Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UoNufyGB5YsQMgJ9-WpAcmMaxpo.roa
File: UoNufyGB5YsQMgJ9-WpAcmMaxpo.roa (raw, json)
Hash identifier: HEPYQfxawqSQRULMvBO6zUX8QxmuO7NwZtfM80VYMp4=
Subject key identifier: 52:83:6E:7F:21:81:E5:8B:10:32:02:7D:F9:6A:40:72:63:1A:C6:9A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019DD457B12DB432CCF0A0BEB2F5D6E11AAA
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UoNufyGB5YsQMgJ9-WpAcmMaxpo.roa
Signing time: Tue 28 Apr 2026 13:46:49 +0000
ROA not before: Tue 28 Apr 2026 13:46:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 5.175.164.0/24 maxlen: 24
5.175.168.0/24 maxlen: 24
5.175.179.0/24 maxlen: 24
5.175.195.0/24 maxlen: 24
5.231.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 13:46:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:57:b1:2d:b4:32:cc:f0:a0:be:b2:f5:d6:e1:1a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 28 13:46:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52836e7f2181e58b1032027df96a4072631ac69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:31:37:65:0f:07:21:37:70:db:89:cd:48:8a:
a6:78:ce:75:a6:c2:1f:d5:68:7b:7c:a4:d5:76:98:
cd:59:ab:0d:ba:9f:19:71:3e:ea:a8:ba:5a:aa:72:
d4:07:42:21:2d:5a:eb:6f:b7:40:20:24:5e:93:80:
75:46:8e:ea:3d:ec:51:fa:34:43:33:f7:ca:d2:e0:
29:ee:b4:8e:a6:b1:34:98:60:ac:c3:3b:f2:b8:5f:
0b:4c:d3:ee:ab:2a:81:9b:d9:c7:e5:23:00:b2:d4:
20:43:3d:22:a9:e5:6d:29:0d:cd:d5:2d:ae:50:82:
d7:19:fb:b3:34:05:ec:df:f2:6f:c2:01:76:43:ea:
ab:0f:35:f6:26:90:68:18:f8:40:30:68:da:d7:ad:
ed:5d:e4:3d:02:e8:8e:41:3a:07:c7:92:1d:05:c0:
13:4a:0d:79:1a:a4:aa:00:1f:98:3d:08:96:63:22:
db:dc:eb:89:6a:32:b6:2d:e7:4e:72:23:c0:9d:ff:
6b:16:e0:29:c7:08:72:95:12:b8:17:a1:f8:46:79:
78:2a:d5:6e:00:3b:d5:28:89:f4:07:f8:b1:80:ab:
c2:aa:6a:68:62:19:e6:af:c2:34:ff:43:a6:2b:88:
8d:96:0c:14:b8:74:4f:17:e9:64:bc:6f:b9:3b:2a:
8d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:83:6E:7F:21:81:E5:8B:10:32:02:7D:F9:6A:40:72:63:1A:C6:9A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UoNufyGB5YsQMgJ9-WpAcmMaxpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.164.0/24
5.175.168.0/24
5.175.179.0/24
5.175.195.0/24
5.231.207.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:48:13:7b:b0:7e:ac:09:ae:ab:d6:86:df:3d:8e:5f:4f:91:
87:c5:3d:1c:1a:38:4f:1c:02:34:cd:a5:90:e0:e5:a8:56:28:
70:8f:72:a3:e6:bb:0c:f1:2c:97:0e:37:c5:bc:f5:9c:c8:a2:
88:f8:17:80:80:35:fa:87:bf:a0:47:66:6d:3c:98:b9:09:0c:
2b:ad:09:47:77:03:d3:33:e9:28:af:55:59:1f:f0:03:8a:6d:
7e:ad:16:13:4a:00:bd:98:db:15:88:3f:69:34:37:05:2a:02:
45:f6:d4:91:73:a4:9b:06:2c:57:fd:45:ac:87:fa:16:44:8a:
50:52:9d:2e:56:21:73:b4:8b:41:c0:0a:29:f5:cd:ff:64:ae:
ee:1c:83:78:cd:2f:79:b9:f9:dd:69:f7:af:59:a3:61:b5:43:
c8:70:80:85:03:9b:47:5e:36:a7:0c:84:56:2e:eb:6a:b9:d1:
94:bb:f6:39:da:0e:cb:07:32:4f:45:6f:8f:a2:3c:93:9d:ca:
db:d1:fc:af:a5:9a:62:6c:f2:24:79:21:e9:6f:41:8f:5f:d7:
ed:32:83:30:09:dc:cf:83:fa:fa:41:7e:20:db:57:26:2a:15:
eb:0c:ed:ca:a4:8c:29:7e:23:31:44:20:55:fc:ec:f5:60:e0:
6a:94:ad:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3UV7EttDLM8KC+svXW4RqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDI4MTM0NjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjgzNmU3ZjIxODFlNThiMTAzMjAyN2RmOTZhNDA3MjYzMWFjNjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zE3ZQ8HITdw24nNSIqmeM51psIf
1Wh7fKTVdpjNWasNup8ZcT7qqLpaqnLUB0IhLVrrb7dAICRek4B1Ro7qPexR+jRD
M/fK0uAp7rSOprE0mGCswzvyuF8LTNPuqyqBm9nH5SMAstQgQz0iqeVtKQ3N1S2u
UILXGfuzNAXs3/JvwgF2Q+qrDzX2JpBoGPhAMGja163tXeQ9AuiOQToHx5IdBcAT
Sg15GqSqAB+YPQiWYyLb3OuJajK2LedOciPAnf9rFuApxwhylRK4F6H4Rnl4KtVu
ADvVKIn0B/ixgKvCqmpoYhnmr8I0/0OmK4iNlgwUuHRPF+lkvG+5OyqNMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFKDbn8hgeWLEDICfflqQHJjGsaaMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVW9OdWZ5R0I1WXNRTWdKOS1XcEFjbU1heHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABa+kAwQA
Ba+oAwQABa+zAwQABa/DAwQABefPMA0GCSqGSIb3DQEBCwUAA4IBAQCPSBN7sH6s
Ca6r1obfPY5fT5GHxT0cGjhPHAI0zaWQ4OWoVihwj3Kj5rsM8SyXDjfFvPWcyKKI
+BeAgDX6h7+gR2ZtPJi5CQwrrQlHdwPTM+kor1VZH/ADim1+rRYTSgC9mNsViD9p
NDcFKgJF9tSRc6SbBixX/UWsh/oWRIpQUp0uViFztItBwAop9c3/ZK7uHIN4zS95
ufndafevWaNhtUPIcICFA5tHXjanDIRWLutqudGUu/Y52g7LBzJPRW+PojyTncrb
0fyvpZpibPIkeSHpb0GPX9ftMoMwCdzPg/r6QX4g21cmKhXrDO3KpIwpfiMxRCBV
/Oz1YOBqlK2Z
-----END CERTIFICATE-----
Generated at Tue Apr 28 17:26:24 2026 by rpki-client