Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/uuETfDd2MFEUFL6j7oWk0rsVxng.roa
File: uuETfDd2MFEUFL6j7oWk0rsVxng.roa (raw, json)
Hash identifier: gq3xyqmM/tiK/h2Lc/3S6cQaZW777XfzMoLElI6p2tY=
Subject key identifier: BA:E1:13:7C:37:76:30:51:14:14:BE:A3:EE:85:A4:D2:BB:15:C6:78
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0199EC86C4ACF0E7308B2C90E9CD1B19DCC8
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/uuETfDd2MFEUFL6j7oWk0rsVxng.roa
Signing time: Thu 16 Oct 2025 10:17:58 +0000
ROA not before: Thu 16 Oct 2025 10:17:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 95.164.0.0/24 maxlen: 24
95.164.1.0/24 maxlen: 24
95.164.2.0/23 maxlen: 24
95.164.4.0/24 maxlen: 24
95.164.5.0/24 maxlen: 24
95.164.6.0/23 maxlen: 24
95.164.9.0/24 maxlen: 24
95.164.10.0/24 maxlen: 24
95.164.11.0/24 maxlen: 24
95.164.16.0/23 maxlen: 24
95.164.18.0/24 maxlen: 24
95.164.19.0/24 maxlen: 24
95.164.21.0/24 maxlen: 24
95.164.22.0/24 maxlen: 24
95.164.23.0/24 maxlen: 24
95.164.32.0/24 maxlen: 24
95.164.34.0/24 maxlen: 24
95.164.35.0/24 maxlen: 24
95.164.36.0/24 maxlen: 24
95.164.37.0/24 maxlen: 24
95.164.44.0/24 maxlen: 24
95.164.45.0/24 maxlen: 24
95.164.46.0/24 maxlen: 24
95.164.47.0/24 maxlen: 24
95.164.61.0/24 maxlen: 24
95.164.62.0/24 maxlen: 24
95.164.63.0/24 maxlen: 24
95.164.68.0/24 maxlen: 24
95.164.69.0/24 maxlen: 24
95.164.85.0/24 maxlen: 24
95.164.86.0/23 maxlen: 24
95.164.88.0/24 maxlen: 24
95.164.89.0/24 maxlen: 24
95.164.112.0/24 maxlen: 24
95.164.113.0/24 maxlen: 24
95.164.114.0/24 maxlen: 24
95.164.115.0/24 maxlen: 24
95.164.116.0/24 maxlen: 24
95.164.117.0/24 maxlen: 24
95.164.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:86:c4:ac:f0:e7:30:8b:2c:90:e9:cd:1b:19:dc:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Oct 16 10:17:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bae1137c377630511414bea3ee85a4d2bb15c678
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:e2:08:bb:ec:ec:4d:49:2d:58:af:72:b3:
46:25:12:1f:da:63:8f:09:39:00:3f:61:34:8f:82:
71:7f:8d:12:e6:0f:32:2e:92:c0:a8:2d:31:cb:76:
ef:2f:6e:b1:4b:e0:e5:64:eb:c5:5b:80:6d:19:32:
a4:e7:10:dd:f0:c9:da:3b:86:78:af:98:71:6e:08:
16:e0:38:1b:2d:67:94:e2:9f:87:3b:08:24:d5:15:
92:28:8c:be:45:b4:0d:c2:00:05:e5:96:ac:6c:6f:
0a:dc:32:19:87:b5:20:16:8a:01:1e:22:f4:ea:86:
01:5b:9b:1c:32:41:65:6d:0b:71:ec:fd:e4:33:fc:
55:f4:9a:7a:47:d7:1f:d1:37:a2:cc:f7:73:8c:85:
c5:a9:2a:f5:f2:1e:b5:f9:b3:bd:dc:6a:20:a4:a6:
9d:5a:6c:a4:0f:6c:ec:63:67:8e:e5:7e:ce:94:df:
37:22:b3:1a:08:12:6e:2b:eb:ad:4b:ed:6e:f1:4f:
6c:cd:0d:a1:12:81:1e:ad:f0:41:51:e3:bb:33:38:
b8:cf:85:f8:83:c3:e6:72:2b:ea:f8:5d:1f:1c:3a:
ec:4e:b8:b7:d6:e1:cf:99:00:fd:28:31:d8:d3:e3:
00:01:de:bf:c8:51:32:5d:b7:1b:35:84:0c:ac:73:
df:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E1:13:7C:37:76:30:51:14:14:BE:A3:EE:85:A4:D2:BB:15:C6:78
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/uuETfDd2MFEUFL6j7oWk0rsVxng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.0.0/21
95.164.9.0-95.164.11.255
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/24
95.164.34.0-95.164.37.255
95.164.44.0/22
95.164.61.0-95.164.63.255
95.164.68.0/23
95.164.85.0-95.164.89.255
95.164.112.0-95.164.117.255
95.164.119.0/24
Signature Algorithm: sha256WithRSAEncryption
65:7e:38:df:19:d2:ee:53:ec:4e:ea:a6:25:32:e1:bb:39:1f:
2a:af:d2:8c:5f:73:b1:0d:86:6f:89:21:85:88:30:02:0e:51:
a4:d5:af:f2:e0:d6:b1:6a:5b:ff:02:db:ff:f2:a0:b9:1a:69:
bf:ac:3d:8a:4f:68:75:7b:47:10:63:67:39:2f:5f:6b:e7:04:
f9:a8:bc:34:4f:66:9b:97:56:18:10:b6:78:90:ef:e8:81:f2:
85:33:8d:9a:05:0f:ec:74:80:8b:e2:35:b8:ed:57:6b:a5:b3:
8d:d9:47:82:41:a7:3a:41:2a:7c:b2:68:84:47:85:fe:e4:19:
5a:14:19:14:5f:f0:81:1d:22:e1:bb:89:a0:39:fb:a0:2f:d7:
63:20:e6:09:ed:f9:36:7f:75:27:ec:aa:b7:02:14:2a:2c:01:
9c:57:75:f0:e4:d4:42:91:a0:77:91:a1:21:20:a1:24:5b:c0:
54:d4:07:32:9f:1e:d1:c9:02:3b:d2:d7:5b:f7:45:c4:5b:32:
06:31:3c:35:cf:47:44:fd:1c:f4:26:2e:9d:92:a2:85:0f:c6:
f6:32:a6:f7:1b:12:60:c3:dd:7c:0d:77:5f:1a:44:87:57:84:
0e:45:ad:06:23:8f:3f:c3:d2:37:9e:c8:6c:45:a2:04:fd:50:
5a:71:40:2f
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZnshsSs8OcwiyyQ6c0bGdzIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUxMDE2MTAxNzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWUxMTM3YzM3NzYzMDUxMTQxNGJlYTNlZTg1YTRkMmJiMTVjNjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpziCLvs7E1JLVivcrNGJRIf2mOP
CTkAP2E0j4Jxf40S5g8yLpLAqC0xy3bvL26xS+DlZOvFW4BtGTKk5xDd8MnaO4Z4
r5hxbggW4DgbLWeU4p+HOwgk1RWSKIy+RbQNwgAF5ZasbG8K3DIZh7UgFooBHiL0
6oYBW5scMkFlbQtx7P3kM/xV9Jp6R9cf0TeizPdzjIXFqSr18h61+bO93GogpKad
WmykD2zsY2eO5X7OlN83IrMaCBJuK+utS+1u8U9szQ2hEoEerfBBUeO7Mzi4z4X4
g8Pmcivq+F0fHDrsTri31uHPmQD9KDHY0+MAAd6/yFEyXbcbNYQMrHPfbwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFLrhE3w3djBRFBS+o+6FpNK7FcZ4MB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvdXVFVGZEZDJNRkVVRkw2ajdvV2swcnNWeG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQDX6QA
MAwDBABfpAkDBAJfpAgDBAJfpBAwDAMEAF+kFQMEA1+kEAMEAF+kIDAMAwQBX6Qi
AwQBX6QkAwQCX6QsMAwDBABfpD0DBAZfpAADBAFfpEQwDAMEAF+kVQMEAV+kWDAM
AwQEX6RwAwQBX6R0AwQAX6R3MA0GCSqGSIb3DQEBCwUAA4IBAQBlfjjfGdLuU+xO
6qYlMuG7OR8qr9KMX3OxDYZviSGFiDACDlGk1a/y4Naxalv/Atv/8qC5Gmm/rD2K
T2h1e0cQY2c5L19r5wT5qLw0T2abl1YYELZ4kO/ogfKFM42aBQ/sdICL4jW47Vdr
pbON2UeCQac6QSp8smiER4X+5BlaFBkUX/CBHSLhu4mgOfugL9djIOYJ7fk2f3Un
7Kq3AhQqLAGcV3Xw5NRCkaB3kaEhIKEkW8BU1Acynx7RyQI70tdb90XEWzIGMTw1
z0dE/Rz0Ji6dkqKFD8b2Mqb3GxJgw918DXdfGkSHV4QORa0GI48/w9I3nshsRaIE
/VBacUAv
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:03 2025 by rpki-client