Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/uUi0KofDbqtYMEaXZKuzUf6j_g8.roa
File: uUi0KofDbqtYMEaXZKuzUf6j_g8.roa (raw, json)
Hash identifier: alyYmtkZg04IYls6laYaGC7Xxo8kIqLyOx7CWUJ5vD8=
Subject key identifier: B9:48:B4:2A:87:C3:6E:AB:58:30:46:97:64:AB:B3:51:FE:A3:FE:0F
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 0197A656DE5DC311589EF91369BAFEBA731A
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/uUi0KofDbqtYMEaXZKuzUf6j_g8.roa
Signing time: Wed 25 Jun 2025 09:06:40 +0000
ROA not before: Wed 25 Jun 2025 09:06:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24852
IP address blocks: 79.132.160.0/20 maxlen: 20
84.55.32.0/24 maxlen: 24
84.55.33.0/24 maxlen: 24
84.55.34.0/23 maxlen: 23
84.55.36.0/23 maxlen: 23
84.55.48.0/21 maxlen: 21
84.55.56.0/23 maxlen: 23
84.55.58.0/23 maxlen: 23
84.55.60.0/23 maxlen: 23
84.55.62.0/23 maxlen: 23
88.223.0.0/20 maxlen: 20
88.223.24.0/21 maxlen: 21
88.223.32.0/21 maxlen: 24
88.223.40.0/23 maxlen: 24
88.223.48.0/20 maxlen: 24
88.223.96.0/22 maxlen: 22
88.223.104.0/21 maxlen: 21
88.223.112.0/20 maxlen: 20
88.223.128.0/22 maxlen: 22
88.223.144.0/21 maxlen: 21
88.223.152.0/24 maxlen: 24
88.223.153.0/24 maxlen: 24
88.223.160.0/22 maxlen: 22
88.223.192.0/20 maxlen: 20
95.173.32.0/23 maxlen: 23
185.104.176.0/22 maxlen: 22
213.164.112.0/22 maxlen: 22
213.164.116.0/23 maxlen: 23
213.164.118.0/24 maxlen: 24
217.147.34.0/24 maxlen: 24
217.147.35.0/24 maxlen: 24
217.147.36.0/23 maxlen: 23
217.147.38.0/24 maxlen: 24
217.147.40.0/24 maxlen: 24
217.147.41.0/24 maxlen: 24
217.147.44.0/23 maxlen: 23
217.147.46.0/24 maxlen: 24
217.147.47.0/24 maxlen: 24
2a01:7c80::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:56:de:5d:c3:11:58:9e:f9:13:69:ba:fe:ba:73:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Jun 25 09:06:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b948b42a87c36eab5830469764abb351fea3fe0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d9:60:18:f4:ca:5f:69:66:72:f8:66:b5:c1:
50:37:d4:9d:2a:a6:2c:04:92:60:e4:e1:33:6f:71:
e3:90:76:62:0a:64:f2:7c:3e:64:8b:46:55:28:db:
f8:98:21:5d:84:c7:f9:5b:1c:64:dd:45:02:14:ea:
8f:6d:1e:63:75:6c:84:f7:e1:e1:0a:ce:25:d7:f9:
51:d6:12:14:f3:00:d8:f3:0d:f0:92:9e:65:74:45:
7a:44:92:6b:ff:6f:5f:10:60:64:53:ef:d0:42:e8:
b3:e3:fa:40:0b:70:bb:50:2c:25:23:3f:6d:3e:b5:
23:53:46:f4:6b:7e:c0:70:49:31:35:eb:53:4c:c6:
02:b0:21:04:b7:8a:fd:17:2e:8c:ea:a0:88:40:1a:
21:e2:16:34:21:c7:09:cf:37:89:4e:8f:5b:72:71:
b2:20:03:74:96:27:3d:42:fa:2e:87:f0:27:10:1c:
09:cf:f2:d7:39:86:80:dc:33:b6:5d:f9:4f:c9:ec:
8a:44:a2:8f:57:63:b0:62:28:df:7b:e4:29:b8:7d:
be:2c:a8:9a:52:1c:15:0c:ee:a0:cc:24:34:4d:bd:
44:92:7a:5f:d6:2f:0d:86:c2:59:4d:1e:b4:db:2e:
e3:47:0e:b0:4f:a3:92:a1:7b:bd:a3:ba:d0:54:e9:
5c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:48:B4:2A:87:C3:6E:AB:58:30:46:97:64:AB:B3:51:FE:A3:FE:0F
