Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/UDUln-3qeCrp7STdtVtP-Xg_90E.roa
File: UDUln-3qeCrp7STdtVtP-Xg_90E.roa (raw, json)
Hash identifier: vObdNNiNWw3evfnIcbLbfyalSMwTqD2xiNwmGGAngXk=
Subject key identifier: 50:35:25:9F:ED:EA:78:2A:E9:ED:24:DD:B5:5B:4F:F9:78:3F:F7:41
Certificate issuer: /CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Certificate serial: 019A0AE83CACC2041F39918E17E6DC24B562
Authority key identifier: 41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/UDUln-3qeCrp7STdtVtP-Xg_90E.roa
Signing time: Wed 22 Oct 2025 07:53:03 +0000
ROA not before: Wed 22 Oct 2025 07:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41296
IP address blocks: 5.159.248.0/21 maxlen: 21
5.159.252.0/24 maxlen: 24
193.32.57.0/24 maxlen: 24
193.41.225.0/24 maxlen: 24
194.24.168.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0a:e8:3c:ac:c2:04:1f:39:91:8e:17:e6:dc:24:b5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41fb6b1708335006b0a6aac650bfaff3fc8d292c
Validity
Not Before: Oct 22 07:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5035259fedea782ae9ed24ddb55b4ff9783ff741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:99:0d:50:33:aa:73:a9:cf:40:d7:aa:d9:1d:
ba:69:cf:b6:19:b7:bb:3c:8c:f4:a7:06:44:b8:35:
18:dc:89:0b:2a:03:19:24:59:64:fe:d4:74:c7:7e:
2f:2b:18:4c:a8:12:e7:55:2a:6e:d5:79:06:e4:ac:
09:b4:ec:9d:94:b6:c2:91:44:6d:b6:bc:ba:dd:65:
2c:4d:81:b4:09:dd:bf:a9:b4:e8:1e:4a:3b:cc:e4:
e5:08:6f:7d:6b:7c:69:bb:d4:bb:af:de:0f:a7:72:
ec:4b:47:5b:73:6e:20:91:f9:1a:e2:3f:03:96:94:
c7:39:9e:ad:d1:95:e2:54:3c:48:01:39:1d:ec:b5:
69:73:15:c7:f5:d8:3b:b9:13:26:d3:d6:1b:ec:d7:
75:81:36:83:f3:92:5b:36:1f:ed:1c:b4:c4:8e:e8:
cc:a2:4d:8e:5c:b5:b4:4c:0b:08:45:d5:c1:af:04:
a5:87:15:4b:62:cd:90:01:db:6a:48:83:9e:f9:9e:
5f:83:a3:8a:80:67:f2:56:76:e8:b1:c8:60:0a:db:
8a:46:84:78:35:01:86:8f:e1:f1:15:43:af:82:e9:
7c:c4:f8:37:6f:b7:92:c3:f2:1a:91:cb:e6:9a:f9:
48:74:fb:ef:ed:5d:3b:ce:0a:da:43:71:0e:64:b5:
9c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:35:25:9F:ED:EA:78:2A:E9:ED:24:DD:B5:5B:4F:F9:78:3F:F7:41
X509v3 Authority Key Identifier:
keyid:41:FB:6B:17:08:33:50:06:B0:A6:AA:C6:50:BF:AF:F3:FC:8D:29:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QftrFwgzUAawpqrGUL-v8_yNKSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/UDUln-3qeCrp7STdtVtP-Xg_90E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c771c3-ca90-4fd2-99ac-04c82ed6ed4c/1/QftrFwgzUAawpqrGUL-v8_yNKSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.248.0/21
