Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/uxE1qQnTuoYBSz8GwprBQifYIX4.roa
File: uxE1qQnTuoYBSz8GwprBQifYIX4.roa (raw, json)
Hash identifier: fBKvvefu0ioH52gHdolfnnO8h70XZU4TsXTiQjh0VVo=
Subject key identifier: BB:11:35:A9:09:D3:BA:86:01:4B:3F:06:C2:9A:C1:42:27:D8:21:7E
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 019918BF72B98B4F5AA3A4B465A99AD2EA70
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/uxE1qQnTuoYBSz8GwprBQifYIX4.roa
Signing time: Fri 05 Sep 2025 07:20:23 +0000
ROA not before: Fri 05 Sep 2025 07:20:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15763
IP address blocks: 85.22.0.0/16 maxlen: 16
85.22.0.0/20 maxlen: 20
85.22.16.0/20 maxlen: 20
85.22.48.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.58.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.66.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.76.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
156.67.58.0/24 maxlen: 24
185.151.100.0/22 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
212.29.42.0/24 maxlen: 24
2a03:f580::/32 maxlen: 48
2a03:f580::/48 maxlen: 48
2a03:f580:1::/48 maxlen: 48
2a03:f580:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:18:bf:72:b9:8b:4f:5a:a3:a4:b4:65:a9:9a:d2:ea:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Sep 5 07:20:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb1135a909d3ba86014b3f06c29ac14227d8217e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f8:8e:6a:8f:26:a2:77:1a:48:8a:f7:26:9f:
cc:f0:39:ba:19:10:dd:a6:de:a0:90:0e:02:fa:39:
be:8e:99:75:5d:61:ea:0c:c4:fe:d7:8f:9b:3c:79:
a6:fa:ad:bd:39:c9:6a:7e:c8:c1:0d:87:91:a0:48:
52:bd:7c:1d:c6:7d:c1:4c:7c:7e:9e:e9:ba:0f:ce:
01:9d:6c:a4:91:ed:82:ba:25:72:25:4e:5d:45:c0:
0e:69:1c:e1:4d:03:25:64:53:16:ce:1c:85:82:0e:
ae:55:63:b9:67:55:21:a9:2b:98:ee:44:d9:8d:92:
47:60:d1:03:06:c5:a7:d9:e0:df:70:35:a2:29:b8:
5f:6e:07:01:ed:86:df:2e:7c:56:02:07:7c:61:b3:
de:74:c8:64:e3:21:3e:0f:ab:2e:f2:a0:ee:eb:ce:
06:f1:fe:38:dc:28:e1:6e:b9:a3:32:7a:91:e3:19:
8b:6f:96:b4:c5:c8:b5:ae:a3:b9:54:7e:ee:7b:e4:
a8:d5:1c:d9:6e:3b:86:22:bf:f1:86:ee:b3:55:ce:
9a:12:d2:02:23:72:34:12:7f:cd:6a:d2:6e:f7:76:
f3:5a:51:06:a7:f8:af:c5:79:4f:c3:87:23:5e:8e:
53:6a:83:3f:01:37:04:c4:1d:f9:97:5b:ae:15:2e:
3f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:11:35:A9:09:D3:BA:86:01:4B:3F:06:C2:9A:C1:42:27:D8:21:7E
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/uxE1qQnTuoYBSz8GwprBQifYIX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
19:0a:20:b2:8c:76:9f:82:e0:b9:40:fc:c4:7a:38:22:e4:45:
89:0a:77:57:67:d1:35:14:8d:46:1a:cc:d9:01:28:b7:fe:3b:
9a:45:f3:32:ab:2c:1b:6d:36:5c:18:d9:c5:f8:cb:de:a1:9a:
7e:a2:c9:b2:c3:27:06:8e:38:d5:c2:46:76:1d:f0:e2:43:73:
b1:d5:6f:93:5b:e2:87:14:b6:7b:0e:3d:f0:f0:32:ae:62:10:
13:4b:e9:8b:e6:5a:33:d3:6d:c9:22:28:f9:70:9e:a5:0c:71:
a1:30:48:37:a4:1f:50:fc:5a:d5:fa:0b:34:99:09:25:40:6d:
8e:24:3e:c8:f3:3b:8f:b1:4c:87:d0:23:9a:fe:cc:df:aa:c2:
c8:6a:23:da:ff:d3:f3:18:0f:05:2e:b4:5c:6d:dd:d3:f4:a4:
5b:ee:1f:51:6c:7a:28:be:83:d1:df:b2:e7:63:c6:60:1a:47:
4b:c6:81:31:cb:28:7a:ac:31:a3:4a:15:f0:17:ec:30:ea:0f:
9e:aa:cb:cb:1f:83:6b:1a:a0:59:05:d8:66:a9:54:48:6b:95:
b7:40:df:d0:97:77:1f:04:38:74:f6:a6:3f:aa:05:78:f2:c9:
53:70:88:12:53:66:55:27:f1:b0:c3:b2:93:90:95:c5:8f:e2:
76:d6:08:2c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZkYv3K5i09ao6S0Zama0upwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjUwOTA1MDcyMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjExMzVhOTA5ZDNiYTg2MDE0YjNmMDZjMjlhYzE0MjI3ZDgyMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfiOao8moncaSIr3Jp/M8Dm6GRDd
pt6gkA4C+jm+jpl1XWHqDMT+14+bPHmm+q29OclqfsjBDYeRoEhSvXwdxn3BTHx+
num6D84BnWykke2CuiVyJU5dRcAOaRzhTQMlZFMWzhyFgg6uVWO5Z1UhqSuY7kTZ
jZJHYNEDBsWn2eDfcDWiKbhfbgcB7YbfLnxWAgd8YbPedMhk4yE+D6su8qDu684G
8f443CjhbrmjMnqR4xmLb5a0xci1rqO5VH7ue+So1RzZbjuGIr/xhu6zVc6aEtIC
I3I0En/NatJu93bzWlEGp/ivxXlPw4cjXo5TaoM/ATcExB35l1uuFS4/kQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLsRNakJ07qGAUs/BsKawUIn2CF+MB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvdXhFMXFRblR1b1lCU3o4R3dwckJRaWZZSVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
ABkKILKMdp+C4LlA/MR6OCLkRYkKd1dn0TUUjUYazNkBKLf+O5pF8zKrLBttNlwY
2cX4y96hmn6iybLDJwaOONXCRnYd8OJDc7HVb5Nb4ocUtnsOPfDwMq5iEBNL6Yvm
WjPTbckiKPlwnqUMcaEwSDekH1D8WtX6CzSZCSVAbY4kPsjzO4+xTIfQI5r+zN+q
wshqI9r/0/MYDwUutFxt3dP0pFvuH1Fseii+g9HfsudjxmAaR0vGgTHLKHqsMaNK
FfAX7DDqD56qy8sfg2saoFkF2GapVEhrlbdA39CXdx8EOHT2pj+qBXjyyVNwiBJT
ZlUn8bDDspOQlcWP4nbWCCw=
-----END CERTIFICATE-----
Generated at Wed Sep 10 08:09:01 2025 by rpki-client