Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/3UIDKEFXJEmxMbGydMkXkbNNCTY.roa
File: 3UIDKEFXJEmxMbGydMkXkbNNCTY.roa (raw, json)
Hash identifier: pgCRcX9iheRr/OCGNJKjSelNy2YviytvLV7qgkrg4cw=
Subject key identifier: DD:42:03:28:41:57:24:49:B1:31:B1:B2:74:C9:17:91:B3:4D:09:36
Certificate issuer: /CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Certificate serial: 01970282C813EEB9D311B86D4638C1327373
Authority key identifier: DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/3UIDKEFXJEmxMbGydMkXkbNNCTY.roa
Signing time: Sat 24 May 2025 13:36:54 +0000
ROA not before: Sat 24 May 2025 13:36:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50973
IP address blocks: 79.171.48.0/21 maxlen: 21
79.171.48.0/24 maxlen: 24
79.171.49.0/24 maxlen: 24
79.171.50.0/24 maxlen: 24
79.171.52.0/24 maxlen: 24
79.171.55.0/24 maxlen: 24
188.172.96.0/24 maxlen: 24
188.172.97.0/24 maxlen: 24
188.172.98.0/24 maxlen: 24
188.172.99.0/24 maxlen: 24
188.172.100.0/24 maxlen: 24
188.172.101.0/24 maxlen: 24
188.172.102.0/24 maxlen: 24
188.172.103.0/24 maxlen: 24
188.172.104.0/22 maxlen: 22
188.172.104.0/24 maxlen: 24
188.172.108.0/24 maxlen: 24
188.172.109.0/24 maxlen: 24
188.172.110.0/24 maxlen: 24
188.172.111.0/24 maxlen: 24
2a0a:a0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.mft
rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:02:82:c8:13:ee:b9:d3:11:b8:6d:46:38:c1:32:73:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df8877f3c55b528e1a29db3d79920656f0c66aeb
Validity
Not Before: May 24 13:36:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd42032841572449b131b1b274c91791b34d0936
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2c:27:cf:3b:5c:7d:47:8a:cf:2a:25:7a:fa:
e1:96:7b:07:7e:49:a9:94:83:d0:87:39:f8:23:56:
15:7b:66:4b:60:2c:1a:3a:b1:bf:f0:63:a2:0b:73:
16:82:f2:83:d6:cc:3e:0d:05:d8:6d:d8:31:85:aa:
e8:ef:88:5e:0b:a2:66:28:65:c6:b6:ea:c1:74:34:
9e:f9:92:c2:1c:8f:08:4f:29:fd:6e:74:ac:cb:46:
f6:dd:e8:4f:9c:b9:3a:7c:03:96:e9:2c:3e:24:74:
73:0f:51:e0:b0:ee:1d:76:13:38:26:b2:b5:69:76:
5d:7b:ca:a9:06:ad:08:86:38:b2:72:b1:59:97:5b:
75:30:d4:71:46:be:ab:2c:98:06:35:71:20:15:cd:
bf:52:08:7f:16:ab:6f:5f:de:ed:f3:01:c1:22:43:
3e:0e:4a:ee:0b:60:7e:5a:a7:96:b1:69:c7:61:54:
3c:71:89:90:ff:48:a4:db:2b:27:bb:04:a0:13:6a:
d9:70:dc:d4:0b:50:9b:37:1b:22:0a:0a:80:82:2a:
08:b4:5c:ea:40:81:bf:70:3a:06:e4:da:57:13:6b:
14:13:06:74:a8:b5:0c:74:b6:92:e9:8f:c0:c1:c5:
f9:4a:c8:f3:6f:c0:8c:f4:c2:b7:62:9f:54:52:8f:
c0:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:42:03:28:41:57:24:49:B1:31:B1:B2:74:C9:17:91:B3:4D:09:36
X509v3 Authority Key Identifier:
