Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/uLcYYjiUGHa8NpENnvwfV1IC9to.roa
File: uLcYYjiUGHa8NpENnvwfV1IC9to.roa (raw, json)
Hash identifier: 1JSDr6r1Hjv3rtoxSbcIMW+PePLBwYMzdBfYAA8vip4=
Subject key identifier: B8:B7:18:62:38:94:18:76:BC:36:91:0D:9E:FC:1F:57:52:02:F6:DA
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0198D2C15DA3BE0A2CB2D1C8A056FEB90EA8
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/uLcYYjiUGHa8NpENnvwfV1IC9to.roa
Signing time: Fri 22 Aug 2025 17:09:04 +0000
ROA not before: Fri 22 Aug 2025 17:09:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43278
IP address blocks: 91.192.93.0/24 maxlen: 24
170.168.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:c1:5d:a3:be:0a:2c:b2:d1:c8:a0:56:fe:b9:0e:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Aug 22 17:09:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8b7186238941876bc36910d9efc1f575202f6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:65:21:7e:ae:9e:43:9a:c2:0f:f2:74:41:69:
bb:26:88:b8:d6:35:9f:ec:17:54:02:8e:87:72:e0:
bf:31:ab:69:94:d0:d7:e5:8e:ec:8c:ea:48:47:fe:
9d:f8:2e:00:0d:fc:64:1e:82:18:b8:55:1e:a6:52:
e1:15:71:5f:c7:ea:f1:c2:bc:d6:16:eb:5b:b4:80:
92:e4:97:17:d7:e2:1f:55:35:29:97:18:9f:f4:e0:
ec:97:0e:6f:be:4b:14:b3:00:9c:7d:16:a0:c0:97:
f5:38:7d:31:53:bb:2d:8a:7e:b2:60:64:97:b3:8f:
04:be:f4:a9:90:7a:99:c2:f3:72:b8:5b:44:10:38:
81:8d:4b:03:7e:e4:ec:62:46:c9:bd:a7:03:1b:f4:
47:cb:0c:65:a6:09:19:36:94:05:19:56:ae:a5:4c:
91:aa:76:10:c4:b6:86:f7:69:d5:2c:0d:9d:e1:84:
06:db:16:d6:b6:aa:61:5c:e1:75:a6:cd:85:1f:bd:
40:85:a8:47:0a:7e:fc:bb:2a:6b:bf:70:b2:e6:e8:
89:98:a3:75:fc:3b:f4:e6:a2:ec:45:29:a3:3c:25:
f7:10:7a:07:c4:a7:09:f8:45:02:5e:f3:6e:29:5f:
af:91:fb:bb:ed:8d:e3:93:a0:2e:4b:b9:ba:6b:d8:
29:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B7:18:62:38:94:18:76:BC:36:91:0D:9E:FC:1F:57:52:02:F6:DA
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/uLcYYjiUGHa8NpENnvwfV1IC9to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.93.0/24
170.168.20.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:92:df:1e:5f:4b:dd:5f:2f:19:56:ac:ee:f5:db:19:2e:d4:
9b:16:18:ed:e5:f3:a6:1d:9c:ca:b1:29:7a:42:f3:b5:eb:e5:
28:ad:30:5d:c2:61:ee:68:72:ae:93:5b:3e:4e:28:61:d7:9e:
9f:17:1a:97:12:67:d2:4a:61:28:10:d8:b7:1f:12:18:36:94:
21:38:12:f3:07:58:12:62:50:01:d7:8f:60:f8:f7:90:d9:17:
6d:74:48:f8:48:b7:7c:83:66:45:56:b4:50:40:28:6c:4b:56:
a8:33:34:a8:dc:5e:01:eb:9c:f7:a5:52:f9:ae:a4:65:8b:b2:
c3:2b:90:38:09:f1:da:93:d7:bf:a5:65:cf:19:a3:e6:9a:5a:
03:68:2b:3d:9c:ec:b1:5f:ca:3e:9a:3a:15:8c:23:ea:5b:16:
3f:c0:ae:fe:f8:aa:ac:c0:e6:e1:5e:f5:7f:83:60:a4:9a:bc:
81:d3:20:62:09:1a:f9:aa:01:a2:39:cb:c6:50:ab:c4:e7:a7:
1d:8b:77:5a:64:60:9a:5c:bd:ca:14:2e:35:a0:84:61:d8:6b:
4d:19:b6:d1:16:69:fa:d0:0c:ea:41:98:de:70:bc:15:8e:03:
ba:eb:8b:28:8f:14:f7:1d:e3:d2:6c:30:5b:f6:2d:38:d3:3b:
51:8f:c2:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjSwV2jvgosstHIoFb+uQ6oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwODIyMTcwOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGI3MTg2MjM4OTQxODc2YmMzNjkxMGQ5ZWZjMWY1NzUyMDJmNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWUhfq6eQ5rCD/J0QWm7Joi41jWf
7BdUAo6HcuC/MatplNDX5Y7sjOpIR/6d+C4ADfxkHoIYuFUeplLhFXFfx+rxwrzW
FutbtICS5JcX1+IfVTUplxif9ODslw5vvksUswCcfRagwJf1OH0xU7stin6yYGSX
s48EvvSpkHqZwvNyuFtEEDiBjUsDfuTsYkbJvacDG/RHywxlpgkZNpQFGVaupUyR
qnYQxLaG92nVLA2d4YQG2xbWtqphXOF1ps2FH71AhahHCn78uyprv3Cy5uiJmKN1
/Dv05qLsRSmjPCX3EHoHxKcJ+EUCXvNuKV+vkfu77Y3jk6AuS7m6a9gpRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLi3GGI4lBh2vDaRDZ78H1dSAvbaMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvdUxjWVlqaVVHSGE4TnBFTm52d2ZWMUlDOXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8BdAwQA
qqgUMA0GCSqGSIb3DQEBCwUAA4IBAQALkt8eX0vdXy8ZVqzu9dsZLtSbFhjt5fOm
HZzKsSl6QvO16+UorTBdwmHuaHKuk1s+Tihh156fFxqXEmfSSmEoENi3HxIYNpQh
OBLzB1gSYlAB149g+PeQ2RdtdEj4SLd8g2ZFVrRQQChsS1aoMzSo3F4B65z3pVL5
rqRli7LDK5A4CfHak9e/pWXPGaPmmloDaCs9nOyxX8o+mjoVjCPqWxY/wK7++Kqs
wObhXvV/g2CkmryB0yBiCRr5qgGiOcvGUKvE56cdi3daZGCaXL3KFC41oIRh2GtN
GbbRFmn60AzqQZjecLwVjgO664sojxT3HePSbDBb9i040ztRj8Kq
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:26:20 2025 by rpki-client