Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/sVTCT8sEkXxJuhkBNIhtjsKN-fc.roa
File: sVTCT8sEkXxJuhkBNIhtjsKN-fc.roa (raw, json)
Hash identifier: 1LlLgeWONb0LHd1NES4d+bEdwCY//jkVZ5AxYbJmCGo=
Subject key identifier: B1:54:C2:4F:CB:04:91:7C:49:BA:19:01:34:88:6D:8E:C2:8D:F9:F7
Certificate issuer: /CN=52ebccd90c8a0fc11e9a98f85666e8183b5efa6c
Certificate serial: 01992DEF77FF78DAA22FF9287A3BEA3A509B
Authority key identifier: 52:EB:CC:D9:0C:8A:0F:C1:1E:9A:98:F8:56:66:E8:18:3B:5E:FA:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UuvM2QyKD8Eempj4VmboGDte-mw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/sVTCT8sEkXxJuhkBNIhtjsKN-fc.roa
Signing time: Tue 09 Sep 2025 10:04:52 +0000
ROA not before: Tue 09 Sep 2025 10:04:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196777
IP address blocks: 37.143.132.0/22 maxlen: 22
91.214.84.0/22 maxlen: 22
91.214.85.0/24 maxlen: 24
176.126.60.0/22 maxlen: 22
178.213.184.0/21 maxlen: 21
194.60.254.0/23 maxlen: 23
194.60.254.0/24 maxlen: 24
195.191.12.0/23 maxlen: 23
2a10:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/UuvM2QyKD8Eempj4VmboGDte-mw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/UuvM2QyKD8Eempj4VmboGDte-mw.mft
rsync://rpki.ripe.net/repository/DEFAULT/UuvM2QyKD8Eempj4VmboGDte-mw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:ef:77:ff:78:da:a2:2f:f9:28:7a:3b:ea:3a:50:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52ebccd90c8a0fc11e9a98f85666e8183b5efa6c
Validity
Not Before: Sep 9 10:04:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b154c24fcb04917c49ba190134886d8ec28df9f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a3:18:2a:54:b9:38:f6:c9:84:ce:e1:3f:e5:
3b:d3:02:f0:81:9a:74:87:95:d9:bd:47:37:b8:7b:
eb:89:fa:53:88:1e:f6:5b:26:d5:dc:a7:b8:61:11:
3d:6b:c2:51:7e:f2:67:75:48:6d:e9:e8:76:1a:6c:
6e:68:07:c6:d0:f4:d3:a9:06:fe:1a:9d:b4:22:49:
45:57:cd:a7:f5:1f:7c:a0:f3:17:b4:08:cb:79:b6:
02:b5:02:81:3d:17:77:a2:1c:5a:db:6f:f3:58:7a:
24:45:56:de:6a:f0:1d:3f:4d:07:2a:5a:76:2c:f9:
d3:01:5c:4c:25:38:e3:05:b0:26:2c:f2:13:0c:48:
43:b5:70:6f:de:2e:b2:9e:da:34:e0:3e:02:d3:06:
0e:ba:60:b4:ec:32:ce:d1:34:f9:46:21:85:c8:d7:
c2:56:6a:d1:56:8b:0b:9b:c8:b1:ed:eb:c9:06:b7:
bb:4d:cf:b2:ab:92:2a:47:20:c7:09:d7:35:ce:d6:
c1:15:94:37:7c:91:b1:b7:74:df:20:9c:e5:8e:73:
2c:b8:62:30:8b:30:22:88:a2:c3:bc:3a:3f:08:2d:
73:57:13:90:28:df:a7:f6:1f:f2:da:33:4b:49:91:
43:44:89:bc:d7:f9:54:b4:92:7e:38:58:03:50:9b:
8b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:54:C2:4F:CB:04:91:7C:49:BA:19:01:34:88:6D:8E:C2:8D:F9:F7
X509v3 Authority Key Identifier:
keyid:52:EB:CC:D9:0C:8A:0F:C1:1E:9A:98:F8:56:66:E8:18:3B:5E:FA:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UuvM2QyKD8Eempj4VmboGDte-mw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/sVTCT8sEkXxJuhkBNIhtjsKN-fc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/1cc85a-af77-45ed-b6cb-d97c8b56ae25/1/UuvM2QyKD8Eempj4VmboGDte-mw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.132.0/22
