkr+ieWRPYRQwYZETvpsnueAEGUU+kUBuGAX9fvd6aqWkV0xmV5lVY9wGv
jswWb/mHZHDxxFXpBztfXTG5pm3NnkNxpVpNRBDs9I6ARNeQKvc3ju3AXrS1Eqhb
Tb6J1pISyhQcwMhqOFpcCtMahZJ3OczmKGh5t+CKO36I5pyyPvxB2OMtX7CJlmzO
kIVphEwOVv8dgPuoTGDFgxCrXrZHM7UZn9u730zUnG+DkXu2ugavSdlBNQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFHSAo+sz3CA/u/x393dVe7baxNDMB8GA1UdIwQY
MBaAFGme4I/2cWANQDSj4dnVqQJFzJwVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVo3Z2pfWnhZQTFBTktQaDJkV3BBa1hNbkJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9lNjcyN2MtMDgwMy00YTAzLTk3NzEt
MWQwOGFkZGNhMjcxLzEvVWRJQ2o2elBjSUQtN19IZjNkMVY3dHRyRTBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9lNjcyN2MtMDgwMy00YTAzLTk3NzEtMWQwOGFkZGNhMjcx
LzEvYVo3Z2pfWnhZQTFBTktQaDJkV3BBa1hNbkJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAstgKMA8E
AgACMAkDBwAgAQZ8CBgwDQYJKoZIhvcNAQELBQADggEBAFKvRArGlh2WSP4CPBOw
FPn+C9qmaayRso+qx44a8rQ1oXa9fotyh8/jMm9AhqUXbYOxbtI1ITgpKbwOh9/b
2YbBDXIcAnEoXpKuReyzHAiwk3aoHpE642rC97QEAqKzvGH9ROJE405PhAhY3ViH
G2KydMIYMyXPHdGjSneqKWv+Upy7k4fiR41AcahEj/cI4nvNzU4+EuUz/1OfDHXi
38Vmnort+Kikrb19E3OWcl8/OhL66B/4WjnnhOZMudlT593PzQXp7Dw3c6y2VOQd
QzTD57JQWwZEnWFiOAoiJZRksKhquqh/JvjtS7pTNoWTCDpaMFyO62cO45KDwlHL
Z8I=
-----END CERTIFICATE-----
Generated at Wed Sep 10 04:30:54 2025 by rpki-client