Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/uSEgi8iUzILIPcuywbOmvg5Y2Gg.roa
File: uSEgi8iUzILIPcuywbOmvg5Y2Gg.roa (raw, json)
Hash identifier: XHWIRfce86oixYrPwBde67Fu+mIBmMzlLDIa0ik6CpU=
Subject key identifier: B9:21:20:8B:C8:94:CC:82:C8:3D:CB:B2:C1:B3:A6:BE:0E:58:D8:68
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 0197B0F25B5FB2DF31E92955CA2BAA92DB13
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/uSEgi8iUzILIPcuywbOmvg5Y2Gg.roa
Signing time: Fri 27 Jun 2025 10:32:42 +0000
ROA not before: Fri 27 Jun 2025 10:32:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
37.233.81.0/24 maxlen: 24
77.73.232.0/24 maxlen: 24
83.222.22.0/23 maxlen: 24
89.169.36.0/23 maxlen: 24
90.156.252.0/23 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
109.94.211.0/24 maxlen: 24
178.236.16.0/24 maxlen: 24
178.236.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:f2:5b:5f:b2:df:31:e9:29:55:ca:2b:aa:92:db:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Jun 27 10:32:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b921208bc894cc82c83dcbb2c1b3a6be0e58d868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:bc:19:ab:c2:d7:58:65:60:fe:3c:ca:f1:c0:
93:6c:50:13:a1:7b:d9:aa:01:20:3f:ea:c9:73:0f:
a4:29:e1:2c:06:6a:c2:38:a6:aa:af:49:76:bc:cf:
eb:c4:62:95:8f:0a:aa:f7:5d:46:21:bc:f9:47:7b:
0a:ab:6c:13:79:be:45:3a:6d:e1:52:4c:80:a1:e7:
87:75:3b:46:2c:b3:fa:e4:9f:a9:14:42:66:96:df:
d3:94:29:9f:a2:a7:94:ec:3b:90:da:db:ee:9e:61:
3b:9c:8b:67:c3:5c:2f:fc:b5:49:37:7a:4e:4d:15:
37:e3:3c:18:89:aa:35:7e:54:64:c3:e8:9c:63:22:
1b:36:d4:5e:0a:48:70:3c:99:7e:ca:f2:24:91:b0:
70:52:18:79:f7:2a:c8:3f:6b:31:3b:e4:08:50:60:
db:47:48:77:3d:ee:de:5e:83:8f:0d:7f:77:e7:87:
1f:94:27:f4:77:12:08:f0:12:a0:87:34:6c:90:44:
29:ca:1f:40:25:52:35:fc:06:8f:e5:04:92:6d:a9:
f6:03:16:84:87:48:cb:7d:ef:7a:66:20:9e:f8:90:
52:a2:10:6d:79:e3:2d:56:33:67:92:96:72:0e:ef:
59:40:0e:e0:f9:e7:fa:21:64:30:c9:29:a6:16:1e:
ec:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:21:20:8B:C8:94:CC:82:C8:3D:CB:B2:C1:B3:A6:BE:0E:58:D8:68
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/uSEgi8iUzILIPcuywbOmvg5Y2Gg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
37.233.81.0/24
77.73.232.0/24
83.222.22.0/23
89.169.36.0/23
90.156.252.0/23
91.218.140.0/23
109.94.211.0/24
178.236.16.0/23
Signature Algorithm: sha256WithRSAEncryption
99:d6:a2:bd:95:51:e8:61:10:7d:be:fb:8b:53:e5:aa:49:89:
49:4b:9c:f5:7f:f4:f1:d3:f8:2c:a9:42:ac:1b:2a:a2:65:11:
24:81:b5:e6:8b:bd:0d:14:d3:11:9b:a9:75:83:1b:31:6b:22:
bf:8d:a3:50:8e:bd:82:4f:ac:e7:4e:4f:84:80:72:68:54:27:
eb:e7:cc:74:cc:3e:cd:60:23:2c:85:6b:fb:f7:be:72:f8:c2:
d5:ab:83:9b:07:e1:aa:d8:09:7e:4f:85:27:c7:50:09:73:06:
b1:6e:d8:28:c9:53:ca:ea:4f:73:6e:fe:3e:22:eb:dc:b6:b4:
0d:b8:fd:a4:e4:3a:22:cd:46:d9:59:a3:86:cc:85:a5:45:8b:
07:4d:50:c7:2a:19:6b:a0:12:2d:ad:d0:f2:44:00:c0:67:0a:
5f:9f:ac:94:4c:de:03:23:ae:9c:c5:9b:b5:db:eb:87:79:76:
e8:ec:60:74:29:6b:30:3c:f4:28:5a:30:2c:57:b5:b3:af:5b:
c7:23:01:a7:6e:d8:c5:6f:21:ef:2c:8b:bf:d3:de:7f:e7:b4:
47:98:04:e2:cd:f0:01:46:0f:fb:37:ff:2e:b9:83:ca:89:b8:
d9:3b:8d:e3:5f:77:68:ff:86:73:51:ed:b7:c4:4e:8f:68:38:
f4:15:d2:01
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZew8ltfst8x6SlVyiuqktsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjUwNjI3MTAzMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTIxMjA4YmM4OTRjYzgyYzgzZGNiYjJjMWIzYTZiZTBlNThkODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLwZq8LXWGVg/jzK8cCTbFAToXvZ
qgEgP+rJcw+kKeEsBmrCOKaqr0l2vM/rxGKVjwqq911GIbz5R3sKq2wTeb5FOm3h
UkyAoeeHdTtGLLP65J+pFEJmlt/TlCmfoqeU7DuQ2tvunmE7nItnw1wv/LVJN3pO
TRU34zwYiao1flRkw+icYyIbNtReCkhwPJl+yvIkkbBwUhh59yrIP2sxO+QIUGDb
R0h3Pe7eXoOPDX9354cflCf0dxII8BKghzRskEQpyh9AJVI1/AaP5QSSban2AxaE
h0jLfe96ZiCe+JBSohBteeMtVjNnkpZyDu9ZQA7g+ef6IWQwySmmFh7sHwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFLkhIIvIlMyCyD3LssGzpr4OWNhoMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvdVNFZ2k4aVV6SUxJUGN1eXdiT212ZzVZMkdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBBSNQAwQA
JelRAwQATUnoAwQBU94WAwQBWakkAwQBWpz8AwQBW9qMAwQAbV7TAwQBsuwQMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ1qK9lVHoYRB9vvuLU+WqSYlJS5z1f/Tx0/gsqUKs
GyqiZREkgbXmi70NFNMRm6l1gxsxayK/jaNQjr2CT6znTk+EgHJoVCfr58x0zD7N
YCMshWv7975y+MLVq4ObB+Gq2Al+T4Unx1AJcwaxbtgoyVPK6k9zbv4+IuvctrQN
uP2k5DoizUbZWaOGzIWlRYsHTVDHKhlroBItrdDyRADAZwpfn6yUTN4DI66cxZu1
2+uHeXbo7GB0KWswPPQoWjAsV7Wzr1vHIwGnbtjFbyHvLIu/095/57RHmATizfAB
Rg/7N/8uuYPKibjZO43jX3do/4ZzUe23xE6PaDj0FdIB
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:58:39 2025 by rpki-client