Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/U9YffwceqXxTMUqyDWCzvXHoX1g.roa
File: U9YffwceqXxTMUqyDWCzvXHoX1g.roa (raw, json)
Hash identifier: /csuQO3etFqd6uIjkI+HLHNXHWK6MILTkxxMM7ARd6Q=
Subject key identifier: 53:D6:1F:7F:07:1E:A9:7C:53:31:4A:B2:0D:60:B3:BD:71:E8:5F:58
Certificate issuer: /CN=8ada4bf5f190f3998b80c6149a1463270fbbee15
Certificate serial: 0196D416202CE32F037EA5FE0FD7A7A4305A
Authority key identifier: 8A:DA:4B:F5:F1:90:F3:99:8B:80:C6:14:9A:14:63:27:0F:BB:EE:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itpL9fGQ85mLgMYUmhRjJw-77hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/U9YffwceqXxTMUqyDWCzvXHoX1g.roa
Signing time: Thu 15 May 2025 13:15:41 +0000
ROA not before: Thu 15 May 2025 13:15:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50463
IP address blocks: 5.22.128.0/21 maxlen: 21
5.22.130.0/23 maxlen: 23
5.22.132.0/24 maxlen: 24
5.22.134.0/24 maxlen: 24
5.144.48.0/20 maxlen: 20
5.144.48.0/24 maxlen: 24
37.19.112.0/20 maxlen: 20
37.19.112.0/24 maxlen: 24
37.19.113.0/24 maxlen: 24
37.19.115.0/24 maxlen: 24
37.19.116.0/24 maxlen: 24
37.19.125.0/24 maxlen: 24
109.226.0.0/18 maxlen: 18
109.226.0.0/24 maxlen: 24
109.226.2.0/24 maxlen: 24
109.226.3.0/24 maxlen: 24
109.226.4.0/24 maxlen: 24
109.226.5.0/24 maxlen: 24
109.226.6.0/24 maxlen: 24
109.226.7.0/24 maxlen: 24
109.226.13.0/24 maxlen: 24
109.226.14.0/24 maxlen: 24
109.226.15.0/24 maxlen: 24
109.226.16.0/22 maxlen: 22
109.226.17.0/24 maxlen: 24
109.226.19.0/24 maxlen: 24
109.226.21.0/24 maxlen: 24
109.226.22.0/24 maxlen: 24
109.226.23.0/24 maxlen: 24
109.226.24.0/24 maxlen: 24
109.226.25.0/24 maxlen: 24
109.226.26.0/24 maxlen: 24
109.226.28.0/24 maxlen: 24
109.226.29.0/24 maxlen: 24
109.226.31.0/24 maxlen: 24
109.226.32.0/24 maxlen: 24
109.226.33.0/24 maxlen: 24
109.226.34.0/24 maxlen: 24
109.226.35.0/24 maxlen: 24
109.226.36.0/24 maxlen: 24
109.226.37.0/24 maxlen: 24
109.226.38.0/24 maxlen: 24
109.226.40.0/24 maxlen: 24
109.226.42.0/24 maxlen: 24
109.226.44.0/24 maxlen: 24
109.226.45.0/24 maxlen: 24
109.226.47.0/24 maxlen: 24
109.226.48.0/24 maxlen: 24
109.226.49.0/24 maxlen: 24
109.226.50.0/24 maxlen: 24
109.226.51.0/24 maxlen: 24
109.226.52.0/24 maxlen: 24
109.226.54.0/24 maxlen: 24
109.226.55.0/24 maxlen: 24
109.226.56.0/24 maxlen: 24
109.226.57.0/24 maxlen: 24
109.226.59.0/24 maxlen: 24
109.226.60.0/24 maxlen: 24
141.226.192.0/19 maxlen: 19
141.226.192.0/24 maxlen: 24
141.226.193.0/24 maxlen: 24
141.226.194.0/24 maxlen: 24
141.226.195.0/24 maxlen: 24
