Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/UQGgaTEQbuDjYQQbAsMW9WKRgTQ.roa
File: UQGgaTEQbuDjYQQbAsMW9WKRgTQ.roa (raw, json)
Hash identifier: AVlL2dW2bkOAkAcYoyRAum1H0Qm7voVSUVm9hVXjpb0=
Subject key identifier: 51:01:A0:69:31:10:6E:E0:E3:61:04:1B:02:C3:16:F5:62:91:81:34
Certificate issuer: /CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Certificate serial: 019B7D5D0D6F6B8AF13067AF35E5F353D9FF
Authority key identifier: 75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/UQGgaTEQbuDjYQQbAsMW9WKRgTQ.roa
Signing time: Fri 02 Jan 2026 06:20:08 +0000
ROA not before: Fri 02 Jan 2026 06:20:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202269
IP address blocks: 130.185.72.0/24 maxlen: 24
130.185.73.0/24 maxlen: 24
130.185.74.0/24 maxlen: 24
130.185.75.0/24 maxlen: 24
130.185.76.0/24 maxlen: 24
130.185.77.0/24 maxlen: 24
130.185.78.0/23 maxlen: 23
130.185.78.0/24 maxlen: 24
130.185.79.0/24 maxlen: 24
185.8.172.0/24 maxlen: 24
185.8.173.0/24 maxlen: 24
185.8.174.0/24 maxlen: 24
185.8.175.0/24 maxlen: 24
2a03:2dc0:3000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5d:0d:6f:6b:8a:f1:30:67:af:35:e5:f3:53:d9:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759d6afb8ddf8f8c0dd660790edcba1f3b370c63
Validity
Not Before: Jan 2 06:20:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5101a06931106ee0e361041b02c316f562918134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a6:32:09:49:34:7f:65:37:14:99:ac:5d:51:
f3:ea:4e:d5:d7:d3:fc:cd:ff:ef:4f:0f:3e:07:b3:
66:86:8a:82:ea:a1:c1:25:1a:2b:7c:d6:58:32:9e:
e8:0d:06:03:3f:10:dd:e3:f7:85:77:7d:d3:82:dc:
e1:21:89:2d:e8:9d:a2:ad:c0:07:79:49:19:35:f4:
3b:3a:88:a7:c8:db:00:ab:26:54:db:ec:de:08:94:
a4:6f:3a:1e:38:1e:00:d0:a6:34:80:c8:e6:f7:41:
fe:83:71:d0:8f:1a:b8:16:7c:5b:45:6d:20:da:a2:
22:ad:e2:3a:8b:58:42:c0:b1:fb:ec:19:77:47:66:
7b:a0:b0:f7:a0:52:a8:81:68:34:89:ab:a7:d7:86:
23:10:69:fa:8f:4b:02:bc:50:72:fd:1c:6f:2b:56:
3c:f7:37:9b:75:e8:45:77:99:c7:6f:b0:dc:8b:67:
a9:d8:a0:26:aa:12:4a:c8:3d:fc:14:6b:d8:88:fe:
07:00:0f:e3:25:31:be:ca:09:a1:36:37:ed:5f:1a:
58:35:c7:2c:b8:50:20:1d:12:2e:d1:c5:0b:4e:72:
63:78:4f:ce:76:a1:eb:d2:75:ce:7b:21:3c:a2:99:
de:d7:aa:26:23:29:30:05:7f:ee:18:66:f4:57:a6:
bb:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:01:A0:69:31:10:6E:E0:E3:61:04:1B:02:C3:16:F5:62:91:81:34
X509v3 Authority Key Identifier:
keyid:75:9D:6A:FB:8D:DF:8F:8C:0D:D6:60:79:0E:DC:BA:1F:3B:37:0C:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/UQGgaTEQbuDjYQQbAsMW9WKRgTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/16b7f4-fa15-47a6-9fc5-254bcbcec037/1/dZ1q-43fj4wN1mB5Dty6Hzs3DGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.72.0/21
