Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/UrMvdgNrVvob8bZPhnxi0y4VJ7U.roa
File: UrMvdgNrVvob8bZPhnxi0y4VJ7U.roa (raw, json)
Hash identifier: jt1c0t4HJKrE5LbeTdIhTjvUdCmsfecizr0BWHhMnUM=
Subject key identifier: 52:B3:2F:76:03:6B:56:FA:1B:F1:B6:4F:86:7C:62:D3:2E:15:27:B5
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019854A9B7362DC5A5F7E3769C1932275E67
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/UrMvdgNrVvob8bZPhnxi0y4VJ7U.roa
Signing time: Tue 29 Jul 2025 05:31:05 +0000
ROA not before: Tue 29 Jul 2025 05:31:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 66.56.83.0/24 maxlen: 24
103.138.78.0/24 maxlen: 24
124.198.134.0/24 maxlen: 24
155.2.193.0/24 maxlen: 24
155.2.220.0/24 maxlen: 24
185.102.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:a9:b7:36:2d:c5:a5:f7:e3:76:9c:19:32:27:5e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 05:31:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52b32f76036b56fa1bf1b64f867c62d32e1527b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:59:8b:6b:90:79:a5:67:19:47:9d:6e:b7:
f3:a3:39:7d:b0:45:4d:bc:7e:cd:25:1c:b8:ba:69:
80:62:14:e5:d6:db:ab:51:39:a2:3b:18:33:d6:86:
65:18:b9:7f:6d:05:26:48:01:5d:64:6d:2e:4a:80:
26:40:12:03:b0:a6:3d:e0:04:86:c3:e9:9a:63:d8:
68:fc:33:df:a7:53:a9:91:4b:e3:c8:48:86:24:ab:
2c:b7:bb:61:bd:6d:d6:8c:66:c7:60:51:0e:9a:54:
64:18:48:f4:c1:55:a6:8b:8b:e6:b0:e8:3a:f3:d7:
cd:f3:c2:18:fa:71:3b:63:a1:39:8b:fd:7c:5d:fa:
c1:2f:36:fe:b0:56:4b:79:62:15:98:3c:93:0d:db:
dd:e9:9b:03:d5:48:c3:2a:47:40:3d:c5:9f:15:69:
75:26:d6:36:03:00:1a:2e:4f:64:e4:75:77:50:22:
31:b4:07:a3:ea:1c:86:62:5e:ad:bd:a2:58:7a:75:
1d:35:ce:62:fd:52:4d:70:a9:cd:0b:7d:68:47:14:
e2:59:4c:41:97:77:f0:7e:43:37:6b:a0:e6:35:8e:
4f:f7:be:7c:8e:c1:65:fb:d2:ff:f3:64:78:fd:f3:
10:3e:1f:ab:85:b0:a8:b9:7b:a0:54:17:b4:20:f7:
62:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B3:2F:76:03:6B:56:FA:1B:F1:B6:4F:86:7C:62:D3:2E:15:27:B5
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/UrMvdgNrVvob8bZPhnxi0y4VJ7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.56.83.0/24
103.138.78.0/24
124.198.134.0/24
155.2.193.0/24
155.2.220.0/24
185.102.168.0/24
Signature Algorithm: sha256WithRSAEncryption
d7:80:1c:4c:b4:d8:9f:f8:52:94:be:3b:7d:38:03:ad:4b:1e:
26:02:e5:07:ac:7c:c4:ee:17:6a:f5:74:82:46:58:19:f1:ed:
70:19:8b:96:21:21:61:b3:83:3a:2e:4c:99:e6:6b:5b:17:88:
b8:d0:54:75:3a:29:76:78:f9:a6:8f:b0:ce:be:70:49:3d:83:
e1:1c:aa:dc:af:85:a5:dc:77:49:d4:75:d5:50:22:06:50:1b:
91:60:7c:93:99:55:33:40:87:2b:5a:84:05:6d:04:0f:db:dd:
bc:5f:1c:4c:2a:b5:70:cb:bf:a6:ad:4a:34:4e:6d:7d:21:69:
25:bb:df:bc:42:cd:2b:3a:4d:e9:2d:78:0f:1a:4f:c6:58:21:
1e:c8:83:79:5c:1e:de:03:cb:3e:27:f7:37:b9:34:75:44:39:
9f:e3:25:b6:73:78:22:41:64:63:cd:0d:26:78:7a:bc:a1:d1:
91:a8:5d:69:5c:8e:0d:2b:89:17:6f:a3:83:dd:21:9f:df:c3:
8e:de:dc:6f:ed:56:83:95:9c:a5:70:d9:41:99:19:dd:5a:a1:
5e:34:37:09:ca:0e:28:39:a1:f7:6e:d6:ac:50:c0:2f:77:c8:
b4:0a:9c:e2:2a:21:4e:d2:b3:00:d6:49:a3:eb:8e:d6:1d:e8:
a2:c1:42:15
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZhUqbc2LcWl9+N2nBkyJ15nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MDUzMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIzMmY3NjAzNmI1NmZhMWJmMWI2NGY4NjdjNjJkMzJlMTUyN2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5HFZi2uQeaVnGUedbrfzozl9sEVN
vH7NJRy4ummAYhTl1turUTmiOxgz1oZlGLl/bQUmSAFdZG0uSoAmQBIDsKY94ASG
w+maY9ho/DPfp1OpkUvjyEiGJKsst7thvW3WjGbHYFEOmlRkGEj0wVWmi4vmsOg6
89fN88IY+nE7Y6E5i/18XfrBLzb+sFZLeWIVmDyTDdvd6ZsD1UjDKkdAPcWfFWl1
JtY2AwAaLk9k5HV3UCIxtAej6hyGYl6tvaJYenUdNc5i/VJNcKnNC31oRxTiWUxB
l3fwfkM3a6DmNY5P9758jsFl+9L/82R4/fMQPh+rhbCouXugVBe0IPdiXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFKzL3YDa1b6G/G2T4Z8YtMuFSe1MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvVXJNdmRnTnJWdm9iOGJaUGhueGkweTRWSjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAQjhTAwQA
Z4pOAwQAfMaGAwQAmwLBAwQAmwLcAwQAuWaoMA0GCSqGSIb3DQEBCwUAA4IBAQDX
gBxMtNif+FKUvjt9OAOtSx4mAuUHrHzE7hdq9XSCRlgZ8e1wGYuWISFhs4M6LkyZ
5mtbF4i40FR1Oil2ePmmj7DOvnBJPYPhHKrcr4Wl3HdJ1HXVUCIGUBuRYHyTmVUz
QIcrWoQFbQQP2928XxxMKrVwy7+mrUo0Tm19IWklu9+8Qs0rOk3pLXgPGk/GWCEe
yIN5XB7eA8s+J/c3uTR1RDmf4yW2c3giQWRjzQ0meHq8odGRqF1pXI4NK4kXb6OD
3SGf38OO3txv7VaDlZylcNlBmRndWqFeNDcJyg4oOaH3btasUMAvd8i0CpziKiFO
0rMA1kmj647WHeiiwUIV
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:16:10 2025 by rpki-client