Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/UuS6pLsi0pXqgNOo2MmMnaI_EFw.roa
File: UuS6pLsi0pXqgNOo2MmMnaI_EFw.roa (raw, json)
Hash identifier: 6LgTLuCZTfCP89wCeBovoZonbWOwGe5qNpTZQ/z95XU=
Subject key identifier: 52:E4:BA:A4:BB:22:D2:95:EA:80:D3:A8:D8:C9:8C:9D:A2:3F:10:5C
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 0197D4AC7A5779BC0FAEC783E40B812E4A1C
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/UuS6pLsi0pXqgNOo2MmMnaI_EFw.roa
Signing time: Fri 04 Jul 2025 09:02:42 +0000
ROA not before: Fri 04 Jul 2025 09:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49685
IP address blocks: 31.3.8.0/21 maxlen: 24
31.3.96.0/21 maxlen: 24
31.223.160.0/20 maxlen: 24
37.17.208.0/20 maxlen: 24
46.226.56.0/21 maxlen: 24
78.108.128.0/20 maxlen: 24
79.170.88.0/21 maxlen: 24
80.84.224.0/19 maxlen: 24
80.246.192.0/20 maxlen: 24
80.246.207.0/24 maxlen: 24
80.255.240.0/20 maxlen: 24
81.4.64.0/19 maxlen: 24
81.4.96.0/22 maxlen: 24
81.4.112.0/21 maxlen: 24
81.21.136.0/21 maxlen: 24
81.30.32.0/20 maxlen: 24
83.96.128.0/17 maxlen: 24
85.10.160.0/19 maxlen: 24
85.10.172.0/22 maxlen: 24
85.10.176.0/22 maxlen: 24
85.158.248.0/22 maxlen: 24
85.158.252.0/23 maxlen: 24
85.222.224.0/21 maxlen: 24
89.31.96.0/21 maxlen: 24
91.142.240.0/20 maxlen: 24
91.189.208.0/22 maxlen: 24
91.205.32.0/22 maxlen: 24
91.216.162.0/24 maxlen: 24
93.191.128.0/21 maxlen: 24
94.142.208.0/21 maxlen: 24
141.138.192.0/20 maxlen: 24
141.255.176.0/22 maxlen: 24
141.255.180.0/22 maxlen: 24
171.33.128.0/21 maxlen: 24
171.33.128.0/24 maxlen: 24
176.74.224.0/19 maxlen: 24
185.3.208.0/22 maxlen: 24
185.15.248.0/22 maxlen: 24
185.65.52.0/22 maxlen: 24
185.69.232.0/22 maxlen: 24
185.84.72.0/22 maxlen: 24
185.89.152.0/22 maxlen: 24
185.95.68.0/22 maxlen: 24
185.105.204.0/22 maxlen: 24
185.105.216.0/22 maxlen: 24
185.110.172.0/22 maxlen: 24
185.110.173.0/24 maxlen: 24
185.110.200.0/22 maxlen: 24
193.93.172.0/22 maxlen: 24
193.242.119.0/24 maxlen: 24
194.60.207.0/24 maxlen: 24
213.187.240.0/21 maxlen: 24
217.21.240.0/20 maxlen: 24
217.149.128.0/20 maxlen: 24
2001:828::/32 maxlen: 48
2001:4cb8::/29 maxlen: 48
2001:4cb8:e::/48 maxlen: 48
2001:4cb8:40b::/48 maxlen: 48
2a00:c080::/32 maxlen: 48
2a02:348::/32 maxlen: 48
2a03:4f00::/32 maxlen: 48
2a03:5700::/32 maxlen: 48
2a05:2500::/32 maxlen: 48
