Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UNNivM1v6DcWs7J5wHYNDBZZwXg.roa
File: UNNivM1v6DcWs7J5wHYNDBZZwXg.roa (raw, json)
Hash identifier: Keugus5IsakW6Mnn0Yg9sxJ0W3OJf6T3j3uJn34Vq8M=
Subject key identifier: 50:D3:62:BC:CD:6F:E8:37:16:B3:B2:79:C0:76:0D:0C:16:59:C1:78
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019A4DCC41E17142CB76F6F024FCBD535D45
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UNNivM1v6DcWs7J5wHYNDBZZwXg.roa
Signing time: Tue 04 Nov 2025 07:37:03 +0000
ROA not before: Tue 04 Nov 2025 07:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
83.138.51.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.224.140.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
91.242.240.0/24 maxlen: 24
176.116.2.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.9.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
176.116.23.0/24 maxlen: 24
176.126.109.0/24 maxlen: 24
176.126.112.0/24 maxlen: 24
176.126.115.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.33.67.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
195.96.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:cc:41:e1:71:42:cb:76:f6:f0:24:fc:bd:53:5d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Nov 4 07:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50d362bccd6fe83716b3b279c0760d0c1659c178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f2:e8:7d:44:2e:b3:e7:f5:a1:2e:12:48:6a:
29:56:c8:d5:f3:1d:f0:9f:11:74:16:e8:69:c3:03:
4c:9a:64:32:5b:b5:c9:41:16:18:c8:57:92:79:82:
af:42:ec:6c:50:fb:79:75:c6:4a:22:fc:a7:1f:56:
57:8b:7b:9b:7f:2d:68:99:63:16:9b:a5:d9:85:c9:
eb:a9:ae:e1:ab:5d:00:95:a8:1e:00:be:b9:17:3b:
24:d3:62:8f:a9:fd:6b:d6:a2:10:37:e2:3a:50:f3:
8e:55:e7:85:eb:03:83:ba:3c:38:af:35:0b:3b:9b:
fc:44:e7:87:eb:ae:0b:39:fb:11:d4:bb:f3:37:21:
d2:50:5f:33:3d:ae:2b:fe:ff:c6:04:bb:92:e9:ef:
3c:70:98:02:70:2f:d1:0a:aa:14:98:b8:33:37:c6:
79:f4:de:38:0b:28:54:f0:8c:67:f3:51:80:80:c7:
90:9e:c1:42:4d:e0:08:c7:2d:06:e4:a1:2c:22:70:
e4:22:07:ea:51:c2:65:ce:e9:59:89:0e:fb:48:c8:
e4:ae:a3:d5:36:db:c5:4c:ec:a0:e7:a9:bd:4b:06:
64:7c:76:40:bc:c7:78:19:25:bf:51:ca:ff:3e:c3:
57:36:99:c5:aa:1c:1d:e9:f6:0d:38:7d:49:7f:c4:
58:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D3:62:BC:CD:6F:E8:37:16:B3:B2:79:C0:76:0D:0C:16:59:C1:78
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/UNNivM1v6DcWs7J5wHYNDBZZwXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.156.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
83.138.51.0-83.138.52.255
84.246.82.0/24
91.206.69.0/24
91.224.140.0/24
91.237.104.0/23
91.242.240.0/24
176.116.2.0/24
176.116.5.0/24
176.116.9.0/24
176.116.20.0/24
