Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/ux92dho2cYr-1uH_cggrGiXNZ3c.roa
File: ux92dho2cYr-1uH_cggrGiXNZ3c.roa (raw, json)
Hash identifier: gSDKdScN6Ai8I+kzsJX0oBNCs37fov6KbILBlfyfoo0=
Subject key identifier: BB:1F:76:76:1A:36:71:8A:FE:D6:E1:FF:72:08:2B:1A:25:CD:67:77
Certificate issuer: /CN=8e303cc2af838789652771c345e07df3e80d544f
Certificate serial: 01997C82FEEF0FD92E5960B28A361E3FA60A
Authority key identifier: 8E:30:3C:C2:AF:83:87:89:65:27:71:C3:45:E0:7D:F3:E8:0D:54:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jjA8wq-Dh4llJ3HDReB98-gNVE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/ux92dho2cYr-1uH_cggrGiXNZ3c.roa
Signing time: Wed 24 Sep 2025 16:16:23 +0000
ROA not before: Wed 24 Sep 2025 16:16:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201311
IP address blocks: 185.78.248.0/22 maxlen: 24
193.186.36.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/jjA8wq-Dh4llJ3HDReB98-gNVE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/jjA8wq-Dh4llJ3HDReB98-gNVE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/jjA8wq-Dh4llJ3HDReB98-gNVE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7c:82:fe:ef:0f:d9:2e:59:60:b2:8a:36:1e:3f:a6:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e303cc2af838789652771c345e07df3e80d544f
Validity
Not Before: Sep 24 16:16:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb1f76761a36718afed6e1ff72082b1a25cd6777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1f:e8:fa:11:f7:24:4d:df:e4:62:41:0a:af:
e5:04:04:78:d6:a8:5a:d7:9c:45:31:37:3b:d3:ac:
7b:12:16:47:0a:5e:b2:53:35:b9:0c:b4:bf:fc:8a:
18:19:f5:02:aa:fb:2e:2a:b7:1d:6b:44:ce:e4:ee:
69:e3:80:60:8c:bf:28:2d:fc:17:59:4c:a8:61:da:
01:34:0b:f2:89:0b:3d:b6:d9:95:e1:63:d7:58:82:
f8:e9:45:cb:a4:c9:3e:39:49:d1:78:ae:22:34:3d:
be:6f:1c:fe:3d:b0:a3:04:a0:46:34:0d:10:21:8d:
70:d8:8a:be:7f:76:d2:c1:7b:77:fe:38:3e:70:ae:
d9:86:de:c6:b1:48:39:ee:9e:83:95:da:b7:11:7b:
29:83:aa:17:73:f9:44:81:8e:fa:e1:e5:aa:70:1e:
81:d3:06:e0:a4:00:6b:21:50:e8:bb:c8:d3:e4:47:
94:8d:cb:8a:c4:98:7c:06:8c:78:53:5b:03:d5:1e:
30:11:15:93:ac:15:20:e6:70:4d:5f:93:1b:09:fc:
d6:0f:ec:79:9d:5f:de:84:bd:a4:e4:a5:4a:8e:78:
11:90:79:dd:e9:b1:5d:1a:e5:72:8e:7b:1a:fe:dc:
b8:20:41:7f:d5:49:4a:18:44:bf:ef:c9:98:66:53:
91:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1F:76:76:1A:36:71:8A:FE:D6:E1:FF:72:08:2B:1A:25:CD:67:77
X509v3 Authority Key Identifier:
keyid:8E:30:3C:C2:AF:83:87:89:65:27:71:C3:45:E0:7D:F3:E8:0D:54:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jjA8wq-Dh4llJ3HDReB98-gNVE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/ux92dho2cYr-1uH_cggrGiXNZ3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9d1a4b-509a-4913-b937-d0adb11ded34/1/jjA8wq-Dh4llJ3HDReB98-gNVE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.78.248.0/22
