Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/UBgSYT8vFdIgItyaWjL3zLbRaxM.roa
File: UBgSYT8vFdIgItyaWjL3zLbRaxM.roa (raw, json)
Hash identifier: sSL/dpeuD3M2FqwQCwsqEm72p5ZIurYVXD8rzbWZnhw=
Subject key identifier: 50:18:12:61:3F:2F:15:D2:20:22:DC:9A:5A:32:F7:CC:B6:D1:6B:13
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0197694990B62C7EDFE36C8CBCB07CCEA7F9
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/UBgSYT8vFdIgItyaWjL3zLbRaxM.roa
Signing time: Fri 13 Jun 2025 12:35:18 +0000
ROA not before: Fri 13 Jun 2025 12:35:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.67.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/24 maxlen: 24
178.254.145.0/24 maxlen: 24
178.254.146.0/24 maxlen: 24
178.254.148.0/24 maxlen: 24
178.254.149.0/24 maxlen: 24
178.254.151.0/24 maxlen: 24
178.254.152.0/24 maxlen: 24
178.254.153.0/24 maxlen: 24
178.254.154.0/24 maxlen: 24
178.254.155.0/24 maxlen: 24
178.254.156.0/24 maxlen: 24
178.254.157.0/24 maxlen: 24
178.254.158.0/24 maxlen: 24
178.254.159.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 00:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:49:90:b6:2c:7e:df:e3:6c:8c:bc:b0:7c:ce:a7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 13 12:35:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=501812613f2f15d22022dc9a5a32f7ccb6d16b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:db:09:52:89:0b:46:66:84:4f:0c:62:4b:70:
6d:ec:69:62:b5:a0:83:77:7d:4c:25:89:31:a5:47:
76:93:98:88:89:0e:e6:0b:4a:fc:88:52:43:7f:4e:
68:80:c5:45:40:8e:73:51:ad:ae:28:c4:0f:45:28:
ef:0d:a9:eb:f6:44:a4:65:67:37:41:df:e0:ac:1b:
a3:03:e3:9b:4e:01:b9:2e:42:7e:ba:73:a4:bf:7a:
4a:07:e1:59:e9:5b:e5:0b:ad:c2:24:a9:67:62:da:
6f:ff:14:d0:28:92:74:34:36:02:7b:04:80:c9:50:
64:f1:a9:cb:d9:51:e6:6c:36:a7:3d:0c:97:c4:cf:
95:8e:59:52:55:0f:47:4d:66:6c:26:b5:8b:ab:aa:
ea:68:25:aa:b5:f0:28:d5:f8:ad:62:4d:2e:75:0c:
50:52:7e:0e:f8:92:d0:ab:2d:62:13:12:8f:db:4e:
b9:f5:8a:2c:b8:48:d5:bd:04:66:be:48:78:da:98:
72:41:33:58:2a:1b:e2:71:80:e9:4e:46:ed:53:0d:
06:2c:f3:5c:67:4f:de:21:2b:f3:43:b2:3f:be:94:
c6:d4:c5:1e:17:97:e0:7b:d8:3d:1f:7e:8e:42:76:
3b:ad:93:c3:26:86:55:99:ff:0d:a8:ab:35:ac:cf:
3d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:18:12:61:3F:2F:15:D2:20:22:DC:9A:5A:32:F7:CC:B6:D1:6B:13
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/UBgSYT8vFdIgItyaWjL3zLbRaxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0/24
89.23.67.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0-178.254.146.255
178.254.148.0/23
178.254.151.0-178.254.159.255
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
