Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ukbtr7cZ5Ia-bBzHTLJGw-MXNBI.roa
File: Ukbtr7cZ5Ia-bBzHTLJGw-MXNBI.roa (raw, json)
Hash identifier: FWf0YRvZcVNSJykYyurh8zDPfc/KIxpZ0ktb+I7hrac=
Subject key identifier: 52:46:ED:AF:B7:19:E4:86:BE:6C:1C:C7:4C:B2:46:C3:E3:17:34:12
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 019763670C7F7FA6BF95A126A772B3F297A0
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ukbtr7cZ5Ia-bBzHTLJGw-MXNBI.roa
Signing time: Thu 12 Jun 2025 09:09:47 +0000
ROA not before: Thu 12 Jun 2025 09:09:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 5.252.118.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
91.103.252.0/23 maxlen: 23
94.142.138.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
185.217.197.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
2a0e:d602::/48 maxlen: 48
2a0e:d602:1::/48 maxlen: 48
2a0e:d602:2::/48 maxlen: 48
2a0e:d602:3::/48 maxlen: 48
2a0e:d606::/48 maxlen: 48
2a0e:d607::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:63:67:0c:7f:7f:a6:bf:95:a1:26:a7:72:b3:f2:97:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 12 09:09:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5246edafb719e486be6c1cc74cb246c3e3173412
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:61:96:98:7e:12:5b:03:e7:d7:a6:89:6e:4f:
f4:21:0b:e1:6a:aa:a0:24:51:a9:58:3d:f9:55:32:
de:e9:7a:42:d1:1b:30:6d:38:ec:44:5b:05:7f:49:
0c:99:51:5c:48:7f:b8:5c:4b:e3:8e:77:ab:3d:0f:
76:d1:24:3c:93:6a:23:79:7e:bd:13:2e:be:47:86:
eb:2b:d8:1c:99:db:25:c0:6a:44:f3:72:ab:2f:51:
c6:76:00:77:e9:de:1d:df:aa:de:e1:a7:30:80:9f:
dd:93:b4:03:53:b5:a9:97:8f:2e:50:61:85:83:75:
a5:17:7f:69:dd:da:fe:88:40:da:c4:45:d2:ae:c6:
aa:02:64:f9:96:99:af:0d:0d:e5:6a:87:91:bc:27:
66:03:0c:62:59:16:1d:30:e0:75:8d:62:98:61:b2:
b4:16:bc:d9:ca:41:df:84:a1:1f:cb:91:1c:4d:d0:
b4:4b:55:46:dc:22:95:05:34:4d:da:83:50:7c:1a:
93:3a:56:44:85:1c:47:ac:19:77:82:fc:3a:cf:0b:
3c:18:a6:21:9e:ec:72:7a:1a:ef:e3:9a:a6:ad:7c:
ff:58:4c:42:cc:e4:9e:bb:8b:22:d7:9c:62:63:fe:
68:84:86:dc:6a:15:70:86:f3:6c:41:d9:c1:a5:f2:
76:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:46:ED:AF:B7:19:E4:86:BE:6C:1C:C7:4C:B2:46:C3:E3:17:34:12
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Ukbtr7cZ5Ia-bBzHTLJGw-MXNBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
91.103.252.0/23
94.142.138.0/24
185.17.0.0/24
185.106.93.0-185.106.94.255
185.112.83.0/24
185.125.230.0/24
185.174.136.0/23
185.217.197.0/24
