Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/URjGhFursZ-Xj8pdWi1TJTjrqwg.roa
File: URjGhFursZ-Xj8pdWi1TJTjrqwg.roa (raw, json)
Hash identifier: rj0lONsdMyEx7NS5wD8pesT6gLWyuS0FDSfkDIpjiaU=
Subject key identifier: 51:18:C6:84:5B:AB:B1:9F:97:8F:CA:5D:5A:2D:53:25:38:EB:AB:08
Certificate issuer: /CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Certificate serial: 019881CEF04DD08F65D27A1044A712DCBA1A
Authority key identifier: 29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/URjGhFursZ-Xj8pdWi1TJTjrqwg.roa
Signing time: Wed 06 Aug 2025 23:54:39 +0000
ROA not before: Wed 06 Aug 2025 23:54:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24753
IP address blocks: 62.32.32.0/19 maxlen: 24
62.32.32.0/24 maxlen: 24
81.85.52.0/22 maxlen: 22
81.85.96.0/22 maxlen: 22
81.85.100.0/24 maxlen: 24
81.85.160.0/20 maxlen: 20
89.21.160.0/19 maxlen: 19
89.21.167.0/24 maxlen: 24
89.21.173.0/24 maxlen: 24
89.21.189.0/24 maxlen: 24
213.187.128.0/19 maxlen: 19
213.187.128.0/22 maxlen: 24
213.187.132.0/22 maxlen: 24
213.187.139.0/24 maxlen: 24
213.187.144.0/22 maxlen: 24
213.187.146.0/24 maxlen: 24
213.187.147.0/24 maxlen: 24
213.187.152.0/22 maxlen: 24
2a00:df8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.mft
rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:81:ce:f0:4d:d0:8f:65:d2:7a:10:44:a7:12:dc:ba:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29f6a300bf7d40b7f8d6181c5b8a7dbc71b7d123
Validity
Not Before: Aug 6 23:54:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5118c6845babb19f978fca5d5a2d532538ebab08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:06:2e:d8:bf:b5:8f:91:af:c6:36:2e:78:88:
58:8e:73:f5:04:62:05:ec:a0:d1:29:7d:ec:9f:79:
2a:2d:04:d6:d3:34:d0:6a:39:be:d1:0e:5a:b1:09:
1c:6e:86:b5:48:6e:1b:c3:c9:81:13:b9:50:44:93:
cf:80:d7:73:0a:a1:9e:cf:c1:7b:33:79:02:bb:fe:
1e:d8:c5:b9:02:3e:d5:af:1f:54:6c:5f:ff:3f:6b:
b9:77:37:14:9b:70:43:e9:55:61:b3:50:fc:ed:63:
b4:76:e7:4c:7f:98:21:cc:76:f7:71:97:95:eb:d3:
57:91:e8:32:e2:11:a4:38:ed:8b:fa:a2:14:4d:b3:
83:e8:7f:a3:16:73:a2:84:e6:aa:ad:45:7b:a2:e4:
4d:19:91:f8:0e:92:38:10:76:fa:1d:1b:80:06:cf:
b9:58:3b:a7:af:18:74:41:07:1e:1b:03:95:82:c4:
22:1b:77:ba:6d:e3:bb:e3:bc:01:80:97:48:45:39:
d4:47:0c:3c:e4:f2:75:b1:fa:a5:da:96:03:cf:9b:
ae:79:fb:4f:0c:f3:ff:ad:2d:58:db:66:3a:a4:f1:
46:59:d4:6d:3f:53:83:15:56:40:22:b9:9b:b9:41:
22:12:cb:88:48:7b:cd:4a:64:57:97:4e:30:e2:b6:
1f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:18:C6:84:5B:AB:B1:9F:97:8F:CA:5D:5A:2D:53:25:38:EB:AB:08
X509v3 Authority Key Identifier:
keyid:29:F6:A3:00:BF:7D:40:B7:F8:D6:18:1C:5B:8A:7D:BC:71:B7:D1:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfajAL99QLf41hgcW4p9vHG30SM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/URjGhFursZ-Xj8pdWi1TJTjrqwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/aaf49c-83dd-46aa-8ce7-b84c413dfaa4/1/KfajAL99QLf41hgcW4p9vHG30SM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.32.32.0/19
