Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/UD2LqnzsutObzxhrujhSw-ECM1I.roa
File: UD2LqnzsutObzxhrujhSw-ECM1I.roa (raw, json)
Hash identifier: v9cIBMwLOlv2THTIZ4IyRIDKRgyQKNhdGhVbnXe5nQc=
Subject key identifier: 50:3D:8B:AA:7C:EC:BA:D3:9B:CF:18:6B:BA:38:52:C3:E1:02:33:52
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 01979BC318044617AD74D66FC21650F2F023
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/UD2LqnzsutObzxhrujhSw-ECM1I.roa
Signing time: Mon 23 Jun 2025 07:49:03 +0000
ROA not before: Mon 23 Jun 2025 07:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.2.0/23 maxlen: 23
78.128.10.0/23 maxlen: 23
78.128.12.0/22 maxlen: 22
78.128.16.0/20 maxlen: 20
78.128.36.0/22 maxlen: 22
78.128.40.0/23 maxlen: 23
78.128.52.0/22 maxlen: 22
78.128.56.0/22 maxlen: 22
78.128.82.0/23 maxlen: 23
78.128.84.0/22 maxlen: 22
78.128.88.0/22 maxlen: 22
78.128.96.0/23 maxlen: 23
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.128.120.0/23 maxlen: 23
78.128.122.0/24 maxlen: 24
78.128.123.0/24 maxlen: 24
78.142.10.0/23 maxlen: 23
78.142.12.0/22 maxlen: 22
78.142.30.0/23 maxlen: 23
82.118.242.0/24 maxlen: 24
84.201.224.0/20 maxlen: 20
91.148.149.0/24 maxlen: 24
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.166.0/24 maxlen: 24
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
91.148.186.0/23 maxlen: 23
130.185.227.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 10:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:c3:18:04:46:17:ad:74:d6:6f:c2:16:50:f2:f0:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: Jun 23 07:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=503d8baa7cecbad39bcf186bba3852c3e1023352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c7:ec:40:f0:bf:1a:6b:a8:55:91:c7:db:ca:
6a:61:02:86:ac:4e:7a:e7:fa:0c:bd:a6:04:d4:ba:
77:f7:4c:87:13:4a:b2:43:3a:60:65:b3:f2:f4:af:
d3:48:a9:2e:8b:2d:23:c3:91:89:51:fa:80:17:5c:
11:f3:cf:70:10:cf:4a:45:a0:54:44:40:fb:e2:7a:
c7:c6:33:17:bc:d5:c4:df:74:41:fc:01:43:ba:65:
2d:43:4b:5e:42:91:f6:e3:af:f6:0d:19:33:3f:fa:
48:9b:a0:e1:86:10:b8:77:76:c0:b8:14:83:24:f3:
d6:a0:c3:18:5f:8c:1f:7f:48:74:8b:9b:28:91:7d:
f4:30:eb:12:98:fe:52:36:de:65:ae:88:12:80:3b:
09:71:23:40:b8:16:ea:86:b9:ba:9c:1e:8b:a1:1c:
61:32:b0:5f:a1:67:a6:b3:04:80:d1:a5:3a:09:0c:
a3:b6:49:f6:82:44:7c:6c:98:a5:5f:84:f7:a7:75:
02:e3:a0:c7:64:a2:aa:f0:6c:38:2e:2d:2c:c3:6b:
68:98:cf:e7:21:bd:a4:a0:ad:49:bc:f7:2a:e9:27:
3d:2f:02:c1:2f:4d:97:9d:95:94:97:70:da:89:cd:
13:4d:9e:e6:a6:84:5e:ba:23:ae:9b:5c:3a:c1:44:
24:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:3D:8B:AA:7C:EC:BA:D3:9B:CF:18:6B:BA:38:52:C3:E1:02:33:52
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/UD2LqnzsutObzxhrujhSw-ECM1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.2.0/23
