Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/UpeD63AhvaLPHL7cT3GFojz3Ckk.roa
File: UpeD63AhvaLPHL7cT3GFojz3Ckk.roa (raw, json)
Hash identifier: mEkJtV27z/pufpdRebXs4QzlDSFPeuvtLb6yKnLyJS8=
Subject key identifier: 52:97:83:EB:70:21:BD:A2:CF:1C:BE:DC:4F:71:85:A2:3C:F7:0A:49
Certificate issuer: /CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Certificate serial: 0197A6F542012BAF49D0F2D1521E13B88359
Authority key identifier: 96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/UpeD63AhvaLPHL7cT3GFojz3Ckk.roa
Signing time: Wed 25 Jun 2025 11:59:40 +0000
ROA not before: Wed 25 Jun 2025 11:59:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59885
IP address blocks: 95.214.240.0/24 maxlen: 24
185.152.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 13:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:f5:42:01:2b:af:49:d0:f2:d1:52:1e:13:b8:83:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Validity
Not Before: Jun 25 11:59:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=529783eb7021bda2cf1cbedc4f7185a23cf70a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:81:5b:6a:e5:f7:b3:f1:03:8b:cd:ba:48:
21:7e:c9:5a:f9:8e:7f:d2:9c:b3:1c:95:05:4f:60:
dd:80:33:50:22:84:d5:61:7d:6a:ef:61:7c:78:45:
c7:f8:db:ea:0a:a6:65:95:32:fe:74:50:34:c4:34:
c9:0b:82:ac:29:05:af:f1:fd:34:87:72:ed:fb:47:
03:00:9f:bd:0f:d5:0a:86:f4:fd:9c:3e:f6:9b:79:
7b:d4:18:3a:5c:c9:c8:37:24:54:30:81:4d:8c:8a:
ef:4e:18:d6:e3:1b:cc:bb:b3:87:e5:06:3b:ee:f4:
1f:dd:f9:d6:d0:e5:9f:30:a3:92:c5:8e:f8:60:bc:
c7:eb:cc:69:79:d1:0a:3f:01:c8:c5:2a:e2:05:97:
6f:68:91:4b:d4:bb:f1:f4:2c:ea:e7:86:3e:9c:81:
cf:4b:81:61:f9:f1:8c:d5:35:7b:f3:0c:ed:d1:e9:
d7:c5:ed:a7:89:97:da:55:65:6d:02:36:d0:e7:89:
d2:9d:ff:07:1c:13:04:ff:36:5b:6b:83:8d:f3:2b:
9d:6d:1e:0f:2f:6e:42:3c:9f:a8:96:df:e1:1d:38:
49:df:42:4e:f4:e4:d0:af:84:5c:19:58:3f:8f:f1:
7a:df:52:9c:8b:f7:9d:70:c3:b1:45:00:65:eb:55:
8a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:97:83:EB:70:21:BD:A2:CF:1C:BE:DC:4F:71:85:A2:3C:F7:0A:49
X509v3 Authority Key Identifier:
keyid:96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/UpeD63AhvaLPHL7cT3GFojz3Ckk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.240.0/24
185.152.111.0/24
Signature Algorithm: sha256WithRSAEncryption
14:19:53:0d:ee:59:f2:94:70:6d:23:47:03:5b:30:a9:59:b1:
76:e1:91:e4:c5:90:a8:83:0f:37:5c:a5:65:fa:78:dd:39:48:
8a:e6:fb:89:cf:47:78:46:c4:16:4b:b8:32:06:17:ce:e0:34:
1b:87:09:61:bc:a1:29:57:c9:3e:50:64:c0:89:a6:8d:bc:bc:
1f:6d:ff:4c:63:0f:bf:bb:cf:2a:e4:af:1e:af:6c:ad:58:22:
63:96:b6:ac:5d:18:e3:f6:c8:9d:da:bb:d3:39:1e:78:c7:c9:
46:8d:2b:7e:f8:5d:de:f1:c3:b8:5c:b4:35:93:0c:a2:30:2c:
43:49:96:08:63:8e:62:0f:a9:60:0a:aa:c8:34:32:42:69:8e:
6d:61:cb:f4:2f:e1:4c:92:9e:d3:2d:11:54:d0:f8:17:47:3f:
6c:5d:71:ac:9d:68:09:70:18:44:91:cc:9c:5a:aa:b7:11:c1:
25:20:dd:f8:b6:1b:a4:31:23:b8:db:1c:ea:43:63:46:a7:f6:
7c:e0:ad:b4:60:3d:eb:27:d6:fe:9c:5e:75:35:03:ff:11:a0:
f8:99:eb:bf:b1:78:50:c8:95:cc:b9:48:02:f2:16:9d:80:82:
bc:b5:7a:0a:94:0b:64:8a:85:29:0a:d3:e7:b8:8e:ea:a1:99:
38:e5:7c:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZem9UIBK69J0PLRUh4TuINZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjcxYjIyNzNhYjM0ZWQ0YTU0ODExNzZlZjcwZmFkODY3
ZWYxNjYwHhcNMjUwNjI1MTE1OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mjk3ODNlYjcwMjFiZGEyY2YxY2JlZGM0ZjcxODVhMjNjZjcwYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1SBW2rl97PxA4vNukghfsla+Y5/
0pyzHJUFT2DdgDNQIoTVYX1q72F8eEXH+NvqCqZllTL+dFA0xDTJC4KsKQWv8f00
h3Lt+0cDAJ+9D9UKhvT9nD72m3l71Bg6XMnINyRUMIFNjIrvThjW4xvMu7OH5QY7
7vQf3fnW0OWfMKOSxY74YLzH68xpedEKPwHIxSriBZdvaJFL1Lvx9Czq54Y+nIHP
S4Fh+fGM1TV78wzt0enXxe2niZfaVWVtAjbQ54nSnf8HHBME/zZba4ON8yudbR4P
L25CPJ+olt/hHThJ30JO9OTQr4RcGVg/j/F631Kci/edcMOxRQBl61WKNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKXg+twIb2izxy+3E9xhaI89wpJMB8GA1UdIwQY
MBaAFJb3GyJzqzTtSlSBF273D62GfvFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAt
NDY5MzVmY2M4NTVlLzEvVXBlRDYzQWh2YUxQSEw3Y1QzR0ZvanozQ2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAtNDY5MzVmY2M4NTVl
LzEvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX9bwAwQA
uZhvMA0GCSqGSIb3DQEBCwUAA4IBAQAUGVMN7lnylHBtI0cDWzCpWbF24ZHkxZCo
gw83XKVl+njdOUiK5vuJz0d4RsQWS7gyBhfO4DQbhwlhvKEpV8k+UGTAiaaNvLwf
bf9MYw+/u88q5K8er2ytWCJjlrasXRjj9sid2rvTOR54x8lGjSt++F3e8cO4XLQ1
kwyiMCxDSZYIY45iD6lgCqrINDJCaY5tYcv0L+FMkp7TLRFU0PgXRz9sXXGsnWgJ
cBhEkcycWqq3EcElIN34thukMSO42xzqQ2NGp/Z84K20YD3rJ9b+nF51NQP/EaD4
meu/sXhQyJXMuUgC8hadgIK8tXoKlAtkioUpCtPnuI7qoZk45Xz1
-----END CERTIFICATE-----
Generated at Sun Jun 29 21:04:01 2025 by rpki-client