Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8uzHGrvQaf2DBb1nMm2-qeIVuzk.roa
File: 8uzHGrvQaf2DBb1nMm2-qeIVuzk.roa (raw, json)
Hash identifier: ohInjN91x9PQ6XtfDn8Iq3ZeGGL3S4g6WyrLY7OH+gQ=
Subject key identifier: F2:EC:C7:1A:BB:D0:69:FD:83:05:BD:67:32:6D:BE:A9:E2:15:BB:39
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 019879EAA52EE550F5B2234D51712FEF82F7
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8uzHGrvQaf2DBb1nMm2-qeIVuzk.roa
Signing time: Tue 05 Aug 2025 11:07:57 +0000
ROA not before: Tue 05 Aug 2025 11:07:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48159
IP address blocks: 2.176.128.0/17 maxlen: 17
2.177.0.0/16 maxlen: 16
2.182.0.0/16 maxlen: 24
2.182.128.0/21 maxlen: 21
2.185.0.0/16 maxlen: 16
2.185.0.0/20 maxlen: 20
2.185.18.0/24 maxlen: 24
2.185.40.0/21 maxlen: 21
2.185.88.0/22 maxlen: 22
2.185.160.0/19 maxlen: 19
2.185.164.0/24 maxlen: 24
2.188.0.0/24 maxlen: 24
2.188.1.0/24 maxlen: 24
2.188.22.0/24 maxlen: 24
2.188.28.0/24 maxlen: 24
2.188.64.0/21 maxlen: 21
2.188.76.0/24 maxlen: 24
2.188.179.0/24 maxlen: 24
2.188.184.0/24 maxlen: 24
2.188.185.0/24 maxlen: 24
2.188.187.0/24 maxlen: 24
2.189.42.0/23 maxlen: 23
2.189.42.0/24 maxlen: 24
2.189.42.16/29 maxlen: 29
2.189.42.24/30 maxlen: 30
2.189.42.28/30 maxlen: 30
2.189.42.36/30 maxlen: 30
2.189.42.40/30 maxlen: 30
2.189.42.48/29 maxlen: 29
2.189.42.64/30 maxlen: 30
2.189.43.0/24 maxlen: 24
2.189.56.0/24 maxlen: 24
2.189.58.0/24 maxlen: 24
2.189.68.0/24 maxlen: 24
2.189.72.0/24 maxlen: 24
2.189.79.96/29 maxlen: 29
2.189.187.0/24 maxlen: 24
2.189.188.0/25 maxlen: 25
2.189.188.128/25 maxlen: 25
2.191.0.0/16 maxlen: 16
78.38.0.0/16 maxlen: 24
78.38.160.0/19 maxlen: 19
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.0.0/16 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.149.0/24 maxlen: 24
78.39.150.0/24 maxlen: 24
78.39.151.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.240.0/24 maxlen: 24
80.191.0.0/16 maxlen: 16
80.191.56.0/24 maxlen: 24
217.218.0.0/16 maxlen: 24
217.218.67.0/24 maxlen: 24
217.219.0.0/16 maxlen: 24
217.219.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:ea:a5:2e:e5:50:f5:b2:23:4d:51:71:2f:ef:82:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Aug 5 11:07:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2ecc71abbd069fd8305bd67326dbea9e215bb39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:89:b2:2e:bc:8b:b2:60:f7:75:16:3d:e8:5e:
b4:c4:ee:49:47:41:5f:5c:89:39:88:43:e3:07:af:
34:3b:73:35:8b:33:94:37:31:35:c1:e9:2e:84:f9:
f4:10:d3:6c:4d:5c:29:b1:6e:8c:48:36:cf:3f:51:
64:e8:e7:d5:32:cb:86:6b:d1:39:09:9b:d2:30:de:
32:7e:2a:91:94:3e:1d:95:41:5a:68:01:97:c4:6f:
51:c7:24:80:a9:08:7f:9e:4c:a3:a2:41:bc:98:5f:
ae:5c:f7:52:dc:12:e2:d0:15:17:f2:23:57:20:44:
ab:0c:2f:a7:f3:68:76:46:4e:48:20:0d:3e:4a:0e:
3a:47:6c:92:62:67:15:42:e1:6f:f6:57:d9:09:e4:
54:84:74:93:52:ce:6e:bc:e8:31:82:97:8b:07:59:
66:50:ed:6e:ab:e0:c5:49:50:3c:d2:3b:35:56:14:
b0:c0:37:1d:2d:11:b1:1e:af:44:3a:98:f9:3b:6a:
60:64:ed:81:d2:73:2c:cb:17:15:d0:bd:0c:fa:c5:
