Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/cuKBdXTr4qzygMyG_xdsVAondIc.roa
File: cuKBdXTr4qzygMyG_xdsVAondIc.roa (raw, json)
Hash identifier: gx6P2REt7/T1YdadU0I1WyXfvK+m2EoLKxa8au7Wlyw=
Subject key identifier: 72:E2:81:75:74:EB:E2:AC:F2:80:CC:86:FF:17:6C:54:0A:27:74:87
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 019D38D467F6C226FD443D89DB4DBA0C4B76
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/cuKBdXTr4qzygMyG_xdsVAondIc.roa
Signing time: Sun 29 Mar 2026 09:02:17 +0000
ROA not before: Sun 29 Mar 2026 09:02:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59588
IP address blocks: 5.252.132.0/22 maxlen: 24
5.252.135.0/24 maxlen: 24
45.153.116.0/23 maxlen: 23
45.153.116.0/24 maxlen: 24
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
45.153.119.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/23 maxlen: 23
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.170.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.173.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.175.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.180.0/24 maxlen: 24
151.236.181.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.190.0/24 maxlen: 24
151.236.191.0/24 maxlen: 24
194.59.28.0/23 maxlen: 24
194.59.28.0/24 maxlen: 24
194.59.29.0/24 maxlen: 24
198.160.164.0/23 maxlen: 23
198.160.164.0/24 maxlen: 24
198.160.165.0/24 maxlen: 24
198.160.166.0/23 maxlen: 23
198.160.166.0/24 maxlen: 24
198.160.167.0/24 maxlen: 24
198.160.168.0/23 maxlen: 23
198.160.168.0/24 maxlen: 24
198.160.169.0/24 maxlen: 24
198.176.116.0/23 maxlen: 23
198.176.116.0/24 maxlen: 24
198.176.117.0/24 maxlen: 24
2a10:2200:1::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
2a10:2200:3::/48 maxlen: 48
2a10:2200:4::/48 maxlen: 48
2a10:2200:5::/48 maxlen: 48
2a10:2200:6::/48 maxlen: 48
2a10:2200:7::/48 maxlen: 48
2a10:2200:8::/48 maxlen: 48
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:d::/48 maxlen: 48
2a10:2200:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d4:67:f6:c2:26:fd:44:3d:89:db:4d:ba:0c:4b:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Mar 29 09:02:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=72e2817574ebe2acf280cc86ff176c540a277487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:bb:10:43:a4:03:54:20:a9:b3:6b:95:4a:22:
6b:56:2d:0c:fa:54:fd:61:91:4e:b9:c7:6b:d3:05:
27:b6:57:36:87:2f:ad:3f:66:39:12:63:c7:8e:5e:
47:c3:db:0e:aa:0c:f8:a3:b0:b0:b2:1a:a4:6e:ed:
cb:70:16:2d:25:61:fc:65:b6:fb:64:a4:82:7a:95:
dd:5e:44:5c:b6:87:42:72:83:fc:3a:4d:d9:81:10:
f1:5f:07:29:96:7e:82:46:68:28:f1:e2:5c:ab:a2:
6d:25:11:69:46:da:66:14:48:97:1d:ee:45:2c:8b:
e6:f2:86:ef:08:c8:cd:4e:7c:5c:3a:3f:b1:74:a7:
06:95:f4:1f:8b:90:14:2c:38:79:74:c2:db:d4:64:
1e:d7:a4:10:f6:e1:a5:db:ae:b5:c4:9c:a9:9b:54:
68:92:99:dc:2a:40:cb:d2:fd:b0:5f:c0:db:dd:a5:
3b:15:5d:bc:4c:df:c7:8e:d2:f8:ee:4f:3a:a5:41:
a6:be:90:35:e1:67:2c:8f:41:7c:9c:e4:a1:76:70:
