Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/uonOqP5wBqSzkwbkw5ZejvGJb6w.roa
File: uonOqP5wBqSzkwbkw5ZejvGJb6w.roa (raw, json)
Hash identifier: amqIUnAXzDDjJKDCjX6cXkvcrcCD+JJZvl678dayDXI=
Subject key identifier: BA:89:CE:A8:FE:70:06:A4:B3:93:06:E4:C3:96:5E:8E:F1:89:6F:AC
Certificate issuer: /CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Certificate serial: 0198896CDFE403182DBC892DAC06A1B48D4B
Authority key identifier: 5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/uonOqP5wBqSzkwbkw5ZejvGJb6w.roa
Signing time: Fri 08 Aug 2025 11:24:30 +0000
ROA not before: Fri 08 Aug 2025 11:24:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29555
IP address blocks: 85.117.96.0/24 maxlen: 24
85.117.97.0/24 maxlen: 24
85.117.98.0/24 maxlen: 24
85.117.99.0/24 maxlen: 24
85.117.100.0/24 maxlen: 24
85.117.101.0/24 maxlen: 24
85.117.102.0/24 maxlen: 24
85.117.103.0/24 maxlen: 24
85.117.104.0/24 maxlen: 24
85.117.105.0/24 maxlen: 24
85.117.106.0/24 maxlen: 24
85.117.107.0/24 maxlen: 24
85.117.108.0/24 maxlen: 24
85.117.109.0/24 maxlen: 24
85.117.110.0/24 maxlen: 24
85.117.111.0/24 maxlen: 24
85.117.112.0/24 maxlen: 24
85.117.113.0/24 maxlen: 24
85.117.114.0/24 maxlen: 24
85.117.115.0/24 maxlen: 24
85.117.116.0/24 maxlen: 24
85.117.117.0/24 maxlen: 24
85.117.118.0/24 maxlen: 24
85.117.119.0/24 maxlen: 24
85.117.120.0/24 maxlen: 24
85.117.121.0/24 maxlen: 24
85.117.122.0/24 maxlen: 24
85.117.123.0/24 maxlen: 24
85.117.124.0/24 maxlen: 24
85.117.125.0/24 maxlen: 24
85.117.126.0/24 maxlen: 24
85.117.127.0/24 maxlen: 24
185.57.72.0/24 maxlen: 24
185.57.73.0/24 maxlen: 24
185.57.74.0/24 maxlen: 24
185.57.75.0/24 maxlen: 24
217.76.64.0/24 maxlen: 24
217.76.65.0/24 maxlen: 24
217.76.68.0/24 maxlen: 24
217.76.71.0/24 maxlen: 24
217.76.72.0/24 maxlen: 24
217.76.74.0/24 maxlen: 24
217.76.75.0/24 maxlen: 24
217.76.76.0/24 maxlen: 24
217.76.77.0/24 maxlen: 24
217.76.78.0/24 maxlen: 24
217.76.79.0/24 maxlen: 24
2a03:32c0:a::/48 maxlen: 48
2a03:32c0:b::/48 maxlen: 48
2a03:32c0:c::/48 maxlen: 48
2a03:32c0:d::/48 maxlen: 48
2a03:32c0:16::/48 maxlen: 48
2a03:32c0:17::/48 maxlen: 48
2a03:32c0:18::/48 maxlen: 48
2a03:32c0:27::/48 maxlen: 48
2a03:32c0:28::/48 maxlen: 48
2a03:32c0:29::/48 maxlen: 48
2a03:32c0:2a::/48 maxlen: 48
2a03:32c0:2b::/48 maxlen: 48
2a03:32c0:2c::/48 maxlen: 48
2a03:32c0:2d::/48 maxlen: 48
2a03:32c0:2e::/48 maxlen: 48
2a03:32c0:2f::/48 maxlen: 48
2a03:32c0:30::/48 maxlen: 48
2a03:32c0:31::/48 maxlen: 48
2a03:32c0:32::/48 maxlen: 48