81.85.52.0/22
81.85.96.0-81.85.100.255
81.85.160.0/20
89.21.160.0/19
213.187.128.0/19
IPv6:
2a00:df8::/32
Signature Algorithm: sha256WithRSAEncryption
99:2c:86:92:74:b2:a7:50:2e:09:f7:58:14:43:f4:f0:5e:17:
92:1c:c2:9b:22:7b:cd:f9:a7:4e:c5:65:50:ab:16:7c:35:c5:
3f:39:8f:01:7c:fb:c0:e0:c6:07:76:01:9a:b8:2f:c6:74:b0:
ee:cd:35:0c:14:a3:0a:59:e9:a4:e2:b6:9c:7c:1f:d1:7a:29:
bb:1b:db:f4:42:69:50:38:bf:60:41:09:1c:12:8b:f9:0c:b3:
6a:26:27:c7:83:10:f2:fb:c6:1a:67:2a:c1:2c:41:0a:30:e0:
0c:ff:16:ca:9d:dd:66:c0:7c:1d:8a:5a:50:5a:e7:1b:c1:94:
37:1b:da:e9:d3:a2:25:d8:6d:de:c0:76:fd:af:5a:b8:38:e2:
e1:ab:30:2f:79:3d:3a:b2:bd:32:ef:67:9f:1e:f4:9f:df:b0:
c6:5a:10:c8:0c:9b:39:e3:d7:e4:f6:66:16:0e:6f:6d:f9:0d:
2d:02:45:66:d6:5c:a0:b8:5e:d2:91:6d:d0:e8:03:fb:f2:e1:
8c:5c:97:20:97:bc:2e:8a:bd:8e:db:e0:43:60:a9:6b:06:a6:
c6:b5:95:69:fe:66:18:5b:b9:af:49:56:88:21:22:a0:10:47:
2d:c2:a5:a3:e3:5a:f3:91:cd:51:51:83:dd:4e:08:cd:33:a6:
46:02:68:e4
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZiBzvBN0I9l0noQRKcS3LoaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZjZhMzAwYmY3ZDQwYjdmOGQ2MTgxYzViOGE3ZGJjNzFi
N2QxMjMwHhcNMjUwODA2MjM1NDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTE4YzY4NDViYWJiMTlmOTc4ZmNhNWQ1YTJkNTMyNTM4ZWJhYjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgYu2L+1j5GvxjYueIhYjnP1BGIF
7KDRKX3sn3kqLQTW0zTQajm+0Q5asQkcboa1SG4bw8mBE7lQRJPPgNdzCqGez8F7
M3kCu/4e2MW5Aj7Vrx9UbF//P2u5dzcUm3BD6VVhs1D87WO0dudMf5ghzHb3cZeV
69NXkegy4hGkOO2L+qIUTbOD6H+jFnOihOaqrUV7ouRNGZH4DpI4EHb6HRuABs+5
WDunrxh0QQceGwOVgsQiG3e6beO747wBgJdIRTnURww85PJ1sfql2pYDz5uueftP
DPP/rS1Y22Y6pPFGWdRtP1ODFVZAIrmbuUEiEsuISHvNSmRXl04w4rYf3QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFEYxoRbq7Gfl4/KXVotUyU466sIMB8GA1UdIwQY
MBaAFCn2owC/fUC3+NYYHFuKfbxxt9EjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTct
Yjg0YzQxM2RmYWE0LzEvVVJqR2hGdXJzWi1YajhwZFdpMVRKVGpycXdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9hYWY0OWMtODNkZC00NmFhLThjZTctYjg0YzQxM2RmYWE0
LzEvS2ZhakFMOTlRTGY0MWhnY1c0cDl2SEczMFNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFPiAgAwQC
UVU0MAwDBAVRVWADBABRVWQDBARRVaADBAVZFaADBAXVu4AwDQQCAAIwBwMFACoA
DfgwDQYJKoZIhvcNAQELBQADggEBAJkshpJ0sqdQLgn3WBRD9PBeF5Icwpsie835
p07FZVCrFnw1xT85jwF8+8Dgxgd2AZq4L8Z0sO7NNQwUowpZ6aTitpx8H9F6Kbsb
2/RCaVA4v2BBCRwSi/kMs2omJ8eDEPL7xhpnKsEsQQow4Az/Fsqd3WbAfB2KWlBa
5xvBlDcb2unToiXYbd7Adv2vWrg44uGrMC95PTqyvTLvZ58e9J/fsMZaEMgMmznj
1+T2ZhYOb235DS0CRWbWXKC4XtKRbdDoA/vy4YxclyCXvC6KvY7b4ENgqWsGpsa1
lWn+Zhhbua9JVoghIqAQRy3CpaPjWvORzVFRg91OCM0zpkYCaOQ=
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:41:14 2025 by rpki-client