Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/uKoFu5TDPOa02CVD7SUCa9Tm19o.roa
File: uKoFu5TDPOa02CVD7SUCa9Tm19o.roa (raw, json)
Hash identifier: mxgMJiOsD09ZAL+iY3c6xovyYnSbKO94144vh6zzKYE=
Subject key identifier: B8:AA:05:BB:94:C3:3C:E6:B4:D8:25:43:ED:25:02:6B:D4:E6:D7:DA
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019E9A623E371DB9B660381F7E1BA4AF802B
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/uKoFu5TDPOa02CVD7SUCa9Tm19o.roa
Signing time: Sat 06 Jun 2026 00:43:10 +0000
ROA not before: Sat 06 Jun 2026 00:43:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
46.253.130.0/24 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/24 maxlen: 24
85.8.150.0/24 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
146.19.82.0/24 maxlen: 24
160.238.96.0/22 maxlen: 24
185.93.4.0/24 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/24 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.157.0/24 maxlen: 24
185.147.159.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.58.0/23 maxlen: 24
185.196.24.0/24 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/24 maxlen: 24
185.214.140.0/23 maxlen: 24
185.214.142.0/24 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.243.0/24 maxlen: 24
185.218.185.0/24 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.254.0/23 maxlen: 24
185.228.44.0/22 maxlen: 24
185.232.42.0/24 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.8.134.0/24 maxlen: 24
194.50.192.0/22 maxlen: 24
194.69.161.0/24 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
213.109.157.0/24 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580::/32 maxlen: 48
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 03:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9a:62:3e:37:1d:b9:b6:60:38:1f:7e:1b:a4:af:80:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Jun 6 00:43:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8aa05bb94c33ce6b4d82543ed25026bd4e6d7da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3c:45:a8:a4:c3:25:63:9f:79:c2:df:4d:bc:
3f:09:2c:1b:e5:a9:fa:04:29:a4:05:e1:ea:a9:81:
82:4b:ee:7b:2c:7a:87:4f:6f:cc:dd:6b:76:50:d8:
c7:6d:2a:07:76:02:cf:aa:03:df:21:17:1a:7f:c6:
53:1d:44:2f:67:e5:3f:fa:d6:2c:28:53:78:62:e8:
9c:72:10:78:56:8e:14:bb:af:8e:b9:83:5d:c9:95:
23:d0:9b:2f:59:a0:84:fd:e8:c1:1d:b0:33:c5:46:
6f:bf:3d:63:0d:4c:22:43:ee:82:20:2e:f0:0f:40:
3a:64:8d:93:93:d2:6f:11:96:fa:e5:94:47:b8:c1:
b6:a0:3d:26:d3:4c:92:9c:37:b2:da:73:1b:72:5d:
68:d6:57:3e:58:f1:a0:ec:52:77:25:15:8b:f5:90:
37:79:82:83:a7:92:b9:c1:f7:48:51:9a:40:5c:22:
37:63:75:0f:c7:2d:e5:03:26:43:fd:58:64:b6:54:
cb:74:af:16:a4:58:60:31:b3:a1:2d:d6:3d:0f:5b:
c1:eb:17:ab:af:c8:f1:80:33:55:70:30:81:fa:5e:
00:7f:10:72:6a:c8:a1:c0:f3:2a:47:52:00:95:88:
70:13:38:0e:e1:ab:88:3a:21:ff:13:55:f2:52:5f:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:AA:05:BB:94:C3:3C:E6:B4:D8:25:43:ED:25:02:6B:D4:E6:D7:DA
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/uKoFu5TDPOa02CVD7SUCa9Tm19o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
46.253.130.0/24
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/24
85.8.150.0/24
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
146.19.82.0/24
160.238.96.0/22
185.93.4.0/24
185.105.10.0/24
