Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/UWeGIl_6VHcutFLK0L5MueAINMY.roa
File: UWeGIl_6VHcutFLK0L5MueAINMY.roa (raw, json)
Hash identifier: AVZtTMJBhtqap/729tRkybRSFR3yVa5RKP1aMlDfHfg=
Subject key identifier: 51:67:86:22:5F:FA:54:77:2E:B4:52:CA:D0:BE:4C:B9:E0:08:34:C6
Certificate issuer: /CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Certificate serial: 019971CDE8B707BDD0CD78E032F4B2CFA3EA
Authority key identifier: 43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/UWeGIl_6VHcutFLK0L5MueAINMY.roa
Signing time: Mon 22 Sep 2025 14:22:23 +0000
ROA not before: Mon 22 Sep 2025 14:22:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197564
IP address blocks: 45.155.96.0/22 maxlen: 22
91.226.36.0/23 maxlen: 23
213.108.24.0/23 maxlen: 23
213.108.24.0/24 maxlen: 24
213.108.25.0/24 maxlen: 24
2001:67c:124c::/48 maxlen: 48
2a10:ba00:bee0::/48 maxlen: 48
2a10:ba00:bee1::/48 maxlen: 48
2a10:ba00:bee2::/48 maxlen: 48
2a10:ba00:bee3::/48 maxlen: 48
2a10:ba00:bee4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:71:cd:e8:b7:07:bd:d0:cd:78:e0:32:f4:b2:cf:a3:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43dfc066ce7cd3e382574a68667973b0b468df3c
Validity
Not Before: Sep 22 14:22:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=516786225ffa54772eb452cad0be4cb9e00834c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ba:70:01:76:f5:c4:6b:8e:9e:d5:08:50:54:
dc:98:1c:ef:d5:0c:64:6e:7b:5d:2e:45:2d:2f:3c:
4b:33:f5:61:a6:14:a6:cf:2d:8b:a7:57:4e:c2:0f:
fd:bd:06:3e:c4:eb:df:50:52:dd:e5:5a:95:a3:91:
fe:14:6f:f3:d9:4f:f6:ff:57:0e:5e:22:79:9f:1c:
f4:e9:a5:52:47:28:10:9d:f9:61:00:3c:f2:fc:3f:
64:1d:9b:4b:90:e7:bc:ca:90:a5:62:97:88:e7:ce:
00:f0:88:a6:2f:98:11:a1:fb:8a:3f:9b:e8:14:73:
39:d9:94:39:0b:23:be:f3:17:98:95:52:10:7c:ac:
cf:03:63:b1:42:42:c1:a1:20:5b:c1:01:9e:dd:91:
00:aa:4c:6c:d7:2b:c7:b0:9e:4f:88:71:df:cf:bd:
99:49:91:9d:60:d7:c3:60:d9:9a:83:db:41:d2:0e:
21:f8:53:dd:2a:07:1e:72:fc:00:53:88:28:06:7d:
48:3c:6e:f0:07:a6:54:9b:7a:8a:12:45:2c:ba:59:
a5:b9:65:ce:b2:bc:7d:2e:33:c6:3c:82:b0:5f:f2:
34:8f:b5:b2:72:81:ee:e5:1f:97:ff:d9:ee:fc:fd:
eb:ab:b5:f1:8d:4d:2b:2b:19:76:76:ff:10:7e:65:
4c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:67:86:22:5F:FA:54:77:2E:B4:52:CA:D0:BE:4C:B9:E0:08:34:C6
X509v3 Authority Key Identifier:
keyid:43:DF:C0:66:CE:7C:D3:E3:82:57:4A:68:66:79:73:B0:B4:68:DF:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9_AZs580-OCV0poZnlzsLRo3zw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/UWeGIl_6VHcutFLK0L5MueAINMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/1636f8-5026-404e-a1ae-2509743ad29e/1/Q9_AZs580-OCV0poZnlzsLRo3zw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.96.0/22
