Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/U4B8gIRkl6vMFpf6uf4FiRg-PGU.roa
File: U4B8gIRkl6vMFpf6uf4FiRg-PGU.roa (raw, json)
Hash identifier: xjlWzszBjbkzgZlr1n6anraY55j54PVbdFl2R0E6OSc=
Subject key identifier: 53:80:7C:80:84:64:97:AB:CC:16:97:FA:B9:FE:05:89:18:3E:3C:65
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 0199D39EB6B305010C4E9938263EC76D8EF2
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/U4B8gIRkl6vMFpf6uf4FiRg-PGU.roa
Signing time: Sat 11 Oct 2025 14:13:38 +0000
ROA not before: Sat 11 Oct 2025 14:13:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 178.236.32.0/24 maxlen: 24
178.236.35.0/24 maxlen: 24
185.49.104.0/24 maxlen: 24
185.49.105.0/24 maxlen: 24
185.118.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d3:9e:b6:b3:05:01:0c:4e:99:38:26:3e:c7:6d:8e:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Oct 11 14:13:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53807c80846497abcc1697fab9fe0589183e3c65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b4:0c:01:f7:82:f0:31:3e:c1:51:7c:ae:36:
48:2a:cb:82:ab:f1:21:00:e1:f2:b5:d7:17:ab:6b:
85:43:2f:a1:7b:07:72:ff:a1:d2:5a:57:7b:17:c4:
0f:70:ae:e3:59:f2:30:c3:33:50:dd:4a:b5:d1:95:
fc:c9:78:d6:d4:3c:78:07:7f:74:97:c8:4b:00:b0:
c9:de:05:f2:ac:cf:f9:c2:06:8f:fd:7f:15:81:f1:
12:c3:fc:62:fa:1f:3f:42:c3:6b:77:1d:3a:0d:f5:
c1:42:d1:bf:f1:c3:ea:fe:eb:c7:91:7e:66:c8:76:
f8:d7:c3:16:20:a5:a6:f4:11:ef:00:01:c2:d9:35:
2c:6e:a4:d8:b9:69:f9:03:46:16:3d:47:f3:24:dd:
16:28:5c:f6:40:4d:d9:27:e9:cd:98:f9:ce:be:51:
47:12:f6:50:de:08:3f:ac:3a:94:2f:33:1e:4c:ec:
be:f6:52:72:1a:9f:ab:bc:f1:40:d5:41:2c:b1:ea:
ea:36:a2:e2:b1:b7:85:ee:d0:c1:b9:cb:f6:31:0b:
c8:87:08:78:3d:8d:04:81:d4:12:88:7e:78:7f:d7:
07:ee:cc:e4:f8:40:8f:c8:4d:89:b7:25:f3:1c:83:
d8:2c:fb:03:7a:5e:aa:76:8d:d6:f6:da:4e:11:6d:
3d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:80:7C:80:84:64:97:AB:CC:16:97:FA:B9:FE:05:89:18:3E:3C:65
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/U4B8gIRkl6vMFpf6uf4FiRg-PGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.32.0/24
178.236.35.0/24
185.49.104.0/23
185.118.12.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6b:2f:cd:d3:29:74:53:37:c8:96:4c:7b:42:5a:31:a6:7b:
5c:78:b9:28:87:ad:df:ae:b9:b1:59:d8:9f:15:3b:ef:7c:8f:
ec:52:c7:76:02:3e:9e:cf:00:d0:37:8a:11:ba:62:c7:da:ca:
98:29:60:7b:14:41:0b:ee:6c:19:f6:d5:90:d4:3a:8d:55:ce:
cd:48:8b:cd:c5:fd:25:3d:0a:8d:50:3f:32:bf:78:4c:3e:fb:
86:70:dc:c0:67:af:84:bf:f5:bd:97:72:46:fd:8d:00:a0:4c:
eb:78:54:4c:9e:78:c7:da:36:b4:92:fa:a9:3c:de:a8:7f:d3:
5d:1c:f7:b9:c2:b4:35:33:5a:b4:e2:05:5e:ee:b4:1b:77:98:
21:1f:6a:93:d3:01:69:7c:29:d9:19:65:de:f8:69:70:b2:06:
2e:35:95:39:af:86:cb:52:89:24:6b:89:81:95:c0:e8:6b:a0:
73:6c:ab:1e:19:5b:d7:18:f3:93:60:40:39:bf:e1:54:8e:bb:
42:f8:5d:2c:5f:cc:26:62:df:72:e0:4a:be:68:66:52:6c:3c:
bb:a7:28:fc:e5:9a:37:77:4e:23:2e:1f:fc:af:85:bc:8f:ae:
ba:dd:cc:07:e5:d0:77:c6:f9:05:41:5e:7e:04:9a:38:64:f1:
37:a2:e5:0a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZnTnrazBQEMTpk4Jj7HbY7yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjUxMDExMTQxMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzgwN2M4MDg0NjQ5N2FiY2MxNjk3ZmFiOWZlMDU4OTE4M2UzYzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rQMAfeC8DE+wVF8rjZIKsuCq/Eh
AOHytdcXq2uFQy+hewdy/6HSWld7F8QPcK7jWfIwwzNQ3Uq10ZX8yXjW1Dx4B390
l8hLALDJ3gXyrM/5wgaP/X8VgfESw/xi+h8/QsNrdx06DfXBQtG/8cPq/uvHkX5m
yHb418MWIKWm9BHvAAHC2TUsbqTYuWn5A0YWPUfzJN0WKFz2QE3ZJ+nNmPnOvlFH
EvZQ3gg/rDqULzMeTOy+9lJyGp+rvPFA1UEsserqNqLisbeF7tDBucv2MQvIhwh4
PY0EgdQSiH54f9cH7szk+ECPyE2JtyXzHIPYLPsDel6qdo3W9tpOEW095wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFOAfICEZJerzBaX+rn+BYkYPjxlMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL1U0QjhnSVJrbDZ2TUZwZjZ1ZjRGaVJnLVBHVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACy7CAD
BACy7CMDBAG5MWgDBAC5dgwwDQYJKoZIhvcNAQELBQADggEBAHdrL83TKXRTN8iW
THtCWjGme1x4uSiHrd+uubFZ2J8VO+98j+xSx3YCPp7PANA3ihG6YsfaypgpYHsU
QQvubBn21ZDUOo1Vzs1Ii83F/SU9Co1QPzK/eEw++4Zw3MBnr4S/9b2Xckb9jQCg
TOt4VEyeeMfaNrSS+qk83qh/010c97nCtDUzWrTiBV7utBt3mCEfapPTAWl8KdkZ
Zd74aXCyBi41lTmvhstSiSRriYGVwOhroHNsqx4ZW9cY85NgQDm/4VSOu0L4XSxf
zCZi33LgSr5oZlJsPLunKPzlmjd3TiMuH/yvhbyPrrrdzAfl0HfG+QVBXn4Emjhk
8Tei5Qo=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:33 2025 by rpki-client