Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/uHsUP9ITNumWBnivSrpnKA1c8sk.roa
File: uHsUP9ITNumWBnivSrpnKA1c8sk.roa (raw, json)
Hash identifier: RggRwkd0IhdYIM5cTJqQm6e1Y1oQR3G4Ep6Nth1HpWk=
Subject key identifier: B8:7B:14:3F:D2:13:36:E9:96:06:78:AF:4A:BA:67:28:0D:5C:F2:C9
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 019880052DD3B699005FDC65EA05764E1C16
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/uHsUP9ITNumWBnivSrpnKA1c8sk.roa
Signing time: Wed 06 Aug 2025 15:34:39 +0000
ROA not before: Wed 06 Aug 2025 15:34:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 932
IP address blocks: 45.128.146.0/23 maxlen: 24
45.131.179.0/24 maxlen: 24
45.132.238.0/23 maxlen: 24
45.133.238.0/23 maxlen: 24
45.134.82.0/23 maxlen: 24
45.135.118.0/23 maxlen: 24
45.137.10.0/23 maxlen: 24
45.140.90.0/23 maxlen: 24
91.217.162.0/24 maxlen: 24
91.238.203.0/24 maxlen: 24
91.238.207.0/24 maxlen: 24
185.106.176.0/22 maxlen: 24
193.200.130.0/24 maxlen: 24
193.200.134.0/24 maxlen: 24
193.200.149.0/24 maxlen: 24
193.200.152.0/24 maxlen: 24
193.227.103.0/24 maxlen: 24
193.227.109.0/24 maxlen: 24
2a06:5040::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:05:2d:d3:b6:99:00:5f:dc:65:ea:05:76:4e:1c:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Aug 6 15:34:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b87b143fd21336e9960678af4aba67280d5cf2c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:38:f8:c3:25:a0:27:37:ba:b1:cb:a6:5e:
a9:bb:33:9e:fe:15:6b:4c:01:f2:26:8f:74:99:b8:
48:41:30:cd:aa:bd:9c:f0:86:05:86:29:ac:d0:63:
20:d1:c4:4d:cf:64:39:d6:30:e5:03:3f:70:b1:e0:
24:2c:4f:c9:a3:64:49:30:fd:89:f4:2d:c8:55:6f:
d9:79:5e:b0:d5:1c:be:45:df:23:95:19:6b:94:ef:
c4:e8:2f:11:a9:43:aa:fb:db:39:f8:bc:1b:4e:55:
3b:f6:d4:9e:8e:9f:3a:f4:37:3d:30:e3:7f:00:81:
92:42:dd:c7:53:cb:3d:2b:1c:5a:d1:1e:5c:83:b3:
b7:70:56:75:8b:86:25:d2:7d:ab:b6:16:8b:be:6f:
04:79:73:27:3e:e5:df:ba:d5:51:f8:f5:35:33:a4:
20:4b:05:3e:6e:1a:69:98:7a:0e:ee:81:06:f7:35:
c5:f4:74:50:b6:ea:09:1b:f4:30:f9:12:e8:11:49:
04:c4:38:d5:11:51:4b:b3:ce:b3:24:26:1a:a7:76:
f6:05:d7:51:05:3c:a9:df:1a:cf:01:e4:f6:93:31:
65:4f:5d:d8:c0:2f:c9:c4:8f:f9:c6:0a:fc:29:91:
9a:15:e3:48:38:27:f7:68:06:9f:51:ee:23:b5:59:
91:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:7B:14:3F:D2:13:36:E9:96:06:78:AF:4A:BA:67:28:0D:5C:F2:C9
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/uHsUP9ITNumWBnivSrpnKA1c8sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.146.0/23
45.131.179.0/24
45.132.238.0/23
45.133.238.0/23
45.134.82.0/23
45.135.118.0/23
