Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/UXKY_-h8u5j67TK9xWF4UA7Jum8.roa
File: UXKY_-h8u5j67TK9xWF4UA7Jum8.roa (raw, json)
Hash identifier: 6VqcQkz1/ixl50Kan0s1XUnUbJsWVx2QWylK6fqZbBI=
Subject key identifier: 51:72:98:FF:E8:7C:BB:98:FA:ED:32:BD:C5:61:78:50:0E:C9:BA:6F
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 019857E6A127FD27154DC2693E0B766779AE
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/UXKY_-h8u5j67TK9xWF4UA7Jum8.roa
Signing time: Tue 29 Jul 2025 20:36:28 +0000
ROA not before: Tue 29 Jul 2025 20:36:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47330
IP address blocks: 37.156.28.0/23 maxlen: 23
92.114.16.0/22 maxlen: 22
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
188.213.65.0/24 maxlen: 24
188.213.66.0/24 maxlen: 24
188.213.67.0/24 maxlen: 24
188.213.68.0/24 maxlen: 24
188.213.69.0/24 maxlen: 24
2a00:5ca6::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.mft
rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:57:e6:a1:27:fd:27:15:4d:c2:69:3e:0b:76:67:79:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jul 29 20:36:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=517298ffe87cbb98faed32bdc56178500ec9ba6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d2:e6:67:a8:c2:c8:f9:24:1f:15:07:15:9d:
fd:bc:8b:7a:b3:dd:d0:42:4f:15:1d:f2:10:fc:70:
36:9e:a6:d3:74:39:ae:27:b4:ce:1a:3c:a5:fe:71:
e2:e4:e0:bd:8f:7a:5e:3e:c3:69:15:02:65:48:78:
64:3d:3f:18:28:64:95:e8:d7:2d:7b:f0:3c:ec:34:
27:2e:c1:34:24:8f:5e:d2:d1:0a:5d:bf:03:07:85:
40:ff:74:1d:00:cc:31:8b:65:cd:69:47:3f:87:67:
a2:26:0d:d4:47:98:4f:cc:e8:6b:ce:e0:75:33:00:
f1:38:41:21:80:26:d3:bb:04:3e:48:0c:8a:77:f4:
de:10:50:80:41:50:4f:54:34:9d:eb:d6:ab:24:1b:
f9:a7:9f:71:d3:62:5a:08:06:2c:e0:bc:72:8c:36:
2f:29:37:4d:0d:1c:06:9b:f4:3b:4e:87:51:04:9d:
5b:b3:36:98:00:8f:b0:88:f9:7c:2b:a9:50:29:51:
51:88:7d:ff:a5:db:ab:ac:4c:32:be:59:af:21:f3:
d2:35:78:bc:6c:c2:5a:1b:6a:6e:f1:30:2f:48:25:
be:34:8b:6c:de:3a:5e:71:1f:f0:c1:36:06:a7:52:
b6:03:59:b0:07:df:e0:87:3e:24:93:89:8e:d6:3a:
b2:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:72:98:FF:E8:7C:BB:98:FA:ED:32:BD:C5:61:78:50:0E:C9:BA:6F
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/UXKY_-h8u5j67TK9xWF4UA7Jum8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.28.0/23
92.114.16.0-92.114.21.255
188.213.65.0-188.213.69.255
IPv6:
2a00:5ca6::/31
Signature Algorithm: sha256WithRSAEncryption
05:7f:f4:06:58:8f:e0:f7:e0:81:ec:fd:79:ed:6e:b4:8b:6e:
df:96:de:ab:d0:ed:90:57:fc:0a:9d:15:e3:60:c7:ed:28:8a:
1a:c3:4a:ba:9d:54:2b:50:7a:37:2f:06:32:58:87:1f:75:72:
1e:93:10:dc:e9:d0:5e:2c:4a:47:4f:70:1d:1e:97:5c:08:8e:
ea:92:75:d9:61:70:25:b4:e4:be:4a:79:10:15:ce:00:49:01:
62:7b:37:80:6b:2c:5a:2f:11:33:ee:54:de:2e:25:fb:54:12:
61:75:84:22:54:17:3b:b6:59:14:3c:f4:18:89:62:04:07:72:
bb:80:c8:96:c0:3c:f2:55:91:24:af:f7:ae:a4:55:8c:76:44:
c9:e5:0a:2f:b5:72:88:90:1e:27:4d:83:eb:16:7e:b2:04:19:
04:9a:c6:88:c9:b7:ae:b3:5f:44:39:43:df:ef:75:f5:b7:1d:
25:b1:e9:8f:7d:fe:b3:30:2d:18:2f:37:f8:7e:c0:94:45:98:
be:8a:f0:3a:9a:6f:ad:17:24:c4:72:a3:a0:9c:25:bf:ea:ce:
4a:bb:6f:78:08:d0:b2:38:cb:b4:d1:d8:04:e9:c4:b5:51:47:
60:fa:e6:6f:61:29:8a:a1:14:e6:b8:78:ea:c8:c6:70:7d:9a:
1b:df:cc:6c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZhX5qEn/ScVTcJpPgt2Z3muMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjUwNzI5MjAzNjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTcyOThmZmU4N2NiYjk4ZmFlZDMyYmRjNTYxNzg1MDBlYzliYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9LmZ6jCyPkkHxUHFZ39vIt6s93Q
Qk8VHfIQ/HA2nqbTdDmuJ7TOGjyl/nHi5OC9j3pePsNpFQJlSHhkPT8YKGSV6Nct
e/A87DQnLsE0JI9e0tEKXb8DB4VA/3QdAMwxi2XNaUc/h2eiJg3UR5hPzOhrzuB1
MwDxOEEhgCbTuwQ+SAyKd/TeEFCAQVBPVDSd69arJBv5p59x02JaCAYs4LxyjDYv
KTdNDRwGm/Q7TodRBJ1bszaYAI+wiPl8K6lQKVFRiH3/pdurrEwyvlmvIfPSNXi8
bMJaG2pu8TAvSCW+NIts3jpecR/wwTYGp1K2A1mwB9/ghz4kk4mO1jqyZwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFFFymP/ofLuY+u0yvcVheFAOybpvMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvVVhLWV8taDh1NWo2N1RLOXhXRjRVQTdKdW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQBJZwcMAwD
BARcchADBAFcchQwDAMEALzVQQMEAbzVRDANBAIAAjAHAwUBKgBcpjANBgkqhkiG
9w0BAQsFAAOCAQEABX/0BliP4Pfggez9ee1utItu35beq9DtkFf8Cp0V42DH7SiK
GsNKup1UK1B6Ny8GMliHH3VyHpMQ3OnQXixKR09wHR6XXAiO6pJ12WFwJbTkvkp5
EBXOAEkBYns3gGssWi8RM+5U3i4l+1QSYXWEIlQXO7ZZFDz0GIliBAdyu4DIlsA8
8lWRJK/3rqRVjHZEyeUKL7VyiJAeJ02D6xZ+sgQZBJrGiMm3rrNfRDlD3+919bcd
JbHpj33+szAtGC83+H7AlEWYvorwOppvrRckxHKjoJwlv+rOSrtveAjQsjjLtNHY
BOnEtVFHYPrmb2EpiqEU5rh46sjGcH2aG9/MbA==
-----END CERTIFICATE-----
Generated at Sun Aug 10 20:03:52 2025 by rpki-client