2a03:32c0:33::/48 maxlen: 48
2a03:32c0:34::/48 maxlen: 48
2a03:32c0:300a::/48 maxlen: 48
2a03:32c0:300b::/48 maxlen: 48
2a03:32c0:300c::/48 maxlen: 48
2a03:32c0:300d::/48 maxlen: 48
2a03:32c0:300e::/48 maxlen: 48
2a03:32c0:300f::/48 maxlen: 48
2a03:32c0:3010::/48 maxlen: 48
2a03:32c0:3011::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Aug 2025 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:6c:df:e4:03:18:2d:bc:89:2d:ac:06:a1:b4:8d:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ebba0735a07e40ca32026278b2678678f8bacd9
Validity
Not Before: Aug 8 11:24:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba89cea8fe7006a4b39306e4c3965e8ef1896fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:c2:1e:f4:fe:ef:81:97:aa:e3:bb:cb:cd:05:
34:ce:c6:78:b9:42:f8:26:4b:4b:70:6e:d5:c4:82:
8c:a0:e4:1f:ef:ee:38:bc:98:a1:58:7d:20:cf:62:
52:e5:ef:f9:8b:5f:0f:82:49:36:d6:8e:26:e7:e5:
14:24:55:c8:fd:ea:3e:e3:e7:15:37:e7:b7:47:fb:
f8:5e:7d:f3:4d:21:0e:96:28:ff:20:a3:a4:7f:14:
61:4a:49:a5:2c:4c:da:4b:70:8a:43:51:14:a9:20:
57:4c:b8:41:e9:a9:35:b9:d6:e5:68:60:e5:c1:b8:
c3:e7:4d:f1:32:a9:d4:8b:9e:b6:78:c9:02:f2:8f:
c8:27:38:51:fa:14:83:2f:60:12:9f:0a:e3:04:96:
e6:54:45:cb:e2:8b:9e:ad:08:bd:fc:c8:23:5b:cb:
7e:62:dc:0c:e9:11:ac:c6:0d:98:80:ce:ae:8a:d9:
2b:be:47:24:1c:42:b8:c1:b9:7d:02:83:7e:f4:40:
18:4d:fd:81:b7:ad:46:38:be:1f:03:1f:a7:a8:c4:
c4:63:c1:aa:81:59:6f:89:e3:59:35:2c:ff:4d:5a:
47:c9:3c:66:3c:a3:83:4d:4d:2e:0a:5e:e1:e8:b4:
f9:dd:c9:ea:60:c1:03:e1:ec:0e:86:91:76:3c:3f:
54:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:89:CE:A8:FE:70:06:A4:B3:93:06:E4:C3:96:5E:8E:F1:89:6F:AC
X509v3 Authority Key Identifier:
keyid:5E:BB:A0:73:5A:07:E4:0C:A3:20:26:27:8B:26:78:67:8F:8B:AC:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xrugc1oH5AyjICYniyZ4Z4-LrNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/uonOqP5wBqSzkwbkw5ZejvGJb6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/6077d8-2877-4698-8040-3212b68584e9/1/Xrugc1oH5AyjICYniyZ4Z4-LrNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.96.0/19
185.57.72.0/22
217.76.64.0/23
217.76.68.0/24
217.76.71.0-217.76.72.255
217.76.74.0-217.76.79.255
IPv6:
2a03:32c0:a::-2a03:32c0:d:ffff:ffff:ffff:ffff:ffff
2a03:32c0:16::-2a03:32c0:18:ffff:ffff:ffff:ffff:ffff
2a03:32c0:27::-2a03:32c0:34:ffff:ffff:ffff:ffff:ffff
2a03:32c0:300a::-2a03:32c0:3011:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:4c:e3:69:77:b9:2b:51:b5:36:92:12:69:ce:77:8e:97:41:
80:8a:cc:75:52:da:e2:45:11:2f:c3:b9:04:d0:24:76:52:38:
1b:69:08:47:3d:40:5f:f6:ee:ff:44:3a:35:b9:5e:bf:fa:77:
b0:12:e4:0f:2d:b7:da:a6:37:2c:f0:d7:9c:c0:c8:ad:ef:a4:
99:6e:37:9e:2e:56:d4:2c:43:5f:4e:81:89:17:83:80:67:42:
60:82:96:e4:72:a8:87:d6:03:96:e8:f2:be:f9:7c:1f:1f:00:
cf:b5:f1:86:de:68:ce:78:00:66:11:35:6c:5b:4b:30:13:06:
79:55:1f:03:47:6a:b8:7c:0a:57:cb:29:5c:f3:64:8f:9c:04:
98:ec:78:3c:0e:d5:46:a3:fa:be:29:e0:67:90:fd:ea:a9:ee:
44:3e:bf:47:d6:06:2a:4c:84:a4:ba:db:30:b5:c1:7d:ef:4e:
5e:f5:aa:93:3d:b7:ce:83:11:d7:ba:cb:62:c9:bf:b0:ed:bc:
a8:0f:d2:d1:a0:3e:51:01:08:4d:c6:fb:10:cd:4c:1a:77:98:
e3:99:bd:d0:60:bc:d5:6e:d3:ae:ef:34:32:eb:25:2e:13:83:
98:87:25:c3:5e:67:a2:87:3f:f1:69:c2:6f:90:93:dd:ec:0d:
10:67:65:2f
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZiJbN/kAxgtvIktrAahtI1LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmJhMDczNWEwN2U0MGNhMzIwMjYyNzhiMjY3ODY3OGY4
YmFjZDkwHhcNMjUwODA4MTEyNDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTg5Y2VhOGZlNzAwNmE0YjM5MzA2ZTRjMzk2NWU4ZWYxODk2ZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMIe9P7vgZeq47vLzQU0zsZ4uUL4
JktLcG7VxIKMoOQf7+44vJihWH0gz2JS5e/5i18Pgkk21o4m5+UUJFXI/eo+4+cV
N+e3R/v4Xn3zTSEOlij/IKOkfxRhSkmlLEzaS3CKQ1EUqSBXTLhB6ak1udblaGDl
wbjD503xMqnUi562eMkC8o/IJzhR+hSDL2ASnwrjBJbmVEXL4ouerQi9/MgjW8t+
YtwM6RGsxg2YgM6uitkrvkckHEK4wbl9AoN+9EAYTf2Bt61GOL4fAx+nqMTEY8Gq
gVlvieNZNSz/TVpHyTxmPKODTU0uCl7h6LT53cnqYMED4ewOhpF2PD9U0wIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFLqJzqj+cAaks5MG5MOWXo7xiW+sMB8GA1UdIwQY
MBaAFF67oHNaB+QMoyAmJ4smeGePi6zZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAt
MzIxMmI2ODU4NGU5LzEvdW9uT3FQNXdCcVN6a3dia3c1WmVqdkdKYjZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC82MDc3ZDgtMjg3Ny00Njk4LTgwNDAtMzIxMmI2ODU4NGU5
LzEvWHJ1Z2Mxb0g1QXlqSUNZbml5WjRaNC1Mck5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDA6BAIAATA0AwQFVXVg
AwQCuTlIAwQB2UxAAwQA2UxEMAwDBADZTEcDBADZTEgwDAMEAdlMSgMEBNlMQDBW
BAIAAjBQMBIDBwEqAzLAAAoDBwEqAzLAAAwwEgMHASoDMsAAFgMHACoDMsAAGDAS
AwcAKgMywAAnAwcAKgMywAA0MBIDBwEqAzLAMAoDBwEqAzLAMBAwDQYJKoZIhvcN
AQELBQADggEBAFxM42l3uStRtTaSEmnOd46XQYCKzHVS2uJFES/DuQTQJHZSOBtp
CEc9QF/27v9EOjW5Xr/6d7AS5A8tt9qmNyzw15zAyK3vpJluN54uVtQsQ19OgYkX
g4BnQmCCluRyqIfWA5bo8r75fB8fAM+18YbeaM54AGYRNWxbSzATBnlVHwNHarh8
ClfLKVzzZI+cBJjseDwO1Uaj+r4p4GeQ/eqp7kQ+v0fWBipMhKS62zC1wX3vTl71
qpM9t86DEde6y2LJv7DtvKgP0tGgPlEBCE3G+xDNTBp3mOOZvdBgvNVu067vNDLr
JS4Tg5iHJcNeZ6KHP/Fpwm+Qk93sDRBnZS8=
-----END CERTIFICATE-----
Generated at Wed Aug 13 05:53:37 2025 by rpki-client