Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/uwztSUaVa32JKkn4Q4-prIWIsHY.roa
File: uwztSUaVa32JKkn4Q4-prIWIsHY.roa (raw, json)
Hash identifier: 9SKm5leahKDADIT+6y+OevxMRMYcy45USoP8dQ3RH/c=
Subject key identifier: BB:0C:ED:49:46:95:6B:7D:89:2A:49:F8:43:8F:A9:AC:85:88:B0:76
Certificate issuer: /CN=86e99134171b5863f62f22b7d7abf740349528ec
Certificate serial: 019779C68329F95135019BB169B79BE53BDE
Authority key identifier: 86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/uwztSUaVa32JKkn4Q4-prIWIsHY.roa
Signing time: Mon 16 Jun 2025 17:25:41 +0000
ROA not before: Mon 16 Jun 2025 17:25:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60439
IP address blocks: 45.82.92.0/22 maxlen: 24
45.90.148.0/22 maxlen: 24
45.94.80.0/22 maxlen: 24
45.131.112.0/22 maxlen: 24
45.136.212.0/22 maxlen: 24
45.141.224.0/22 maxlen: 24
45.151.80.0/24 maxlen: 24
45.151.81.0/24 maxlen: 24
45.151.82.0/24 maxlen: 24
45.151.83.0/24 maxlen: 24
85.208.196.0/24 maxlen: 24
85.208.197.0/24 maxlen: 24
85.208.198.0/24 maxlen: 24
85.208.199.0/24 maxlen: 24
139.28.16.0/22 maxlen: 24
193.160.22.0/24 maxlen: 24
193.160.23.0/24 maxlen: 24
193.160.30.0/24 maxlen: 24
193.160.31.0/24 maxlen: 24
2a13:8240::/40 maxlen: 48
2a13:8240:100::/40 maxlen: 48
2a13:8240:200::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:c6:83:29:f9:51:35:01:9b:b1:69:b7:9b:e5:3b:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e99134171b5863f62f22b7d7abf740349528ec
Validity
Not Before: Jun 16 17:25:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb0ced4946956b7d892a49f8438fa9ac8588b076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b8:9a:87:8a:1f:57:a3:76:36:ab:54:ef:57:
0f:96:ab:3a:eb:da:1d:70:1a:ed:6f:6c:43:3b:f0:
70:0f:08:08:00:c2:73:cf:cc:e8:31:a6:41:7f:47:
25:af:1a:5d:32:f0:e5:a4:3b:9b:20:70:e6:1c:85:
1e:1a:87:2a:a7:8f:ad:2c:43:1f:c9:b1:10:5a:c9:
15:6f:bf:b7:70:20:a7:d6:32:b7:24:ee:a9:f4:18:
71:ba:84:dd:19:66:7f:a1:e1:5c:ba:0d:fa:68:c7:
ce:2f:19:20:cd:8a:83:15:ba:ca:05:af:64:ee:1b:
b4:39:7e:8f:f3:53:3a:a3:ea:ca:e2:97:be:58:ef:
85:f3:d3:ed:e6:2d:ee:62:73:8a:2e:b8:d2:90:d0:
f9:fd:a2:8d:cb:a2:27:9b:74:f4:48:16:54:ad:7c:
4e:85:3c:72:3e:7e:85:16:f1:91:b0:8a:ce:50:a5:
28:69:cc:72:0e:ee:0f:99:5c:fb:1d:ed:48:c1:fd:
a0:df:28:94:e2:a3:81:d3:ff:a7:ff:45:cf:c0:46:
d6:a2:49:54:40:36:51:09:55:f2:4e:41:57:c4:3d:
20:85:20:57:99:47:15:af:f6:9a:ab:a6:a6:74:60:
bc:f2:b6:e8:62:09:bf:3c:41:2f:2a:b5:92:7b:35:
db:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:0C:ED:49:46:95:6B:7D:89:2A:49:F8:43:8F:A9:AC:85:88:B0:76
X509v3 Authority Key Identifier:
keyid:86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/uwztSUaVa32JKkn4Q4-prIWIsHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.92.0/22
