Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/UIdIZEUaxJjlUmS0DfjMepB-HoU.roa
File: UIdIZEUaxJjlUmS0DfjMepB-HoU.roa (raw, json)
Hash identifier: 7c/wtDjgeQptynstoYum4n7aAfpOsb4reHajWBMyT4A=
Subject key identifier: 50:87:48:64:45:1A:C4:98:E5:52:64:B4:0D:F8:CC:7A:90:7E:1E:85
Certificate issuer: /CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Certificate serial: 0198A371294928A44F1EDB8F6AA29458E2A5
Authority key identifier: 96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/UIdIZEUaxJjlUmS0DfjMepB-HoU.roa
Signing time: Wed 13 Aug 2025 12:39:18 +0000
ROA not before: Wed 13 Aug 2025 12:39:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213081
IP address blocks: 91.194.139.0/24 maxlen: 24
147.78.194.0/23 maxlen: 24
185.203.114.0/23 maxlen: 23
2a09:2940::/29 maxlen: 48
2a0a:e5c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:71:29:49:28:a4:4f:1e:db:8f:6a:a2:94:58:e2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96bfc5a172654dd6009db1d82d92ffaf71234120
Validity
Not Before: Aug 13 12:39:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50874864451ac498e55264b40df8cc7a907e1e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:19:24:48:09:c1:80:c3:44:ed:95:81:08:
ba:e9:aa:b4:1f:15:62:03:6d:85:33:d1:8f:36:09:
64:95:a1:d0:c3:01:b7:0c:7c:57:a5:76:f1:b7:ad:
ac:c4:85:63:1a:f1:7d:b5:71:64:d1:06:25:10:64:
51:b1:f2:96:fc:e2:13:df:c3:6b:3e:ee:92:7b:d1:
f8:f6:1f:29:f8:c0:7c:a1:4c:8f:5f:8d:26:8d:7e:
7a:74:91:f1:64:95:7d:da:c2:0d:e2:af:db:78:c6:
88:17:1b:bc:4d:6b:0b:e9:c5:4e:9a:c1:03:61:19:
67:fe:ec:f6:f2:f1:25:a4:b2:7e:a9:92:24:33:6b:
f5:1b:c1:ca:66:67:70:68:32:fc:a5:60:d8:d4:eb:
dc:c4:e7:26:c9:cd:81:08:d6:39:d5:46:e1:d5:e7:
f5:e8:c3:89:87:4a:ed:8d:1e:73:7b:d1:37:a1:11:
30:67:ba:ac:ba:c6:c3:8e:4a:e4:fd:e8:22:e5:4d:
fc:19:09:31:d6:75:12:b3:a4:67:a6:81:ea:65:67:
67:9e:5d:e6:d4:6a:81:f5:3d:22:a7:ed:f8:ac:3a:
e7:51:d6:64:41:d1:f9:3b:c9:76:7b:a2:a6:75:67:
5f:87:54:a5:a3:9b:42:89:6a:de:9a:52:63:1a:15:
86:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:87:48:64:45:1A:C4:98:E5:52:64:B4:0D:F8:CC:7A:90:7E:1E:85
X509v3 Authority Key Identifier:
keyid:96:BF:C5:A1:72:65:4D:D6:00:9D:B1:D8:2D:92:FF:AF:71:23:41:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lr_FoXJlTdYAnbHYLZL_r3EjQSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/UIdIZEUaxJjlUmS0DfjMepB-HoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/3630cb-ebec-4d86-b12b-bffb757c3134/1/lr_FoXJlTdYAnbHYLZL_r3EjQSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.139.0/24
147.78.194.0/23