78.128.10.0-78.128.31.255
78.128.36.0-78.128.41.255
78.128.52.0-78.128.59.255
78.128.82.0-78.128.91.255
78.128.96.0/23
78.128.100.0-78.128.107.255
78.128.116.0/23
78.128.120.0/22
78.142.10.0-78.142.15.255
78.142.30.0/23
82.118.242.0/24
84.201.224.0/20
91.148.149.0/24
91.148.162.0-91.148.166.255
91.148.169.0-91.148.183.255
91.148.186.0/23
130.185.227.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
32:b3:ac:2f:11:89:7b:c3:12:2f:7c:db:68:24:53:90:3e:0b:
68:7a:c7:da:0a:b1:77:34:33:53:52:5f:1d:f5:f9:e1:20:44:
c2:84:0d:84:1f:52:9b:19:76:a1:4d:56:a0:45:be:34:36:0e:
4e:de:36:88:b1:f4:4c:ca:38:81:f3:0d:14:8e:e9:a9:a5:b7:
1d:aa:a9:36:bc:c3:6b:f8:52:20:c5:1d:aa:29:b2:db:74:d3:
c2:0b:88:ca:17:b8:32:27:82:9c:8e:bd:d4:81:8f:fc:13:24:
7b:35:c8:42:2d:8c:36:92:9b:fc:36:f4:f6:8e:62:08:37:b9:
47:b8:3b:5b:b9:3c:4f:8d:29:ae:69:f9:17:ea:99:e6:71:8f:
ce:9d:08:e7:ad:60:8c:e4:69:e8:74:4b:35:fc:a6:69:0c:eb:
13:f1:fa:af:4f:7b:3a:f1:ac:c3:8f:e0:9c:b8:37:1e:3b:a7:
d9:9a:a6:ab:53:07:cb:c2:37:4b:fa:0c:0d:ea:c5:2c:8b:3b:
7a:04:c0:4f:69:a0:b4:6e:c5:a2:df:b0:08:33:f6:bf:ad:2b:
3e:c5:e7:a1:54:27:82:d3:64:65:5e:f1:ee:f8:4c:eb:98:53:
46:7f:c9:45:b0:6b:0a:5b:d7:02:c0:17:6e:b1:22:f4:3b:10:
f2:e5:44:a4
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZebwxgERhetdNZvwhZQ8vAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNjIzMDc0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDNkOGJhYTdjZWNiYWQzOWJjZjE4NmJiYTM4NTJjM2UxMDIzMzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsfsQPC/GmuoVZHH28pqYQKGrE56
5/oMvaYE1Lp390yHE0qyQzpgZbPy9K/TSKkuiy0jw5GJUfqAF1wR889wEM9KRaBU
RED74nrHxjMXvNXE33RB/AFDumUtQ0teQpH246/2DRkzP/pIm6DhhhC4d3bAuBSD
JPPWoMMYX4wff0h0i5sokX30MOsSmP5SNt5lrogSgDsJcSNAuBbqhrm6nB6LoRxh
MrBfoWemswSA0aU6CQyjtkn2gkR8bJilX4T3p3UC46DHZKKq8Gw4Li0sw2tomM/n
Ib2koK1JvPcq6Sc9LwLBL02XnZWUl3Daic0TTZ7mpoReuiOum1w6wUQkCwIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFFA9i6p87LrTm88Ya7o4UsPhAjNSMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvVUQyTHFuenN1dE9ienhocnVqaFN3LUVDTTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAJN
TAQDBAFOgAIwDAMEAU6ACgMEBU6AADAMAwQCToAkAwQBToAoMAwDBAJOgDQDBAJO
gDgwDAMEAU6AUgMEAk6AWAMEAU6AYDAMAwQCToBkAwQCToBoAwQBToB0AwQCToB4
MAwDBAFOjgoDBAROjgADBAFOjh4DBABSdvIDBARUyeADBABblJUwDAMEAVuUogME
AFuUpjAMAwQAW5SpAwQDW5SwAwQBW5S6AwQAgrnjAwQCwRjwAwQBwcgOMA0GCSqG
SIb3DQEBCwUAA4IBAQAys6wvEYl7wxIvfNtoJFOQPgtoesfaCrF3NDNTUl8d9fnh
IETChA2EH1KbGXahTVagRb40Ng5O3jaIsfRMyjiB8w0Ujumppbcdqqk2vMNr+FIg
xR2qKbLbdNPCC4jKF7gyJ4Kcjr3UgY/8EyR7NchCLYw2kpv8NvT2jmIIN7lHuDtb
uTxPjSmuafkX6pnmcY/OnQjnrWCM5GnodEs1/KZpDOsT8fqvT3s68azDj+CcuDce
O6fZmqarUwfLwjdL+gwN6sUsizt6BMBPaaC0bsWi37AIM/a/rSs+xeehVCeC02Rl
XvHu+EzrmFNGf8lFsGsKW9cCwBdusSL0OxDy5USk
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:33:35 2025 by rpki-client