Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/u0_XUAi6wQ1hABfhWKCbz_SY6GM.roa
File: u0_XUAi6wQ1hABfhWKCbz_SY6GM.roa (raw, json)
Hash identifier: BUqUqz0zRzt+jltkuQPae7kaRGHqPqrUZusSMYIjZsw=
Subject key identifier: BB:4F:D7:50:08:BA:C1:0D:61:00:17:E1:58:A0:9B:CF:F4:98:E8:63
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 0196C3FA1BDAFC188AB8619565FD2DE5F1E1
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/u0_XUAi6wQ1hABfhWKCbz_SY6GM.roa
Signing time: Mon 12 May 2025 10:11:10 +0000
ROA not before: Mon 12 May 2025 10:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.5.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
87.247.168.0/21 maxlen: 21
87.247.172.0/23 maxlen: 23
87.247.173.0/24 maxlen: 24
185.166.105.0/24 maxlen: 24
185.166.107.0/24 maxlen: 24
2a10:a440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 16:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:fa:1b:da:fc:18:8a:b8:61:95:65:fd:2d:e5:f1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: May 12 10:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb4fd75008bac10d610017e158a09bcff498e863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:93:69:75:06:cb:ea:38:cf:08:ed:da:c7:51:
64:0e:53:a2:6b:e0:d1:06:f5:1b:ac:ff:ed:6e:3e:
d0:f1:98:24:81:4d:be:fb:c9:b1:1e:fb:57:aa:c2:
a5:53:93:df:84:f0:e8:13:63:92:66:49:7e:60:dd:
55:a0:a3:39:f2:02:4d:00:41:62:9b:e9:da:b6:13:
c6:40:af:e5:98:fb:40:95:d9:8c:8c:bc:e0:d5:75:
be:9b:b4:65:a5:42:fe:2a:e8:f4:0b:8f:61:03:66:
76:d7:93:db:a3:cc:6d:ab:a7:a6:dc:19:d7:9d:82:
da:15:dc:02:13:96:e4:75:9f:04:c1:a0:09:1d:e0:
bd:9c:0d:45:da:72:25:0e:6c:81:34:e4:4e:ad:f2:
85:89:d7:15:d8:fc:7b:37:bd:b9:ab:b9:18:a7:ec:
40:89:0b:24:bd:57:8b:cf:f6:d1:ca:69:99:77:e2:
66:5c:77:a4:7a:5e:ee:f5:98:6b:e8:b1:ae:e7:b6:
af:e5:98:6d:7c:5d:39:96:a7:43:20:db:75:43:45:
b9:11:94:b5:f0:5d:68:8b:6c:fd:f7:f2:1d:8e:2b:
58:b3:a2:6a:2c:09:4a:40:42:ac:10:0a:8c:79:9c:
cd:a0:ed:a4:68:84:e8:29:a2:02:50:48:fb:e5:29:
a4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4F:D7:50:08:BA:C1:0D:61:00:17:E1:58:A0:9B:CF:F4:98:E8:63
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/u0_XUAi6wQ1hABfhWKCbz_SY6GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.5.0-78.111.6.255
87.247.168.0/21
185.166.105.0/24
185.166.107.0/24
IPv6:
2a10:a440::/29
Signature Algorithm: sha256WithRSAEncryption
2f:2d:30:7a:3c:ce:6b:9a:ad:ad:ab:11:33:75:54:20:8f:20:
31:71:62:21:1d:4e:66:44:63:d1:73:03:f7:95:58:89:59:d1:
3e:f8:3a:a9:e2:eb:f4:25:a1:a5:71:ab:37:83:df:b7:60:ad:
cd:81:14:38:da:ce:13:cf:4b:0a:c1:ef:ee:d9:1c:0b:48:12:
92:fb:4f:db:10:a9:b5:62:5b:20:79:ad:91:2e:25:5e:2c:e4:
fc:e0:90:6c:54:4b:02:fc:7c:cd:0f:44:32:ba:57:65:e8:3c:
85:b3:a3:21:36:42:9b:0d:05:e1:8e:f1:d0:14:cb:47:e1:0e:
4f:19:20:fc:8f:1d:e5:53:da:b2:4e:95:0c:44:23:bb:80:9d:
26:bf:b8:37:87:7f:a7:1c:89:17:d9:f4:bc:93:af:f8:c8:f4:
9a:ff:d2:16:24:71:6a:81:12:2d:87:97:d2:57:9b:a3:16:58:
53:f3:05:58:5f:16:04:19:cd:1d:4a:01:13:13:f1:f1:c4:cd:
eb:40:2e:a4:cc:54:13:c2:07:d6:22:55:bf:1e:97:a9:66:24:
41:1e:1d:4f:f8:cc:8d:bf:b9:76:40:92:0d:4b:36:44:47:5c:
f1:d0:64:a4:98:e2:7e:f7:39:87:57:fc:ca:39:32:4a:41:de:
ad:8d:a5:25
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZbD+hva/BiKuGGVZf0t5fHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjUwNTEyMTAxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRmZDc1MDA4YmFjMTBkNjEwMDE3ZTE1OGEwOWJjZmY0OThlODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpNpdQbL6jjPCO3ax1FkDlOia+DR
BvUbrP/tbj7Q8ZgkgU2++8mxHvtXqsKlU5PfhPDoE2OSZkl+YN1VoKM58gJNAEFi
m+nathPGQK/lmPtAldmMjLzg1XW+m7RlpUL+Kuj0C49hA2Z215Pbo8xtq6em3BnX
nYLaFdwCE5bkdZ8EwaAJHeC9nA1F2nIlDmyBNOROrfKFidcV2Px7N725q7kYp+xA
iQskvVeLz/bRymmZd+JmXHekel7u9Zhr6LGu57av5ZhtfF05lqdDINt1Q0W5EZS1
8F1oi2z99/IdjitYs6JqLAlKQEKsEAqMeZzNoO2kaIToKaICUEj75SmkBwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFLtP11AIusENYQAX4Vigm8/0mOhjMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvdTBfWFVBaTZ3UTFoQUJmaFdLQ2J6X1NZNkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBABObwUD
BABObwYDBANX96gDBAC5pmkDBAC5pmswDQQCAAIwBwMFAyoQpEAwDQYJKoZIhvcN
AQELBQADggEBAC8tMHo8zmuara2rETN1VCCPIDFxYiEdTmZEY9FzA/eVWIlZ0T74
Oqni6/QloaVxqzeD37dgrc2BFDjazhPPSwrB7+7ZHAtIEpL7T9sQqbViWyB5rZEu
JV4s5PzgkGxUSwL8fM0PRDK6V2XoPIWzoyE2QpsNBeGO8dAUy0fhDk8ZIPyPHeVT
2rJOlQxEI7uAnSa/uDeHf6cciRfZ9LyTr/jI9Jr/0hYkcWqBEi2Hl9JXm6MWWFPz
BVhfFgQZzR1KARMT8fHEzetALqTMVBPCB9YiVb8el6lmJEEeHU/4zI2/uXZAkg1L
NkRHXPHQZKSY4n73OYdX/Mo5MkpB3q2NpSU=
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:39:53 2025 by rpki-client