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/uUi0KofDbqtYMEaXZKuzUf6j_g8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.160.0/20
84.55.32.0-84.55.37.255
84.55.48.0/20
88.223.0.0/20
88.223.24.0-88.223.41.255
88.223.48.0/20
88.223.96.0/22
88.223.104.0-88.223.131.255
88.223.144.0-88.223.153.255
88.223.160.0/22
88.223.192.0/20
95.173.32.0/23
185.104.176.0/22
213.164.112.0-213.164.118.255
217.147.34.0-217.147.38.255
217.147.40.0/23
217.147.44.0/22
IPv6:
2a01:7c80::/33
Signature Algorithm: sha256WithRSAEncryption
05:d1:4d:92:10:64:8b:84:69:e4:4e:4d:39:2f:9d:db:7e:c9:
51:53:fc:bf:77:2d:48:c8:55:a9:10:ba:22:29:fc:90:2d:c7:
b8:30:9b:5d:a9:30:51:fa:c2:e5:b4:f3:1f:b3:0b:55:d7:99:
a8:92:5e:58:e0:8e:a7:bc:15:75:e9:79:2e:28:8a:d3:c0:1e:
aa:38:41:ab:7a:de:da:7c:f2:20:f1:72:5c:11:84:6b:f8:a8:
3e:b1:09:c4:5b:a8:fd:99:b4:d2:e9:c5:f1:19:bd:2c:b4:a4:
21:72:cf:1a:87:ed:3b:1e:0e:fa:35:db:e1:3e:b3:cd:24:b7:
20:39:57:77:e7:dd:1e:32:2a:f6:84:3a:b5:0f:68:91:a1:d9:
ff:5d:ea:ec:c2:90:fd:be:9b:ad:79:16:6f:0a:8e:e1:fd:d9:
25:e6:66:7f:ad:73:1c:10:90:48:20:9a:7f:3c:a9:b0:93:7d:
dc:90:b9:6d:b0:7f:51:95:2d:c3:75:75:bb:7a:e1:ef:57:34:
65:fd:88:5e:8a:74:96:4c:01:c7:2a:33:e9:ec:33:02:cc:c4:
b5:49:da:26:76:1d:d7:23:45:6a:98:6e:cf:28:29:11:34:b5:
6a:3a:86:f6:c8:85:12:d5:46:e8:8b:e3:fb:2a:5b:3c:66:ac:
38:33:26:67
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZemVt5dwxFYnvkTabr+unMaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjUwNjI1MDkwNjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTQ4YjQyYTg3YzM2ZWFiNTgzMDQ2OTc2NGFiYjM1MWZlYTNmZTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9lgGPTKX2lmcvhmtcFQN9SdKqYs
BJJg5OEzb3HjkHZiCmTyfD5ki0ZVKNv4mCFdhMf5Wxxk3UUCFOqPbR5jdWyE9+Hh
Cs4l1/lR1hIU8wDY8w3wkp5ldEV6RJJr/29fEGBkU+/QQuiz4/pAC3C7UCwlIz9t
PrUjU0b0a37AcEkxNetTTMYCsCEEt4r9Fy6M6qCIQBoh4hY0IccJzzeJTo9bcnGy
IAN0lic9Qvouh/AnEBwJz/LXOYaA3DO2XflPyeyKRKKPV2OwYijfe+QpuH2+LKia
UhwVDO6gzCQ0Tb1Eknpf1i8NhsJZTR602y7jRw6wT6OSoXu9o7rQVOlcUwIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFLlItCqHw26rWDBGl2Srs1H+o/4PMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvdVVpMEtvZkRicXRZTUVhWFpLdXpVZjZqX2c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBnQQCAAEwgZYDBARP
hKAwDAMEBVQ3IAMEAVQ3JAMEBFQ3MAMEBFjfADAMAwQDWN8YAwQBWN8oAwQEWN8w
AwQCWN9gMAwDBANY32gDBAJY34AwDAMEBFjfkAMEAVjfmAMEAljfoAMEBFjfwAME
AV+tIAMEArlosDAMAwQE1aRwAwQA1aR2MAwDBAHZkyIDBADZkyYDBAHZkygDBALZ
kywwDgQCAAIwCAMGByoBfIAAMA0GCSqGSIb3DQEBCwUAA4IBAQAF0U2SEGSLhGnk
Tk05L53bfslRU/y/dy1IyFWpELoiKfyQLce4MJtdqTBR+sLltPMfswtV15mokl5Y
4I6nvBV16XkuKIrTwB6qOEGret7afPIg8XJcEYRr+Kg+sQnEW6j9mbTS6cXxGb0s
tKQhcs8ah+07Hg76NdvhPrPNJLcgOVd3590eMir2hDq1D2iRodn/XerswpD9vput
eRZvCo7h/dkl5mZ/rXMcEJBIIJp/PKmwk33ckLltsH9RlS3DdXW7euHvVzRl/Yhe
inSWTAHHKjPp7DMCzMS1Sdomdh3XI0VqmG7PKCkRNLVqOob2yIUS1Uboi+P7Kls8
Zqw4MyZn
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:45:58 2025 by rpki-client