Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uDE9aSo0S43Xx2DKnf6p45HAmls.roa
File: uDE9aSo0S43Xx2DKnf6p45HAmls.roa (raw, json)
Hash identifier: SjEWLaJdYqC2/iDNybJhSiayFUCxir4JTN6isF2wSeg=
Subject key identifier: B8:31:3D:69:2A:34:4B:8D:D7:C7:60:CA:9D:FE:A9:E3:91:C0:9A:5B
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0197A609F7E2BBCF5BE0E22576DB0A0591F2
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uDE9aSo0S43Xx2DKnf6p45HAmls.roa
Signing time: Wed 25 Jun 2025 07:42:40 +0000
ROA not before: Wed 25 Jun 2025 07:42:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.120.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
82.163.52.0/23 maxlen: 24
82.163.64.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 00:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:09:f7:e2:bb:cf:5b:e0:e2:25:76:db:0a:05:91:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 25 07:42:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b8313d692a344b8dd7c760ca9dfea9e391c09a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b3:9d:24:e7:4c:72:cb:94:b1:4e:c3:ea:7b:
b2:f9:76:53:af:54:93:e7:81:c8:08:a8:ee:dd:ab:
3d:75:dd:5b:df:8a:14:47:38:62:4c:7a:49:0a:ed:
8d:2d:92:34:03:ad:f0:e0:c4:59:55:ec:e9:4a:4e:
ba:b9:56:ef:1c:36:d6:47:22:18:01:99:64:13:86:
f2:02:e6:36:2e:5f:9f:80:fb:4d:a1:f9:95:45:81:
83:6d:35:0c:51:82:d5:b0:0f:f8:11:3d:fb:1b:8b:
f2:d3:22:10:66:d4:11:f8:75:de:12:63:39:61:62:
b6:28:de:48:f6:45:a3:87:52:0a:72:f8:83:cb:2d:
48:b5:d6:22:46:1e:57:0b:f9:b4:40:02:20:d6:80:
34:f3:a5:df:71:ca:cd:3c:c4:24:66:e2:14:94:b7:
ae:53:3c:8c:fc:f9:11:a5:c3:7c:ed:0f:4f:3b:a2:
6a:ac:f4:12:21:60:46:c9:68:5b:b4:b3:67:71:65:
bd:b3:5f:3f:e2:f9:e6:67:96:1d:13:66:08:72:af:
7a:fb:1d:3f:5e:3b:54:be:74:90:57:2d:9e:4d:e3:
f9:01:00:39:bb:2a:25:f7:06:cc:81:55:1d:d7:a6:
e7:cb:1c:aa:23:0e:f7:03:0c:94:df:93:7b:f1:13:
49:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:31:3D:69:2A:34:4B:8D:D7:C7:60:CA:9D:FE:A9:E3:91:C0:9A:5B
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uDE9aSo0S43Xx2DKnf6p45HAmls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.120.0/22
31.186.180.0/22
46.20.210.0/23
82.163.52.0/23
82.163.64.0/22
92.114.40.0/22
Signature Algorithm: sha256WithRSAEncryption
03:df:38:a0:95:9f:d0:59:4a:13:56:14:3a:16:31:2a:45:61:
0f:83:03:5c:f0:b0:72:15:45:19:24:0c:d5:2d:c1:e4:d3:5e:
9c:a7:4d:bc:ea:ee:9f:d1:d3:0d:bb:c2:cc:a0:d6:3f:70:ad:
37:bb:1e:ba:cd:c4:b0:95:ce:2a:f3:60:4b:70:f1:f0:4d:63:
6e:1b:80:81:f7:2d:60:e5:54:c5:bb:b5:2e:83:0b:e3:83:d8:
fd:5f:f0:91:ff:79:5e:51:f8:2c:de:9e:bc:35:bc:b2:1d:e8:
53:37:4e:fc:5a:6c:c4:e5:80:f9:63:4a:af:da:47:1d:d2:cb:
90:fd:cb:88:b2:83:15:44:50:6e:4f:a4:62:a6:1b:3c:1e:b9:
8b:3b:7a:a3:6f:01:c5:a5:b5:be:91:25:91:f6:01:b8:e9:c2:
ac:96:47:ff:7f:e7:23:b7:32:08:88:30:d9:03:56:95:8e:74:
a1:69:40:99:cb:84:3d:00:c2:d7:07:9e:71:fc:e4:1b:d6:80:
b2:2f:7e:4f:14:cb:ee:97:d2:b9:ba:6b:4f:b9:d2:ad:7e:09:
5c:a7:1e:56:d0:61:c9:e4:03:38:ee:05:08:4b:90:33:1f:20:
c8:1d:17:63:6d:8d:59:8f:f3:1b:a5:91:2e:aa:6b:21:c7:01:
80:86:f3:3e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZemCffiu89b4OIldtsKBZHyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwNjI1MDc0MjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMxM2Q2OTJhMzQ0YjhkZDdjNzYwY2E5ZGZlYTllMzkxYzA5YTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLOdJOdMcsuUsU7D6nuy+XZTr1ST
54HICKju3as9dd1b34oURzhiTHpJCu2NLZI0A63w4MRZVezpSk66uVbvHDbWRyIY
AZlkE4byAuY2Ll+fgPtNofmVRYGDbTUMUYLVsA/4ET37G4vy0yIQZtQR+HXeEmM5
YWK2KN5I9kWjh1IKcviDyy1ItdYiRh5XC/m0QAIg1oA086XfccrNPMQkZuIUlLeu
UzyM/PkRpcN87Q9PO6JqrPQSIWBGyWhbtLNncWW9s18/4vnmZ5YdE2YIcq96+x0/
XjtUvnSQVy2eTeP5AQA5uyol9wbMgVUd16bnyxyqIw73AwyU35N78RNJ0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLgxPWkqNEuN18dgyp3+qeORwJpbMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdURFOWFTbzBTNDNYeDJES25mNnA0NUhBbWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBWZ4AwQC
H7q0AwQBLhTSAwQBUqM0AwQCUqNAAwQCXHIoMA0GCSqGSIb3DQEBCwUAA4IBAQAD
3ziglZ/QWUoTVhQ6FjEqRWEPgwNc8LByFUUZJAzVLcHk016cp0286u6f0dMNu8LM
oNY/cK03ux66zcSwlc4q82BLcPHwTWNuG4CB9y1g5VTFu7Uugwvjg9j9X/CR/3le
Ufgs3p68NbyyHehTN078WmzE5YD5Y0qv2kcd0suQ/cuIsoMVRFBuT6Riphs8HrmL
O3qjbwHFpbW+kSWR9gG46cKslkf/f+cjtzIIiDDZA1aVjnShaUCZy4Q9AMLXB55x
/OQb1oCyL35PFMvul9K5umtPudKtfglcpx5W0GHJ5AM47gUIS5AzHyDIHRdjbY1Z
j/MbpZEuqmshxwGAhvM+
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:32:43 2025 by rpki-client