Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/uMrc6Goc6EcB4BYik3tS4FAFhEU.roa
File: uMrc6Goc6EcB4BYik3tS4FAFhEU.roa (raw, json)
Hash identifier: XOKT7o47MThPABfgFTBszgq+QbxIg28i2iizclcbpXg=
Subject key identifier: B8:CA:DC:E8:6A:1C:E8:47:01:E0:16:22:93:7B:52:E0:50:05:84:45
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 01974BC20CB4752F869F8D529D275456686D
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/uMrc6Goc6EcB4BYik3tS4FAFhEU.roa
Signing time: Sat 07 Jun 2025 18:58:17 +0000
ROA not before: Sat 07 Jun 2025 18:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42724
IP address blocks: 45.155.127.0/24 maxlen: 24
193.3.167.0/24 maxlen: 24
194.36.84.0/24 maxlen: 24
194.36.86.0/24 maxlen: 24
194.36.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:c2:0c:b4:75:2f:86:9f:8d:52:9d:27:54:56:68:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Jun 7 18:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8cadce86a1ce84701e01622937b52e050058445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:72:cf:28:74:9d:ed:25:68:7a:52:62:b4:55:
49:d1:b1:eb:c8:37:4a:33:79:9b:4b:e1:04:81:9b:
76:8c:b2:1d:59:9e:cc:25:f9:aa:d0:e1:53:6b:8e:
c8:d8:f1:5f:c5:13:31:f5:ed:39:4f:e3:cb:80:fb:
1b:74:63:23:e1:5e:15:1c:72:f7:cd:4a:c4:37:2d:
db:39:cf:b4:c6:44:f5:d7:76:bd:73:36:35:11:88:
55:62:55:df:5b:73:ef:c6:d6:3a:d6:de:8c:f8:a5:
f9:8b:46:fd:4a:1e:cc:aa:9a:19:b7:66:01:12:3f:
bc:c1:c5:48:b2:c7:13:1f:33:29:50:2e:35:cc:40:
d1:ce:3e:4d:45:33:c0:92:16:c3:70:f8:da:84:74:
10:15:8d:d3:6a:c2:c4:a7:c0:0a:4c:63:f0:e5:91:
e7:75:dd:a8:9d:b0:01:da:1f:58:da:c2:28:bb:0a:
b5:ec:3c:f4:79:d5:ad:bb:0b:77:7b:ac:bd:d6:f2:
9c:58:e4:9b:a9:71:fd:b6:10:95:d5:f8:32:38:83:
17:c7:cf:2b:03:4a:71:3c:f3:4f:d6:d8:4a:a3:a9:
5a:4f:54:91:bf:da:f9:4a:0a:f9:06:d3:54:d3:6a:
9f:ce:b8:24:52:9f:a2:7c:3a:33:52:41:94:c6:2c:
48:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:CA:DC:E8:6A:1C:E8:47:01:E0:16:22:93:7B:52:E0:50:05:84:45
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/uMrc6Goc6EcB4BYik3tS4FAFhEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.127.0/24
193.3.167.0/24
194.36.84.0/24
194.36.86.0/23
Signature Algorithm: sha256WithRSAEncryption
86:b9:bc:75:1d:73:fc:03:39:5f:fe:09:67:2b:20:45:b7:55:
46:e5:bf:ab:d3:05:38:d9:9e:9e:f9:ee:9d:f5:ae:f9:04:58:
04:0d:ed:16:5b:ac:69:f3:f2:d1:34:97:6f:18:a4:13:db:96:
a6:f5:3a:d0:be:02:a6:84:d6:a1:30:f6:8d:05:49:b2:21:fb:
b9:d5:0c:4e:ba:03:f1:64:43:2b:50:53:14:52:51:d4:b2:62:
d7:c7:75:c4:f4:5c:fe:46:6c:31:0e:8b:2c:b4:b7:d4:52:d4:
36:41:ca:29:93:99:98:83:cb:97:d2:8e:da:c7:33:f0:58:74:
9b:a2:d5:30:4f:ad:5e:0b:67:93:ab:86:f3:a5:dc:e2:b0:7e:
8c:03:23:6d:88:21:71:24:0b:51:29:31:ff:33:2e:b1:33:a6:
2a:de:14:3a:97:28:0f:e4:c2:45:fc:32:e7:7b:64:c2:6e:4d:
46:36:5c:19:96:98:78:0a:d6:1b:51:91:37:2e:04:8e:4e:a7:
7e:0f:a0:c5:99:af:18:3e:a5:8a:65:6c:f7:6e:21:6b:ac:b5:
60:28:51:3f:87:c9:31:3f:68:77:5b:89:7b:08:ee:ad:56:49:
aa:c6:1a:ed:a6:e4:e5:27:c8:f5:5f:df:fa:94:b3:44:c1:52:
21:bd:05:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdLwgy0dS+Gn41SnSdUVmhtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwNjA3MTg1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGNhZGNlODZhMWNlODQ3MDFlMDE2MjI5MzdiNTJlMDUwMDU4NDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HLPKHSd7SVoelJitFVJ0bHryDdK
M3mbS+EEgZt2jLIdWZ7MJfmq0OFTa47I2PFfxRMx9e05T+PLgPsbdGMj4V4VHHL3
zUrENy3bOc+0xkT113a9czY1EYhVYlXfW3PvxtY61t6M+KX5i0b9Sh7MqpoZt2YB
Ej+8wcVIsscTHzMpUC41zEDRzj5NRTPAkhbDcPjahHQQFY3TasLEp8AKTGPw5ZHn
dd2onbAB2h9Y2sIouwq17Dz0edWtuwt3e6y91vKcWOSbqXH9thCV1fgyOIMXx88r
A0pxPPNP1thKo6laT1SRv9r5Sgr5BtNU02qfzrgkUp+ifDozUkGUxixImQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLjK3OhqHOhHAeAWIpN7UuBQBYRFMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvdU1yYzZHb2M2RWNCNEJZaWszdFM0RkFGaEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZt/AwQA
wQOnAwQAwiRUAwQBwiRWMA0GCSqGSIb3DQEBCwUAA4IBAQCGubx1HXP8Azlf/gln
KyBFt1VG5b+r0wU42Z6e+e6d9a75BFgEDe0WW6xp8/LRNJdvGKQT25am9TrQvgKm
hNahMPaNBUmyIfu51QxOugPxZEMrUFMUUlHUsmLXx3XE9Fz+RmwxDosstLfUUtQ2
Qcopk5mYg8uX0o7axzPwWHSbotUwT61eC2eTq4bzpdzisH6MAyNtiCFxJAtRKTH/
My6xM6Yq3hQ6lygP5MJF/DLne2TCbk1GNlwZlph4CtYbUZE3LgSOTqd+D6DFma8Y
PqWKZWz3biFrrLVgKFE/h8kxP2h3W4l7CO6tVkmqxhrtpuTlJ8j1X9/6lLNEwVIh
vQV6
-----END CERTIFICATE-----
Generated at Sun Jun 8 20:36:27 2025 by rpki-client