
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ug_XierUONvwggKOMaZkJe81loY.roa
File: ug_XierUONvwggKOMaZkJe81loY.roa (raw, json)
Hash identifier: XoFHm2sqFbn3YwKVKBV5bvDEJtDLvYE5/kOQORtiPDE=
Subject key identifier: BA:0F:D7:89:EA:D4:38:DB:F0:82:02:8E:31:A6:64:25:EF:35:96:86
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 01985AE05A49F2716FE32F757C62187EF947
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ug_XierUONvwggKOMaZkJe81loY.roa
Signing time: Wed 30 Jul 2025 10:28:29 +0000
ROA not before: Wed 30 Jul 2025 10:28:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 212.87.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:e0:5a:49:f2:71:6f:e3:2f:75:7c:62:18:7e:f9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Jul 30 10:28:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba0fd789ead438dbf082028e31a66425ef359686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:53:f7:4a:c4:da:e4:ef:2c:d8:f8:84:b3:f1:
92:e0:9f:c4:92:14:aa:db:54:91:2a:78:79:63:4c:
7d:c7:e2:af:c5:3f:9d:f4:c2:0e:ab:40:a7:39:b5:
0b:7e:77:24:dc:b3:71:54:d9:0c:ca:60:2b:9a:8a:
ad:2c:af:64:72:67:fc:88:3c:b7:02:ea:99:70:2d:
d5:99:bb:fb:a1:63:46:c5:88:f3:fa:54:5f:4e:c7:
ab:7d:ef:7e:e6:e8:18:0f:de:a8:6d:19:65:63:7b:
fc:ad:04:42:5f:ce:17:68:7f:ea:ce:6a:cc:fc:2c:
dd:ad:fd:4d:e6:be:18:0d:7c:85:e4:93:42:a5:af:
a4:76:6b:6e:91:32:3d:6d:4e:eb:56:14:8f:bb:dd:
b9:b3:c8:60:66:4f:ff:28:a8:b2:f8:28:42:a3:db:
8f:84:8d:e9:f3:05:18:b3:5d:3d:0e:d9:5e:cd:a4:
d0:12:bb:49:13:64:74:79:c8:eb:fc:b7:8c:bf:78:
83:5e:51:1c:f3:1a:4d:a1:fa:4c:cd:8c:d5:b2:8e:
00:4d:c4:f3:b0:45:8d:93:21:8b:7f:d7:65:bd:3c:
97:15:a9:d3:1c:3f:b6:1a:c7:bb:8a:a3:e4:66:ea:
9b:72:de:d9:0c:de:31:6c:78:28:f3:db:5b:c0:1c:
66:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0F:D7:89:EA:D4:38:DB:F0:82:02:8E:31:A6:64:25:EF:35:96:86
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/ug_XierUONvwggKOMaZkJe81loY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.87.201.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c5:d7:06:ed:96:de:33:f6:03:0d:46:bf:1b:10:fe:d2:13:
30:43:ec:87:27:f7:4a:dd:a3:ac:d2:99:e7:4f:4f:70:d1:bc:
73:6b:95:e4:23:88:8a:94:1a:73:ed:c0:f3:d8:57:f5:e6:cc:
55:d0:da:bb:c9:70:bc:32:a1:22:34:80:d3:bb:44:8f:0a:78:
14:c1:80:42:b9:33:eb:02:32:4b:88:a0:dc:19:7c:7d:3b:0f:
48:c5:c4:a8:b2:6e:7c:93:b7:a6:54:d8:fb:cc:48:e3:b9:e7:
c2:14:a1:43:00:8c:33:51:83:74:e7:e4:dc:b4:6d:f7:76:ff:
df:9f:96:8e:32:6e:22:a9:52:38:24:b8:95:d3:5a:3c:b2:54:
89:fe:b5:58:d9:cb:4c:81:92:88:f7:91:bb:6a:ad:d1:ba:48:
24:2e:64:41:03:da:e5:66:35:ea:c0:bf:c1:8e:db:1e:19:0c:
a4:00:6b:0f:fe:52:28:89:a5:28:96:30:93:00:c2:81:79:22:
71:31:1b:80:6d:5e:e9:a7:1c:57:2f:93:5f:85:4c:f4:6b:84:
80:36:a9:76:9d:cc:83:89:d4:03:e3:62:13:b1:6c:af:9c:db:
67:2a:47:20:ca:d8:b1:f8:a7:1c:9f:bf:80:24:70:24:32:b8:
46:16:7d:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZha4FpJ8nFv4y91fGIYfvlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjUwNzMwMTAyODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTBmZDc4OWVhZDQzOGRiZjA4MjAyOGUzMWE2NjQyNWVmMzU5Njg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2lP3SsTa5O8s2PiEs/GS4J/EkhSq
21SRKnh5Y0x9x+KvxT+d9MIOq0CnObULfnck3LNxVNkMymArmoqtLK9kcmf8iDy3
AuqZcC3Vmbv7oWNGxYjz+lRfTserfe9+5ugYD96obRllY3v8rQRCX84XaH/qzmrM
/Czdrf1N5r4YDXyF5JNCpa+kdmtukTI9bU7rVhSPu925s8hgZk//KKiy+ChCo9uP
hI3p8wUYs109DtlezaTQErtJE2R0ecjr/LeMv3iDXlEc8xpNofpMzYzVso4ATcTz
sEWNkyGLf9dlvTyXFanTHD+2Gse7iqPkZuqbct7ZDN4xbHgo89tbwBxmrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLoP14nq1Djb8IICjjGmZCXvNZaGMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvdWdfWGllclVPTnZ3Z2dLT01hWmtKZTgxbG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FfJMA0G
CSqGSIb3DQEBCwUAA4IBAQCFxdcG7ZbeM/YDDUa/GxD+0hMwQ+yHJ/dK3aOs0pnn
T09w0bxza5XkI4iKlBpz7cDz2Ff15sxV0Nq7yXC8MqEiNIDTu0SPCngUwYBCuTPr
AjJLiKDcGXx9Ow9IxcSosm58k7emVNj7zEjjuefCFKFDAIwzUYN05+TctG33dv/f
n5aOMm4iqVI4JLiV01o8slSJ/rVY2ctMgZKI95G7aq3RukgkLmRBA9rlZjXqwL/B
jtseGQykAGsP/lIoiaUoljCTAMKBeSJxMRuAbV7ppxxXL5NfhUz0a4SANql2ncyD
idQD42ITsWyvnNtnKkcgytix+Kccn7+AJHAkMrhGFn0M
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:06:14 2025 by rpki-client