193.186.36.0/23
Signature Algorithm: sha256WithRSAEncryption
92:0d:02:69:56:dd:ae:46:a0:61:a5:1e:00:77:65:a2:b4:0c:
fa:b5:55:34:27:0b:d6:1f:d3:b3:8d:1e:da:00:fb:45:da:bc:
a1:ac:cc:9a:96:65:02:7a:fb:51:fb:95:d0:87:02:c9:b3:d7:
66:7a:4d:38:d7:ac:2a:03:c6:79:2d:ca:00:ed:a8:02:25:5d:
53:ce:6c:5e:ce:9e:0a:3f:df:3b:d0:d0:08:1c:37:44:15:f2:
57:ac:36:9a:bb:d1:63:11:5b:87:96:0d:08:dc:50:e2:6a:4e:
f4:3a:66:e0:4c:46:0b:92:cd:8b:25:e2:5f:be:5c:11:58:01:
ef:a3:b7:0f:c6:45:e1:6d:cf:d8:bb:e5:fe:69:ec:fa:ba:dc:
64:71:39:c3:8b:f3:62:27:27:be:91:5c:8d:78:60:89:31:b4:
0c:53:7e:6d:1a:02:62:88:f4:c4:80:74:bb:d9:d4:79:f9:4e:
e6:bd:06:d0:e9:96:c3:50:bb:54:00:d7:32:af:df:aa:f2:a7:
42:ef:2b:0d:0a:e7:30:1c:38:2e:0f:93:07:d9:36:33:6d:74:
1c:f7:61:b6:b9:99:da:e0:c8:49:41:8c:42:be:ee:f3:78:c9:
c5:cf:26:cf:c8:1d:00:86:6b:6b:0c:f7:bc:f9:4a:4b:c1:e3:
1c:4d:89:c9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZl8gv7vD9kuWWCyijYeP6YKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMzAzY2MyYWY4Mzg3ODk2NTI3NzFjMzQ1ZTA3ZGYzZTgw
ZDU0NGYwHhcNMjUwOTI0MTYxNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFmNzY3NjFhMzY3MThhZmVkNmUxZmY3MjA4MmIxYTI1Y2Q2Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4x/o+hH3JE3f5GJBCq/lBAR41qha
15xFMTc706x7EhZHCl6yUzW5DLS//IoYGfUCqvsuKrcda0TO5O5p44BgjL8oLfwX
WUyoYdoBNAvyiQs9ttmV4WPXWIL46UXLpMk+OUnReK4iND2+bxz+PbCjBKBGNA0Q
IY1w2Iq+f3bSwXt3/jg+cK7Zht7GsUg57p6Dldq3EXspg6oXc/lEgY764eWqcB6B
0wbgpABrIVDou8jT5EeUjcuKxJh8Box4U1sD1R4wERWTrBUg5nBNX5MbCfzWD+x5
nV/ehL2k5KVKjngRkHnd6bFdGuVyjnsa/ty4IEF/1UlKGES/78mYZlOR7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLsfdnYaNnGK/tbh/3IIKxolzWd3MB8GA1UdIwQY
MBaAFI4wPMKvg4eJZSdxw0XgffPoDVRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvampBOHdxLURoNGxsSjNIRFJlQjk4LWdOVkU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85ZDFhNGItNTA5YS00OTEzLWI5Mzct
ZDBhZGIxMWRlZDM0LzEvdXg5MmRobzJjWXItMXVIX2NnZ3JHaVhOWjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85ZDFhNGItNTA5YS00OTEzLWI5MzctZDBhZGIxMWRlZDM0
LzEvampBOHdxLURoNGxsSjNIRFJlQjk4LWdOVkU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuU74AwQB
wbokMA0GCSqGSIb3DQEBCwUAA4IBAQCSDQJpVt2uRqBhpR4Ad2WitAz6tVU0JwvW
H9OzjR7aAPtF2ryhrMyalmUCevtR+5XQhwLJs9dmek0416wqA8Z5LcoA7agCJV1T
zmxezp4KP9870NAIHDdEFfJXrDaau9FjEVuHlg0I3FDiak70OmbgTEYLks2LJeJf
vlwRWAHvo7cPxkXhbc/Yu+X+aez6utxkcTnDi/NiJye+kVyNeGCJMbQMU35tGgJi
iPTEgHS72dR5+U7mvQbQ6ZbDULtUANcyr9+q8qdC7ysNCucwHDguD5MH2TYzbXQc
92G2uZna4MhJQYxCvu7zeMnFzybPyB0AhmtrDPe8+UpLweMcTYnJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:27:01 2025 by rpki-client