91.214.84.0/22
176.126.60.0/22
178.213.184.0/21
194.60.254.0/23
195.191.12.0/23
IPv6:
2a10:a380::/29
Signature Algorithm: sha256WithRSAEncryption
49:18:39:58:21:b5:56:32:5c:94:2c:3a:ef:80:25:2d:72:9b:
24:e6:35:bb:4d:b6:83:d8:57:7b:78:93:1a:ad:fd:0e:93:3a:
ac:ed:c1:a8:cb:82:3e:93:6f:2b:29:fc:c6:f7:80:f6:d2:27:
b7:22:66:e3:c0:e4:a6:6a:d4:ee:b0:64:b6:25:3c:04:a9:0c:
3d:92:95:22:90:b3:63:ae:90:1f:81:df:b3:2e:73:e3:6d:24:
4a:04:28:fd:cb:31:ed:67:5e:7c:ca:c0:a5:5b:8c:c3:23:10:
3f:78:2c:d9:dc:fc:0e:96:0e:f1:42:fb:14:7e:f0:69:e2:c1:
c5:a5:dc:f5:83:51:c5:46:d3:e6:23:51:c8:cd:a6:14:42:c1:
f4:dd:bf:4e:2a:5f:c0:91:97:d6:69:6c:49:67:c5:ff:92:74:
4d:3f:14:0d:cc:b1:24:86:27:c9:67:30:a8:dd:83:29:f4:6a:
20:b5:50:35:29:cb:b6:58:45:a7:33:a2:65:23:6c:a7:79:50:
f9:31:8c:8e:2a:4a:83:26:1c:f1:10:3f:3d:ff:98:1a:2f:1e:
43:73:9f:a3:75:ff:1b:45:88:7e:f6:36:47:c5:66:bd:77:db:
cc:7c:2e:a4:2c:21:bd:38:af:fd:58:7f:d8:bf:07:ab:75:de:
ec:ca:b4:9a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZkt73f/eNqiL/koejvqOlCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZWJjY2Q5MGM4YTBmYzExZTlhOThmODU2NjZlODE4M2I1
ZWZhNmMwHhcNMjUwOTA5MTAwNDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTU0YzI0ZmNiMDQ5MTdjNDliYTE5MDEzNDg4NmQ4ZWMyOGRmOWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aMYKlS5OPbJhM7hP+U70wLwgZp0
h5XZvUc3uHvrifpTiB72WybV3Ke4YRE9a8JRfvJndUht6eh2GmxuaAfG0PTTqQb+
Gp20IklFV82n9R98oPMXtAjLebYCtQKBPRd3ohxa22/zWHokRVbeavAdP00HKlp2
LPnTAVxMJTjjBbAmLPITDEhDtXBv3i6ynto04D4C0wYOumC07DLO0TT5RiGFyNfC
VmrRVosLm8ix7evJBre7Tc+yq5IqRyDHCdc1ztbBFZQ3fJGxt3TfIJzljnMsuGIw
izAiiKLDvDo/CC1zVxOQKN+n9h/y2jNLSZFDRIm81/lUtJJ+OFgDUJuLpwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLFUwk/LBJF8SboZATSIbY7Cjfn3MB8GA1UdIwQY
MBaAFFLrzNkMig/BHpqY+FZm6Bg7XvpsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXV2TTJReUtEOEVlbXBqNFZtYm9HRHRlLW13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8xY2M4NWEtYWY3Ny00NWVkLWI2Y2It
ZDk3YzhiNTZhZTI1LzEvc1ZUQ1Q4c0VrWHhKdWhrQk5JaHRqc0tOLWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8xY2M4NWEtYWY3Ny00NWVkLWI2Y2ItZDk3YzhiNTZhZTI1
LzEvVXV2TTJReUtEOEVlbXBqNFZtYm9HRHRlLW13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCJY+EAwQC
W9ZUAwQCsH48AwQDstW4AwQBwjz+AwQBw78MMA0EAgACMAcDBQMqEKOAMA0GCSqG
SIb3DQEBCwUAA4IBAQBJGDlYIbVWMlyULDrvgCUtcpsk5jW7TbaD2Fd7eJMarf0O
kzqs7cGoy4I+k28rKfzG94D20ie3ImbjwOSmatTusGS2JTwEqQw9kpUikLNjrpAf
gd+zLnPjbSRKBCj9yzHtZ158ysClW4zDIxA/eCzZ3PwOlg7xQvsUfvBp4sHFpdz1
g1HFRtPmI1HIzaYUQsH03b9OKl/AkZfWaWxJZ8X/knRNPxQNzLEkhifJZzCo3YMp
9GogtVA1Kcu2WEWnM6JlI2yneVD5MYyOKkqDJhzxED89/5gaLx5Dc5+jdf8bRYh+
9jZHxWa9d9vMfC6kLCG9OK/9WH/Yvwerdd7syrSa
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:22:33 2025 by rpki-client