5b:a0:0d:65:fa:c2:a0:94:1f:76:3d:50:cc:df:d3:
82:0a:66:32:5f:2b:e7:99:6f:2f:5d:a7:95:6e:fc:
9f:98:03:47:ed:5a:4b:71:6c:69:3e:6c:de:ba:1e:
fe:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:EC:C7:1A:BB:D0:69:FD:83:05:BD:67:32:6D:BE:A9:E2:15:BB:39
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/8uzHGrvQaf2DBb1nMm2-qeIVuzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.176.128.0-2.177.255.255
2.182.0.0/16
2.185.0.0/16
2.188.0.0/23
2.188.22.0/24
2.188.28.0/24
2.188.64.0/21
2.188.76.0/24
2.188.179.0/24
2.188.184.0/23
2.188.187.0/24
2.189.42.0/23
2.189.56.0/24
2.189.58.0/24
2.189.68.0/24
2.189.72.0/24
2.189.79.96/29
2.189.187.0-2.189.188.255
2.191.0.0/16
78.38.0.0/15
80.191.0.0/16
217.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a2:61:cf:c1:ef:b7:a2:68:3a:06:95:2c:f5:d6:71:ea:e6:c2:
cb:8f:ad:12:da:1e:45:64:e7:58:3c:f3:80:5c:11:36:0e:38:
07:80:25:31:79:a5:33:b7:51:4f:fa:86:15:4c:eb:85:f4:c3:
35:1e:06:26:16:cf:8f:48:5e:4b:0f:2d:04:c2:19:8e:17:17:
af:bd:eb:49:19:b4:7d:93:a5:56:73:f7:41:9d:66:85:a8:0a:
e7:0e:d3:4f:24:d8:ae:ba:74:86:90:15:a1:13:01:34:14:34:
fe:9e:7b:7e:31:7d:d5:b6:b7:c3:58:b1:a4:9f:a8:4a:24:7c:
99:4c:8d:e1:ed:46:46:98:cc:5f:25:fc:89:d7:13:4a:91:ad:
bb:f2:5e:65:32:46:14:85:a6:0c:e4:6a:e5:e6:75:57:0b:ec:
af:41:32:ab:12:31:4a:a2:68:05:cd:2f:06:b1:f2:75:ac:0c:
09:47:27:1a:00:7a:ce:66:e9:85:24:54:f0:a6:96:64:a2:28:
be:93:57:19:68:6c:c6:57:f6:63:04:88:f0:e1:5c:b2:45:09:
f2:fc:6e:23:eb:07:a1:9e:eb:bc:6f:fc:ee:36:6b:f2:3e:b8:
04:dc:8e:96:88:2b:ff:0b:a3:67:8a:18:25:89:94:8c:0f:cb:
d9:1d:e9:20
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZh56qUu5VD1siNNUXEv74L3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwODA1MTEwNzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmVjYzcxYWJiZDA2OWZkODMwNWJkNjczMjZkYmVhOWUyMTViYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04myLryLsmD3dRY96F60xO5JR0Ff
XIk5iEPjB680O3M1izOUNzE1wekuhPn0ENNsTVwpsW6MSDbPP1Fk6OfVMsuGa9E5
CZvSMN4yfiqRlD4dlUFaaAGXxG9RxySAqQh/nkyjokG8mF+uXPdS3BLi0BUX8iNX
IESrDC+n82h2Rk5IIA0+Sg46R2ySYmcVQuFv9lfZCeRUhHSTUs5uvOgxgpeLB1lm
UO1uq+DFSVA80js1VhSwwDcdLRGxHq9EOpj5O2pgZO2B0nMsyxcV0L0M+sVboA1l
+sKglB92PVDM39OCCmYyXyvnmW8vXaeVbvyfmANH7VpLcWxpPmzeuh7+AQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFPLsxxq70Gn9gwW9ZzJtvqniFbs5MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvOHV6SEdydlFhZjJEQmIxbk1tMi1xZUlWdXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4wCwME
BwKwgAMDAQKwAwMAArYDAwACuQMEAQK8AAMEAAK8FgMEAAK8HAMEAwK8QAMEAAK8
TAMEAAK8swMEAQK8uAMEAAK8uwMEAQK9KgMEAAK9OAMEAAK9OgMEAAK9RAMEAAK9
SAMFAwK9T2AwDAMEAAK9uwMEAAK9vAMDAAK/AwMBTiYDAwBQvwMDAdnaMA0GCSqG
SIb3DQEBCwUAA4IBAQCiYc/B77eiaDoGlSz11nHq5sLLj60S2h5FZOdYPPOAXBE2
DjgHgCUxeaUzt1FP+oYVTOuF9MM1HgYmFs+PSF5LDy0EwhmOFxevvetJGbR9k6VW
c/dBnWaFqArnDtNPJNiuunSGkBWhEwE0FDT+nnt+MX3VtrfDWLGkn6hKJHyZTI3h
7UZGmMxfJfyJ1xNKka278l5lMkYUhaYM5Grl5nVXC+yvQTKrEjFKomgFzS8GsfJ1
rAwJRycaAHrOZumFJFTwppZkoii+k1cZaGzGV/ZjBIjw4VyyRQny/G4j6wehnuu8
b/zuNmvyPrgE3I6WiCv/C6NnihgliZSMD8vZHekg
-----END CERTIFICATE-----
Generated at Thu Aug 7 11:24:01 2025 by rpki-client