2a05:a282::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 16:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:ac:7a:57:79:bc:0f:ae:c7:83:e4:0b:81:2e:4a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jul 4 09:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52e4baa4bb22d295ea80d3a8d8c98c9da23f105c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:11:b8:9f:53:7a:b8:2c:25:d5:be:2a:aa:b2:
ae:71:f3:e6:f9:f0:45:3a:3a:36:ed:fb:00:c5:09:
59:de:9a:ff:d9:0d:d7:3a:9d:8d:25:8d:45:28:4a:
d4:95:08:e4:8c:3e:19:19:90:a4:47:d6:d5:36:dd:
54:d1:59:16:1b:f6:cf:a6:eb:ce:25:39:bc:63:f5:
de:68:58:82:17:53:b7:36:91:5a:b4:d3:eb:cf:f0:
6c:0b:0f:06:17:37:93:06:56:26:33:b5:b3:06:f3:
bc:8e:9d:22:b4:ea:6d:27:ac:58:c5:40:85:df:04:
42:d0:f6:62:a1:82:cc:74:67:9f:a8:29:46:e1:a5:
04:cb:d4:c2:62:8c:54:2a:92:2b:cb:f1:11:25:4f:
13:98:91:2c:29:15:f2:0a:62:ea:ed:b2:96:2f:50:
70:3d:ca:8c:75:31:dc:59:44:35:43:96:ae:59:6a:
c4:5b:15:52:56:46:99:6a:27:5c:1e:3e:25:88:7f:
8e:03:f8:87:98:d9:d6:c7:c6:5a:3a:8d:b5:b5:47:
67:bc:49:f7:4f:a3:63:f5:0e:8c:ae:b6:3f:76:53:
35:15:13:5c:39:24:1c:8b:3a:75:a4:f3:1e:3e:04:
80:2e:fc:28:f4:0b:6e:d1:d3:3d:fd:b6:c6:d6:2d:
86:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E4:BA:A4:BB:22:D2:95:EA:80:D3:A8:D8:C9:8C:9D:A2:3F:10:5C
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/UuS6pLsi0pXqgNOo2MmMnaI_EFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.8.0/21
31.3.96.0/21
31.223.160.0/20
37.17.208.0/20
46.226.56.0/21
78.108.128.0/20
79.170.88.0/21
80.84.224.0/19
80.246.192.0/20
80.255.240.0/20
81.4.64.0-81.4.99.255
81.4.112.0/21
81.21.136.0/21
81.30.32.0/20
83.96.128.0/17
85.10.160.0/19
85.158.248.0-85.158.253.255
85.222.224.0/21
89.31.96.0/21
91.142.240.0/20
91.189.208.0/22
91.205.32.0/22
91.216.162.0/24
93.191.128.0/21
94.142.208.0/21
141.138.192.0/20
141.255.176.0/21
171.33.128.0/21
176.74.224.0/19
185.3.208.0/22
185.15.248.0/22
185.65.52.0/22
185.69.232.0/22
185.84.72.0/22
185.89.152.0/22
185.95.68.0/22
185.105.204.0/22
185.105.216.0/22
185.110.172.0/22
185.110.200.0/22
193.93.172.0/22
193.242.119.0/24
194.60.207.0/24
213.187.240.0/21
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:828::/32
2001:4cb8::/29
2a00:c080::/32
2a02:348::/32
2a03:4f00::/32
2a03:5700::/32
2a05:2500::/32
2a05:a282::/32
Signature Algorithm: sha256WithRSAEncryption
48:f1:a6:68:36:b6:77:cc:f9:dd:6a:2b:82:97:3a:88:68:8b:
d1:b8:b7:b9:66:39:fe:0b:a7:7b:74:2e:98:59:db:e9:97:23:
e2:87:12:46:94:df:a0:58:44:44:43:0f:9b:0a:a9:5a:ac:fe:
95:88:db:08:12:71:08:58:85:64:2f:6f:3b:2d:ff:ca:38:a9:
