Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/UHt5Ue5EHvA2-W-Xmt-sxStGQG0.roa
File: UHt5Ue5EHvA2-W-Xmt-sxStGQG0.roa (raw, json)
Hash identifier: 2fRtxNUH3Aca8LFhSmKgwKn175stfHslO6K/ewoks+w=
Subject key identifier: 50:7B:79:51:EE:44:1E:F0:36:F9:6F:97:9A:DF:AC:C5:2B:46:40:6D
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 0198853D9ED63F60275049535E2504AB0B21
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/UHt5Ue5EHvA2-W-Xmt-sxStGQG0.roa
Signing time: Thu 07 Aug 2025 15:54:24 +0000
ROA not before: Thu 07 Aug 2025 15:54:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50889
IP address blocks: 77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.173.0/24 maxlen: 24
80.84.174.0/24 maxlen: 24
80.84.175.0/24 maxlen: 24
80.250.96.0/24 maxlen: 24
80.250.97.0/24 maxlen: 24
80.250.98.0/24 maxlen: 24
80.250.99.0/24 maxlen: 24
80.250.100.0/24 maxlen: 24
80.250.101.0/24 maxlen: 24
80.250.102.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
185.136.70.0/24 maxlen: 24
185.136.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 13:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:3d:9e:d6:3f:60:27:50:49:53:5e:25:04:ab:0b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Aug 7 15:54:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=507b7951ee441ef036f96f979adfacc52b46406d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0b:27:12:a0:3d:f6:a2:a8:cd:16:e4:88:9a:
e1:07:1d:60:4a:49:3b:81:7f:e4:26:e0:96:28:21:
c7:68:12:ba:87:c1:71:2d:1f:5c:11:70:07:11:48:
8f:41:54:8c:9b:b2:77:6a:02:91:c9:65:b3:e9:cc:
eb:18:5a:72:0e:e6:f0:e7:36:b6:fa:e9:ce:b3:61:
db:30:8a:ce:fe:08:65:9c:ae:b0:e9:b7:5f:21:de:
b4:86:e2:b4:e8:00:38:05:40:2b:69:67:9b:0a:c7:
26:bb:81:25:d8:8a:98:da:43:00:57:b9:4e:fd:d8:
2e:4b:5d:0b:82:75:5e:a2:0c:0a:a4:44:9c:ba:70:
2e:79:77:f2:af:2c:d1:bf:37:26:81:d3:34:a4:db:
4f:7e:99:a3:6b:bd:02:5a:f6:6d:85:3b:06:ab:cf:
f9:b1:23:1f:dd:fd:0b:3d:45:ce:ff:b3:16:f4:81:
fe:ae:76:b9:c4:5b:29:61:aa:80:78:7a:5b:a3:c7:
fb:24:2d:d7:fd:51:6e:d7:09:c8:98:76:05:3c:58:
10:2e:8d:88:a0:ec:14:99:45:fb:57:a4:85:19:5e:
2a:8b:88:d7:ce:84:63:a1:80:b4:7c:32:00:96:c6:
2f:10:29:e1:86:c1:12:5a:5c:f7:1c:20:95:73:47:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:7B:79:51:EE:44:1E:F0:36:F9:6F:97:9A:DF:AC:C5:2B:46:40:6D
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/UHt5Ue5EHvA2-W-Xmt-sxStGQG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0/20
80.250.96.0-80.250.102.255
185.136.69.0-185.136.71.255
Signature Algorithm: sha256WithRSAEncryption
c4:17:af:78:3a:b3:cf:14:ae:f8:be:ed:66:83:9b:45:64:a1:
87:1d:04:2d:48:57:6d:66:fb:ec:57:f4:64:a0:31:e6:93:9f:
f4:ea:ed:fa:85:1d:95:1c:2c:e2:2e:96:77:7b:9c:fb:32:c4:
53:6c:22:7d:37:b5:7c:00:16:0f:97:53:da:9f:d1:d3:71:99:
2d:f5:a0:d2:d4:fc:ec:cc:4e:ed:70:e0:fe:24:21:fa:32:3c:
5b:24:f7:cb:a0:72:20:89:65:92:9a:ed:c5:f1:be:a9:e9:09:
b1:2c:79:67:04:79:cd:5a:23:29:67:75:56:0a:c9:c6:06:f7:
14:11:a6:f5:8b:e9:3d:7b:08:5d:f9:72:aa:9c:b9:6a:db:3f:
77:98:90:04:42:7f:ca:ea:a5:11:f7:10:84:39:df:a5:1c:cd:
c9:cd:81:44:29:e0:e3:e9:13:a3:4e:2d:1c:a1:d3:b1:17:1b:
27:6b:aa:03:c5:f3:5f:0c:1c:19:84:c1:0f:8a:d2:64:78:cf:
9b:96:78:60:83:c1:b0:c9:70:0f:39:7c:fc:64:d5:01:db:6f:
cb:da:71:6c:b2:59:64:d9:e7:ce:c4:64:3d:2d:f1:b4:92:7d:
6f:9f:c6:1c:ef:6c:bd:7e:56:f8:e7:93:c6:0b:3f:20:69:5c:
0a:5c:c3:22
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZiFPZ7WP2AnUElTXiUEqwshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjUwODA3MTU1NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDdiNzk1MWVlNDQxZWYwMzZmOTZmOTc5YWRmYWNjNTJiNDY0MDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywsnEqA99qKozRbkiJrhBx1gSkk7
gX/kJuCWKCHHaBK6h8FxLR9cEXAHEUiPQVSMm7J3agKRyWWz6czrGFpyDubw5za2
+unOs2HbMIrO/ghlnK6w6bdfId60huK06AA4BUAraWebCscmu4El2IqY2kMAV7lO
/dguS10LgnVeogwKpEScunAueXfyryzRvzcmgdM0pNtPfpmja70CWvZthTsGq8/5
sSMf3f0LPUXO/7MW9IH+rna5xFspYaqAeHpbo8f7JC3X/VFu1wnImHYFPFgQLo2I
oOwUmUX7V6SFGV4qi4jXzoRjoYC0fDIAlsYvECnhhsESWlz3HCCVc0fxxwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFB7eVHuRB7wNvlvl5rfrMUrRkBtMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvVUh0NVVlNUVIdkEyLVctWG10LXN4U3RHUUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCTW/4AwQE
UFSgMAwDBAVQ+mADBABQ+mYwDAMEALmIRQMEA7mIQDANBgkqhkiG9w0BAQsFAAOC
AQEAxBeveDqzzxSu+L7tZoObRWShhx0ELUhXbWb77Ff0ZKAx5pOf9Ort+oUdlRws
4i6Wd3uc+zLEU2wifTe1fAAWD5dT2p/R03GZLfWg0tT87MxO7XDg/iQh+jI8WyT3
y6ByIIllkprtxfG+qekJsSx5ZwR5zVojKWd1VgrJxgb3FBGm9YvpPXsIXflyqpy5
ats/d5iQBEJ/yuqlEfcQhDnfpRzNyc2BRCng4+kTo04tHKHTsRcbJ2uqA8XzXwwc
GYTBD4rSZHjPm5Z4YIPBsMlwDzl8/GTVAdtvy9pxbLJZZNnnzsRkPS3xtJJ9b5/G
HO9svX5W+OeTxgs/IGlcClzDIg==
-----END CERTIFICATE-----
Generated at Wed Aug 13 19:05:49 2025 by rpki-client