Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uofMtYfIpf24UZo3BlSGxitUkwE.roa
File: uofMtYfIpf24UZo3BlSGxitUkwE.roa (raw, json)
Hash identifier: kR/750TKbKhbBcBsfyZYl/862aPphhsx4Xa5VB5TIdU=
Subject key identifier: BA:87:CC:B5:87:C8:A5:FD:B8:51:9A:37:06:54:86:C6:2B:54:93:01
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01997FD008B1D9DD74AFBD2971C12E30F2AA
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uofMtYfIpf24UZo3BlSGxitUkwE.roa
Signing time: Thu 25 Sep 2025 07:39:23 +0000
ROA not before: Thu 25 Sep 2025 07:39:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
77.83.247.0/24 maxlen: 24
185.77.217.0/24 maxlen: 24
185.77.218.0/23 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:d0:08:b1:d9:dd:74:af:bd:29:71:c1:2e:30:f2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 25 07:39:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba87ccb587c8a5fdb8519a37065486c62b549301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6b:45:e0:b9:9c:5c:1c:41:af:82:11:61:9c:
7b:78:8b:b3:46:52:5f:88:14:0b:bc:44:a8:4b:8c:
e0:14:c8:f4:58:29:94:d3:4e:8d:98:8f:49:5f:df:
b4:0f:c6:f2:a3:23:16:11:d7:44:e6:ae:cb:7a:b2:
24:4c:cf:4a:d3:33:21:9a:7a:10:f3:0e:23:76:55:
28:ba:fe:d4:fe:3e:c8:11:57:0b:a7:12:c7:10:92:
6a:6e:e4:7c:5e:0d:71:5b:56:b5:ce:13:d6:2b:32:
f3:4d:61:ba:fc:5e:41:e3:3c:eb:42:fe:a6:a0:da:
38:5d:0c:10:28:e1:96:b2:13:21:e1:c3:be:4c:4f:
a9:84:2f:8a:fb:98:7b:99:7a:d6:7b:6d:28:f6:26:
25:1a:fc:92:a5:86:e3:ae:00:56:e6:b6:82:2a:b6:
bc:f0:73:37:d2:72:38:98:6a:75:58:61:3d:bd:bf:
6c:07:1f:fd:f8:05:78:76:11:41:95:8a:4e:60:bd:
2d:a5:94:f6:09:80:5b:b1:14:6e:ce:a7:8a:c3:05:
df:5e:ac:36:65:40:1c:78:d4:5c:48:55:ab:db:3f:
03:d7:04:00:ea:ed:34:55:78:40:79:fd:2b:7f:b0:
31:07:c5:fb:64:a9:20:92:78:9f:bf:1b:86:97:60:
52:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:87:CC:B5:87:C8:A5:FD:B8:51:9A:37:06:54:86:C6:2B:54:93:01
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/uofMtYfIpf24UZo3BlSGxitUkwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
77.83.247.0/24
185.77.217.0-185.77.219.255
185.89.42.0/23
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
14:68:16:7c:cb:a8:95:8b:56:d6:03:95:b0:0c:a9:30:3c:ca:
7b:d7:cb:4a:d6:11:40:c2:2e:a7:ee:0a:e0:3b:c6:e4:18:5c:
2a:ee:15:29:69:e5:41:c5:5f:4c:06:88:60:6f:b3:56:e1:61:
9b:ad:58:92:6a:8a:d2:25:ba:27:32:2b:e7:24:cc:67:8f:f0:
38:57:2a:3d:68:58:ae:f4:49:54:53:51:d3:12:e0:8f:bd:c1:
9f:9f:a2:2b:de:07:b4:cc:d0:1f:74:75:cd:d2:4a:60:16:33:
26:d7:02:e0:3c:bd:af:56:02:27:f5:11:77:17:f1:3a:ef:63:
9a:89:c5:32:7d:5b:1a:dd:f2:f8:7f:08:98:b7:81:1e:68:09:
37:15:d4:e9:35:f1:0b:df:2a:6e:20:98:80:dd:41:e6:91:b5:
c4:5c:23:99:04:5f:cd:1e:06:20:d1:72:06:c9:b4:7f:09:b7:
f0:7c:bb:1e:3c:39:93:68:b7:cb:a3:38:f5:d8:23:2c:b6:9c:
01:80:43:7f:dc:5d:5d:2b:23:d1:70:ae:b7:fc:17:56:5b:64:
0c:86:8b:ec:a3:16:59:a0:67:81:c1:ea:6f:1b:a1:ee:58:29:
ae:2e:25:38:22:ed:c6:e0:6d:67:ce:9c:4d:8c:37:85:3e:d6:
cc:4f:68:21
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZl/0Aix2d10r70pccEuMPKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI1MDczOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg3Y2NiNTg3YzhhNWZkYjg1MTlhMzcwNjU0ODZjNjJiNTQ5MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGtF4LmcXBxBr4IRYZx7eIuzRlJf
iBQLvESoS4zgFMj0WCmU006NmI9JX9+0D8byoyMWEddE5q7LerIkTM9K0zMhmnoQ
8w4jdlUouv7U/j7IEVcLpxLHEJJqbuR8Xg1xW1a1zhPWKzLzTWG6/F5B4zzrQv6m
oNo4XQwQKOGWshMh4cO+TE+phC+K+5h7mXrWe20o9iYlGvySpYbjrgBW5raCKra8
8HM30nI4mGp1WGE9vb9sBx/9+AV4dhFBlYpOYL0tpZT2CYBbsRRuzqeKwwXfXqw2
ZUAceNRcSFWr2z8D1wQA6u00VXhAef0rf7AxB8X7ZKkgknifvxuGl2BScQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLqHzLWHyKX9uFGaNwZUhsYrVJMBMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdW9mTXRZZklwZjI0VVpvM0JsU0d4aXRVa3dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBBbWoAwQA
Bbf/AwQATVP3MAwDBAC5TdkDBAK5TdgDBAG5WSoDBADV6HgDBADV6HowDQYJKoZI
hvcNAQELBQADggEBABRoFnzLqJWLVtYDlbAMqTA8ynvXy0rWEUDCLqfuCuA7xuQY
XCruFSlp5UHFX0wGiGBvs1bhYZutWJJqitIluicyK+ckzGeP8DhXKj1oWK70SVRT
UdMS4I+9wZ+foiveB7TM0B90dc3SSmAWMybXAuA8va9WAif1EXcX8TrvY5qJxTJ9
Wxrd8vh/CJi3gR5oCTcV1Ok18QvfKm4gmIDdQeaRtcRcI5kEX80eBiDRcgbJtH8J
t/B8ux48OZNot8ujOPXYIyy2nAGAQ3/cXV0rI9Fwrrf8F1ZbZAyGi+yjFlmgZ4HB
6m8boe5YKa4uJTgi7cbgbWfOnE2MN4U+1sxPaCE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:04 2025 by rpki-client