Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/UEcNqvrJ5SQl5H_s0LFUfwkR_hE.roa
File: UEcNqvrJ5SQl5H_s0LFUfwkR_hE.roa (raw, json)
Hash identifier: bIJXuRboJUOwUf77dVkGAbQtOlD1q8qNpaYp5FkD4+Y=
Subject key identifier: 50:47:0D:AA:FA:C9:E5:24:25:E4:7F:EC:D0:B1:54:7F:09:11:FE:11
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 019743E8774B5D51534963EE75CB127D62B6
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/UEcNqvrJ5SQl5H_s0LFUfwkR_hE.roa
Signing time: Fri 06 Jun 2025 06:23:17 +0000
ROA not before: Fri 06 Jun 2025 06:23:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12963
IP address blocks: 91.197.168.0/22 maxlen: 22
91.218.72.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
94.247.224.0/21 maxlen: 21
94.247.224.0/23 maxlen: 23
176.97.0.0/23 maxlen: 23
176.97.2.0/24 maxlen: 24
176.97.3.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
185.192.216.0/22 maxlen: 22
194.183.160.0/19 maxlen: 19
213.160.128.0/19 maxlen: 19
2a00:9880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:e8:77:4b:5d:51:53:49:63:ee:75:cb:12:7d:62:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Jun 6 06:23:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50470daafac9e52425e47fecd0b1547f0911fe11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:19:9a:7e:b8:fb:9d:bb:e2:26:32:50:96:de:
12:5e:cd:c1:b5:5e:d6:cc:ed:63:97:6c:c0:bb:fa:
98:e9:62:1e:77:35:93:27:88:2b:4b:a0:b3:cf:65:
e3:e2:79:1d:7d:0f:b1:c6:db:72:d2:46:0d:b6:6e:
6f:f6:46:9f:53:7e:65:96:e5:f9:a2:7a:08:3f:fc:
65:0f:47:b8:39:f6:03:bd:7f:ba:e0:30:bf:6f:48:
f0:f7:fa:3d:95:8a:a1:90:8e:6c:f2:b6:d3:c0:02:
ac:74:aa:8a:3e:cc:aa:c2:66:d4:75:0e:0e:6e:c9:
72:ac:de:50:66:a5:63:3b:12:88:f3:f1:4d:57:88:
8d:9c:e0:b2:ca:eb:9e:51:8e:1a:93:81:a8:ed:fa:
4d:72:5a:01:35:7b:f2:7a:e5:f3:e1:0e:d7:55:3a:
fb:ca:03:46:59:6c:54:08:5e:7f:d1:c7:77:05:fc:
3d:66:d4:ab:1e:ce:ca:9f:b8:e8:d4:40:eb:cc:c1:
5f:40:eb:cf:98:19:bb:92:40:5e:dd:c3:7a:e2:ba:
24:63:75:85:5f:49:72:be:22:8a:f2:8f:b9:f5:ba:
c2:26:87:ac:0a:2e:1a:f2:c6:70:34:2b:b4:0a:08:
53:f1:a1:d4:9f:6b:fb:a1:f8:f1:a7:87:85:d2:ca:
7d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:47:0D:AA:FA:C9:E5:24:25:E4:7F:EC:D0:B1:54:7F:09:11:FE:11
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/UEcNqvrJ5SQl5H_s0LFUfwkR_hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.247.224.0/21
176.97.0.0/21
185.192.216.0/22
194.183.160.0/19
213.160.128.0/19
IPv6:
2a00:9880::/32
Signature Algorithm: sha256WithRSAEncryption
