Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/L-UL84iTdhGXNCHCMqVVcOcr6hs.roa
File: L-UL84iTdhGXNCHCMqVVcOcr6hs.roa (raw, json)
Hash identifier: QnJcvue6UQb7BHpfJTDH/p4MoochOz0FfQRFCz3sets=
Subject key identifier: 2F:E5:0B:F3:88:93:76:11:97:34:21:C2:32:A5:55:70:E7:2B:EA:1B
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 0197C27A45D3383B4EFB9958A09E3A0112FA
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/L-UL84iTdhGXNCHCMqVVcOcr6hs.roa
Signing time: Mon 30 Jun 2025 20:14:42 +0000
ROA not before: Mon 30 Jun 2025 20:14:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 86.109.0.0/24 maxlen: 24
86.109.2.0/23 maxlen: 23
86.109.7.0/24 maxlen: 24
86.109.9.0/24 maxlen: 24
93.187.218.0/23 maxlen: 23
136.144.50.0/23 maxlen: 23
136.144.56.0/23 maxlen: 23
136.144.58.0/23 maxlen: 23
136.144.62.0/23 maxlen: 23
139.178.64.0/22 maxlen: 22
139.178.76.0/23 maxlen: 23
139.178.80.0/21 maxlen: 21
145.40.64.0/23 maxlen: 23
145.40.69.0/24 maxlen: 24
145.40.74.0/23 maxlen: 23
145.40.76.0/23 maxlen: 23
145.40.78.0/24 maxlen: 24
145.40.79.0/24 maxlen: 24
145.40.80.0/23 maxlen: 23
145.40.88.0/24 maxlen: 24
145.40.89.0/24 maxlen: 24
145.40.98.0/23 maxlen: 23
145.40.100.0/24 maxlen: 24
145.40.101.0/24 maxlen: 24
145.40.102.0/23 maxlen: 23
145.40.108.0/22 maxlen: 22
145.40.120.0/22 maxlen: 22
147.28.128.0/23 maxlen: 23
147.28.131.0/24 maxlen: 24
147.28.136.0/23 maxlen: 23
147.28.138.0/23 maxlen: 23
147.28.140.0/22 maxlen: 22
147.28.141.0/24 maxlen: 24
147.28.142.0/23 maxlen: 23
147.28.144.0/23 maxlen: 23
147.28.146.0/23 maxlen: 23
147.28.148.0/23 maxlen: 23
147.28.150.0/23 maxlen: 23
147.28.152.0/24 maxlen: 24
147.28.154.0/23 maxlen: 23
147.28.162.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.166.0/23 maxlen: 23
147.28.170.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.28.182.0/23 maxlen: 23
147.28.186.0/23 maxlen: 23
147.28.189.0/24 maxlen: 24
147.28.192.0/24 maxlen: 24
147.28.193.0/24 maxlen: 24
147.28.194.0/24 maxlen: 24
147.28.196.0/23 maxlen: 23
147.28.200.0/24 maxlen: 24
147.28.201.0/24 maxlen: 24
147.28.202.0/24 maxlen: 24
147.28.204.0/23 maxlen: 23
147.28.210.0/23 maxlen: 23
147.28.214.0/23 maxlen: 23
147.28.219.0/24 maxlen: 24
147.28.222.0/23 maxlen: 23
147.28.228.0/24 maxlen: 24
147.28.229.0/24 maxlen: 24
147.28.232.0/24 maxlen: 24
147.28.241.0/24 maxlen: 24
147.75.35.0/24 maxlen: 24
147.75.36.0/22 maxlen: 22
147.75.40.0/23 maxlen: 23
147.75.44.0/24 maxlen: 24
147.75.45.0/24 maxlen: 24
147.75.47.0/24 maxlen: 24
147.75.48.0/24 maxlen: 24
147.75.50.0/23 maxlen: 23
147.75.53.0/24 maxlen: 24
147.75.54.0/23 maxlen: 23
147.75.54.0/24 maxlen: 24
