Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/U9KdXmhyHuPRB4I24nyIZuy9hRA.roa
File: U9KdXmhyHuPRB4I24nyIZuy9hRA.roa (raw, json)
Hash identifier: sYu5pSPe7UpfkonZAKhKhsjpVtyLZPnhGwSbbl2Qc+0=
Subject key identifier: 53:D2:9D:5E:68:72:1E:E3:D1:07:82:36:E2:7C:88:66:EC:BD:85:10
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0198A203094266C1BFA890E23889AD9E3C0C
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/U9KdXmhyHuPRB4I24nyIZuy9hRA.roa
Signing time: Wed 13 Aug 2025 05:59:24 +0000
ROA not before: Wed 13 Aug 2025 05:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 45014
IP address blocks: 95.177.51.0/24 maxlen: 24
95.177.52.0/24 maxlen: 24
95.177.57.0/24 maxlen: 24
95.177.58.0/24 maxlen: 24
95.177.60.0/24 maxlen: 24
109.204.4.0/24 maxlen: 24
109.204.8.0/24 maxlen: 24
109.204.10.0/24 maxlen: 24
109.204.14.0/24 maxlen: 24
109.204.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:03:09:42:66:c1:bf:a8:90:e2:38:89:ad:9e:3c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Aug 13 05:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d29d5e68721ee3d1078236e27c8866ecbd8510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:00:fd:ef:0a:01:08:45:2d:03:a6:6d:69:ac:
0a:b8:19:e8:3b:ac:e4:5b:1a:c9:cc:5a:aa:9d:c2:
80:1d:00:66:bb:89:99:26:93:e2:38:41:07:71:bf:
ae:25:67:ab:8d:b3:5b:ec:e4:09:57:db:eb:96:f3:
d3:51:0c:03:f6:b7:bd:5b:4b:fb:6e:83:3b:7e:61:
f5:9b:27:64:8a:71:9d:ba:57:cf:56:eb:a1:f6:83:
d8:31:ec:89:e5:70:80:b3:74:bb:82:29:b0:83:d8:
98:f8:1b:ee:99:20:c0:4e:de:80:d0:cb:89:16:4f:
77:79:f9:a9:cf:2b:d3:34:ae:e1:f9:b0:7a:ee:7d:
6f:9a:89:dc:6d:cb:73:5b:4d:97:2c:34:dd:89:dd:
fe:9a:0c:73:fb:67:53:be:d0:53:ce:4d:5e:d0:57:
3a:0c:89:65:ff:43:3d:e3:1f:1b:61:57:84:a5:8b:
86:ec:74:2e:14:16:b3:a2:56:f5:c5:ba:56:2b:4f:
cb:ea:26:76:82:43:de:7a:c1:51:46:e9:99:20:eb:
2d:a9:18:57:01:9b:13:62:9a:90:f8:a4:62:86:b0:
a4:48:56:9c:ec:f6:5b:65:29:4a:5e:29:36:4f:06:
c7:0c:1b:a1:3f:3e:0e:01:6d:b5:76:93:78:8a:b3:
2b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D2:9D:5E:68:72:1E:E3:D1:07:82:36:E2:7C:88:66:EC:BD:85:10
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/U9KdXmhyHuPRB4I24nyIZuy9hRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.177.51.0-95.177.52.255
95.177.57.0-95.177.58.255
95.177.60.0/24
109.204.4.0/24
109.204.8.0/24
109.204.10.0/24
109.204.14.0/24
109.204.22.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c2:bc:d9:94:03:43:6b:38:7e:ab:17:86:ff:06:a8:53:82:
ef:56:e6:bb:c9:6a:3e:c3:79:46:0a:48:30:53:d9:98:6d:83:
62:bb:01:e4:0e:8f:12:36:a5:7d:40:db:9e:3c:85:71:e9:b1:
d7:7c:93:12:e4:f4:d4:aa:62:48:e7:13:d7:92:f5:5a:6f:6d:
ee:4c:5d:b9:ce:77:c4:1c:c7:1e:44:af:93:02:a8:56:49:6e:
37:77:3b:70:da:de:5e:54:45:b8:ea:72:e7:46:05:ae:12:68:
be:8a:56:97:1e:ae:17:42:2a:77:5e:0c:c0:f0:4a:3f:f3:74:
ac:e5:02:6c:b5:ca:82:f9:59:f8:9e:57:8d:12:a2:d1:ed:2d:
8a:da:53:fd:92:78:6d:30:49:bc:c2:29:0d:31:70:7a:e0:ce:
02:e1:3c:4f:92:51:43:08:34:a8:fb:4c:d0:ac:a8:6f:82:0e:
d8:b1:92:a9:a2:44:6b:7a:5a:d1:cf:92:0c:3d:bb:8e:41:0b:
2e:80:f2:dd:57:71:5f:4e:6a:0b:02:82:69:a1:ff:1e:63:b8:
2c:c1:f7:d9:1c:ca:85:ff:ae:08:26:33:58:48:85:78:b6:c3:
69:86:a8:4f:29:49:6c:11:83:0a:ee:06:da:2d:ea:68:b6:94:
9e:8a:04:4d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZiiAwlCZsG/qJDiOImtnjwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwODEzMDU1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QyOWQ1ZTY4NzIxZWUzZDEwNzgyMzZlMjdjODg2NmVjYmQ4NTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwD97woBCEUtA6ZtaawKuBnoO6zk
WxrJzFqqncKAHQBmu4mZJpPiOEEHcb+uJWerjbNb7OQJV9vrlvPTUQwD9re9W0v7
boM7fmH1mydkinGdulfPVuuh9oPYMeyJ5XCAs3S7gimwg9iY+BvumSDATt6A0MuJ
Fk93efmpzyvTNK7h+bB67n1vmoncbctzW02XLDTdid3+mgxz+2dTvtBTzk1e0Fc6
DIll/0M94x8bYVeEpYuG7HQuFBazolb1xbpWK0/L6iZ2gkPeesFRRumZIOstqRhX
AZsTYpqQ+KRihrCkSFac7PZbZSlKXik2TwbHDBuhPz4OAW21dpN4irMrWwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFFPSnV5och7j0QeCNuJ8iGbsvYUQMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvVTlLZFhtaHlIdVBSQjRJMjRueUladXk5aFJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBABfsTMD
BABfsTQwDAMEAF+xOQMEAF+xOgMEAF+xPAMEAG3MBAMEAG3MCAMEAG3MCgMEAG3M
DgMEAG3MFjANBgkqhkiG9w0BAQsFAAOCAQEAMMK82ZQDQ2s4fqsXhv8GqFOC71bm
u8lqPsN5RgpIMFPZmG2DYrsB5A6PEjalfUDbnjyFcemx13yTEuT01KpiSOcT15L1
Wm9t7kxduc53xBzHHkSvkwKoVkluN3c7cNreXlRFuOpy50YFrhJovopWlx6uF0Iq
d14MwPBKP/N0rOUCbLXKgvlZ+J5XjRKi0e0titpT/ZJ4bTBJvMIpDTFweuDOAuE8
T5JRQwg0qPtM0Kyob4IO2LGSqaJEa3pa0c+SDD27jkELLoDy3VdxX05qCwKCaaH/
HmO4LMH32RzKhf+uCCYzWEiFeLbDaYaoTylJbBGDCu4G2i3qaLaUnooETQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:28:27 2025 by rpki-client