8f:2d:41:23:48:02:d0:03:43:28:4a:62:ad:ab:16:f6:56:ff:
b4:2c:f6:63:ec:c6:63:b8:ac:45:7e:b2:c0:2f:85:92:ec:e6:
3c:27:85:72:6e:55:5c:8a:13:2b:d1:eb:be:95:70:c9:e4:59:
b7:f2:24:2e:53:5c:7b:f3:e8:f4:ba:67:2a:4b:c9:84:d9:71:
41:d6:87:7e:6d:a5:36:b7:06:9c:09:65:07:c5:b3:a5:64:4a:
c9:4a:3f:4d:fd:0d:95:aa:82:80:9b:a5:a4:a4:fe:88:f8:6f:
87:da:b2:1f:40:6d:e8:66:6f:0d:c5:b5:f5:b8:63:27:69:6e:
2a:75:61:3c:ce:42:95:3b:c8:cf:47:f1:76:6f:ce:31:7e:08:
78:a9:6c:e4:85:51:9f:3d:fa:bd:bb:46:a6:1b:bd:c6:a8:52:
8c:cf:35:38:b7:38:c3:bc:54:67:5b:a7:f2:70:e2:75:e0:bb:
91:d5:d4:60:70:4e:59:3d:97:e9:95:3d:9b:c6:31:9b:2e:2b:
01:10:01:11:00:d4:b4:f5:4d:5c:25:27:c5:ee:07:2c:22:e7:
d6:c6:03:df:6b:fb:25:2f:36:90:df:dd:68:dc:91:a9:be:19:
9e:10:20:83:2b:45:25:e7:77:7f:0d:e1:ef:a8:c2:63:6b:bb:
26:ee:53:75
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZdD6HdLXVFTSWPudcsSfWK2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTNjMzM2OTcyMDk0YjFhOGMxM2Q0MTgxNjg1N2QxOTdh
M2FhZTkwHhcNMjUwNjA2MDYyMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDQ3MGRhYWZhYzllNTI0MjVlNDdmZWNkMGIxNTQ3ZjA5MTFmZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhmafrj7nbviJjJQlt4SXs3BtV7W
zO1jl2zAu/qY6WIedzWTJ4grS6Czz2Xj4nkdfQ+xxtty0kYNtm5v9kafU35lluX5
onoIP/xlD0e4OfYDvX+64DC/b0jw9/o9lYqhkI5s8rbTwAKsdKqKPsyqwmbUdQ4O
bslyrN5QZqVjOxKI8/FNV4iNnOCyyuueUY4ak4Go7fpNcloBNXvyeuXz4Q7XVTr7
ygNGWWxUCF5/0cd3Bfw9ZtSrHs7Kn7jo1EDrzMFfQOvPmBm7kkBe3cN64rokY3WF
X0lyviKK8o+59brCJoesCi4a8sZwNCu0CghT8aHUn2v7ofjxp4eF0sp9bwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFFBHDar6yeUkJeR/7NCxVH8JEf4RMB8GA1UdIwQY
MBaAFHTjwzaXIJSxqME9QYFoV9GXo6rpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAt
YTZjNDllYjI4Mjg3LzEvVUVjTnF2cko1U1FsNUhfczBMRlVmd2tSX2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8xOGM0OTgtMjE3MS00ZTFjLThkODAtYTZjNDllYjI4Mjg3
LzEvZE9QRE5wY2dsTEdvd1QxQmdXaFgwWmVqcXVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCW8WoAwQC
W9pIAwQDXvfgAwQDsGEAAwQCucDYAwQFwregAwQF1aCAMA0EAgACMAcDBQAqAJiA
MA0GCSqGSIb3DQEBCwUAA4IBAQCPLUEjSALQA0MoSmKtqxb2Vv+0LPZj7MZjuKxF
frLAL4WS7OY8J4VyblVcihMr0eu+lXDJ5Fm38iQuU1x78+j0umcqS8mE2XFB1od+
baU2twacCWUHxbOlZErJSj9N/Q2VqoKAm6WkpP6I+G+H2rIfQG3oZm8NxbX1uGMn
aW4qdWE8zkKVO8jPR/F2b84xfgh4qWzkhVGfPfq9u0amG73GqFKMzzU4tzjDvFRn
W6fycOJ14LuR1dRgcE5ZPZfplT2bxjGbLisBEAERANS09U1cJSfF7gcsIufWxgPf
a/slLzaQ391o3JGpvhmeECCDK0Ul53d/DeHvqMJja7sm7lN1
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:19:57 2025 by rpki-client