Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uj4vASHbPPOMFQkgrObSf4u7UB8.roa
File: uj4vASHbPPOMFQkgrObSf4u7UB8.roa (raw, json)
Hash identifier: OgDJXuz/4dxqu4uyI+jLGXjR1JdWgMl5gVSWao4Tlog=
Subject key identifier: BA:3E:2F:01:21:DB:3C:F3:8C:15:09:20:AC:E6:D2:7F:8B:BB:50:1F
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019854A9B6428DF3FEEA69B1047493A9E028
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uj4vASHbPPOMFQkgrObSf4u7UB8.roa
Signing time: Tue 29 Jul 2025 05:31:05 +0000
ROA not before: Tue 29 Jul 2025 05:31:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212477
IP address blocks: 45.144.196.0/24 maxlen: 24
170.62.96.0/22 maxlen: 24
170.62.101.0/24 maxlen: 24
170.62.105.0/24 maxlen: 24
170.62.109.0/24 maxlen: 24
170.62.176.0/21 maxlen: 24
192.253.211.0/24 maxlen: 24
203.188.173.0/24 maxlen: 24
203.188.174.0/24 maxlen: 24
203.188.180.0/24 maxlen: 24
213.254.162.0/24 maxlen: 24
213.254.172.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:a9:b6:42:8d:f3:fe:ea:69:b1:04:74:93:a9:e0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jul 29 05:31:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba3e2f0121db3cf38c150920ace6d27f8bbb501f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:32:3d:d5:28:88:dd:8f:22:39:41:2b:ec:07:
f7:4e:33:8b:21:94:99:03:f8:dd:1e:3d:b0:9f:81:
c9:4b:3d:32:09:a4:1e:31:ad:4a:83:03:1f:9d:56:
84:bf:e2:6a:fd:e9:c8:c6:dd:82:f3:26:ec:ce:2f:
56:bd:7f:9f:00:98:63:0f:05:a0:65:31:1a:16:7d:
e5:51:d9:90:db:e2:26:53:e7:45:3d:85:1a:7d:0f:
c7:34:1d:95:5f:1c:56:31:fa:95:f1:6b:b0:85:c7:
58:a7:22:62:e6:f5:15:e4:03:e3:0f:60:7b:d0:aa:
da:94:15:c6:8a:4b:00:ff:46:20:1d:4a:28:9e:df:
d2:aa:8d:92:c0:bd:4b:86:88:fc:f9:dc:a8:ab:8e:
7a:a2:e5:f1:43:44:f5:a6:06:3f:a7:a0:42:11:2f:
54:e6:0c:de:5c:88:c5:9d:50:12:82:c1:cb:8b:71:
9f:7e:2c:f6:98:1d:aa:77:9d:26:62:8b:fa:e3:78:
bb:eb:88:dd:32:58:0f:ec:da:04:eb:01:2c:64:7a:
c8:d5:e3:8a:b4:b1:db:0c:30:6f:c3:7e:98:df:35:
25:15:9b:cd:e8:20:5d:4f:1f:6f:7c:84:d9:73:1f:
eb:11:d0:e1:36:a1:d0:ef:d4:69:7d:17:8d:23:77:
39:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3E:2F:01:21:DB:3C:F3:8C:15:09:20:AC:E6:D2:7F:8B:BB:50:1F
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/uj4vASHbPPOMFQkgrObSf4u7UB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.196.0/24
170.62.96.0/22
170.62.101.0/24
170.62.105.0/24
170.62.109.0/24
