Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/uDHmNIHluLj9K6t2bDJgWwXIWS4.roa
File: uDHmNIHluLj9K6t2bDJgWwXIWS4.roa (raw, json)
Hash identifier: tYESuApqCHfTtMgwHU/CHxmUYzFnkoPMwS3ZA1yZBHk=
Subject key identifier: B8:31:E6:34:81:E5:B8:B8:FD:2B:AB:76:6C:32:60:5B:05:C8:59:2E
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019E7738203CDCDE45743D93794E01220465
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/uDHmNIHluLj9K6t2bDJgWwXIWS4.roa
Signing time: Sat 30 May 2026 04:50:27 +0000
ROA not before: Sat 30 May 2026 04:50:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30707
IP address blocks: 5.253.136.0/23 maxlen: 32
5.253.136.0/24 maxlen: 24
5.253.137.0/24 maxlen: 32
45.141.246.0/24 maxlen: 24
2a06:7247::/45 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 07:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:77:38:20:3c:dc:de:45:74:3d:93:79:4e:01:22:04:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: May 30 04:50:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b831e63481e5b8b8fd2bab766c32605b05c8592e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bd:2b:69:16:ad:79:5e:e3:f0:94:8d:87:57:
b3:1b:0d:62:17:7d:0c:2b:82:6c:97:39:6a:ed:c9:
58:15:62:72:00:c4:7d:ef:1c:f4:e2:6c:92:ab:ec:
2a:7f:af:21:24:a7:c4:51:f3:73:c9:b4:94:fa:12:
97:20:e6:aa:a6:66:17:a3:01:52:e2:d7:f5:ec:49:
94:66:27:e5:22:d6:b1:63:fd:df:ac:f5:4e:e3:b1:
b3:d7:27:bd:e2:09:cd:f0:3c:a1:02:ba:f0:11:7f:
ab:58:5e:f4:4b:cf:7f:89:3e:14:32:8f:e0:c4:2f:
d0:c0:15:09:75:df:fb:bc:04:94:f0:d6:01:7c:40:
56:42:be:c1:64:84:62:8f:3d:e5:a2:47:2e:00:66:
af:b9:75:72:79:6b:5c:9f:95:d9:f5:17:5b:ec:56:
60:d1:14:e3:a6:72:6f:47:4f:27:d0:53:af:fe:41:
63:0c:a0:a5:27:59:21:7c:bb:c9:fb:eb:d6:a8:bb:
0e:90:a2:e2:fc:36:dc:7f:18:5d:14:f3:39:4a:61:
60:dc:42:c1:17:3e:1c:28:73:68:3d:38:d6:90:63:
fe:70:f9:a9:dc:2a:a2:57:7c:3e:99:f7:b7:0c:ab:
af:9b:53:5a:7f:41:da:64:d6:36:62:3b:6c:36:99:
fc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:31:E6:34:81:E5:B8:B8:FD:2B:AB:76:6C:32:60:5B:05:C8:59:2E
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/uDHmNIHluLj9K6t2bDJgWwXIWS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.136.0/23
45.141.246.0/24
IPv6:
2a06:7247::/45
Signature Algorithm: sha256WithRSAEncryption
88:25:64:4f:a7:4b:bf:82:50:38:8a:d1:51:db:4b:e4:42:26:
ba:03:8a:f3:e5:1e:af:f2:67:d2:12:49:d3:81:17:c6:d8:cc:
d5:bd:dd:78:f1:68:c1:d8:e2:43:93:f2:af:54:81:dc:99:06:
0f:ab:ce:1a:78:4b:d7:08:17:b1:dd:90:99:94:2b:fb:8e:f3:
d2:f0:3c:4b:eb:df:13:0b:ac:81:08:85:a3:e5:95:b8:a9:21:
76:34:d5:c1:21:76:4c:a8:ac:da:e4:1f:86:bf:5d:60:17:da:
5b:bb:a1:f1:84:12:c8:c0:ad:48:54:b9:8e:cc:69:83:cf:82:
1f:f4:93:99:e4:bc:56:75:58:df:11:97:a9:d2:14:5e:41:06:
39:f5:ef:91:ef:14:e7:09:4f:94:c6:ad:4a:11:e2:6d:76:22:
7a:20:2e:51:78:b1:7d:98:02:69:7f:86:f3:05:6a:a3:3a:be:
4d:0c:f0:b1:3a:02:a4:dc:89:e5:50:d5:48:71:b0:c6:f1:22:
24:93:56:1e:9d:67:45:70:2f:12:5d:7b:27:e6:d7:3a:ef:5b:
32:d6:68:95:ec:5f:36:ce:3b:fa:66:44:26:cf:69:90:c6:fe:
a7:b0:d7:8c:d5:f5:1f:44:6c:4d:21:0d:d0:11:73:f1:82:c4:
43:05:d8:57
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ53OCA83N5FdD2TeU4BIgRlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwNTMwMDQ1MDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODMxZTYzNDgxZTViOGI4ZmQyYmFiNzY2YzMyNjA1YjA1Yzg1OTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr0raRateV7j8JSNh1ezGw1iF30M
K4Jslzlq7clYFWJyAMR97xz04mySq+wqf68hJKfEUfNzybSU+hKXIOaqpmYXowFS
4tf17EmUZiflItaxY/3frPVO47Gz1ye94gnN8DyhArrwEX+rWF70S89/iT4UMo/g
xC/QwBUJdd/7vASU8NYBfEBWQr7BZIRijz3lokcuAGavuXVyeWtcn5XZ9Rdb7FZg
0RTjpnJvR08n0FOv/kFjDKClJ1khfLvJ++vWqLsOkKLi/DbcfxhdFPM5SmFg3ELB
Fz4cKHNoPTjWkGP+cPmp3CqiV3w+mfe3DKuvm1Naf0HaZNY2YjtsNpn8ZwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLgx5jSB5bi4/SurdmwyYFsFyFkuMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdURIbU5JSGx1TGo5SzZ0MmJESmdXd1hJV1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBBf2IAwQA
LY32MA8EAgACMAkDBwMqBnJHAAAwDQYJKoZIhvcNAQELBQADggEBAIglZE+nS7+C
UDiK0VHbS+RCJroDivPlHq/yZ9ISSdOBF8bYzNW93XjxaMHY4kOT8q9UgdyZBg+r
zhp4S9cIF7HdkJmUK/uO89LwPEvr3xMLrIEIhaPllbipIXY01cEhdkyorNrkH4a/
XWAX2lu7ofGEEsjArUhUuY7MaYPPgh/0k5nkvFZ1WN8Rl6nSFF5BBjn175HvFOcJ
T5TGrUoR4m12InogLlF4sX2YAml/hvMFaqM6vk0M8LE6AqTcieVQ1UhxsMbxIiST
Vh6dZ0VwLxJdeyfm1zrvWzLWaJXsXzbOO/pmRCbPaZDG/qew14zV9R9EbE0hDdAR
c/GCxEMF2Fc=
-----END CERTIFICATE-----
Generated at Thu Jun 4 13:12:25 2026 by rpki-client