Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/UwN1BiytNRPdcWnqBjZDDgnoG8U.roa
File: UwN1BiytNRPdcWnqBjZDDgnoG8U.roa (raw, json)
Hash identifier: GAg0iRD5NjIqqH0MJGqVfIOd1Fcwz79I/HxN8NQjQ6g=
Subject key identifier: 53:03:75:06:2C:AD:35:13:DD:71:69:EA:06:36:43:0E:09:E8:1B:C5
Certificate issuer: /CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Certificate serial: 01979C67E27D85EFFBA3AABC26B27677B6F5
Authority key identifier: 2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/UwN1BiytNRPdcWnqBjZDDgnoG8U.roa
Signing time: Mon 23 Jun 2025 10:49:03 +0000
ROA not before: Mon 23 Jun 2025 10:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201540
IP address blocks: 185.71.192.0/23 maxlen: 23
185.71.193.0/24 maxlen: 24
185.71.194.0/23 maxlen: 23
185.109.60.0/24 maxlen: 24
185.109.61.0/24 maxlen: 24
185.109.62.0/23 maxlen: 23
185.109.72.0/24 maxlen: 24
185.109.73.0/24 maxlen: 24
185.109.74.0/24 maxlen: 24
185.109.75.0/24 maxlen: 24
185.109.80.0/23 maxlen: 23
185.109.82.0/23 maxlen: 23
185.111.8.0/22 maxlen: 22
185.111.12.0/22 maxlen: 22
185.111.64.0/23 maxlen: 23
185.111.136.0/22 maxlen: 22
185.112.168.0/22 maxlen: 22
185.120.192.0/22 maxlen: 22
185.120.196.0/22 maxlen: 22
185.120.200.0/24 maxlen: 24
185.120.201.0/24 maxlen: 24
185.120.202.0/24 maxlen: 24
185.120.203.0/24 maxlen: 24
185.120.208.0/22 maxlen: 22
185.120.216.0/22 maxlen: 22
185.120.224.0/22 maxlen: 22
185.120.232.0/22 maxlen: 22
185.120.240.0/22 maxlen: 22
2a03:3b60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/K3q2Vp3njTxKCC_ebdHWo_DVCcI.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/K3q2Vp3njTxKCC_ebdHWo_DVCcI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:67:e2:7d:85:ef:fb:a3:aa:bc:26:b2:76:77:b6:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b7ab6569de78d3c4a082fde6dd1d6a3f0d509c2
Validity
Not Before: Jun 23 10:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=530375062cad3513dd7169ea0636430e09e81bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fe:31:b7:87:af:7e:5b:8a:70:dc:5f:d6:ef:
c5:2d:20:2d:94:1f:52:fc:ae:4b:a2:f8:eb:07:4c:
0a:ed:c1:32:3f:b2:eb:00:5e:30:04:2c:c9:84:b5:
b4:d3:9c:95:c7:ec:d2:b8:23:2a:83:18:6c:98:c6:
c4:5e:a8:27:ea:c5:d3:36:5c:c1:ff:b6:d4:d7:34:
f8:b3:e4:7f:71:6f:ea:ca:20:26:4e:63:74:66:58:
62:57:55:12:c6:bc:31:f8:0e:1b:9b:79:71:02:87:
e3:3e:c8:e5:5c:eb:78:2a:f5:5c:c5:6b:9f:6b:4f:
93:70:59:e3:fa:68:9f:e7:66:89:4d:4f:7f:2b:f8:
dd:1d:07:a7:f7:4a:01:5d:62:10:3c:05:1c:71:02:
88:a7:7e:39:43:35:7a:c4:0f:67:b1:cc:b0:b8:45:
b6:ad:31:20:f0:77:a8:bf:6e:57:5e:b4:b5:0c:57:
a5:a7:ba:d4:5d:5d:e2:31:fb:62:4d:ba:13:f7:a0:
85:b6:db:17:49:02:58:c8:8e:2f:a9:a1:41:1d:74:
ff:72:83:d6:c2:7a:0c:b2:7e:fc:01:70:70:87:e9:
08:67:77:d2:ea:dc:2e:ad:8e:63:e0:c4:e2:e7:3b:
ca:69:ad:85:03:e8:bc:86:6e:38:5e:e7:17:89:86:
c2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:03:75:06:2C:AD:35:13:DD:71:69:EA:06:36:43:0E:09:E8:1B:C5
X509v3 Authority Key Identifier:
