Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/u-uXh8WZWOS9uWtRFI-rTtX1S9A.roa
File: u-uXh8WZWOS9uWtRFI-rTtX1S9A.roa (raw, json)
Hash identifier: kDD2Qmq25WjJ3/Vhs1pz7/0NseMdnFHogi9MbnP9L+s=
Subject key identifier: BB:EB:97:87:C5:99:58:E4:BD:B9:6B:51:14:8F:AB:4E:D5:F5:4B:D0
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 019898B12BE1860F03C89F15A2AFCD4492E0
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/u-uXh8WZWOS9uWtRFI-rTtX1S9A.roa
Signing time: Mon 11 Aug 2025 10:33:24 +0000
ROA not before: Mon 11 Aug 2025 10:33:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207483
IP address blocks: 93.180.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:b1:2b:e1:86:0f:03:c8:9f:15:a2:af:cd:44:92:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Aug 11 10:33:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbeb9787c59958e4bdb96b51148fab4ed5f54bd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:17:60:03:68:e4:61:f3:d0:0d:62:93:6f:e2:
4a:d0:cb:64:b5:b5:08:a0:90:74:60:84:54:33:c4:
31:84:2b:d8:61:fe:29:24:ab:36:a5:bb:ed:1c:c4:
ee:db:eb:f6:92:fb:77:f9:d6:b3:e8:18:b7:9d:63:
22:82:a4:9e:e0:29:11:66:92:b9:25:2b:bb:53:03:
13:d1:5e:90:f1:57:4d:e6:4c:ca:73:16:1f:b8:be:
96:7c:0a:9c:67:24:3d:23:7a:a3:85:42:f1:23:51:
6d:c5:ae:bb:6e:ad:d2:30:82:fa:34:e3:84:8e:99:
87:f3:f9:82:e8:d0:e9:15:c2:5c:24:19:6e:85:06:
4c:29:48:ef:fa:71:e8:a8:f4:a3:b3:e6:90:97:ce:
14:8b:a1:1f:2e:cd:8b:b5:52:18:27:78:71:8c:6b:
6a:b2:78:9d:68:16:36:82:fe:d2:0e:9c:32:83:9b:
6d:60:12:14:90:67:d4:43:a8:b9:92:bc:80:85:4a:
31:48:52:8d:92:e2:45:ca:40:19:17:90:48:de:02:
5c:a3:a6:95:34:9a:94:a5:4c:77:73:7e:48:f0:97:
8b:61:42:5f:68:a6:e8:a0:8e:55:2c:b6:19:32:8c:
a8:bb:9b:1b:a6:3d:56:2a:7e:b7:27:0c:6e:02:27:
42:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:EB:97:87:C5:99:58:E4:BD:B9:6B:51:14:8F:AB:4E:D5:F5:4B:D0
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/u-uXh8WZWOS9uWtRFI-rTtX1S9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.134.0/24
Signature Algorithm: sha256WithRSAEncryption
94:5a:d7:20:e9:42:33:1c:e7:c8:6b:91:9e:dc:1a:63:6b:7d:
a7:98:36:77:58:f2:1e:c5:01:7c:bd:33:8c:2e:e4:de:2d:67:
17:d5:d0:01:44:61:a5:13:1c:f4:17:a0:a5:72:ab:f5:2e:8e:
93:90:e8:49:0a:07:bb:3c:d9:91:a7:c4:7e:ff:e7:1b:ce:0e:
d2:f3:99:f2:18:c9:e7:31:f7:04:60:9e:bb:9d:c8:8c:31:98:
d0:4d:ee:a9:10:35:46:3c:46:40:66:e8:2d:ae:6c:4d:80:fb:
b5:8d:13:53:b6:ab:e8:dd:96:db:ce:42:31:75:f7:d3:d7:82:
9b:f3:85:d0:9f:db:29:c3:c4:3f:06:cf:aa:94:fc:78:64:48:
62:d0:b8:26:eb:d0:eb:2d:8b:b4:46:69:48:0a:56:13:77:6e:
48:0d:8c:f0:0d:d8:10:08:e1:6f:4b:76:75:17:85:a9:cb:3b:
4b:90:db:7c:c0:3d:6a:53:41:ea:41:e5:94:e3:26:20:92:bc:
d5:b2:c7:9a:8d:9f:26:a1:9d:e0:6c:46:54:64:90:a8:85:9d:
0d:1a:9c:af:e0:e9:d2:63:79:c9:27:86:7f:62:95:63:91:18:
50:ad:6c:aa:e8:2c:cf:2c:d8:5c:45:bf:a8:06:55:60:fa:18:
37:ed:80:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiYsSvhhg8DyJ8Voq/NRJLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjUwODExMTAzMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmViOTc4N2M1OTk1OGU0YmRiOTZiNTExNDhmYWI0ZWQ1ZjU0YmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BdgA2jkYfPQDWKTb+JK0MtktbUI
oJB0YIRUM8QxhCvYYf4pJKs2pbvtHMTu2+v2kvt3+daz6Bi3nWMigqSe4CkRZpK5
JSu7UwMT0V6Q8VdN5kzKcxYfuL6WfAqcZyQ9I3qjhULxI1Ftxa67bq3SMIL6NOOE
jpmH8/mC6NDpFcJcJBluhQZMKUjv+nHoqPSjs+aQl84Ui6EfLs2LtVIYJ3hxjGtq
snidaBY2gv7SDpwyg5ttYBIUkGfUQ6i5kryAhUoxSFKNkuJFykAZF5BI3gJco6aV
NJqUpUx3c35I8JeLYUJfaKbooI5VLLYZMoyou5sbpj1WKn63JwxuAidCdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLvrl4fFmVjkvblrURSPq07V9UvQMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvdS11WGg4V1pXT1M5dVd0UkZJLXJUdFgxUzlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXbSGMA0G
CSqGSIb3DQEBCwUAA4IBAQCUWtcg6UIzHOfIa5Ge3Bpja32nmDZ3WPIexQF8vTOM
LuTeLWcX1dABRGGlExz0F6Clcqv1Lo6TkOhJCge7PNmRp8R+/+cbzg7S85nyGMnn
MfcEYJ67nciMMZjQTe6pEDVGPEZAZugtrmxNgPu1jRNTtqvo3ZbbzkIxdffT14Kb
84XQn9spw8Q/Bs+qlPx4ZEhi0Lgm69DrLYu0RmlIClYTd25IDYzwDdgQCOFvS3Z1
F4WpyztLkNt8wD1qU0HqQeWU4yYgkrzVsseajZ8moZ3gbEZUZJCohZ0NGpyv4OnS
Y3nJJ4Z/YpVjkRhQrWyq6CzPLNhcRb+oBlVg+hg37YCL
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:27:15 2025 by rpki-client