keyid:DF:88:77:F3:C5:5B:52:8E:1A:29:DB:3D:79:92:06:56:F0:C6:6A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34h388VbUo4aKds9eZIGVvDGaus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/3UIDKEFXJEmxMbGydMkXkbNNCTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d21d60-210f-40b3-9d89-25455a8ddd45/1/34h388VbUo4aKds9eZIGVvDGaus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.171.48.0/21
188.172.96.0/20
IPv6:
2a0a:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:8b:ae:7c:98:99:1c:7e:87:4c:6c:37:d5:c4:53:84:8c:54:
57:9a:04:8d:8d:1a:4e:ae:73:e4:c9:3f:41:58:01:3c:2e:9b:
97:7d:f8:66:81:66:4e:9b:7c:a5:40:87:3b:99:f9:d7:75:c4:
63:04:80:6f:9b:cd:2f:33:11:fc:d8:8e:c8:46:5f:fe:a1:2e:
71:f9:e1:50:f3:f0:ce:6e:b4:14:77:bb:3a:97:e1:aa:15:2f:
66:84:7b:bf:03:87:c4:f5:b4:38:68:db:bd:eb:4f:96:a1:59:
b4:fa:e8:fe:aa:d1:a3:a7:be:ec:a1:08:12:62:09:20:61:f1:
ed:0a:7f:98:39:a2:0a:af:a9:b9:53:8b:6c:e8:cc:d8:cc:f9:
8c:c5:ab:0c:6a:cc:fd:34:12:fd:b3:d2:50:e1:19:82:b0:7f:
ac:ab:7a:50:2b:49:82:45:10:00:f2:00:b1:65:8b:48:50:ce:
6b:8f:cf:37:3c:07:bd:dd:db:20:f7:7c:1f:8e:8b:42:7a:51:
34:e5:37:48:d1:41:d0:4e:4a:8e:f6:e2:55:69:70:66:e4:4c:
3a:8c:06:b1:2c:2d:2a:9c:68:55:19:4f:8e:23:1a:4d:bf:12:
6a:0c:0a:6f:e2:26:da:01:93:af:c1:de:58:f4:6d:00:05:05:
b9:28:d1:95
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZcCgsgT7rnTEbhtRjjBMnNzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODg3N2YzYzU1YjUyOGUxYTI5ZGIzZDc5OTIwNjU2ZjBj
NjZhZWIwHhcNMjUwNTI0MTMzNjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQyMDMyODQxNTcyNDQ5YjEzMWIxYjI3NGM5MTc5MWIzNGQwOTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiwnzztcfUeKzyolevrhlnsHfkmp
lIPQhzn4I1YVe2ZLYCwaOrG/8GOiC3MWgvKD1sw+DQXYbdgxharo74heC6JmKGXG
turBdDSe+ZLCHI8ITyn9bnSsy0b23ehPnLk6fAOW6Sw+JHRzD1HgsO4ddhM4JrK1
aXZde8qpBq0IhjiycrFZl1t1MNRxRr6rLJgGNXEgFc2/Ugh/FqtvX97t8wHBIkM+
DkruC2B+WqeWsWnHYVQ8cYmQ/0ik2ysnuwSgE2rZcNzUC1CbNxsiCgqAgioItFzq
QIG/cDoG5NpXE2sUEwZ0qLUMdLaS6Y/AwcX5Ssjzb8CM9MK3Yp9UUo/AhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN1CAyhBVyRJsTGxsnTJF5GzTQk2MB8GA1UdIwQY
MBaAFN+Id/PFW1KOGinbPXmSBlbwxmrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODkt
MjU0NTVhOGRkZDQ1LzEvM1VJREtFRlhKRW14TWJHeWRNa1hrYk5OQ1RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kMjFkNjAtMjEwZi00MGIzLTlkODktMjU0NTVhOGRkZDQ1
LzEvMzRoMzg4VmJVbzRhS2RzOWVaSUdWdkRHYXVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDT6swAwQE
vKxgMA0EAgACMAcDBQMqCqDAMA0GCSqGSIb3DQEBCwUAA4IBAQCji658mJkcfodM
bDfVxFOEjFRXmgSNjRpOrnPkyT9BWAE8LpuXffhmgWZOm3ylQIc7mfnXdcRjBIBv
m80vMxH82I7IRl/+oS5x+eFQ8/DObrQUd7s6l+GqFS9mhHu/A4fE9bQ4aNu960+W
oVm0+uj+qtGjp77soQgSYgkgYfHtCn+YOaIKr6m5U4ts6MzYzPmMxasMasz9NBL9
s9JQ4RmCsH+sq3pQK0mCRRAA8gCxZYtIUM5rj883PAe93dsg93wfjotCelE05TdI
0UHQTkqO9uJVaXBm5Ew6jAaxLC0qnGhVGU+OIxpNvxJqDApv4ibaAZOvwd5Y9G0A
BQW5KNGV
-----END CERTIFICATE-----
Generated at Sun Jun 8 10:30:55 2025 by rpki-client