91.226.36.0/23
213.108.24.0/23
IPv6:
2001:67c:124c::/48
2a10:ba00:bee0::-2a10:ba00:bee4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0d:55:4b:de:d6:2f:bc:9e:6f:41:1b:a2:07:26:7d:e5:99:d5:
d6:a1:0a:75:c5:80:e5:c6:b5:8f:c7:9c:79:5a:5f:e7:5e:59:
8e:c2:9b:54:9f:5a:ca:79:78:ed:bb:d4:38:6e:b5:9d:04:8d:
2c:e4:ea:04:23:ef:0e:8a:d9:d1:af:8b:2b:aa:dc:55:a6:bc:
89:cb:f2:8c:fb:23:3e:a8:9a:77:9c:0d:87:e7:77:7d:ee:b4:
ad:37:60:d5:13:b0:f3:20:99:a9:c0:3a:1e:a7:8f:44:31:e9:
0a:b9:e3:26:6e:4b:2a:1f:18:a1:97:ba:8b:96:9d:93:4f:0c:
ee:9e:ad:66:ab:f4:bb:7e:d6:a1:15:95:f8:5d:3e:0c:65:8a:
d1:75:8e:9e:87:36:1c:f4:2b:a1:ac:d8:38:4f:e2:bc:bc:61:
8f:f6:5b:ff:bb:3f:25:b5:a7:33:96:af:a9:c1:89:00:a1:5e:
46:0d:70:0e:87:c1:99:c5:13:a6:25:c3:0a:28:7c:22:35:82:
07:96:5d:ec:2e:f8:e2:0e:13:0a:96:9e:5f:0c:ef:77:f5:50:
05:99:32:9f:83:3d:9b:f4:4d:46:fd:09:84:b2:7a:58:22:f4:
97:e3:17:59:fb:c3:07:13:0c:15:b0:1f:0c:59:eb:ea:59:e2:
84:f8:a5:ca
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZlxzei3B73QzXjgMvSyz6PqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZGZjMDY2Y2U3Y2QzZTM4MjU3NGE2ODY2Nzk3M2IwYjQ2
OGRmM2MwHhcNMjUwOTIyMTQyMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTY3ODYyMjVmZmE1NDc3MmViNDUyY2FkMGJlNGNiOWUwMDgzNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLpwAXb1xGuOntUIUFTcmBzv1Qxk
bntdLkUtLzxLM/VhphSmzy2Lp1dOwg/9vQY+xOvfUFLd5VqVo5H+FG/z2U/2/1cO
XiJ5nxz06aVSRygQnflhADzy/D9kHZtLkOe8ypClYpeI584A8IimL5gRofuKP5vo
FHM52ZQ5CyO+8xeYlVIQfKzPA2OxQkLBoSBbwQGe3ZEAqkxs1yvHsJ5PiHHfz72Z
SZGdYNfDYNmag9tB0g4h+FPdKgcecvwAU4goBn1IPG7wB6ZUm3qKEkUsulmluWXO
srx9LjPGPIKwX/I0j7WycoHu5R+X/9nu/P3rq7XxjU0rKxl2dv8QfmVM3QIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFFFnhiJf+lR3LrRSytC+TLngCDTGMB8GA1UdIwQY
MBaAFEPfwGbOfNPjgldKaGZ5c7C0aN88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUt
MjUwOTc0M2FkMjllLzEvVVdlR0lsXzZWSGN1dEZMSzBMNU11ZUFJTk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8xNjM2ZjgtNTAyNi00MDRlLWExYWUtMjUwOTc0M2FkMjll
LzEvUTlfQVpzNTgwLU9DVjBwb1pubHpzTFJvM3p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAYBAIAATASAwQCLZtgAwQB
W+IkAwQB1WwYMCMEAgACMB0DBwAgAQZ8EkwwEgMHBSoQugC+4AMHACoQugC+5DAN
BgkqhkiG9w0BAQsFAAOCAQEADVVL3tYvvJ5vQRuiByZ95ZnV1qEKdcWA5ca1j8ec
eVpf515ZjsKbVJ9aynl47bvUOG61nQSNLOTqBCPvDorZ0a+LK6rcVaa8icvyjPsj
Pqiad5wNh+d3fe60rTdg1ROw8yCZqcA6HqePRDHpCrnjJm5LKh8YoZe6i5adk08M
7p6tZqv0u37WoRWV+F0+DGWK0XWOnoc2HPQroazYOE/ivLxhj/Zb/7s/JbWnM5av
qcGJAKFeRg1wDofBmcUTpiXDCih8IjWCB5Zd7C744g4TCpaeXwzvd/VQBZkyn4M9
m/RNRv0JhLJ6WCL0l+MXWfvDBxMMFbAfDFnr6lnihPilyg==
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:56:19 2025 by rpki-client