Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/1UDryGb6uD6P-Aju0_ZIzCDQQPs.roa
File: 1UDryGb6uD6P-Aju0_ZIzCDQQPs.roa (raw, json)
Hash identifier: J074jx0s15KYq6OtmYxwyQ++hAEyrLR4KI6gJZWM7GE=
Subject key identifier: D5:40:EB:C8:66:FA:B8:3E:8F:F8:08:EE:D3:F6:48:CC:20:D0:40:FB
Certificate issuer: /CN=65436f68b8dce1977f595b7a122b31ece0fdc96b
Certificate serial: 019E766935C3864C89EC507A573FBF18BA3A
Authority key identifier: 65:43:6F:68:B8:DC:E1:97:7F:59:5B:7A:12:2B:31:EC:E0:FD:C9:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/1UDryGb6uD6P-Aju0_ZIzCDQQPs.roa
Signing time: Sat 30 May 2026 01:04:27 +0000
ROA not before: Sat 30 May 2026 01:04:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57705
IP address blocks: 5.32.132.0/23 maxlen: 23
5.32.133.0/24 maxlen: 24
5.32.134.0/24 maxlen: 24
5.32.135.0/24 maxlen: 24
85.187.17.0/24 maxlen: 24
91.247.180.0/24 maxlen: 24
213.232.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:76:69:35:c3:86:4c:89:ec:50:7a:57:3f:bf:18:ba:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65436f68b8dce1977f595b7a122b31ece0fdc96b
Validity
Not Before: May 30 01:04:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d540ebc866fab83e8ff808eed3f648cc20d040fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8f:54:a0:ec:e7:8e:d7:61:ce:fa:93:e3:e2:
85:79:70:3c:f8:6c:ee:bc:ff:ef:c1:7a:d8:1c:8b:
03:23:09:47:f2:f9:c2:c6:d6:52:d3:1d:40:94:af:
54:57:3f:5b:ed:b6:e1:6a:0f:2a:19:0b:33:83:50:
12:c6:67:25:83:f4:37:f6:a9:5f:bf:1c:14:86:7b:
e8:7f:c7:7b:3b:19:02:66:b9:9d:a6:40:41:c0:d1:
fb:a8:f8:be:66:37:53:bd:5e:94:a4:f0:09:71:18:
98:96:3e:c1:e0:dd:7f:cf:d0:57:27:73:16:5f:67:
79:30:e2:52:de:75:d1:37:76:b1:62:e7:f4:b9:1e:
6c:de:15:65:f9:88:b1:70:d5:6b:26:a0:5d:d4:58:
77:a2:1c:4e:b8:27:6e:fa:a0:70:bb:dd:67:da:9a:
00:96:cd:2b:24:31:14:4a:95:1b:83:e2:1e:34:6b:
26:a7:85:c6:9e:a1:d8:2e:33:f0:0c:47:98:4a:00:
20:80:2b:1c:f1:a1:64:71:40:cc:65:93:bd:fa:de:
78:cf:5f:a0:df:d7:31:23:32:3d:1f:2e:be:d8:1e:
72:cc:31:8a:2e:6c:34:e9:79:41:2a:5d:c4:53:cd:
f6:c1:a6:68:9a:0f:03:3a:96:a3:0b:3d:0c:8b:c0:
31:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:40:EB:C8:66:FA:B8:3E:8F:F8:08:EE:D3:F6:48:CC:20:D0:40:FB
X509v3 Authority Key Identifier:
keyid:65:43:6F:68:B8:DC:E1:97:7F:59:5B:7A:12:2B:31:EC:E0:FD:C9:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/1UDryGb6uD6P-Aju0_ZIzCDQQPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/043544-80e7-4486-bec4-aaf6e13410f5/1/ZUNvaLjc4Zd_WVt6Eisx7OD9yWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.132.0/22
85.187.17.0/24
91.247.180.0/24
213.232.237.0/24