45.137.10.0/23
45.140.90.0/23
91.217.162.0/24
91.238.203.0/24
91.238.207.0/24
185.106.176.0/22
193.200.130.0/24
193.200.134.0/24
193.200.149.0/24
193.200.152.0/24
193.227.103.0/24
193.227.109.0/24
IPv6:
2a06:5040::/48
Signature Algorithm: sha256WithRSAEncryption
0b:6e:39:87:2e:1d:14:9b:df:77:53:51:da:6d:c6:3a:0e:a2:
31:0d:99:28:66:5c:25:0a:55:ce:54:4b:b4:fe:24:78:3b:d4:
a2:13:4a:a2:3f:b8:3d:33:15:52:d6:cb:72:71:91:c0:64:d5:
ce:e1:a2:ff:57:ea:ac:8e:b4:ca:fc:34:1b:bc:6e:42:b5:61:
e8:21:7d:7d:86:48:8a:a4:23:cd:bb:b9:58:b2:54:0b:36:aa:
fb:39:37:03:fe:65:c7:f6:13:b7:15:5d:d1:0d:91:53:26:39:
09:e9:2c:67:47:c9:64:a7:b2:e0:31:7f:aa:5f:92:aa:f0:22:
2d:13:fb:5b:8e:60:d3:0e:14:a4:bf:ed:9d:2c:33:ac:7f:97:
c0:61:b0:94:5c:9a:37:a2:73:55:ee:a2:74:91:61:d8:b0:77:
9a:6a:61:7f:41:0c:4b:10:dc:4e:dd:29:a7:7d:81:47:ed:67:
52:b5:cc:66:64:a5:1e:a9:92:5f:a4:85:4b:f3:32:03:7e:0c:
4e:c3:60:f6:84:6c:cd:60:f8:68:f1:10:e8:64:ac:cc:b2:c1:
1c:d5:d8:59:bf:93:c8:99:b5:75:b6:e8:f2:bf:9f:70:e1:9d:
36:1f:1d:14:ef:c5:3e:56:2d:b7:0f:d6:e9:87:b0:f2:e8:8c:
4d:fb:e3:ce
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZiABS3TtpkAX9xl6gV2ThwWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjUwODA2MTUzNDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODdiMTQzZmQyMTMzNmU5OTYwNjc4YWY0YWJhNjcyODBkNWNmMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ04+MMloCc3urHLpl6puzOe/hVr
TAHyJo90mbhIQTDNqr2c8IYFhims0GMg0cRNz2Q51jDlAz9wseAkLE/Jo2RJMP2J
9C3IVW/ZeV6w1Ry+Rd8jlRlrlO/E6C8RqUOq+9s5+LwbTlU79tSejp869Dc9MON/
AIGSQt3HU8s9Kxxa0R5cg7O3cFZ1i4Yl0n2rthaLvm8EeXMnPuXfutVR+PU1M6Qg
SwU+bhppmHoO7oEG9zXF9HRQtuoJG/Qw+RLoEUkExDjVEVFLs86zJCYap3b2BddR
BTyp3xrPAeT2kzFlT13YwC/JxI/5xgr8KZGaFeNIOCf3aAafUe4jtVmRswIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFLh7FD/SEzbplgZ4r0q6ZygNXPLJMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvdUhzVVA5SVROdW1XQm5pdlNycG5LQTFjOHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQBLYCS
AwQALYOzAwQBLYTuAwQBLYXuAwQBLYZSAwQBLYd2AwQBLYkKAwQBLYxaAwQAW9mi
AwQAW+7LAwQAW+7PAwQCuWqwAwQAwciCAwQAwciGAwQAwciVAwQAwciYAwQAweNn
AwQAweNtMA8EAgACMAkDBwAqBlBAAAAwDQYJKoZIhvcNAQELBQADggEBAAtuOYcu
HRSb33dTUdptxjoOojENmShmXCUKVc5US7T+JHg71KITSqI/uD0zFVLWy3JxkcBk
1c7hov9X6qyOtMr8NBu8bkK1YeghfX2GSIqkI827uViyVAs2qvs5NwP+Zcf2E7cV
XdENkVMmOQnpLGdHyWSnsuAxf6pfkqrwIi0T+1uOYNMOFKS/7Z0sM6x/l8BhsJRc
mjeic1XuonSRYdiwd5pqYX9BDEsQ3E7dKad9gUftZ1K1zGZkpR6pkl+khUvzMgN+
DE7DYPaEbM1g+GjxEOhkrMyywRzV2Fm/k8iZtXW26PK/n3DhnTYfHRTvxT5WLbcP
1umHsPLojE37484=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:33:19 2025 by rpki-client