170.62.176.0/21
192.253.211.0/24
203.188.173.0-203.188.174.255
203.188.180.0/24
213.254.162.0/24
213.254.172.0/23
Signature Algorithm: sha256WithRSAEncryption
d5:69:2b:08:4d:4f:a0:f3:bb:c5:1e:26:d6:f5:48:d2:77:f1:
73:7a:6f:a4:81:ae:d6:8f:40:46:5c:e9:ee:8f:12:68:e4:f8:
dd:ce:e4:ce:f2:fb:55:8b:ee:0b:39:d3:67:0f:7a:f1:bc:75:
08:bd:83:95:72:e9:8d:23:3c:a9:ce:a8:ac:c8:87:1d:e4:66:
db:9e:98:0f:bc:0a:42:03:89:97:9a:47:0a:78:3e:55:84:e6:
c1:16:fc:39:42:ff:dc:ff:6d:69:d1:04:12:b4:32:0e:f1:b4:
c5:a8:e6:09:bc:1f:f4:dc:4b:6d:85:9e:21:3e:93:09:26:6e:
a1:e5:34:66:d9:5f:b4:d0:5e:96:53:54:4f:4e:37:9e:6b:f2:
67:fc:1d:ef:3e:ad:3c:43:5d:71:57:2d:f3:b0:25:0b:e7:dd:
65:63:ff:78:69:a9:db:7c:b2:01:96:37:0e:f4:f4:5b:5d:74:
5f:6c:5b:f8:ce:05:9d:e2:54:11:f6:9a:0d:71:35:62:7b:62:
b2:9e:8b:c2:24:f2:36:12:20:88:1b:36:95:f9:43:d3:54:64:
8e:75:88:99:07:90:6e:45:f5:39:d0:e2:03:49:db:5a:c2:49:
b5:2d:55:89:5e:0b:43:14:04:0c:a6:c9:6f:d7:8a:b4:81:ac:
c2:62:b6:ca
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZhUqbZCjfP+6mmxBHSTqeAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNzI5MDUzMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNlMmYwMTIxZGIzY2YzOGMxNTA5MjBhY2U2ZDI3ZjhiYmI1MDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzI91SiI3Y8iOUEr7Af3TjOLIZSZ
A/jdHj2wn4HJSz0yCaQeMa1KgwMfnVaEv+Jq/enIxt2C8ybszi9WvX+fAJhjDwWg
ZTEaFn3lUdmQ2+ImU+dFPYUafQ/HNB2VXxxWMfqV8WuwhcdYpyJi5vUV5APjD2B7
0KralBXGiksA/0YgHUoont/Sqo2SwL1Lhoj8+dyoq456ouXxQ0T1pgY/p6BCES9U
5gzeXIjFnVASgsHLi3Gffiz2mB2qd50mYov643i764jdMlgP7NoE6wEsZHrI1eOK
tLHbDDBvw36Y3zUlFZvN6CBdTx9vfITZcx/rEdDhNqHQ79RpfReNI3c5IwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFLo+LwEh2zzzjBUJIKzm0n+Lu1AfMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvdWo0dkFTSGJQUE9NRlFrZ3JPYlNmNHU3VUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZDEAwQC
qj5gAwQAqj5lAwQAqj5pAwQAqj5tAwQDqj6wAwQAwP3TMAwDBADLvK0DBADLvK4D
BADLvLQDBADV/qIDBAHV/qwwDQYJKoZIhvcNAQELBQADggEBANVpKwhNT6Dzu8Ue
Jtb1SNJ38XN6b6SBrtaPQEZc6e6PEmjk+N3O5M7y+1WL7gs502cPevG8dQi9g5Vy
6Y0jPKnOqKzIhx3kZtuemA+8CkIDiZeaRwp4PlWE5sEW/DlC/9z/bWnRBBK0Mg7x
tMWo5gm8H/TcS22FniE+kwkmbqHlNGbZX7TQXpZTVE9ON55r8mf8He8+rTxDXXFX
LfOwJQvn3WVj/3hpqdt8sgGWNw709FtddF9sW/jOBZ3iVBH2mg1xNWJ7YrKei8Ik
8jYSIIgbNpX5Q9NUZI51iJkHkG5F9TnQ4gNJ21rCSbUtVYleC0MUBAymyW/XirSB
rMJitso=
-----END CERTIFICATE-----
Generated at Mon Aug 4 16:02:12 2025 by rpki-client