141.226.196.0/24 maxlen: 24
141.226.201.0/24 maxlen: 24
141.226.202.0/24 maxlen: 24
141.226.203.0/24 maxlen: 24
141.226.204.0/24 maxlen: 24
141.226.205.0/24 maxlen: 24
141.226.206.0/24 maxlen: 24
141.226.211.0/24 maxlen: 24
141.226.212.0/24 maxlen: 24
141.226.223.0/24 maxlen: 24
185.3.144.0/22 maxlen: 22
185.3.145.0/24 maxlen: 24
185.3.146.0/24 maxlen: 24
2a00:c280::/29 maxlen: 29
2a00:c281:1::/48 maxlen: 48
2a00:c281:2::/48 maxlen: 48
2a00:c281:3::/48 maxlen: 48
2a00:c281:4::/48 maxlen: 48
2a00:c281:a::/48 maxlen: 48
2a00:c281:b::/48 maxlen: 48
2a00:c281:c::/48 maxlen: 48
2a00:c281:d::/48 maxlen: 48
2a00:c281:100::/40 maxlen: 40
2a00:c281:200::/40 maxlen: 40
2a00:c281:300::/40 maxlen: 40
2a00:c281:400::/40 maxlen: 40
2a00:c281:a00::/40 maxlen: 40
2a00:c281:b00::/40 maxlen: 40
2a00:c281:c00::/40 maxlen: 40
2a00:c281:d00::/40 maxlen: 40
2a00:c281:1001::/48 maxlen: 48
2a00:c281:1002::/48 maxlen: 48
2a00:c281:1003::/48 maxlen: 48
2a00:c281:1004::/48 maxlen: 48
2a00:c281:100a::/48 maxlen: 48
2a00:c281:100b::/48 maxlen: 48
2a00:c281:100c::/48 maxlen: 48
2a00:c281:100d::/48 maxlen: 48
2a00:c281:1011::/48 maxlen: 48
2a00:c281:1012::/48 maxlen: 48
2a00:c281:1013::/48 maxlen: 48
2a00:c281:1014::/48 maxlen: 48
2a00:c281:101a::/48 maxlen: 48
2a00:c281:101b::/48 maxlen: 48
2a00:c281:101c::/48 maxlen: 48
2a00:c281:101d::/48 maxlen: 48
2a00:c281:1100::/40 maxlen: 40
2a00:c281:1200::/40 maxlen: 40
2a00:c281:1300::/40 maxlen: 40
2a00:c281:1400::/40 maxlen: 40
2a00:c281:1500::/40 maxlen: 40
2a00:c281:1600::/40 maxlen: 40
2a00:c281:1700::/40 maxlen: 40
2a00:c281:1800::/40 maxlen: 40
2a00:c281:1a00::/40 maxlen: 40
2a00:c281:1b00::/40 maxlen: 40
2a00:c281:1c00::/40 maxlen: 40
2a00:c281:1d00::/40 maxlen: 40
2a00:c281:2001::/48 maxlen: 48
2a00:c281:2002::/48 maxlen: 48
2a00:c281:2003::/48 maxlen: 48
2a00:c281:2004::/48 maxlen: 48
2a00:c281:200a::/48 maxlen: 48
2a00:c281:200b::/48 maxlen: 48
2a00:c281:200c::/48 maxlen: 48
2a00:c281:200d::/48 maxlen: 48
2a00:c281:2100::/40 maxlen: 40
2a00:c281:2200::/40 maxlen: 40
2a00:c281:2300::/40 maxlen: 40
2a00:c281:2400::/40 maxlen: 40
2a00:c281:2a00::/40 maxlen: 40
2a00:c281:2b00::/40 maxlen: 40
2a00:c281:2c00::/40 maxlen: 40
2a00:c281:2d00::/40 maxlen: 40
2a00:c281:3001::/48 maxlen: 48
2a00:c281:3002::/48 maxlen: 48
2a00:c281:3003::/48 maxlen: 48
2a00:c281:3004::/48 maxlen: 48
2a00:c281:300a::/48 maxlen: 48
2a00:c281:300b::/48 maxlen: 48
2a00:c281:300c::/48 maxlen: 48
2a00:c281:300d::/48 maxlen: 48
2a00:c281:3100::/40 maxlen: 40