147.75.55.0/24 maxlen: 24
147.75.59.0/24 maxlen: 24
147.75.61.0/24 maxlen: 24
147.75.62.0/23 maxlen: 23
147.75.62.0/24 maxlen: 24
147.75.63.0/24 maxlen: 24
147.75.64.0/22 maxlen: 22
147.75.72.0/21 maxlen: 21
147.75.96.0/22 maxlen: 22
147.75.104.0/22 maxlen: 22
147.75.192.0/21 maxlen: 21
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 20:14:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c2:7a:45:d3:38:3b:4e:fb:99:58:a0:9e:3a:01:12:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: Jun 30 20:14:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fe50bf388937611973421c232a55570e72bea1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bf:b3:e7:85:c1:00:32:f1:3d:f4:1b:0a:e9:
03:b6:63:97:03:f9:88:c5:37:bd:b9:20:73:e0:6a:
f6:02:8f:f5:94:ad:78:32:3a:80:03:8a:56:82:41:
af:23:93:90:ef:95:cb:25:a9:ee:fa:95:41:c9:04:
7f:95:ae:76:fc:c2:8a:7e:72:a5:8d:78:d4:67:b4:
77:29:29:6e:62:d4:02:c1:a8:89:e3:04:b2:a1:9a:
e8:3a:62:d2:ce:79:c9:81:b1:ee:14:85:2f:87:62:
60:69:2e:91:06:5c:d3:f0:d9:ed:ba:92:12:c1:b4:
f3:a4:ae:9a:23:cb:c5:67:a2:10:5e:ba:2d:c5:4c:
8f:be:30:24:83:a1:14:ca:47:fd:65:a9:71:5f:15:
46:39:3b:92:c0:0e:0f:f1:79:f8:df:41:eb:d8:da:
ac:bb:60:a7:05:26:4c:50:12:d0:2e:f8:1a:a3:ee:
e7:d5:b2:86:2a:d2:7e:48:f9:7e:2d:c7:cf:70:fa:
0e:95:d7:51:1d:5c:32:f8:c1:bc:92:72:4c:47:41:
b5:73:a2:cb:d8:ba:3f:67:91:fc:1d:64:e1:7a:25:
4b:a8:82:dc:6c:c8:94:ac:5e:e7:50:ce:d7:e6:32:
8a:47:68:fb:06:af:e8:bd:ac:88:73:81:92:26:74:
80:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E5:0B:F3:88:93:76:11:97:34:21:C2:32:A5:55:70:E7:2B:EA:1B
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/L-UL84iTdhGXNCHCMqVVcOcr6hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.109.0.0/24
86.109.2.0/23
86.109.7.0/24
86.109.9.0/24
93.187.218.0/23
136.144.50.0/23
136.144.56.0/22
136.144.62.0/23
139.178.64.0/22
139.178.76.0/23
139.178.80.0/21
145.40.64.0/23
145.40.69.0/24
145.40.74.0-145.40.81.255
145.40.88.0/23
145.40.98.0-145.40.103.255
145.40.108.0/22
145.40.120.0/22
147.28.128.0/23
147.28.131.0/24
147.28.136.0-147.28.152.255
147.28.154.0/23
147.28.162.0-147.28.167.255
147.28.170.0/23
147.28.176.0/23
147.28.182.0/23
147.28.186.0/23
147.28.189.0/24
147.28.192.0-147.28.194.255
147.28.196.0/23
147.28.200.0-147.28.202.255
147.28.204.0/23
147.28.210.0/23
147.28.214.0/23
147.28.219.0/24
147.28.222.0/23
147.28.228.0/23
147.28.232.0/24
147.28.241.0/24
147.75.35.0-147.75.41.255
147.75.44.0/23
147.75.47.0-147.75.48.255
147.75.50.0/23
147.75.53.0-147.75.55.255
147.75.59.0/24
147.75.61.0-147.75.67.255
147.75.72.0/21
147.75.96.0/22
147.75.104.0/22
147.75.192.0/21
