Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/UWnvj61RxMXCdGTXgUybwOUFpkE.roa
File: UWnvj61RxMXCdGTXgUybwOUFpkE.roa (raw, json)
Hash identifier: UQXxnIOrFfoWsnkN1Vg3gQakqcKwTGfkenZBJ3YxlPc=
Subject key identifier: 51:69:EF:8F:AD:51:C4:C5:C2:74:64:D7:81:4C:9B:C0:E5:05:A6:41
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019DBF9DDB48B56343A8A9E5E9B7BBDF472E
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/UWnvj61RxMXCdGTXgUybwOUFpkE.roa
Signing time: Fri 24 Apr 2026 13:11:26 +0000
ROA not before: Fri 24 Apr 2026 13:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 396319
IP address blocks: 189.81.16.0/23 maxlen: 23
189.81.22.0/23 maxlen: 23
189.81.30.0/23 maxlen: 23
189.81.46.0/23 maxlen: 23
189.81.56.0/23 maxlen: 23
189.81.166.0/23 maxlen: 23
189.81.178.0/23 maxlen: 23
189.81.184.0/23 maxlen: 23
189.81.198.0/23 maxlen: 23
189.104.8.0/23 maxlen: 23
189.104.44.0/23 maxlen: 23
189.104.74.0/23 maxlen: 23
189.104.248.0/23 maxlen: 23
205.188.108.0/23 maxlen: 23
205.188.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:9d:db:48:b5:63:43:a8:a9:e5:e9:b7:bb:df:47:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Apr 24 13:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5169ef8fad51c4c5c27464d7814c9bc0e505a641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c7:a2:00:93:6e:4f:2f:4d:a6:a4:da:21:4c:
96:8f:c1:ed:e0:62:76:53:67:89:46:8f:1e:86:85:
7d:e9:2d:eb:9c:1c:ff:bd:e9:62:d7:84:0b:99:c0:
71:ed:02:14:6b:a8:e7:0d:f6:0a:fb:74:56:c8:80:
9b:20:26:b1:04:24:94:69:92:a6:61:f5:58:62:1b:
be:d7:a1:6f:fb:8e:0b:ae:34:12:df:6c:77:00:3e:
b7:5a:f0:e8:c6:79:f0:39:2a:b6:df:7b:4a:82:4c:
60:73:0d:dd:69:06:d5:85:e5:b9:86:7d:ec:40:ad:
7d:cf:0d:57:d6:14:21:1f:2b:28:a9:f9:d5:65:7c:
ea:60:41:58:8e:b6:82:d8:e9:03:fa:ca:ca:3e:19:
35:a2:8c:84:d1:11:0d:99:a1:1b:6a:b8:b1:4e:8a:
41:2e:85:77:e5:41:52:54:b9:b0:9f:78:a8:96:50:
68:3d:5f:a9:a7:8a:24:ee:50:cf:5c:8b:73:33:16:
9e:35:31:36:25:26:5d:c2:f8:54:83:7e:86:64:48:
d4:a7:97:f4:d2:37:60:46:a0:e3:c6:68:54:94:87:
c9:29:8c:44:a2:4b:9f:b8:d9:7a:e1:2f:22:e3:75:
0d:f4:d8:c6:e5:79:58:d4:4d:3e:cb:03:e1:9e:af:
21:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:69:EF:8F:AD:51:C4:C5:C2:74:64:D7:81:4C:9B:C0:E5:05:A6:41
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/UWnvj61RxMXCdGTXgUybwOUFpkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
189.81.16.0/23
189.81.22.0/23
189.81.30.0/23
189.81.46.0/23
189.81.56.0/23
189.81.166.0/23