45.90.148.0/22
45.94.80.0/22
45.131.112.0/22
45.136.212.0/22
45.141.224.0/22
45.151.80.0/22
85.208.196.0/22
139.28.16.0/22
193.160.22.0/23
193.160.30.0/23
IPv6:
2a13:8240::-2a13:8240:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
08:77:de:19:3f:0b:ad:c8:04:eb:82:16:89:bb:5f:b9:85:2f:
cb:0b:91:7a:90:16:d1:50:26:1e:c0:4d:9e:26:2c:65:e0:a3:
f0:a8:fb:6c:1c:bf:aa:c3:ea:6b:e3:b6:57:ee:73:aa:20:23:
da:f4:c1:ac:42:36:60:c4:24:01:46:d8:e8:7c:5f:7b:67:06:
5c:48:53:cb:c2:e8:c6:25:75:28:17:f4:15:9b:a6:1a:1c:ed:
12:6c:b2:0b:ab:08:3b:48:ef:20:fb:e3:4f:41:a5:f0:b6:fc:
a8:0d:b4:7b:a6:06:16:3b:cd:98:4f:c4:fe:0b:1e:fa:4b:37:
48:a9:69:03:66:42:2e:d6:be:4c:f7:a6:16:65:2d:9f:70:19:
97:d5:1f:c7:be:c9:dc:48:f3:2a:5e:b1:f4:aa:4c:ab:b5:c8:
27:f8:39:86:8a:4f:48:0a:95:a3:aa:61:1a:86:54:35:d4:3d:
fe:b5:c8:fe:4e:83:32:17:e0:8b:9d:1f:78:06:6d:a7:40:14:
8f:27:96:f3:99:a4:f7:b6:ec:cb:c8:24:e8:98:5e:28:2a:ef:
cc:69:18:50:8b:cd:4e:e0:11:f7:00:47:5d:2c:b5:18:86:eb:
08:fb:6a:b4:d7:85:33:d7:55:9b:82:42:54:d8:4c:e4:1d:f5:
a9:79:2b:1d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZd5xoMp+VE1AZuxabeb5TveMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTk5MTM0MTcxYjU4NjNmNjJmMjJiN2Q3YWJmNzQwMzQ5
NTI4ZWMwHhcNMjUwNjE2MTcyNTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjBjZWQ0OTQ2OTU2YjdkODkyYTQ5Zjg0MzhmYTlhYzg1ODhiMDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLiah4ofV6N2NqtU71cPlqs669od
cBrtb2xDO/BwDwgIAMJzz8zoMaZBf0clrxpdMvDlpDubIHDmHIUeGocqp4+tLEMf
ybEQWskVb7+3cCCn1jK3JO6p9BhxuoTdGWZ/oeFcug36aMfOLxkgzYqDFbrKBa9k
7hu0OX6P81M6o+rK4pe+WO+F89Pt5i3uYnOKLrjSkND5/aKNy6Inm3T0SBZUrXxO
hTxyPn6FFvGRsIrOUKUoacxyDu4PmVz7He1Iwf2g3yiU4qOB0/+n/0XPwEbWoklU
QDZRCVXyTkFXxD0ghSBXmUcVr/aaq6amdGC88rboYgm/PEEvKrWSezXbhwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFLsM7UlGlWt9iSpJ+EOPqayFiLB2MB8GA1UdIwQY
MBaAFIbpkTQXG1hj9i8it9er90A0lSjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQt
ZGE5NTgwOGJhMmMxLzEvdXd6dFNVYVZhMzJKS2tuNFE0LXBySVdJc0hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQtZGE5NTgwOGJhMmMx
LzEvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBIBAIAATBCAwQCLVJcAwQC
LVqUAwQCLV5QAwQCLYNwAwQCLYjUAwQCLY3gAwQCLZdQAwQCVdDEAwQCixwQAwQB
waAWAwQBwaAeMBcEAgACMBEwDwMFBioTgkADBgAqE4JAAjANBgkqhkiG9w0BAQsF
AAOCAQEACHfeGT8LrcgE64IWibtfuYUvywuRepAW0VAmHsBNniYsZeCj8Kj7bBy/
qsPqa+O2V+5zqiAj2vTBrEI2YMQkAUbY6Hxfe2cGXEhTy8LoxiV1KBf0FZumGhzt
EmyyC6sIO0jvIPvjT0Gl8Lb8qA20e6YGFjvNmE/E/gse+ks3SKlpA2ZCLta+TPem
FmUtn3AZl9Ufx77J3EjzKl6x9KpMq7XIJ/g5hopPSAqVo6phGoZUNdQ9/rXI/k6D
Mhfgi50feAZtp0AUjyeW85mk97bsy8gk6JheKCrvzGkYUIvNTuAR9wBHXSy1GIbr
CPtqtNeFM9dVm4JCVNhM5B31qXkrHQ==
-----END CERTIFICATE-----
Generated at Tue Jul 1 20:45:18 2025 by rpki-client