176.116.23.0/24
176.126.109.0/24
176.126.112.0/24
176.126.115.0/24
178.211.140.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.33.67.0/24
193.58.171.0/24
193.58.178.0/24
194.26.216.0/24
195.96.155.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:e0:13:1d:d7:fb:0e:08:21:5c:1f:a1:bc:62:ae:3a:2b:49:
7e:a0:c9:72:ac:fa:a9:3a:d4:33:c1:35:58:79:31:9d:ce:84:
75:cd:e6:45:6f:8f:e6:77:19:0d:2d:92:d1:88:17:82:3c:9d:
a1:91:07:56:a8:16:5d:99:e8:b7:ff:5c:ed:c9:76:4c:1c:9c:
66:a6:0a:ed:a2:c8:8c:90:94:5b:e3:1e:01:5b:6f:89:ce:35:
55:e9:9c:25:43:40:bd:f8:71:25:84:75:e9:4c:1f:69:c3:a7:
de:4a:63:a1:e1:91:9a:8d:a4:05:e2:87:28:78:37:a0:64:43:
e3:6c:3d:89:d5:d7:7f:4f:3a:5f:7e:20:83:06:1d:b5:5a:90:
d9:b1:ca:d1:c4:53:f4:6b:ea:a9:96:bd:f4:6c:6f:42:3f:11:
da:e9:37:58:0e:80:24:76:b2:4d:20:e0:00:61:97:b3:9c:2b:
f4:0e:4a:a7:8a:25:8f:9e:ca:86:81:b9:b4:7f:3b:0f:06:fb:
da:17:03:1b:b2:a5:80:67:de:2b:a2:af:1f:dc:27:62:65:d4:
6b:6c:e2:4a:4b:9d:17:5e:87:87:06:62:56:5d:b6:97:9a:ae:
f5:dc:e6:2e:d9:6b:bf:43:6c:c4:08:2b:92:e0:b3:a7:0b:7a:
52:af:53:49
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZpNzEHhcULLdvbwJPy9U11FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMTA0MDczNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQzNjJiY2NkNmZlODM3MTZiM2IyNzljMDc2MGQwYzE2NTljMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifLofUQus+f1oS4SSGopVsjV8x3w
nxF0FuhpwwNMmmQyW7XJQRYYyFeSeYKvQuxsUPt5dcZKIvynH1ZXi3ubfy1omWMW
m6XZhcnrqa7hq10AlageAL65Fzsk02KPqf1r1qIQN+I6UPOOVeeF6wODujw4rzUL
O5v8ROeH664LOfsR1LvzNyHSUF8zPa4r/v/GBLuS6e88cJgCcC/RCqoUmLgzN8Z5
9N44CyhU8Ixn81GAgMeQnsFCTeAIxy0G5KEsInDkIgfqUcJlzulZiQ77SMjkrqPV
NtvFTOyg56m9SwZkfHZAvMd4GSW/Ucr/PsNXNpnFqhwd6fYNOH1Jf8RYfQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFFDTYrzNb+g3FrOyecB2DQwWWcF4MB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvVU5OaXZNMXY2RGNXczdKNXdIWU5EQlpad1hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBAAt
D+8DBAAtgQEDBAAthCcDBAAthyMDBAAtigcDBAAtipwDBAAtitQDBAAtitcDBAAt
jEEDBAEtlYIDBAEtmHYwDAMEAFOKMwMEAFOKNAMEAFT2UgMEAFvORQMEAFvgjAME
AVvtaAMEAFvy8AMEALB0AgMEALB0BQMEALB0CQMEALB0FAMEALB0FwMEALB+bQME
ALB+cAMEALB+cwMEALLTjDAMAwQAwQD1AwQAwQD2AwQAwQUBAwQAwSFDAwQAwTqr
AwQAwTqyAwQAwhrYAwQAw2CbMA0GCSqGSIb3DQEBCwUAA4IBAQBc4BMd1/sOCCFc
H6G8Yq46K0l+oMlyrPqpOtQzwTVYeTGdzoR1zeZFb4/mdxkNLZLRiBeCPJ2hkQdW
qBZdmei3/1ztyXZMHJxmpgrtosiMkJRb4x4BW2+JzjVV6ZwlQ0C9+HElhHXpTB9p
w6feSmOh4ZGajaQF4ocoeDegZEPjbD2J1dd/TzpffiCDBh21WpDZscrRxFP0a+qp
lr30bG9CPxHa6TdYDoAkdrJNIOAAYZeznCv0DkqniiWPnsqGgbm0fzsPBvvaFwMb
sqWAZ94roq8f3CdiZdRrbOJKS50XXoeHBmJWXbaXmq713OYu2Wu/Q2zECCuS4LOn
C3pSr1NJ
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:30:42 2025 by rpki-client