189.81.178.0/23
189.81.184.0/23
189.81.198.0/23
189.104.8.0/23
189.104.44.0/23
189.104.74.0/23
189.104.248.0/23
205.188.108.0/23
205.188.116.0/22
Signature Algorithm: sha256WithRSAEncryption
90:9a:e4:76:ba:57:d5:8d:82:f6:d9:ed:ee:6a:73:d0:fe:4f:
5e:33:58:fc:14:53:40:2b:d6:73:bf:64:d5:a5:04:53:bd:c1:
cf:6e:52:f7:01:1b:f1:a0:b1:df:5e:c5:f7:a0:8b:8e:6d:1d:
24:00:85:77:7c:ad:ab:a2:d1:72:b7:50:8b:b8:e6:ee:9b:99:
ee:00:a1:bf:7b:ea:9e:f8:61:28:c1:4c:32:90:d9:18:8a:7d:
85:de:04:91:a2:6b:90:4d:81:c7:3a:a0:d0:c6:e2:09:f0:65:
3d:50:6a:21:d4:53:85:ed:08:8b:dd:75:c2:97:88:94:11:91:
d7:48:c0:d0:b9:a4:25:f2:c0:4b:3a:98:20:d4:8f:6e:6b:6c:
14:30:9d:0c:ad:05:fe:f4:7c:55:89:0d:e0:75:ac:d0:8f:b1:
b2:14:ff:79:76:08:a7:ca:77:a9:1f:73:7d:1b:06:42:e3:20:
ce:5c:f4:1e:19:de:ac:8b:25:c1:44:28:fb:c7:05:f3:33:6a:
24:40:da:5d:ac:80:04:d2:04:31:66:10:8b:39:80:4e:d0:7c:
c6:f1:b5:90:2f:63:01:7d:b7:9b:12:82:5b:05:2a:f7:a4:13:
23:34:00:08:37:4c:17:e4:13:35:14:40:44:b6:8a:ed:d1:14:
33:c0:e7:79
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ2/ndtItWNDqKnl6be730cuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwNDI0MTMxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTY5ZWY4ZmFkNTFjNGM1YzI3NDY0ZDc4MTRjOWJjMGU1MDVhNjQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnseiAJNuTy9NpqTaIUyWj8Ht4GJ2
U2eJRo8ehoV96S3rnBz/veli14QLmcBx7QIUa6jnDfYK+3RWyICbICaxBCSUaZKm
YfVYYhu+16Fv+44LrjQS32x3AD63WvDoxnnwOSq233tKgkxgcw3daQbVheW5hn3s
QK19zw1X1hQhHysoqfnVZXzqYEFYjraC2OkD+srKPhk1ooyE0RENmaEbarixTopB
LoV35UFSVLmwn3iollBoPV+pp4ok7lDPXItzMxaeNTE2JSZdwvhUg36GZEjUp5f0
0jdgRqDjxmhUlIfJKYxEokufuNl64S8i43UN9NjG5XlY1E0+ywPhnq8h6QIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFFFp74+tUcTFwnRk14FMm8DlBaZBMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvVVdudmo2MVJ4TVhDZEdUWGdVeWJ3T1VGcGtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBvVEQAwQB
vVEWAwQBvVEeAwQBvVEuAwQBvVE4AwQBvVGmAwQBvVGyAwQBvVG4AwQBvVHGAwQB
vWgIAwQBvWgsAwQBvWhKAwQBvWj4AwQBzbxsAwQCzbx0MA0GCSqGSIb3DQEBCwUA
A4IBAQCQmuR2ulfVjYL22e3uanPQ/k9eM1j8FFNAK9Zzv2TVpQRTvcHPblL3ARvx
oLHfXsX3oIuObR0kAIV3fK2rotFyt1CLuObum5nuAKG/e+qe+GEowUwykNkYin2F
3gSRomuQTYHHOqDQxuIJ8GU9UGoh1FOF7QiL3XXCl4iUEZHXSMDQuaQl8sBLOpgg
1I9ua2wUMJ0MrQX+9HxViQ3gdazQj7GyFP95dginynepH3N9GwZC4yDOXPQeGd6s
iyXBRCj7xwXzM2okQNpdrIAE0gQxZhCLOYBO0HzG8bWQL2MBfbebEoJbBSr3pBMj
NAAIN0wX5BM1FEBEtort0RQzwOd5
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:24 2026 by rpki-client