185.118.132.0/24
185.118.135.0/24
185.145.44.0/22
185.147.157.0/24
185.147.159.0/24
185.157.232.0/22
185.176.88.0/22
185.190.58.0/23
185.196.24.0/24
185.196.26.0/23
185.202.44.0/22
185.206.20.0/23
185.209.128.0/22
185.213.16.0/24
185.214.140.0-185.214.142.255
185.214.240.0/24
185.214.243.0/24
185.218.185.0/24
185.219.20.0/22
185.225.12.0/22
185.227.254.0/23
185.228.44.0/22
185.232.42.0/24
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.8.134.0/24
194.50.192.0/22
194.69.161.0/24
195.216.148.0/22
195.245.74.0/23
213.109.157.0/24
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
50:06:ef:d3:31:b4:25:b1:b4:50:3f:73:07:f0:2d:f2:d5:10:
65:04:90:82:04:cc:b1:7c:e2:2e:18:cf:f2:50:a3:36:9b:4b:
61:f5:73:30:61:de:53:9a:bc:b1:bd:8f:4f:05:08:69:5f:09:
b1:c1:27:0f:aa:56:b9:c8:88:f9:88:b3:70:3f:55:ac:49:e0:
05:64:fd:f7:4d:4c:f2:75:aa:d9:98:43:2f:17:04:af:2b:bb:
1d:a3:d4:09:17:00:02:45:d1:62:1a:17:54:6b:a6:56:97:51:
34:b6:f8:bf:78:ed:8e:a2:c9:7f:ed:4c:4e:45:e1:1e:3a:a7:
b9:0b:e8:e4:c4:90:77:5d:85:31:20:4e:7f:33:1f:4a:27:22:
1a:45:cb:5d:9c:15:56:bb:ea:95:c7:e9:a2:03:4a:7a:1f:b6:
ad:8a:a7:64:e5:88:a7:b0:63:8a:fb:40:31:2b:0d:2c:a3:cd:
a7:f5:af:84:1c:1e:26:57:1c:0b:19:ef:c6:67:44:20:3b:b6:
b4:78:b1:7b:9a:77:96:c2:41:2e:b5:10:26:50:c2:be:01:e3:
2e:80:0e:84:75:15:31:b1:6e:32:c7:d4:70:93:94:67:7e:43:
ee:2f:10:66:e7:b2:53:4a:d4:83:fe:8a:8a:02:8f:fa:37:39:
a8:41:ea:52
-----BEGIN CERTIFICATE-----
MIIGYjCCBUqgAwIBAgISAZ6aYj43Hbm2YDgffhukr4ArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNjA2MDA0MzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGFhMDViYjk0YzMzY2U2YjRkODI1NDNlZDI1MDI2YmQ0ZTZkN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTxFqKTDJWOfecLfTbw/CSwb5an6
BCmkBeHqqYGCS+57LHqHT2/M3Wt2UNjHbSoHdgLPqgPfIRcaf8ZTHUQvZ+U/+tYs
KFN4YuicchB4Vo4Uu6+OuYNdyZUj0JsvWaCE/ejBHbAzxUZvvz1jDUwiQ+6CIC7w
D0A6ZI2Tk9JvEZb65ZRHuMG2oD0m00ySnDey2nMbcl1o1lc+WPGg7FJ3JRWL9ZA3
eYKDp5K5wfdIUZpAXCI3Y3UPxy3lAyZD/VhktlTLdK8WpFhgMbOhLdY9D1vB6xer
r8jxgDNVcDCB+l4AfxByasihwPMqR1IAlYhwEzgO4auIOiH/E1XyUl/SZQIDAQAB
o4IDbjCCA2owHQYDVR0OBBYEFLiqBbuUwzzmtNglQ+0lAmvU5tfaMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvdUtvRnU1VERQT2EwMkNWRDdTVUNhOVRtMTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBggYIKwYBBQUHAQcBAf8EggFxMIIBbTCCAVoEAgABMIIB
UgMEAAUs/wMEAC79ggMEAj0O4AMEAD5qQAMEA09usAMEAFUIlAMEAFUIlgMEAlXK
rAMEAluEVAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAJITUgMEAqDuYAMEALld
BAMEALlpCgMEALl2hAMEALl2hwMEArmRLAMEALmTnQMEALmTnwMEArmd6AMEArmw
WAMEAbm+OgMEALnEGAMEAbnEGgMEArnKLAMEAbnOFAMEArnRgAMEALnVEDAMAwQC
udaMAwQAudaOAwQAudbwAwQAudbzAwQAudq5AwQCudsUAwQCueEMAwQBueP+AwQC
ueQsAwQAuegqAwQCuet4AwQAue5zAwQAufK5AwQAwQMQAwQCwR9wAwQAwaMjAwQC
wbB0AwQCwbu0AwQAwgiGAwQCwjLAAwQAwkWhAwQCw9iUAwQBw/VKAwQA1W2dAwQC
2RI4MA0EAgACMAcDBQMqB0WAMA0GCSqGSIb3DQEBCwUAA4IBAQBQBu/TMbQlsbRQ
P3MH8C3y1RBlBJCCBMyxfOIuGM/yUKM2m0th9XMwYd5TmryxvY9PBQhpXwmxwScP
qla5yIj5iLNwP1WsSeAFZP33TUzydarZmEMvFwSvK7sdo9QJFwACRdFiGhdUa6ZW
l1E0tvi/eO2Oosl/7UxOReEeOqe5C+jkxJB3XYUxIE5/Mx9KJyIaRctdnBVWu+qV
x+miA0p6H7atiqdk5YinsGOK+0AxKw0so82n9a+EHB4mVxwLGe/GZ0QgO7a0eLF7
mneWwkEutRAmUMK+AeMugA6EdRUxsW4yx9Rwk5RnfkPuLxBm57JTStSD/oqKAo/6
NzmoQepS
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:54:22 2026 by rpki-client