185.203.114.0/23
IPv6:
2a09:2940::/29
2a0a:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:91:7e:0d:05:99:f6:45:63:be:11:ff:cb:b8:a3:a5:7a:17:
0a:2a:dd:89:7a:41:34:60:b4:62:d6:e1:64:0b:6b:f2:08:10:
75:c3:d2:d0:24:bd:47:fd:61:88:72:62:e5:65:75:71:49:52:
56:0e:05:47:79:90:43:5b:d4:75:4c:59:13:8e:c9:1e:92:bb:
0e:4e:21:b8:6a:bd:81:10:b9:ba:37:4a:56:db:71:26:53:57:
52:9d:c6:5f:27:98:ab:14:ec:94:fb:fa:43:ec:bc:6a:3d:16:
c1:45:4e:b9:c8:64:14:b7:aa:c7:a9:df:1b:6a:ba:c2:db:73:
95:90:50:dc:28:bc:f5:29:80:a4:d9:a0:08:51:de:73:f2:b9:
ce:8d:19:72:ea:57:a1:5a:d2:b7:80:06:3f:06:eb:d5:ce:e6:
10:60:9d:84:b0:9e:1f:23:a1:ab:40:6d:e4:fb:e0:48:e6:23:
2b:19:0e:43:1c:42:3e:03:82:94:be:be:77:40:31:db:63:7b:
1f:4a:34:7c:7a:18:83:54:51:ce:3f:7c:ed:cd:2a:f6:c8:5c:
5f:3d:10:71:aa:a9:df:78:6e:66:70:0a:37:44:eb:9d:b5:4c:
67:1f:cb:71:68:5d:75:1e:5b:cb:46:e3:ca:2a:fd:fe:74:41:
fc:29:b3:ef
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZijcSlJKKRPHtuPaqKUWOKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YmZjNWExNzI2NTRkZDYwMDlkYjFkODJkOTJmZmFmNzEy
MzQxMjAwHhcNMjUwODEzMTIzOTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDg3NDg2NDQ1MWFjNDk4ZTU1MjY0YjQwZGY4Y2M3YTkwN2UxZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXYZJEgJwYDDRO2VgQi66aq0HxVi
A22FM9GPNglklaHQwwG3DHxXpXbxt62sxIVjGvF9tXFk0QYlEGRRsfKW/OIT38Nr
Pu6Se9H49h8p+MB8oUyPX40mjX56dJHxZJV92sIN4q/beMaIFxu8TWsL6cVOmsED
YRln/uz28vElpLJ+qZIkM2v1G8HKZmdwaDL8pWDY1OvcxOcmyc2BCNY51Ubh1ef1
6MOJh0rtjR5ze9E3oREwZ7qsusbDjkrk/egi5U38GQkx1nUSs6RnpoHqZWdnnl3m
1GqB9T0ip+34rDrnUdZkQdH5O8l2e6KmdWdfh1Slo5tCiWremlJjGhWG5QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFCHSGRFGsSY5VJktA34zHqQfh6FMB8GA1UdIwQY
MBaAFJa/xaFyZU3WAJ2x2C2S/69xI0EgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmIt
YmZmYjc1N2MzMTM0LzEvVUlkSVpFVWF4SmpsVW1TMERmak1lcEItSG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zNjMwY2ItZWJlYy00ZDg2LWIxMmItYmZmYjc1N2MzMTM0
LzEvbHJfRm9YSmxUZFlBbmJIWUxaTF9yM0VqUVNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAW8KLAwQB
k07CAwQBuctyMBQEAgACMA4DBQMqCSlAAwUDKgrlwDANBgkqhkiG9w0BAQsFAAOC
AQEAW5F+DQWZ9kVjvhH/y7ijpXoXCirdiXpBNGC0YtbhZAtr8ggQdcPS0CS9R/1h
iHJi5WV1cUlSVg4FR3mQQ1vUdUxZE47JHpK7Dk4huGq9gRC5ujdKVttxJlNXUp3G
XyeYqxTslPv6Q+y8aj0WwUVOuchkFLeqx6nfG2q6wttzlZBQ3Ci89SmApNmgCFHe
c/K5zo0ZcupXoVrSt4AGPwbr1c7mEGCdhLCeHyOhq0Bt5PvgSOYjKxkOQxxCPgOC
lL6+d0Ax22N7H0o0fHoYg1RRzj987c0q9shcXz0Qcaqp33huZnAKN0TrnbVMZx/L
cWhddR5by0bjyir9/nRB/Cmz7w==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:16:02 2025 by rpki-client