Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/cU_yNL1eM_HdNE8wpI0gj0opY-Q.roa
File: cU_yNL1eM_HdNE8wpI0gj0opY-Q.roa (raw, json)
Hash identifier: MYgNl6Bn9+R1XeYd2aWGDf5EYcLica0KZQKzsNv9cno=
Subject key identifier: 71:4F:F2:34:BD:5E:33:F1:DD:34:4F:30:A4:8D:20:8F:4A:29:63:E4
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 01999B4435CB2F46583B9ECD38DAA460B87D
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/cU_yNL1eM_HdNE8wpI0gj0opY-Q.roa
Signing time: Tue 30 Sep 2025 15:36:02 +0000
ROA not before: Tue 30 Sep 2025 15:36:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 88.80.137.0/24 maxlen: 24
194.79.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Oct 2025 21:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:44:35:cb:2f:46:58:3b:9e:cd:38:da:a4:60:b8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Sep 30 15:36:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=714ff234bd5e33f1dd344f30a48d208f4a2963e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4f:2a:16:9e:37:bc:ab:cc:b3:e6:d5:85:c0:
eb:b6:aa:ba:4d:37:30:16:9f:4d:f9:dc:4c:ce:78:
b9:ac:b2:17:e0:c8:2a:2a:57:30:ca:a2:57:b3:ae:
67:d2:fc:dd:f9:4a:e8:a2:91:66:97:46:71:10:6f:
72:b8:df:15:a7:0b:2a:56:52:45:68:9c:2b:8d:63:
92:d9:ee:da:09:0b:8f:0c:56:a2:87:52:33:0c:41:
e9:b1:f4:62:ba:bf:10:bb:14:c4:08:ea:7b:4b:a7:
b4:19:f1:fe:e6:ed:bf:d6:52:40:88:db:01:35:18:
52:e8:c9:00:40:e5:ea:f8:df:be:81:cc:0f:a0:a5:
d7:3d:78:28:7b:d5:00:8e:43:6f:99:fa:f9:d8:bf:
55:0f:de:74:78:3d:3c:fd:09:b2:e6:c4:bb:cb:8f:
e5:be:fb:5c:0b:f7:67:96:ae:74:43:0f:2f:53:bc:
d7:0d:0f:11:6b:32:98:51:23:ba:77:de:d3:3a:c8:
30:66:ba:9c:dd:4d:47:1a:22:c2:e6:be:ef:1c:46:
1e:6f:ad:15:42:ab:21:1e:b6:f3:ae:e4:dd:30:f6:
5e:47:e5:19:db:d2:1b:00:61:98:7a:4b:e1:61:ef:
fa:9f:32:af:27:c8:2d:d7:a5:5e:2b:c8:8e:2c:46:
6f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:4F:F2:34:BD:5E:33:F1:DD:34:4F:30:A4:8D:20:8F:4A:29:63:E4
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/cU_yNL1eM_HdNE8wpI0gj0opY-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.80.137.0/24
194.79.14.0/24
Signature Algorithm: sha256WithRSAEncryption
23:db:26:18:1c:18:e0:c4:0e:bd:32:b7:d7:d2:87:af:38:92:
d8:3d:71:1d:f0:ce:30:c0:78:02:00:8d:3a:58:98:fe:94:61:
b0:09:65:93:2f:38:fd:3c:86:65:70:97:69:be:df:eb:bf:5f:
bc:bc:e4:13:d0:72:3d:00:59:dc:6a:48:f5:15:7f:bd:63:28:
11:9d:1e:8b:94:a0:4d:7f:f5:30:b3:fd:e8:aa:27:66:a8:f3:
c2:35:9a:fe:e5:59:1d:2b:c5:a6:99:84:ec:89:58:bf:e8:c2:
47:b8:ca:2d:7f:2a:6a:22:9b:21:36:3a:81:07:53:af:8a:d6:
46:c9:39:c4:44:55:ee:3c:ca:8a:2e:ab:17:6f:bd:80:e0:2c:
d1:85:7a:59:ed:87:3f:ac:6c:cc:6e:df:22:c3:a3:82:e7:63:
db:72:55:e4:73:75:71:66:ab:98:68:4b:a5:d9:9a:7c:22:d3:
70:2c:75:55:f7:e4:02:c0:f9:62:db:95:0d:46:74:9d:fc:db:
16:79:67:83:e3:2a:17:14:2d:f0:37:f0:0a:fc:6c:a0:e5:af:
fb:63:f9:3a:d6:e8:f3:7c:1a:d0:09:a1:cc:40:c9:9b:04:6a:
ef:da:45:b3:cf:37:c3:ea:ce:27:fe:dc:9a:61:5e:62:54:aa:
c8:f0:14:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmbRDXLL0ZYO57NONqkYLh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjUwOTMwMTUzNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTRmZjIzNGJkNWUzM2YxZGQzNDRmMzBhNDhkMjA4ZjRhMjk2M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU8qFp43vKvMs+bVhcDrtqq6TTcw
Fp9N+dxMzni5rLIX4MgqKlcwyqJXs65n0vzd+UroopFml0ZxEG9yuN8VpwsqVlJF
aJwrjWOS2e7aCQuPDFaih1IzDEHpsfRiur8QuxTECOp7S6e0GfH+5u2/1lJAiNsB
NRhS6MkAQOXq+N++gcwPoKXXPXgoe9UAjkNvmfr52L9VD950eD08/Qmy5sS7y4/l
vvtcC/dnlq50Qw8vU7zXDQ8RazKYUSO6d97TOsgwZrqc3U1HGiLC5r7vHEYeb60V
QqshHrbzruTdMPZeR+UZ29IbAGGYekvhYe/6nzKvJ8gt16VeK8iOLEZvrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHFP8jS9XjPx3TRPMKSNII9KKWPkMB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvY1VfeU5MMWVNX0hkTkU4d3BJMGdqMG9wWS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWFCJAwQA
wk8OMA0GCSqGSIb3DQEBCwUAA4IBAQAj2yYYHBjgxA69MrfX0oevOJLYPXEd8M4w
wHgCAI06WJj+lGGwCWWTLzj9PIZlcJdpvt/rv1+8vOQT0HI9AFncakj1FX+9YygR
nR6LlKBNf/Uws/3oqidmqPPCNZr+5VkdK8WmmYTsiVi/6MJHuMotfypqIpshNjqB
B1OvitZGyTnERFXuPMqKLqsXb72A4CzRhXpZ7Yc/rGzMbt8iw6OC52PbclXkc3Vx
ZquYaEul2Zp8ItNwLHVV9+QCwPli25UNRnSd/NsWeWeD4yoXFC3wN/AK/Gyg5a/7
Y/k61ujzfBrQCaHMQMmbBGrv2kWzzzfD6s4n/tyaYV5iVKrI8BSH
-----END CERTIFICATE-----
Generated at Sun Oct 19 07:06:00 2025 by rpki-client