2a00:c281:3200::/40 maxlen: 40
2a00:c281:3300::/40 maxlen: 40
2a00:c281:3400::/40 maxlen: 40
2a00:c281:3a00::/40 maxlen: 40
2a00:c281:3b00::/40 maxlen: 40
2a00:c281:3c00::/40 maxlen: 40
2a00:c281:3d00::/40 maxlen: 40
2a00:c281:4000::/48 maxlen: 48
2a00:c281:4001::/48 maxlen: 48
2a00:c281:4100::/40 maxlen: 40
2a00:c281:4200::/40 maxlen: 40
2a00:c281:4300::/40 maxlen: 40
2a00:c281:4400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/itpL9fGQ85mLgMYUmhRjJw-77hU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/itpL9fGQ85mLgMYUmhRjJw-77hU.mft
rsync://rpki.ripe.net/repository/DEFAULT/itpL9fGQ85mLgMYUmhRjJw-77hU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d4:16:20:2c:e3:2f:03:7e:a5:fe:0f:d7:a7:a4:30:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ada4bf5f190f3998b80c6149a1463270fbbee15
Validity
Not Before: May 15 13:15:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d61f7f071ea97c53314ab20d60b3bd71e85f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c6:b5:8a:37:d6:2a:33:55:d9:29:3b:dd:93:
5b:6b:bf:73:40:66:63:94:69:40:39:f6:00:01:31:
87:8c:9e:04:8e:3a:34:a5:d8:df:e8:20:59:21:2e:
70:0a:8b:ab:36:1d:1a:33:13:8c:41:b0:07:11:7a:
3e:24:0b:c6:ca:89:da:53:4f:db:f6:ef:99:6b:14:
bb:84:6e:e1:35:e6:d1:16:f2:08:a0:74:74:36:09:
87:de:b1:6f:96:89:12:1a:4f:76:f1:60:04:8e:8b:
94:37:de:d6:d1:d6:a8:df:c1:8e:4d:e9:a7:aa:f7:
e7:65:e4:e1:2d:66:db:96:45:95:f5:00:19:53:44:
2f:3c:da:8a:46:10:4b:43:94:d0:14:cb:92:27:bc:
e6:ca:30:f3:bc:32:3a:b3:c3:c5:32:85:be:5f:da:
35:ed:53:98:f2:9d:45:16:1e:fb:12:63:e4:85:bc:
14:19:22:64:da:3d:0e:ea:f7:cc:5b:b9:62:32:1e:
b7:cf:c3:fa:16:ba:e8:d2:48:03:2b:a3:da:95:36:
aa:14:3a:6d:21:56:ab:ed:99:44:98:c9:b8:9a:ec:
0c:72:cd:48:d1:03:28:20:a8:3b:e9:04:68:cd:7d:
cd:7b:46:d6:9c:4e:f4:8b:a3:f8:d8:e7:43:8f:1f:
f3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D6:1F:7F:07:1E:A9:7C:53:31:4A:B2:0D:60:B3:BD:71:E8:5F:58
X509v3 Authority Key Identifier:
keyid:8A:DA:4B:F5:F1:90:F3:99:8B:80:C6:14:9A:14:63:27:0F:BB:EE:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itpL9fGQ85mLgMYUmhRjJw-77hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/U9YffwceqXxTMUqyDWCzvXHoX1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/ca5e24-6e92-4d3a-9ad5-8935e9079796/1/itpL9fGQ85mLgMYUmhRjJw-77hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.128.0/21
5.144.48.0/20
37.19.112.0/20
109.226.0.0/18
141.226.192.0/19
185.3.144.0/22
IPv6:
2a00:c280::/29
Signature Algorithm: sha256WithRSAEncryption
11:67:e4:d6:a2:fa:4b:28:1e:0c:4d:81:57:0e:ff:ad:b8:4c:
f3:ac:81:fe:6b:1b:d2:4f:40:db:2c:0d:ed:f5:85:0c:ce:e3:
37:e7:c3:8d:60:89:49:2a:e3:c5:5f:1a:26:bf:fb:d9:64:60:
e5:a8:c2:6e:49:7a:a5:40:4c:1b:b5:2a:8d:69:ca:9c:5a:09:
61:2d:f2:63:46:5e:50:b8:79:4d:aa:57:aa:20:56:f8:73:23:
14:58:fd:42:6f:f1:78:39:29:12:8b:28:cc:3f:ee:aa:67:66:
b9:31:1c:7a:35:c8:2e:8c:1a:6a:16:c0:8f:ce:eb:20:08:1e:
6c:10:f4:3f:5b:6e:76:0b:ad:e8:9a:f6:15:a0:46:35:a5:ae:
73:08:3f:f5:fa:32:22:b2:63:74:62:78:c1:55:69:bd:cf:47:
b5:e3:f9:82:23:34:36:46:1c:b9:6c:9e:58:b4:c0:64:79:e0:
ee:d1:a8:6a:92:35:23:9a:81:c8:f3:92:f3:4a:22:51:96:c0:
8a:b1:91:d2:bb:4d:34:a4:b0:e3:bd:96:02:fa:b4:85:47:2c:
04:6a:a5:0b:b6:ae:96:94:6f:48:cb:dd:57:bc:a0:03:0d:9b:
21:92:41:e9:c9:ef:af:16:73:e9:36:f9:e4:06:db:2c:75:13:
66:1f:51:8a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZbUFiAs4y8DfqX+D9enpDBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZGE0YmY1ZjE5MGYzOTk4YjgwYzYxNDlhMTQ2MzI3MGZi
YmVlMTUwHhcNMjUwNTE1MTMxNTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Q2MWY3ZjA3MWVhOTdjNTMzMTRhYjIwZDYwYjNiZDcxZTg1ZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sa1ijfWKjNV2Sk73ZNba79zQGZj
lGlAOfYAATGHjJ4Ejjo0pdjf6CBZIS5wCourNh0aMxOMQbAHEXo+JAvGyonaU0/b
9u+ZaxS7hG7hNebRFvIIoHR0NgmH3rFvlokSGk928WAEjouUN97W0dao38GOTemn
qvfnZeThLWbblkWV9QAZU0QvPNqKRhBLQ5TQFMuSJ7zmyjDzvDI6s8PFMoW+X9o1
7VOY8p1FFh77EmPkhbwUGSJk2j0O6vfMW7liMh63z8P6Frro0kgDK6PalTaqFDpt
IVar7ZlEmMm4muwMcs1I0QMoIKg76QRozX3Ne0bWnE70i6P42OdDjx/zbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFPWH38HHql8UzFKsg1gs71x6F9YMB8GA1UdIwQY
MBaAFIraS/XxkPOZi4DGFJoUYycPu+4VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRwTDlmR1E4NW1MZ01ZVW1oUmpKdy03N2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9jYTVlMjQtNmU5Mi00ZDNhLTlhZDUt
ODkzNWU5MDc5Nzk2LzEvVTlZZmZ3Y2VxWHhUTVVxeURXQ3p2WEhvWDFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9jYTVlMjQtNmU5Mi00ZDNhLTlhZDUtODkzNWU5MDc5Nzk2
LzEvaXRwTDlmR1E4NW1MZ01ZVW1oUmpKdy03N2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBRaAAwQE
BZAwAwQEJRNwAwQGbeIAAwQFjeLAAwQCuQOQMA0EAgACMAcDBQMqAMKAMA0GCSqG
SIb3DQEBCwUAA4IBAQARZ+TWovpLKB4MTYFXDv+tuEzzrIH+axvST0DbLA3t9YUM
zuM358ONYIlJKuPFXxomv/vZZGDlqMJuSXqlQEwbtSqNacqcWglhLfJjRl5QuHlN
qleqIFb4cyMUWP1Cb/F4OSkSiyjMP+6qZ2a5MRx6NcgujBpqFsCPzusgCB5sEPQ/
W252C63omvYVoEY1pa5zCD/1+jIismN0YnjBVWm9z0e14/mCIzQ2Rhy5bJ5YtMBk
eeDu0ahqkjUjmoHI85LzSiJRlsCKsZHSu000pLDjvZYC+rSFRywEaqULtq6WlG9I
y91XvKADDZshkkHpye+vFnPpNvnkBtssdRNmH1GK
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:28:36 2025 by rpki-client