keyid:2B:7A:B6:56:9D:E7:8D:3C:4A:08:2F:DE:6D:D1:D6:A3:F0:D5:09:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K3q2Vp3njTxKCC_ebdHWo_DVCcI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/UwN1BiytNRPdcWnqBjZDDgnoG8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/6e4544-e65f-4bf0-94c8-3fc96594b4c5/1/K3q2Vp3njTxKCC_ebdHWo_DVCcI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.192.0/22
185.109.60.0/22
185.109.72.0/22
185.109.80.0/22
185.111.8.0/21
185.111.64.0/23
185.111.136.0/22
185.112.168.0/22
185.120.192.0-185.120.203.255
185.120.208.0/22
185.120.216.0/22
185.120.224.0/22
185.120.232.0/22
185.120.240.0/22
IPv6:
2a03:3b60::/32
Signature Algorithm: sha256WithRSAEncryption
48:6a:f3:86:99:3f:a1:9d:10:59:d0:ce:96:2a:ab:36:d5:8f:
61:60:8d:97:0b:97:c6:0f:c0:0f:6d:cd:6b:c1:cb:58:68:38:
ef:11:24:28:bb:dd:4c:39:84:f9:99:82:29:b4:7f:fb:d1:79:
4e:96:7b:7b:14:83:fc:f7:9c:40:bc:94:06:2b:4c:25:68:7a:
7e:50:a1:e6:9a:cf:29:4c:1d:f1:a3:38:20:37:51:fd:ee:87:
27:63:46:34:16:c2:6c:a7:0b:72:a0:f0:9f:ab:d9:c4:83:ec:
19:e6:e8:fd:75:bc:9f:97:05:57:7e:2d:db:2d:db:80:f4:9d:
11:65:06:07:be:95:e1:b1:16:71:28:0c:d7:e5:91:5d:01:08:
a0:17:e9:09:db:0b:9e:08:69:7a:97:5c:b4:ae:54:e0:a7:3b:
f0:b9:61:fc:a3:75:ac:5a:82:39:a5:35:32:3d:65:2f:ca:d0:
16:1f:a4:56:ed:40:cd:90:e8:c6:3f:a8:62:69:d7:ff:f8:43:
83:cb:37:8a:14:2e:75:93:42:4e:c2:63:62:41:aa:25:0d:05:
65:0e:fd:c2:ac:c4:ae:90:9c:b4:1f:49:19:5e:ea:3f:9c:a5:
30:25:3f:11:83:bb:47:62:38:45:7f:cd:5d:f2:67:3f:b1:74:
5e:a0:65:58
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZecZ+J9he/7o6q8JrJ2d7b1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiN2FiNjU2OWRlNzhkM2M0YTA4MmZkZTZkZDFkNmEzZjBk
NTA5YzIwHhcNMjUwNjIzMTA0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzAzNzUwNjJjYWQzNTEzZGQ3MTY5ZWEwNjM2NDMwZTA5ZTgxYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP4xt4evfluKcNxf1u/FLSAtlB9S
/K5LovjrB0wK7cEyP7LrAF4wBCzJhLW005yVx+zSuCMqgxhsmMbEXqgn6sXTNlzB
/7bU1zT4s+R/cW/qyiAmTmN0ZlhiV1USxrwx+A4bm3lxAofjPsjlXOt4KvVcxWuf
a0+TcFnj+mif52aJTU9/K/jdHQen90oBXWIQPAUccQKIp345QzV6xA9nscywuEW2
rTEg8Heov25XXrS1DFelp7rUXV3iMftiTboT96CFttsXSQJYyI4vqaFBHXT/coPW
wnoMsn78AXBwh+kIZ3fS6twurY5j4MTi5zvKaa2FA+i8hm44XucXiYbCowIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFFMDdQYsrTUT3XFp6gY2Qw4J6BvFMB8GA1UdIwQY
MBaAFCt6tlad5408Sggv3m3R1qPw1QnCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0Yzgt
M2ZjOTY1OTRiNGM1LzEvVXdOMUJpeXROUlBkY1ducUJqWkREZ25vRzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82ZTQ1NDQtZTY1Zi00YmYwLTk0YzgtM2ZjOTY1OTRiNGM1
LzEvSzNxMlZwM25qVHhLQ0NfZWJkSFdvX0RWQ2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEArlHwAME
ArltPAMEArltSAMEArltUAMEA7lvCAMEAblvQAMEArlviAMEArlwqDAMAwQGuXjA
AwQCuXjIAwQCuXjQAwQCuXjYAwQCuXjgAwQCuXjoAwQCuXjwMA0EAgACMAcDBQAq
AztgMA0GCSqGSIb3DQEBCwUAA4IBAQBIavOGmT+hnRBZ0M6WKqs21Y9hYI2XC5fG
D8APbc1rwctYaDjvESQou91MOYT5mYIptH/70XlOlnt7FIP895xAvJQGK0wlaHp+
UKHmms8pTB3xozggN1H97ocnY0Y0FsJspwtyoPCfq9nEg+wZ5uj9dbyflwVXfi3b
LduA9J0RZQYHvpXhsRZxKAzX5ZFdAQigF+kJ2wueCGl6l1y0rlTgpzvwuWH8o3Ws
WoI5pTUyPWUvytAWH6RW7UDNkOjGP6hiadf/+EODyzeKFC51k0JOwmNiQaolDQVl
Dv3CrMSukJy0H0kZXuo/nKUwJT8Rg7tHYjhFf81d8mc/sXReoGVY
-----END CERTIFICATE-----
Generated at Sun Jun 29 06:30:52 2025 by rpki-client