Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/7uyz50yy6Hw96HGzOKfD1adh_ck.roa
File: 7uyz50yy6Hw96HGzOKfD1adh_ck.roa (raw, json)
Hash identifier: n4kWCxw/NHUiGeVP5x0IvmrVoASb0wzvbCgftEjfsB8=
Subject key identifier: EE:EC:B3:E7:4C:B2:E8:7C:3D:E8:71:B3:38:A7:C3:D5:A7:61:FD:C9
Certificate issuer: /CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Certificate serial: 0198650A4737B88BF8439895FE874DE3578D
Authority key identifier: 30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/7uyz50yy6Hw96HGzOKfD1adh_ck.roa
Signing time: Fri 01 Aug 2025 09:50:29 +0000
ROA not before: Fri 01 Aug 2025 09:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210158
IP address blocks: 195.77.128.0/22 maxlen: 22
195.77.128.0/23 maxlen: 23
195.77.128.0/24 maxlen: 24
195.77.129.0/24 maxlen: 24
195.77.130.0/23 maxlen: 23
195.77.130.0/24 maxlen: 24
195.77.131.0/24 maxlen: 24
195.235.5.0/24 maxlen: 24
213.0.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:0a:47:37:b8:8b:f8:43:98:95:fe:87:4d:e3:57:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307f5fe2740a2b6de4c3709d2964115b3c967da1
Validity
Not Before: Aug 1 09:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eeecb3e74cb2e87c3de871b338a7c3d5a761fdc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:92:d6:59:f6:c4:4f:6e:1a:10:c1:03:34:e9:
cc:1b:2e:2a:da:05:bc:11:38:39:ed:a5:9e:da:6e:
3a:c1:eb:65:ef:c5:e2:8c:04:80:98:47:48:09:1f:
98:45:38:67:ed:12:60:28:52:cf:55:c7:c7:ab:ab:
ba:49:1a:e1:94:6b:70:93:d9:c3:48:5b:ad:c8:d9:
bb:e4:0f:0b:cc:93:1a:01:ea:65:c3:4a:56:91:ec:
ee:84:ee:e7:c3:1b:81:f9:6a:d9:6a:d6:03:37:fe:
63:07:b4:78:66:65:bf:87:f8:34:40:fe:a9:89:1d:
fd:3a:58:71:ca:9c:e4:a8:92:be:52:e9:cf:f3:26:
78:28:9c:72:73:bc:4c:2f:59:33:2c:f6:f6:ca:f3:
90:d2:bd:09:b1:0f:95:6e:a3:23:b0:5a:dc:c6:94:
ee:f4:71:24:11:c3:b1:f8:e5:0e:06:6e:9c:93:ed:
6e:62:60:50:d7:6b:b7:ea:20:32:38:7a:7b:8e:04:
98:88:94:ad:1b:c6:49:3f:35:05:92:83:b4:a8:3a:
62:12:f5:78:c3:85:90:58:92:d1:2c:05:ff:d8:42:
31:0e:6a:82:bb:32:bb:bd:63:7f:96:4f:68:6c:91:
dc:48:68:64:0a:3a:bf:7a:a0:39:c8:d6:d6:53:2b:
c8:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:EC:B3:E7:4C:B2:E8:7C:3D:E8:71:B3:38:A7:C3:D5:A7:61:FD:C9
X509v3 Authority Key Identifier:
keyid:30:7F:5F:E2:74:0A:2B:6D:E4:C3:70:9D:29:64:11:5B:3C:96:7D:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH9f4nQKK23kw3CdKWQRWzyWfaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/7uyz50yy6Hw96HGzOKfD1adh_ck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/dcfd48-c54a-4c78-a4ed-4ba2f8f1f83b/1/MH9f4nQKK23kw3CdKWQRWzyWfaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.77.128.0/22
