Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/Uq8gi0H23JLXKJO456NXYVIS4HU.roa
File: Uq8gi0H23JLXKJO456NXYVIS4HU.roa (raw, json)
Hash identifier: q3fAHpVopvLMXAPFASnSatTw85vr7B/2nqisb3HGdTo=
Subject key identifier: 52:AF:20:8B:41:F6:DC:92:D7:28:93:B8:E7:A3:57:61:52:12:E0:75
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 0197891E738F76D9127C4F0EDC15E5831216
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/Uq8gi0H23JLXKJO456NXYVIS4HU.roa
Signing time: Thu 19 Jun 2025 16:56:03 +0000
ROA not before: Thu 19 Jun 2025 16:56:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213176
IP address blocks: 209.35.224.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
209.35.229.0/24 maxlen: 24
209.35.230.0/24 maxlen: 24
209.35.231.0/24 maxlen: 24
209.35.233.0/24 maxlen: 24
209.35.234.0/24 maxlen: 24
209.35.235.0/24 maxlen: 24
209.35.236.0/24 maxlen: 24
209.35.237.0/24 maxlen: 24
209.35.238.0/24 maxlen: 24
209.35.239.0/24 maxlen: 24
212.59.64.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:89:1e:73:8f:76:d9:12:7c:4f:0e:dc:15:e5:83:12:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Jun 19 16:56:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52af208b41f6dc92d72893b8e7a357615212e075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:c0:6a:63:4b:2c:16:fd:24:c8:52:7e:e2:
76:7b:a2:43:75:3c:2b:cf:a3:c7:b5:b6:70:a7:24:
88:c4:f4:ab:7b:2f:68:5a:77:67:2f:3f:52:c5:55:
8b:8d:7c:a1:77:ae:60:c3:d0:30:30:f5:28:70:e7:
d2:6b:93:81:88:23:5d:b3:c8:0d:9b:a8:90:ea:4f:
96:17:37:4f:c4:89:05:f2:84:3a:ca:8c:19:38:e6:
2c:b8:09:3d:31:28:46:ed:97:4f:d6:2f:36:42:66:
12:46:7b:75:96:11:74:90:88:9d:f9:4b:1b:d6:b1:
18:6b:4e:0a:3e:28:6c:a8:89:22:45:7d:35:b5:83:
51:01:a4:9d:e6:a5:6b:5d:3c:6d:fd:60:1e:ca:cd:
18:67:3a:27:51:1c:de:17:ec:e8:5b:11:00:b1:49:
71:63:22:d2:50:69:33:c9:0a:5e:ad:a6:12:d9:e5:
7a:32:c9:86:7e:a4:fd:1b:de:b2:d6:b1:ab:26:a0:
b7:76:3c:8e:7b:9f:d8:95:ec:f7:c2:d3:e5:a7:64:
d4:b4:9d:cc:09:ef:05:8b:fb:93:d2:f5:79:72:0e:
cf:de:40:bc:74:af:87:02:2b:e5:22:5d:d2:ca:f4:
9a:4d:5a:2f:d5:82:e6:37:a9:c7:78:1b:7a:fe:5b:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:AF:20:8B:41:F6:DC:92:D7:28:93:B8:E7:A3:57:61:52:12:E0:75
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/Uq8gi0H23JLXKJO456NXYVIS4HU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0/21
209.35.233.0-209.35.239.255
212.59.64.0/21
Signature Algorithm: sha256WithRSAEncryption
00:83:cc:12:35:db:90:c2:e4:e4:c4:00:5c:3d:68:05:66:05:
66:49:25:a5:71:0c:5d:a9:74:93:32:a8:f6:45:c5:79:7a:c7:
14:94:74:5d:4b:b1:60:45:c0:58:71:3a:a3:ab:8a:50:b0:00:
c0:7c:bf:4b:dc:a5:93:10:2a:23:61:11:18:69:a0:e6:9a:9d:
25:18:39:33:ce:de:60:22:06:77:e3:41:b5:7d:19:7f:a7:c2:
62:c3:02:16:7d:ce:54:04:83:0e:52:ab:81:47:70:52:7d:da:
dc:9c:a5:c6:45:7e:0c:81:1d:e9:41:31:8c:15:58:30:af:6d:
67:90:67:2c:d5:89:5f:83:2c:31:26:0a:3c:64:ca:95:cd:a3:
5d:27:8f:d5:7e:bf:f5:2b:80:76:a5:88:74:d6:65:b3:f9:b8:
21:af:0a:47:9e:f3:b3:0a:64:0c:53:1e:3c:2b:2f:9e:6c:3d:
61:1c:e5:31:1c:7f:4c:7e:20:84:97:0c:ad:f5:6e:25:70:ad:
5c:75:c1:b6:2c:ac:a5:21:0d:d6:ec:22:6e:d1:34:c9:24:28:
32:6d:03:0e:dc:be:d9:33:52:ac:9e:8f:67:91:ad:31:51:c1:
6f:0f:ba:88:77:07:f7:98:c6:60:27:d6:41:32:de:3f:22:64:
64:a3:54:e3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeJHnOPdtkSfE8O3BXlgxIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjUwNjE5MTY1NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmFmMjA4YjQxZjZkYzkyZDcyODkzYjhlN2EzNTc2MTUyMTJlMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbzAamNLLBb9JMhSfuJ2e6JDdTwr
z6PHtbZwpySIxPSrey9oWndnLz9SxVWLjXyhd65gw9AwMPUocOfSa5OBiCNds8gN
m6iQ6k+WFzdPxIkF8oQ6yowZOOYsuAk9MShG7ZdP1i82QmYSRnt1lhF0kIid+Usb
1rEYa04KPihsqIkiRX01tYNRAaSd5qVrXTxt/WAeys0YZzonURzeF+zoWxEAsUlx
YyLSUGkzyQperaYS2eV6MsmGfqT9G96y1rGrJqC3djyOe5/Ylez3wtPlp2TUtJ3M
Ce8Fi/uT0vV5cg7P3kC8dK+HAivlIl3SyvSaTVov1YLmN6nHeBt6/lvZuQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFKvIItB9tyS1yiTuOejV2FSEuB1MB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvVXE4Z2kwSDIzSkxYS0pPNDU2TlhZVklTNEhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQD0SPgMAwD
BADRI+kDBATRI+ADBAPUO0AwDQYJKoZIhvcNAQELBQADggEBAACDzBI125DC5OTE
AFw9aAVmBWZJJaVxDF2pdJMyqPZFxXl6xxSUdF1LsWBFwFhxOqOrilCwAMB8v0vc
pZMQKiNhERhpoOaanSUYOTPO3mAiBnfjQbV9GX+nwmLDAhZ9zlQEgw5Sq4FHcFJ9
2tycpcZFfgyBHelBMYwVWDCvbWeQZyzViV+DLDEmCjxkypXNo10nj9V+v/UrgHal
iHTWZbP5uCGvCkee87MKZAxTHjwrL55sPWEc5TEcf0x+IISXDK31biVwrVx1wbYs
rKUhDdbsIm7RNMkkKDJtAw7cvtkzUqyej2eRrTFRwW8Puoh3B/eYxmAn1kEy3j8i
ZGSjVOM=
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:13:04 2025 by rpki-client