2e:62:7d:b7:e5:f7:8f:5f:8c:07:40:b4:90:c5:ee:40:cb:03:
1e:35:f2:46:c6:30:f1:38:50:46:08:0a:0b:fd:7b:ea:22:b2:
5f:ec:c7:0c:31:6b:f0:fd:ff:78:05:c4:04:fc:90:b7:aa:73:
d0:2c:de:23:50:bf:ea:6a:0e:5a:b6:34:f2:c3:41:ea:7d:3f:
06:ea:20:f9:dd:ad:b0:fc:d1:d8:a6:28:89:4c:bb:1e:f1:52:
82:6e:c7:7d:54:30:85:e5:40:ba:20:fe:db:98:57:72:ec:61:
38:86:86:f2:2e:12:e8:0f:dc:c4:b8:d8:dc:be:ac:cc:0a:a9:
43:91:ee:ff:7e:bf:ed:78:5f:d9:4c:ba:cf:72:da:e8:de:e5:
b1:d2:93:19:33:b7:af:fa:fa:aa:47:b3:94:5b:48:2b:d6:9e:
57:e4:47:1f:fc:9b:c7:e3:48:01:cd:6c:c0:2e:c8:4c:1a:94:
25:33:07:c7:c0:79:eb:2b:e1:b3:b8:f0:74:63:56:08:6f:0e:
5a:60:e7:65:98:e5:dc:6e:2d:e4:55:f0:3b:c9:c2:31:1b:6b:
1f:bd:19:20:a3:b1:b8:e0:91:3b:98:74:74:60:f3:f8:6d:fe:
95:b6:b9:fd:ff:54:c4:15:b8:20:bd:a3:81:e0:95:cb:eb:23:
78:34:86:7c
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAZdpSZC2LH7f42yMvLB8zqf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNjEzMTIzNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDE4MTI2MTNmMmYxNWQyMjAyMmRjOWE1YTMyZjdjY2I2ZDE2YjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9sJUokLRmaETwxiS3Bt7GlitaCD
d31MJYkxpUd2k5iIiQ7mC0r8iFJDf05ogMVFQI5zUa2uKMQPRSjvDanr9kSkZWc3
Qd/grBujA+ObTgG5LkJ+unOkv3pKB+FZ6VvlC63CJKlnYtpv/xTQKJJ0NDYCewSA
yVBk8anL2VHmbDanPQyXxM+VjllSVQ9HTWZsJrWLq6rqaCWqtfAo1fitYk0udQxQ
Un4O+JLQqy1iExKP20659YosuEjVvQRmvkh42phyQTNYKhvicYDpTkbtUw0GLPNc
Z0/eISvzQ7I/vpTG1MUeF5fge9g9H36OQnY7rZPDJoZVmf8NqKs1rM89XQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFFAYEmE/LxXSICLcmloy98y20WsTMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvVUJnU1lUOHZGZElnSXR5YVdqTDN6TGJSYXhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRAYIKwYBBQUHAQcBAf8EggEzMIIBLzCCARwEAgABMIIB
FDAMAwQABawhAwQDBawgAwQAWRdBMAwDBABZF0MDBABZF0YDBAFZF0owDAMEAFkX
TQMEBFkXQDAMAwQAWRdTAwQAWRdUAwQAWRdWAwQAWRdYAwQAWRdaAwQDXCr4AwQD
XV3AMAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/zAwQA
bW/6MAwDBAJtb/wDBABtb/4wDAMEB7L+gAMEALL+kgMEAbL+lDAMAwQAsv6XAwQF
sv6AAwQAsv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQAsv6vAwQAsv6xMAwDBAGy/rYD
BACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUA
KgILWDANBgkqhkiG9w0BAQsFAAOCAQEALmJ9t+X3j1+MB0C0kMXuQMsDHjXyRsYw
8ThQRggKC/176iKyX+zHDDFr8P3/eAXEBPyQt6pz0CzeI1C/6moOWrY08sNB6n0/
Buog+d2tsPzR2KYoiUy7HvFSgm7HfVQwheVAuiD+25hXcuxhOIaG8i4S6A/cxLjY
3L6szAqpQ5Hu/36/7Xhf2Uy6z3La6N7lsdKTGTO3r/r6qkezlFtIK9aeV+RHH/yb
x+NIAc1swC7ITBqUJTMHx8B56yvhs7jwdGNWCG8OWmDnZZjl3G4t5FXwO8nCMRtr
H70ZIKOxuOCRO5h0dGDz+G3+lba5/f9UxBW4IL2jgeCVy+sjeDSGfA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 09:30:40 2025 by rpki-client