Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fUDL5enSGFnGF0Ra0FhrwyzJs3I.roa
File: fUDL5enSGFnGF0Ra0FhrwyzJs3I.roa (raw, json)
Hash identifier: eh8CVlQL+uGWOgF2jQGd/NvLh2AGLk0dnHC5F90PhQA=
Subject key identifier: 7D:40:CB:E5:E9:D2:18:59:C6:17:44:5A:D0:58:6B:C3:2C:C9:B3:72
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0197793AFCCDB25760083F5789E00DA13271
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fUDL5enSGFnGF0Ra0FhrwyzJs3I.roa
Signing time: Mon 16 Jun 2025 14:53:18 +0000
ROA not before: Mon 16 Jun 2025 14:53:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51826
IP address blocks: 192.165.158.0/23 maxlen: 23
192.165.164.0/23 maxlen: 23
193.180.196.0/23 maxlen: 23
193.180.198.0/24 maxlen: 24
193.180.199.0/24 maxlen: 24
194.14.80.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 09:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:3a:fc:cd:b2:57:60:08:3f:57:89:e0:0d:a1:32:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jun 16 14:53:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d40cbe5e9d21859c617445ad0586bc32cc9b372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:3a:55:9f:db:29:9e:15:bc:6f:6c:e1:e8:8b:
d4:72:c0:75:85:53:e4:86:e4:db:db:35:fc:12:1d:
ff:eb:4e:01:01:35:70:43:5b:f0:b8:d8:81:14:37:
02:5a:72:c8:ef:fc:85:34:20:9a:da:03:d9:36:58:
ef:d9:0d:ac:1a:e4:00:69:ca:64:4c:92:22:94:04:
00:a2:94:74:4e:3f:cb:93:31:f6:ae:6a:d6:32:02:
7e:a3:56:da:13:82:36:da:b8:b1:20:48:5a:ee:05:
50:49:e9:15:f8:5d:b3:7a:c5:4e:b7:1b:4e:30:c0:
24:bf:03:13:df:72:7e:bd:63:4d:33:4d:66:a2:fe:
5e:dd:ed:ab:22:44:2c:d6:4e:59:71:76:49:5f:7d:
3b:6c:dc:39:e9:47:8d:1a:7e:b3:a8:26:c0:b2:2a:
82:67:d7:77:a0:3b:ac:ef:e1:f1:f9:75:e7:27:2a:
68:2e:02:ed:e8:0c:5d:f6:20:89:66:a2:9b:d7:25:
44:c6:46:ec:e3:38:0b:21:5d:9e:51:37:bc:e8:cf:
ad:97:c9:f5:7d:4a:c0:59:0e:7f:fc:3f:f2:ef:6b:
fd:44:9e:37:5e:4b:29:fc:07:e9:55:3f:23:5c:1c:
d3:b3:b9:93:8b:75:f3:a7:13:c2:4f:c5:10:c7:9b:
b5:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:40:CB:E5:E9:D2:18:59:C6:17:44:5A:D0:58:6B:C3:2C:C9:B3:72
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/fUDL5enSGFnGF0Ra0FhrwyzJs3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.158.0/23
192.165.164.0/23
193.180.196.0/22
194.14.80.0/23
Signature Algorithm: sha256WithRSAEncryption
09:b7:a1:a9:88:38:71:28:06:17:2c:58:87:06:d5:5e:fd:10:
74:b0:0f:e2:ba:01:1a:3c:eb:95:ea:d7:38:ed:24:b1:ad:3f:
9d:a8:b9:5f:cb:e7:d1:8f:0a:ca:1d:2a:83:08:4b:3d:12:67:
76:9e:80:d2:d2:cd:c3:c8:6b:15:e3:99:32:ea:d3:df:d5:4c:
11:96:b5:02:f4:fa:4c:87:ce:c4:f4:78:2c:bb:a0:d9:92:47:
69:85:64:82:d9:17:65:09:c8:59:6c:c1:64:d2:17:37:24:97:
b8:36:05:55:bd:7b:cf:6a:09:f3:7b:f6:94:1a:40:ec:74:aa:
24:ae:1e:4b:0d:93:dd:a6:71:aa:a5:40:3d:f4:57:15:f6:17:
fd:e1:f3:65:a8:05:a5:0d:1b:af:16:c3:7d:e4:4d:51:b4:2c:
cd:ac:3f:39:ba:d3:fb:69:65:48:4b:76:30:4a:7e:18:b5:2f:
d6:24:c7:5f:9f:26:d4:ab:c0:90:31:3c:b9:2b:68:ad:0f:aa:
32:1a:9c:58:cc:03:ac:0b:24:b3:3b:eb:e0:19:0e:31:48:a6:
5b:f5:b5:d5:cb:74:2a:74:26:89:f6:f2:f5:61:29:66:3b:69:
03:17:1d:6b:2e:b3:ff:38:1d:81:44:ed:d2:44:80:75:77:72:
05:6b:3a:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZd5OvzNsldgCD9XieANoTJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwNjE2MTQ1MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQwY2JlNWU5ZDIxODU5YzYxNzQ0NWFkMDU4NmJjMzJjYzliMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszpVn9spnhW8b2zh6IvUcsB1hVPk
huTb2zX8Eh3/604BATVwQ1vwuNiBFDcCWnLI7/yFNCCa2gPZNljv2Q2sGuQAacpk
TJIilAQAopR0Tj/LkzH2rmrWMgJ+o1baE4I22rixIEha7gVQSekV+F2zesVOtxtO
MMAkvwMT33J+vWNNM01mov5e3e2rIkQs1k5ZcXZJX307bNw56UeNGn6zqCbAsiqC
Z9d3oDus7+Hx+XXnJypoLgLt6Axd9iCJZqKb1yVExkbs4zgLIV2eUTe86M+tl8n1
fUrAWQ5//D/y72v9RJ43Xksp/AfpVT8jXBzTs7mTi3XzpxPCT8UQx5u1MwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH1Ay+Xp0hhZxhdEWtBYa8MsybNyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZlVETDVlblNHRm5HRjBSYTBGaHJ3eXpKczNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwKWeAwQB
wKWkAwQCwbTEAwQBwg5QMA0GCSqGSIb3DQEBCwUAA4IBAQAJt6GpiDhxKAYXLFiH
BtVe/RB0sA/iugEaPOuV6tc47SSxrT+dqLlfy+fRjwrKHSqDCEs9Emd2noDS0s3D
yGsV45ky6tPf1UwRlrUC9PpMh87E9Hgsu6DZkkdphWSC2RdlCchZbMFk0hc3JJe4
NgVVvXvPagnze/aUGkDsdKokrh5LDZPdpnGqpUA99FcV9hf94fNlqAWlDRuvFsN9
5E1RtCzNrD85utP7aWVIS3YwSn4YtS/WJMdfnybUq8CQMTy5K2itD6oyGpxYzAOs
CySzO+vgGQ4xSKZb9bXVy3QqdCaJ9vL1YSlmO2kDFx1rLrP/OB2BRO3SRIB1d3IF
azpI
-----END CERTIFICATE-----
Generated at Thu Jul 3 16:21:49 2025 by rpki-client