195.235.5.0/24
213.0.53.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a5:40:3e:4f:0e:92:a5:87:8a:6e:4f:c5:5d:b3:30:2d:e2:
73:e9:17:d8:db:c4:b1:c6:70:34:6f:65:ec:23:fe:fd:1e:a3:
90:73:2b:64:3d:ef:26:2d:9f:15:ff:79:47:76:01:6b:34:c0:
f1:39:29:6c:26:1d:fa:55:3b:3e:37:7c:84:78:03:9d:a4:bd:
84:75:ee:af:20:22:a2:bb:6b:76:1c:40:c2:36:42:42:45:96:
2b:6b:2a:53:b0:8c:6f:d0:7e:4a:5d:78:36:0c:7a:17:4d:8d:
18:3c:37:38:ab:4d:92:37:9b:66:c6:07:4f:09:60:e7:96:93:
e2:9d:f4:52:c9:3e:4c:0f:82:8b:1a:6a:dd:9c:1c:95:a6:61:
45:c5:17:00:72:01:66:9c:92:a0:66:72:ab:01:8e:c0:d7:04:
f6:43:5c:cf:45:09:ba:8c:4c:eb:92:39:0a:0b:dd:36:02:1f:
b8:2d:49:d9:23:aa:83:72:74:39:13:1b:cf:6e:81:e8:db:09:
8f:42:48:16:4b:38:79:6a:13:a8:e9:37:ba:62:de:f7:75:95:
3a:29:95:7a:28:93:8c:5c:00:5f:44:e6:64:25:06:8e:b9:17:
6a:66:fe:69:2e:d5:dc:7f:fd:1f:78:6e:ab:10:bf:03:a6:64:
be:ec:e2:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZhlCkc3uIv4Q5iV/odN41eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwN2Y1ZmUyNzQwYTJiNmRlNGMzNzA5ZDI5NjQxMTViM2M5
NjdkYTEwHhcNMjUwODAxMDk1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWVjYjNlNzRjYjJlODdjM2RlODcxYjMzOGE3YzNkNWE3NjFmZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupLWWfbET24aEMEDNOnMGy4q2gW8
ETg57aWe2m46wetl78XijASAmEdICR+YRThn7RJgKFLPVcfHq6u6SRrhlGtwk9nD
SFutyNm75A8LzJMaAeplw0pWkezuhO7nwxuB+WrZatYDN/5jB7R4ZmW/h/g0QP6p
iR39OlhxypzkqJK+UunP8yZ4KJxyc7xML1kzLPb2yvOQ0r0JsQ+VbqMjsFrcxpTu
9HEkEcOx+OUOBm6ck+1uYmBQ12u36iAyOHp7jgSYiJStG8ZJPzUFkoO0qDpiEvV4
w4WQWJLRLAX/2EIxDmqCuzK7vWN/lk9obJHcSGhkCjq/eqA5yNbWUyvIUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO7ss+dMsuh8Pehxszinw9WnYf3JMB8GA1UdIwQY
MBaAFDB/X+J0Citt5MNwnSlkEVs8ln2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQt
NGJhMmY4ZjFmODNiLzEvN3V5ejUweXk2SHc5NkhHek9LZkQxYWRoX2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kY2ZkNDgtYzU0YS00Yzc4LWE0ZWQtNGJhMmY4ZjFmODNi
LzEvTUg5ZjRuUUtLMjNrdzNDZEtXUVJXenlXZmFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCw02AAwQA
w+sFAwQA1QA1MA0GCSqGSIb3DQEBCwUAA4IBAQCopUA+Tw6SpYeKbk/FXbMwLeJz
6RfY28SxxnA0b2XsI/79HqOQcytkPe8mLZ8V/3lHdgFrNMDxOSlsJh36VTs+N3yE
eAOdpL2Ede6vICKiu2t2HEDCNkJCRZYraypTsIxv0H5KXXg2DHoXTY0YPDc4q02S
N5tmxgdPCWDnlpPinfRSyT5MD4KLGmrdnByVpmFFxRcAcgFmnJKgZnKrAY7A1wT2
Q1zPRQm6jEzrkjkKC902Ah+4LUnZI6qDcnQ5ExvPboHo2wmPQkgWSzh5ahOo6Te6
Yt73dZU6KZV6KJOMXABfROZkJQaOuRdqZv5pLtXcf/0feG6rEL8DpmS+7OLC
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:48:26 2025 by rpki-client