
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3pecEe63FItNGTHW7isYZwkvFE.roa
File: U3pecEe63FItNGTHW7isYZwkvFE.roa (raw, json)
Hash identifier: wqBpSnUGzGsqdIqfHH3K0WvygDlcVRIyUYZbEQBEwTI=
Subject key identifier: 53:7A:5E:70:47:BA:DC:52:2D:34:64:C7:5B:B8:AC:61:9C:24:BC:51
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198A7F4A8FAE60D7D3D5ED68E75BDFD155B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3pecEe63FItNGTHW7isYZwkvFE.roa
Signing time: Thu 14 Aug 2025 09:41:25 +0000
ROA not before: Thu 14 Aug 2025 09:41:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399073
IP address blocks: 77.107.105.0/24 maxlen: 24
81.168.126.0/24 maxlen: 24
82.152.51.0/24 maxlen: 24
82.153.159.0/24 maxlen: 24
82.153.215.0/24 maxlen: 24
89.213.139.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
217.145.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:f4:a8:fa:e6:0d:7d:3d:5e:d6:8e:75:bd:fd:15:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 14 09:41:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=537a5e7047badc522d3464c75bb8ac619c24bc51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:22:e4:50:a0:f6:db:c2:14:81:e3:33:23:
ae:cb:d2:ec:9e:47:a7:4b:8e:48:3d:fe:1b:85:85:
23:a8:db:2b:73:21:20:bc:06:7f:73:e3:c0:e8:34:
95:c9:0c:dc:6e:ec:d5:95:00:d5:5d:65:17:c4:95:
b7:a3:1e:94:57:48:6d:d9:95:ea:cb:e2:c9:5b:08:
e1:14:0d:16:f3:4c:30:38:f0:ae:79:fa:f6:28:45:
b7:17:29:4d:e3:a8:0f:42:15:c8:02:5c:b8:55:48:
34:1c:b6:ed:13:f6:01:f6:05:65:7b:cd:f4:de:68:
1e:ec:06:9b:c4:5e:1a:d0:cd:5f:ef:31:72:cb:01:
3d:c5:f7:fe:6d:1d:d6:31:30:3a:8a:06:bf:2b:08:
4d:b1:fd:a8:b1:a5:11:99:c6:9d:c7:0b:fe:f2:b6:
43:3a:76:75:9c:2d:cc:e2:cd:4d:4c:4d:f8:02:ae:
12:a0:51:6a:22:11:2b:a4:32:11:d3:98:83:d6:7f:
57:6f:2a:c9:50:48:5d:fc:8e:56:e2:40:d6:a7:cd:
cb:d3:91:83:7a:27:fc:de:53:54:46:dd:ea:68:37:
1f:b0:b9:1d:8b:cb:c6:0d:17:1d:64:0f:b0:9e:a1:
15:67:f6:dd:11:be:6c:8a:9f:0c:b8:8b:d2:bd:fb:
a9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:7A:5E:70:47:BA:DC:52:2D:34:64:C7:5B:B8:AC:61:9C:24:BC:51
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U3pecEe63FItNGTHW7isYZwkvFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.105.0/24
81.168.126.0/24
82.152.51.0/24
82.153.159.0/24
82.153.215.0/24
89.213.139.0/24
89.213.152.0/24
109.176.193.0/24
217.145.78.0/24
Signature Algorithm: sha256WithRSAEncryption
21:40:77:3f:db:bb:a5:e2:6f:5d:8a:0d:59:d1:82:9a:96:84:
13:d6:df:5c:42:7d:f2:da:dd:4a:ae:ff:d4:fd:e2:37:cf:7f:
71:eb:fb:9f:2e:bc:56:43:78:fc:a4:b3:74:85:fb:ed:9d:ad:
2b:a5:cc:46:3b:63:5a:d9:59:e3:ce:d1:1c:ac:87:e6:d2:89:
9c:0e:62:a8:20:73:d5:eb:56:f0:1a:7f:55:d0:be:95:33:c7:
a7:9c:54:39:4c:8e:40:24:82:ad:fd:28:31:32:6a:95:ee:01:
9f:54:55:a9:fd:ed:51:2d:38:95:89:28:c7:7a:fb:12:85:3e:
9a:d4:f2:2b:b9:e3:3c:96:2e:61:7e:80:0a:a0:f3:c2:fd:7a:
1d:e8:dc:5b:36:0b:a0:14:da:39:04:4e:da:36:99:88:18:3c:
7b:4f:f9:c3:ed:d3:4e:fe:c6:0e:c0:50:f0:cf:05:08:6a:56:
10:7d:1a:90:a9:74:a4:e9:8b:09:bb:eb:cb:8a:65:35:b0:1c:
47:e1:67:e5:9a:bb:2f:56:25:7b:d7:01:b2:f9:83:38:98:6b:
f5:7b:73:d1:b4:8d:37:90:2d:73:21:14:14:a4:6a:92:b9:c9:
fe:0e:b8:d6:65:61:e3:7a:6b:e3:5a:a7:e0:76:56:63:35:b2:
69:d6:4a:26
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZin9Kj65g19PV7WjnW9/RVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODE0MDk0MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzdhNWU3MDQ3YmFkYzUyMmQzNDY0Yzc1YmI4YWM2MTljMjRiYzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgci5FCg9tvCFIHjMyOuy9Lsnken
S45IPf4bhYUjqNsrcyEgvAZ/c+PA6DSVyQzcbuzVlQDVXWUXxJW3ox6UV0ht2ZXq
y+LJWwjhFA0W80wwOPCuefr2KEW3FylN46gPQhXIAly4VUg0HLbtE/YB9gVle830
3mge7AabxF4a0M1f7zFyywE9xff+bR3WMTA6iga/KwhNsf2osaURmcadxwv+8rZD
OnZ1nC3M4s1NTE34Aq4SoFFqIhErpDIR05iD1n9XbyrJUEhd/I5W4kDWp83L05GD
eif83lNURt3qaDcfsLkdi8vGDRcdZA+wnqEVZ/bdEb5sip8MuIvSvfupkQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFFN6XnBHutxSLTRkx1u4rGGcJLxRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTNwZWNFZTYzRkl0TkdUSFc3aXNZWndrdkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQATWtpAwQA
Uah+AwQAUpgzAwQAUpmfAwQAUpnXAwQAWdWLAwQAWdWYAwQAbbDBAwQA2ZFOMA0G
CSqGSIb3DQEBCwUAA4IBAQAhQHc/27ul4m9dig1Z0YKaloQT1t9cQn3y2t1Krv/U
/eI3z39x6/ufLrxWQ3j8pLN0hfvtna0rpcxGO2Na2VnjztEcrIfm0omcDmKoIHPV
61bwGn9V0L6VM8ennFQ5TI5AJIKt/SgxMmqV7gGfVFWp/e1RLTiViSjHevsShT6a
1PIrueM8li5hfoAKoPPC/Xod6NxbNgugFNo5BE7aNpmIGDx7T/nD7dNO/sYOwFDw
zwUIalYQfRqQqXSk6YsJu+vLimU1sBxH4WflmrsvViV71wGy+YM4mGv1e3PRtI03
kC1zIRQUpGqSucn+DrjWZWHjemvjWqfgdlZjNbJp1kom
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:02:41 2025 by rpki-client