Signature Algorithm: sha256WithRSAEncryption
41:64:ce:3f:5a:ea:89:29:9e:87:03:85:4f:0b:b3:93:13:0f:
05:7b:bb:7f:fe:8d:d5:84:d6:5b:e0:8c:8e:24:97:a8:9f:fe:
a4:83:d5:d8:df:f4:25:34:ca:3a:8d:9d:87:0e:0e:3d:ff:c9:
70:87:62:d1:75:29:ae:a6:3e:25:95:21:1a:4e:80:9f:51:58:
06:29:46:ff:f7:e2:45:4d:d4:68:7d:ca:75:2c:87:03:ea:6a:
f6:2e:2c:38:98:9f:ad:0f:7a:1b:d9:e2:69:87:ff:8b:c4:ac:
1e:ec:51:74:e8:68:b1:53:c6:54:46:80:cd:ed:da:83:f5:55:
98:31:80:7d:4f:da:9c:a1:e6:05:a3:f6:8e:1e:5b:de:e7:e5:
ee:1b:4a:ac:3f:12:13:f9:65:f2:f3:8b:52:3e:1b:28:d9:f9:
65:88:a0:8e:20:10:3b:57:b9:d4:74:b3:97:f4:58:3d:5e:41:
22:57:47:ee:12:f6:4e:ea:28:ad:65:fe:af:ea:b2:61:9a:d0:
c6:ea:a3:24:7c:8a:ca:9d:dd:94:90:5f:2c:d7:c6:b4:78:a7:
d8:b4:d0:4a:53:93:c4:cd:c5:68:22:e8:74:33:26:bc:a3:29:
52:60:28:c1:43:1d:71:46:07:b8:c4:b9:25:3f:f9:09:0a:e1:
a0:66:5e:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ52aTXDhkyJ7FB6Vz+/GLo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NDM2ZjY4YjhkY2UxOTc3ZjU5NWI3YTEyMmIzMWVjZTBm
ZGM5NmIwHhcNMjYwNTMwMDEwNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQwZWJjODY2ZmFiODNlOGZmODA4ZWVkM2Y2NDhjYzIwZDA0MGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAro9UoOznjtdhzvqT4+KFeXA8+Gzu
vP/vwXrYHIsDIwlH8vnCxtZS0x1AlK9UVz9b7bbhag8qGQszg1ASxmclg/Q39qlf
vxwUhnvof8d7OxkCZrmdpkBBwNH7qPi+ZjdTvV6UpPAJcRiYlj7B4N1/z9BXJ3MW
X2d5MOJS3nXRN3axYuf0uR5s3hVl+YixcNVrJqBd1Fh3ohxOuCdu+qBwu91n2poA
ls0rJDEUSpUbg+IeNGsmp4XGnqHYLjPwDEeYSgAggCsc8aFkcUDMZZO9+t54z1+g
39cxIzI9Hy6+2B5yzDGKLmw06XlBKl3EU832waZomg8DOpajCz0Mi8Ax4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNVA68hm+rg+j/gI7tP2SMwg0ED7MB8GA1UdIwQY
MBaAFGVDb2i43OGXf1lbehIrMezg/clrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlVOdmFMamM0WmRfV1Z0NkVpc3g3T0Q5eVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8wNDM1NDQtODBlNy00NDg2LWJlYzQt
YWFmNmUxMzQxMGY1LzEvMVVEcnlHYjZ1RDZQLUFqdTBfWkl6Q0RRUVBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8wNDM1NDQtODBlNy00NDg2LWJlYzQtYWFmNmUxMzQxMGY1
LzEvWlVOdmFMamM0WmRfV1Z0NkVpc3g3T0Q5eVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBSCEAwQA
VbsRAwQAW/e0AwQA1ejtMA0GCSqGSIb3DQEBCwUAA4IBAQBBZM4/WuqJKZ6HA4VP
C7OTEw8Fe7t//o3VhNZb4IyOJJeon/6kg9XY3/QlNMo6jZ2HDg49/8lwh2LRdSmu
pj4llSEaToCfUVgGKUb/9+JFTdRofcp1LIcD6mr2Liw4mJ+tD3ob2eJph/+LxKwe
7FF06GixU8ZURoDN7dqD9VWYMYB9T9qcoeYFo/aOHlve5+XuG0qsPxIT+WXy84tS
Phso2flliKCOIBA7V7nUdLOX9Fg9XkEiV0fuEvZO6iitZf6v6rJhmtDG6qMkfIrK
nd2UkF8s18a0eKfYtNBKU5PEzcVoIuh0Mya8oylSYCjBQx1xRge4xLklP/kJCuGg
Zl7A
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:37:31 2026 by rpki-client