185.229.65.0-185.229.66.255
194.67.201.0/24
IPv6:
2a0e:d602::/46
2a0e:d606::/48
2a0e:d607::/48
Signature Algorithm: sha256WithRSAEncryption
5d:eb:d6:28:16:b8:33:d0:d1:f5:b0:37:0e:af:8f:1c:09:ca:
0b:ba:10:1c:5a:3f:b8:aa:59:44:6f:1f:be:eb:94:2d:25:5a:
f9:ed:69:94:37:1c:b1:ab:14:fc:fa:e6:76:70:7b:1e:eb:79:
71:a3:4d:cf:7c:9a:58:72:f2:96:8c:f4:c5:ab:3f:c6:54:04:
5b:35:e8:c2:c5:4f:22:ec:ac:e7:ae:56:a2:f5:00:74:ce:7c:
67:cf:ec:c5:f8:60:07:75:9f:4a:0f:51:6d:b7:84:a6:e4:fc:
12:69:71:a0:0d:43:4a:98:9d:f7:12:52:17:eb:ee:ee:ed:71:
3a:4f:6c:f9:d8:88:1e:f8:93:e3:6f:58:df:c1:28:20:1f:32:
ad:c7:41:d8:c5:6b:e7:e7:70:28:4c:a2:28:b0:1c:55:da:d2:
0e:9d:ed:5d:49:ac:be:e5:65:f7:b6:97:a5:03:c1:6c:98:28:
e0:a5:45:d1:f8:6a:73:5a:19:be:58:70:a1:88:13:2e:4d:cb:
bf:7b:94:34:f6:c0:38:66:cc:45:d1:b5:4c:56:eb:e5:dc:e8:
4d:dc:5f:ae:16:b0:3e:c0:a4:f6:0e:d4:e9:0e:7a:8a:cd:e0:
0e:35:09:bd:fb:e0:b2:ff:10:cd:ed:25:f0:62:06:8b:80:30:
d8:14:d2:41
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZdjZwx/f6a/laEmp3Kz8pegMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNjEyMDkwOTQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ2ZWRhZmI3MTllNDg2YmU2YzFjYzc0Y2IyNDZjM2UzMTczNDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmGWmH4SWwPn16aJbk/0IQvhaqqg
JFGpWD35VTLe6XpC0RswbTjsRFsFf0kMmVFcSH+4XEvjjnerPQ920SQ8k2ojeX69
Ey6+R4brK9gcmdslwGpE83KrL1HGdgB36d4d36re4acwgJ/dk7QDU7Wpl48uUGGF
g3WlF39p3dr+iEDaxEXSrsaqAmT5lpmvDQ3laoeRvCdmAwxiWRYdMOB1jWKYYbK0
FrzZykHfhKEfy5EcTdC0S1VG3CKVBTRN2oNQfBqTOlZEhRxHrBl3gvw6zws8GKYh
nuxyehrv45qmrXz/WExCzOSeu4si15xiY/5ohIbcahVwhvNsQdnBpfJ2cwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFFJG7a+3GeSGvmwcx0yyRsPjFzQSMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVWtidHI3Y1o1SWEtYkJ6SFRMSkd3LU1YTkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBkBAIAATBeAwQABfx2
AwQALYpKAwQALY56AwQBW2f8AwQAXo6KAwQAuREAMAwDBAC5al0DBAC5al4DBAC5
cFMDBAC5feYDBAG5rogDBAC52cUwDAMEALnlQQMEALnlQgMEAMJDyTAhBAIAAjAb
AwcCKg7WAgAAAwcAKg7WBgAAAwcAKg7WBwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBd
69YoFrgz0NH1sDcOr48cCcoLuhAcWj+4qllEbx++65QtJVr57WmUNxyxqxT8+uZ2
cHse63lxo03PfJpYcvKWjPTFqz/GVARbNejCxU8i7Kznrlai9QB0znxnz+zF+GAH
dZ9KD1Ftt4Sm5PwSaXGgDUNKmJ33ElIX6+7u7XE6T2z52Ige+JPjb1jfwSggHzKt
x0HYxWvn53AoTKIosBxV2tIOne1dSay+5WX3tpelA8FsmCjgpUXR+GpzWhm+WHCh
iBMuTcu/e5Q09sA4ZsxF0bVMVuvl3OhN3F+uFrA+wKT2DtTpDnqKzeAONQm9++Cy
/xDN7SXwYgaLgDDYFNJB
-----END CERTIFICATE-----
Generated at Sat Jun 14 11:13:41 2025 by rpki-client