185.8.172.0/22
IPv6:
2a03:2dc0:3000::/36
Signature Algorithm: sha256WithRSAEncryption
72:29:3c:a9:6c:66:c3:be:80:56:b7:6d:d0:4d:bf:8c:f7:af:
33:03:79:ad:56:ec:8f:86:dc:13:2f:da:a3:a4:5b:72:29:bc:
1a:a2:4b:fe:81:22:04:b9:7b:ee:f0:44:ca:66:c4:0b:bf:fd:
f7:be:6b:02:66:9b:ab:1e:70:ee:b5:9a:7e:07:12:26:74:f0:
e5:2d:8b:c9:ed:3e:eb:bb:00:ba:e6:b0:3c:4a:09:a6:3f:56:
2e:da:c6:f1:bb:e0:32:30:d8:92:9e:0f:9b:e2:f7:ef:e3:4d:
35:32:ac:53:b9:36:2c:f5:48:cd:d4:fb:ea:81:e2:ea:4e:48:
a5:7d:83:45:c8:18:06:d1:d3:d1:33:a3:4f:b8:97:75:01:55:
90:64:03:a3:be:9c:16:ac:bd:aa:1a:0b:26:d0:8f:a6:cd:20:
88:a4:93:45:c2:f5:83:53:07:e9:83:3a:09:bc:33:c2:b5:3f:
51:01:b1:a3:9a:d6:90:ed:41:46:3f:f6:48:e6:b2:f9:f8:ca:
41:79:87:28:7b:67:b6:07:1b:5a:26:8c:36:71:7b:b6:f9:2b:
b5:0b:d2:a8:11:f9:75:6b:12:3d:76:34:57:70:f6:49:e7:57:
2c:6a:64:22:e8:ec:91:89:53:4a:6f:a4:fc:b2:46:e8:4a:3a:
b6:63:67:14
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZt9XQ1va4rxMGevNeXzU9n/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWQ2YWZiOGRkZjhmOGMwZGQ2NjA3OTBlZGNiYTFmM2Iz
NzBjNjMwHhcNMjYwMTAyMDYyMDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTAxYTA2OTMxMTA2ZWUwZTM2MTA0MWIwMmMzMTZmNTYyOTE4MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaYyCUk0f2U3FJmsXVHz6k7V19P8
zf/vTw8+B7NmhoqC6qHBJRorfNZYMp7oDQYDPxDd4/eFd33TgtzhIYkt6J2ircAH
eUkZNfQ7OoinyNsAqyZU2+zeCJSkbzoeOB4A0KY0gMjm90H+g3HQjxq4FnxbRW0g
2qIireI6i1hCwLH77Bl3R2Z7oLD3oFKogWg0iaun14YjEGn6j0sCvFBy/RxvK1Y8
9zebdehFd5nHb7Dci2ep2KAmqhJKyD38FGvYiP4HAA/jJTG+ygmhNjftXxpYNccs
uFAgHRIu0cULTnJjeE/OdqHr0nXOeyE8opne16omIykwBX/uGGb0V6a7NwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFFEBoGkxEG7g42EEGwLDFvVikYE0MB8GA1UdIwQY
MBaAFHWdavuN34+MDdZgeQ7cuh87NwxjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUt
MjU0YmNiY2VjMDM3LzEvVVFHZ2FURVFidURqWVFRYkFzTVc5V0tSZ1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNmI3ZjQtZmExNS00N2E2LTlmYzUtMjU0YmNiY2VjMDM3
LzEvZFoxcS00M2ZqNHdOMW1CNUR0eTZIenMzREdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQDgrlIAwQC
uQisMA4EAgACMAgDBgQqAy3AMDANBgkqhkiG9w0BAQsFAAOCAQEAcik8qWxmw76A
Vrdt0E2/jPevMwN5rVbsj4bcEy/ao6Rbcim8GqJL/oEiBLl77vBEymbEC7/9975r
Amabqx5w7rWafgcSJnTw5S2Lye0+67sAuuawPEoJpj9WLtrG8bvgMjDYkp4Pm+L3
7+NNNTKsU7k2LPVIzdT76oHi6k5IpX2DRcgYBtHT0TOjT7iXdQFVkGQDo76cFqy9
qhoLJtCPps0giKSTRcL1g1MH6YM6CbwzwrU/UQGxo5rWkO1BRj/2SOay+fjKQXmH
KHtntgcbWiaMNnF7tvkrtQvSqBH5dWsSPXY0V3D2SedXLGpkIujskYlTSm+k/LJG
6Eo6tmNnFA==
-----END CERTIFICATE-----
Generated at Tue Mar 3 03:40:52 2026 by rpki-client