193.32.57.0/24
193.41.225.0/24
194.24.168.0/23
Signature Algorithm: sha256WithRSAEncryption
66:16:c7:37:d3:41:66:ce:a9:45:d8:f7:de:57:ec:3d:7a:c9:
65:b4:e0:74:bc:d3:c1:2d:06:77:82:01:46:10:d2:b2:04:7d:
40:11:d2:0b:85:f8:c7:2d:27:dc:61:3d:30:88:7e:c2:c5:e8:
89:0b:56:49:6a:1c:9b:58:90:a2:62:90:25:4d:6d:1f:95:58:
bd:ec:ab:67:63:2b:30:e1:43:07:3c:7b:7f:45:47:05:d8:f3:
e0:a7:5e:dc:22:48:b5:19:5a:93:fd:6a:45:2a:81:dd:7a:a5:
c3:ec:ea:09:de:ec:ce:5b:f3:ad:8d:4f:79:a7:3a:ad:3e:db:
cd:00:3e:49:9c:ca:b9:37:8d:fc:af:e7:c1:57:c5:16:76:1c:
12:ab:4a:a8:6f:f9:89:fe:e0:d3:84:ba:10:b6:cf:24:af:83:
44:f7:6f:06:2e:b6:77:b5:67:b5:be:9e:b9:0d:06:24:0a:3d:
4b:dc:49:58:f5:ea:66:e2:0b:c1:33:25:a8:bc:ab:13:97:00:
33:c8:ef:c5:3f:93:b5:1c:40:dc:38:9f:62:35:01:8d:b9:5f:
ba:2a:12:a5:e5:ad:9f:13:2a:97:f1:ec:6a:a4:07:f8:9b:9a:
20:5e:0f:2a:68:87:e7:3a:bc:dc:34:2e:96:38:dc:b6:42:91:
f0:18:17:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoK6DyswgQfOZGOF+bcJLViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxZmI2YjE3MDgzMzUwMDZiMGE2YWFjNjUwYmZhZmYzZmM4
ZDI5MmMwHhcNMjUxMDIyMDc1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDM1MjU5ZmVkZWE3ODJhZTllZDI0ZGRiNTViNGZmOTc4M2ZmNzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZkNUDOqc6nPQNeq2R26ac+2Gbe7
PIz0pwZEuDUY3IkLKgMZJFlk/tR0x34vKxhMqBLnVSpu1XkG5KwJtOydlLbCkURt
try63WUsTYG0Cd2/qbToHko7zOTlCG99a3xpu9S7r94Pp3LsS0dbc24gkfka4j8D
lpTHOZ6t0ZXiVDxIATkd7LVpcxXH9dg7uRMm09Yb7Nd1gTaD85JbNh/tHLTEjujM
ok2OXLW0TAsIRdXBrwSlhxVLYs2QAdtqSIOe+Z5fg6OKgGfyVnboschgCtuKRoR4
NQGGj+HxFUOvgul8xPg3b7eSw/IakcvmmvlIdPvv7V07zgraQ3EOZLWcmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFA1JZ/t6ngq6e0k3bVbT/l4P/dBMB8GA1UdIwQY
MBaAFEH7axcIM1AGsKaqxlC/r/P8jSksMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMt
MDRjODJlZDZlZDRjLzEvVURVbG4tM3FlQ3JwN1NUZHRWdFAtWGdfOTBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jNzcxYzMtY2E5MC00ZmQyLTk5YWMtMDRjODJlZDZlZDRj
LzEvUWZ0ckZ3Z3pVQWF3cHFyR1VMLXY4X3lOS1N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBZ/4AwQA
wSA5AwQAwSnhAwQBwhioMA0GCSqGSIb3DQEBCwUAA4IBAQBmFsc300FmzqlF2Pfe
V+w9eslltOB0vNPBLQZ3ggFGENKyBH1AEdILhfjHLSfcYT0wiH7CxeiJC1ZJahyb
WJCiYpAlTW0flVi97KtnYysw4UMHPHt/RUcF2PPgp17cIki1GVqT/WpFKoHdeqXD
7OoJ3uzOW/OtjU95pzqtPtvNAD5JnMq5N438r+fBV8UWdhwSq0qob/mJ/uDThLoQ
ts8kr4NE928GLrZ3tWe1vp65DQYkCj1L3ElY9epm4gvBMyWovKsTlwAzyO/FP5O1
HEDcOJ9iNQGNuV+6KhKl5a2fEyqX8exqpAf4m5ogXg8qaIfnOrzcNC6WONy2QpHw
GBfe
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:10:08 2025 by rpki-client