c1:d7:d2:38:9d:d7:d4:8d:a8:fc:8a:10:5d:fc:2c:
bd:d9:24:5d:4d:77:28:13:3d:6a:1c:ae:e6:30:e2:
d6:73:4c:88:9e:8b:15:0a:30:0f:10:8d:66:4c:ee:
c4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E2:81:75:74:EB:E2:AC:F2:80:CC:86:FF:17:6C:54:0A:27:74:87
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/cuKBdXTr4qzygMyG_xdsVAondIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
194.59.28.0/23
198.160.164.0-198.160.169.255
198.176.116.0/23
IPv6:
2a10:2200:1::-2a10:2200:8:ffff:ffff:ffff:ffff:ffff
2a10:2200:b::-2a10:2200:d:ffff:ffff:ffff:ffff:ffff
2a10:2200:f::/48
Signature Algorithm: sha256WithRSAEncryption
82:83:e7:c1:43:c0:c5:e4:52:b4:27:e8:7a:42:87:dc:89:5b:
2a:69:7a:d2:93:c7:48:90:e8:bb:1f:0d:fd:c2:01:08:f1:2f:
dd:40:20:9c:7d:58:c9:c1:e3:bb:83:13:ff:cb:37:0d:e5:2b:
b2:bd:7d:96:ec:85:00:90:2e:39:b8:04:2b:1a:a8:d4:49:19:
95:5a:f8:f1:40:de:89:b6:0a:fa:91:9b:55:3b:94:03:72:b4:
06:8a:ec:85:24:87:a6:20:bb:fe:2a:6c:d0:ca:32:35:7d:49:
f4:1a:a4:11:f0:44:c5:bb:6d:17:9a:9c:99:b9:f6:a3:92:f8:
0b:a7:b0:6e:55:cc:52:74:75:23:76:b6:2b:7e:48:9a:86:1c:
c3:72:f8:7e:34:14:8e:f7:ac:ac:f1:71:18:04:51:3b:da:71:
5b:62:ae:50:9d:19:e1:5e:5e:46:7f:c6:4c:80:84:bf:95:f3:
99:b8:22:6f:bc:ca:a6:1c:08:27:97:df:02:39:e2:f7:f2:97:
e1:89:ea:2d:0b:c1:8e:0a:5f:20:a4:08:79:aa:fa:54:35:8a:
8e:f2:bf:2b:7a:00:b7:85:f3:ba:f2:71:e6:b9:c9:7c:d3:51:
68:55:c9:ea:76:38:16:c7:c0:78:7c:21:c4:62:5b:b1:6f:1e:
07:59:d4:64
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZ041Gf2wib9RD2J2026DEt2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjYwMzI5MDkwMjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmUyODE3NTc0ZWJlMmFjZjI4MGNjODZmZjE3NmM1NDBhMjc3NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7bsQQ6QDVCCps2uVSiJrVi0M+lT9
YZFOucdr0wUntlc2hy+tP2Y5EmPHjl5Hw9sOqgz4o7Cwshqkbu3LcBYtJWH8Zbb7
ZKSCepXdXkRctodCcoP8Ok3ZgRDxXwcpln6CRmgo8eJcq6JtJRFpRtpmFEiXHe5F
LIvm8obvCMjNTnxcOj+xdKcGlfQfi5AULDh5dMLb1GQe16QQ9uGl2661xJypm1Ro
kpncKkDL0v2wX8Db3aU7FV28TN/HjtL47k86pUGmvpA14Wcsj0F8nOShdnDB19I4
ndfUjaj8ihBd/Cy92SRdTXcoEz1qHK7mMOLWc0yInosVCjAPEI1mTO7EpQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFHLigXV06+Ks8oDMhv8XbFQKJ3SHMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvY3VLQmRYVHI0cXp5Z015R194ZHNWQW9uZEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBGBAIAATBAAwQCBfyE
AwQCLZl0MAwDBAWX7KADBAOX7LADBACX7LoDBAKX7LwDBAHCOxwwDAMEAsagpAME
AcagqAMEAcawdDA3BAIAAjAxMBIDBwAqECIAAAEDBwAqECIAAAgwEgMHACoQIgAA
CwMHASoQIgAADAMHACoQIgAADzANBgkqhkiG9w0BAQsFAAOCAQEAgoPnwUPAxeRS
tCfoekKH3IlbKml60pPHSJDoux8N/cIBCPEv3UAgnH1YycHju4MT/8s3DeUrsr19
luyFAJAuObgEKxqo1EkZlVr48UDeibYK+pGbVTuUA3K0BorshSSHpiC7/ips0Moy
NX1J9BqkEfBExbttF5qcmbn2o5L4C6ewblXMUnR1I3a2K35ImoYcw3L4fjQUjves
rPFxGARRO9pxW2KuUJ0Z4V5eRn/GTICEv5Xzmbgib7zKphwIJ5ffAjni9/KX4Ynq
LQvBjgpfIKQIear6VDWKjvK/K3oAt4XzuvJx5rnJfNNRaFXJ6nY4FsfAeHwhxGJb
sW8eB1nUZA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:42:14 2026 by rpki-client