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:65:35:f9:4e:ce:e5:61:cd:bf:37:d9:da:39:e8:4e:7e:2d:
14:38:47:2a:e3:dd:7a:0c:b2:a6:50:41:4d:23:8d:11:34:6b:
bc:0c:f9:a8:02:53:6b:70:9a:11:f4:dc:cc:57:1a:b7:63:f2:
ef:05:e1:ef:95:db:16:26:b2:8c:e5:44:ee:6c:7e:1e:5e:55:
e3:c5:93:6e:e8:bb:9f:4f:aa:4d:7b:d9:fb:7d:e3:89:e3:29:
d6:4b:50:09:73:bf:20:d0:95:cb:70:1b:4d:94:df:d8:3b:8c:
47:d5:db:a2:bd:72:4d:45:20:9d:e4:ee:7c:3d:45:f9:3b:b8:
01:c3:b8:63:3c:a3:7b:74:6c:bb:4e:2e:42:68:02:68:8d:32:
88:d7:aa:0b:e9:6e:b8:00:74:f4:15:a4:61:3a:6a:2a:52:a6:
52:8e:0e:7b:f3:ba:14:d2:68:27:ef:f0:be:fc:5e:ea:bb:94:
a7:74:f7:e8:dc:95:6d:37:e7:17:12:a5:14:68:46:b6:4f:55:
c0:75:6c:03:76:0b:19:97:eb:b1:2b:fa:3b:a6:7b:e0:67:19:
07:dd:61:d4:cf:39:e7:c4:2b:ac:6b:c4:cb:e0:75:59:73:71:
ee:79:24:8e:e4:8c:30:5c:c1:de:6a:54:5a:66:98:89:5e:1f:
92:c7:4c:a4
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgISAZfCekXTODtO+5lYoJ46ARL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwNjMwMjAxNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmU1MGJmMzg4OTM3NjExOTczNDIxYzIzMmE1NTU3MGU3MmJlYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0L+z54XBADLxPfQbCukDtmOXA/mI
xTe9uSBz4Gr2Ao/1lK14MjqAA4pWgkGvI5OQ75XLJanu+pVByQR/la52/MKKfnKl
jXjUZ7R3KSluYtQCwaiJ4wSyoZroOmLSznnJgbHuFIUvh2JgaS6RBlzT8NntupIS
wbTzpK6aI8vFZ6IQXrotxUyPvjAkg6EUykf9ZalxXxVGOTuSwA4P8Xn430Hr2Nqs
u2CnBSZMUBLQLvgao+7n1bKGKtJ+SPl+LcfPcPoOlddRHVwy+MG8knJMR0G1c6LL
2Lo/Z5H8HWTheiVLqILcbMiUrF7nUM7X5jKKR2j7Bq/ovayIc4GSJnSAQQIDAQAB
o4IDjzCCA4swHQYDVR0OBBYEFC/lC/OIk3YRlzQhwjKlVXDnK+obMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvTC1VTDg0aVRkaEdYTkNIQ01xVlZjT2NyNmhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
ggMEAFZtAAMEAVZtAgMEAFZtBwMEAFZtCQMEAV272gMEAYiQMgMEAoiQOAMEAYiQ
PgMEAouyQAMEAYuyTAMEA4uyUAMEAZEoQAMEAJEoRTAMAwQBkShKAwQBkShQAwQB
kShYMAwDBAGRKGIDBAORKGADBAKRKGwDBAKRKHgDBAGTHIADBACTHIMwDAMEA5Mc
iAMEAJMcmAMEAZMcmjAMAwQBkxyiAwQDkxygAwQBkxyqAwQBkxywAwQBkxy2AwQB
kxy6AwQAkxy9MAwDBAaTHMADBACTHMIDBAGTHMQwDAMEA5McyAMEAJMcygMEAZMc
zAMEAZMc0gMEAZMc1gMEAJMc2wMEAZMc3gMEAZMc5AMEAJMc6AMEAJMc8TAMAwQA
k0sjAwQBk0soAwQBk0ssMAwDBACTSy8DBACTSzADBAGTSzIwDAMEAJNLNQMEA5NL
MAMEAJNLOzAMAwQAk0s9AwQCk0tAAwQDk0tIAwQCk0tgAwQCk0toAwQDk0vAAwQB
k0vOMA0GCSqGSIb3DQEBCwUAA4IBAQA+ZTX5Ts7lYc2/N9naOehOfi0UOEcq4916
DLKmUEFNI40RNGu8DPmoAlNrcJoR9NzMVxq3Y/LvBeHvldsWJrKM5UTubH4eXlXj
xZNu6LufT6pNe9n7feOJ4ynWS1AJc78g0JXLcBtNlN/YO4xH1duivXJNRSCd5O58
PUX5O7gBw7hjPKN7dGy7Ti5CaAJojTKI16oL6W64AHT0FaRhOmoqUqZSjg5787oU
0mgn7/C+/F7qu5SndPfo3JVtN+cXEqUUaEa2T1XAdWwDdgsZl+uxK/o7pnvgZxkH
3WHUzznnxCusa8TL4HVZc3HueSSO5IwwXMHealRaZpiJXh+Sx0yk
-----END CERTIFICATE-----
Generated at Tue Jul 1 05:44:37 2025 by rpki-client