Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/u-ZfXBL7J0qikFzkHb6Ug8nnyLA.roa
File: u-ZfXBL7J0qikFzkHb6Ug8nnyLA.roa (raw, json)
Hash identifier: d9T9WTvbVY7qpPPZwJTBZg5EbNeR+hsaClgLb5vTqC8=
Subject key identifier: BB:E6:5F:5C:12:FB:27:4A:A2:90:5C:E4:1D:BE:94:83:C9:E7:C8:B0
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 0197CFE8FDED5575FB384B77D3AA28A3642E
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/u-ZfXBL7J0qikFzkHb6Ug8nnyLA.roa
Signing time: Thu 03 Jul 2025 10:50:42 +0000
ROA not before: Thu 03 Jul 2025 10:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.164.0/24 maxlen: 24
194.246.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:e8:fd:ed:55:75:fb:38:4b:77:d3:aa:28:a3:64:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Jul 3 10:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbe65f5c12fb274aa2905ce41dbe9483c9e7c8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a5:c7:0e:6d:a7:28:ec:eb:9a:49:d2:e2:f3:
66:eb:9b:16:b6:70:f3:0b:55:58:e3:83:79:ba:f2:
ea:1d:fa:a4:0b:5e:8b:a5:44:81:cb:04:eb:e6:15:
45:74:06:44:cc:da:38:69:85:86:cd:27:d8:da:68:
02:59:79:19:f3:f6:1e:15:37:3c:2a:78:ca:2f:9d:
5a:9a:f2:95:75:04:8e:62:5c:8c:d1:27:65:1b:1b:
74:38:4f:ea:b0:8c:85:73:5b:6b:5b:a7:36:90:81:
ff:61:c3:da:2a:1b:41:5f:18:f8:df:74:97:94:ec:
7a:76:e9:d8:38:16:91:0a:59:73:e5:99:25:b7:53:
44:96:a7:5e:93:8a:5c:50:5c:85:f7:51:8d:f0:d4:
8f:90:9d:67:ea:5f:88:3b:3f:72:7e:8f:3c:09:20:
e9:5a:fe:8e:e9:44:3f:1e:fb:9f:50:df:a9:97:57:
ac:cd:86:8d:c6:63:00:95:5e:d0:38:84:b0:42:55:
36:f6:d5:97:10:22:fd:ba:ec:96:bb:95:f2:de:cb:
fd:a9:ef:68:bc:92:34:ff:74:36:17:49:f4:ed:b7:
88:be:09:50:62:1e:22:a0:b6:85:8b:a9:65:a7:bd:
de:f9:8c:8b:47:0d:6f:e5:22:1a:cf:4e:31:55:f1:
5b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:E6:5F:5C:12:FB:27:4A:A2:90:5C:E4:1D:BE:94:83:C9:E7:C8:B0
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/u-ZfXBL7J0qikFzkHb6Ug8nnyLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.164.0/24
194.246.36.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:e6:bd:fb:96:84:29:b9:46:ac:12:02:5a:07:e3:49:6c:e4:
bb:3a:f3:44:30:44:8f:31:9a:84:2b:21:3a:88:6b:09:6e:01:
41:8e:96:be:79:2c:99:93:1e:8a:1e:ea:d6:3c:33:78:be:08:
2c:9e:66:1b:b1:e7:fc:6d:34:45:2c:a8:4c:9c:92:33:f4:0c:
10:1f:15:a2:46:10:5d:04:95:56:b6:6d:6a:26:ac:b0:c8:7e:
4e:67:ab:43:95:81:6e:69:b4:d3:a8:a9:01:9a:8c:66:5b:22:
75:fa:d9:8a:8c:be:1d:a1:6f:ea:60:12:01:04:12:74:dc:3c:
e1:7d:18:82:e3:64:b2:3d:2e:c2:42:d4:e2:e8:dc:a6:8a:1f:
f2:61:2b:5e:11:5a:a8:cc:bb:5d:43:f3:41:4d:29:3b:ce:27:
b6:29:5d:d5:f5:d8:dd:24:d5:81:df:e2:8a:75:14:7c:1d:2e:
ba:98:51:09:a1:f5:0d:bc:cf:af:0f:65:a4:59:7c:8e:b6:10:
04:0c:ea:e8:a3:70:12:8f:4d:62:76:be:22:c0:95:9f:4b:1b:
f2:a4:90:d7:4d:b4:9d:18:43:89:ef:f9:c3:43:81:74:68:0d:
45:b8:46:b6:65:4e:74:f6:16:49:8f:b6:59:bf:44:fe:5f:4e:
f9:63:92:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfP6P3tVXX7OEt306ooo2QuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwNzAzMTA1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmU2NWY1YzEyZmIyNzRhYTI5MDVjZTQxZGJlOTQ4M2M5ZTdjOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06XHDm2nKOzrmknS4vNm65sWtnDz
C1VY44N5uvLqHfqkC16LpUSBywTr5hVFdAZEzNo4aYWGzSfY2mgCWXkZ8/YeFTc8
KnjKL51amvKVdQSOYlyM0SdlGxt0OE/qsIyFc1trW6c2kIH/YcPaKhtBXxj433SX
lOx6dunYOBaRCllz5Zklt1NElqdek4pcUFyF91GN8NSPkJ1n6l+IOz9yfo88CSDp
Wv6O6UQ/HvufUN+pl1eszYaNxmMAlV7QOISwQlU29tWXECL9uuyWu5Xy3sv9qe9o
vJI0/3Q2F0n07beIvglQYh4ioLaFi6llp73e+YyLRw1v5SIaz04xVfFbmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLvmX1wS+ydKopBc5B2+lIPJ58iwMB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvdS1aZlhCTDdKMHFpa0Z6a0hiNlVnOG5ueUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZWkAwQA
wvYkMA0GCSqGSIb3DQEBCwUAA4IBAQBN5r37loQpuUasEgJaB+NJbOS7OvNEMESP
MZqEKyE6iGsJbgFBjpa+eSyZkx6KHurWPDN4vggsnmYbsef8bTRFLKhMnJIz9AwQ
HxWiRhBdBJVWtm1qJqywyH5OZ6tDlYFuabTTqKkBmoxmWyJ1+tmKjL4doW/qYBIB
BBJ03DzhfRiC42SyPS7CQtTi6Nymih/yYSteEVqozLtdQ/NBTSk7zie2KV3V9djd
JNWB3+KKdRR8HS66mFEJofUNvM+vD2WkWXyOthAEDOroo3ASj01idr4iwJWfSxvy
pJDXTbSdGEOJ7/nDQ4F0aA1FuEa2ZU509hZJj7ZZv0T+X075Y5Lg
-----END CERTIFICATE-----
Generated at Sat Jul 5 21:01:14 2025 by rpki-client