b7:85:60:e9:ef:42:1b:f7:a8:04:46:4f:3d:cb:2f:21:ee:6d:
55:61:80:b4:50:e5:af:84:ad:d2:a1:56:c0:ad:ed:99:57:74:
1b:e5:d7:ec:7e:66:34:c2:e2:a0:86:4e:bd:96:ec:05:51:f0:
db:8a:ef:3c:0a:ed:5f:a7:a3:94:9b:25:83:d0:ce:62:a3:88:
ec:61:35:46:17:a8:13:2a:d1:5b:51:ad:ff:4e:e1:62:6e:4d:
d3:db:34:42:9c:4f:4b:73:28:59:b9:a0:0f:1b:64:f5:20:61:
f3:4a:2a:73:58:e2:11:26:47:70:7e:de:3e:19:20:c1:f1:ee:
75:ae:e1:8a:d6:fa:50:41:1d:81:4c:56:63:f2:0a:f8:66:be:
61:61:f9:84:9d:6f:cd:68:08:39:ca:a3:29:6a:d4:3b:bf:59:
77:20:4b:31:de:d3:74:4a:0a:5c:15:9d:3f:1b:73:9b:db:0f:
e4:ca:3b:11
-----BEGIN CERTIFICATE-----
MIIGZTCCBU2gAwIBAgISAZfUrHpXebwPrseD5AuBLkocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjUwNzA0MDkwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU0YmFhNGJiMjJkMjk1ZWE4MGQzYThkOGM5OGM5ZGEyM2YxMDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RG4n1N6uCwl1b4qqrKucfPm+fBF
Ojo27fsAxQlZ3pr/2Q3XOp2NJY1FKErUlQjkjD4ZGZCkR9bVNt1U0VkWG/bPpuvO
JTm8Y/XeaFiCF1O3NpFatNPrz/BsCw8GFzeTBlYmM7WzBvO8jp0itOptJ6xYxUCF
3wRC0PZioYLMdGefqClG4aUEy9TCYoxUKpIry/ERJU8TmJEsKRXyCmLq7bKWL1Bw
PcqMdTHcWUQ1Q5auWWrEWxVSVkaZaidcHj4liH+OA/iHmNnWx8ZaOo21tUdnvEn3
T6Nj9Q6MrrY/dlM1FRNcOSQcizp1pPMePgSALvwo9Atu0dM9/bbG1i2GgQIDAQAB
o4IDcTCCA20wHQYDVR0OBBYEFFLkuqS7ItKV6oDTqNjJjJ2iPxBcMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvVXVTNnBMc2kwcFhxZ05PbzJNbU1uYUlfRUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBhQYIKwYBBQUHAQcBAf8EggF0MIIBcDCCASwEAgABMIIB
JAMEAx8DCAMEAx8DYAMEBB/foAMEBCUR0AMEAy7iOAMEBE5sgAMEA0+qWAMEBVBU
4AMEBFD2wAMEBFD/8DAMAwQGUQRAAwQCUQRgAwQDUQRwAwQDURWIAwQEUR4gAwQH
U2CAAwQFVQqgMAwDBANVnvgDBAFVnvwDBANV3uADBANZH2ADBARbjvADBAJbvdAD
BAJbzSADBABb2KIDBANdv4ADBANejtADBASNisADBAON/7ADBAOrIYADBAWwSuAD
BAK5A9ADBAK5D/gDBAK5QTQDBAK5RegDBAK5VEgDBAK5WZgDBAK5X0QDBAK5acwD
BAK5adgDBAK5bqwDBAK5bsgDBALBXawDBADB8ncDBADCPM8DBAPVu/ADBATZFfAD
BATZlYAwPgQCAAIwOAMFACABCCgDBQMgAUy4AwUAKgDAgAMFACoCA0gDBQAqA08A
AwUAKgNXAAMFACoFJQADBQAqBaKCMA0GCSqGSIb3DQEBCwUAA4IBAQBI8aZoNrZ3
zPndaiuClzqIaIvRuLe5Zjn+C6d7dC6YWdvplyPihxJGlN+gWEREQw+bCqlarP6V
iNsIEnEIWIVkL287Lf/KOKm3hWDp70Ib96gERk89yy8h7m1VYYC0UOWvhK3SoVbA
re2ZV3Qb5dfsfmY0wuKghk69luwFUfDbiu88Cu1fp6OUmyWD0M5io4jsYTVGF6gT
KtFbUa3/TuFibk3T2zRCnE9LcyhZuaAPG2T1IGHzSipzWOIRJkdwft4+GSDB8e51
ruGK1vpQQR2BTFZj8gr4Zr5hYfmEnW/NaAg5yqMpatQ7v1l3IEsx3tN0SgpcFZ0/
G3Ob2w/kyjsR
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:29:29 2025 by rpki-client