Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/UtuUMQUSfAe-27w8Nb05fTayiGU.roa
File: UtuUMQUSfAe-27w8Nb05fTayiGU.roa (raw, json)
Hash identifier: AmMNeRGPrTgI2qZuMl1mv9LKIiaqIWQ8VyjSfG7bkaE=
Subject key identifier: 52:DB:94:31:05:12:7C:07:BE:DB:BC:3C:35:BD:39:7D:36:B2:88:65
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 019DF8A983CB78A43621C6EC410DB6BF929D
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/UtuUMQUSfAe-27w8Nb05fTayiGU.roa
Signing time: Tue 05 May 2026 15:02:32 +0000
ROA not before: Tue 05 May 2026 15:02:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 5.253.184.0/23 maxlen: 23
45.81.161.0/24 maxlen: 24
45.81.162.0/24 maxlen: 24
45.81.163.0/24 maxlen: 24
45.130.33.0/24 maxlen: 24
45.130.34.0/23 maxlen: 23
88.214.0.0/24 maxlen: 24
88.214.1.0/24 maxlen: 24
88.214.2.0/24 maxlen: 24
88.214.3.0/24 maxlen: 24
88.218.196.0/22 maxlen: 22
185.114.204.0/24 maxlen: 24
185.219.160.0/24 maxlen: 24
185.219.161.0/24 maxlen: 24
193.111.184.0/22 maxlen: 22
193.135.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:a9:83:cb:78:a4:36:21:c6:ec:41:0d:b6:bf:92:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: May 5 15:02:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52db943105127c07bedbbc3c35bd397d36b28865
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:dc:ba:1f:26:cd:92:60:47:dc:98:e8:a0:80:
ff:40:d1:67:6a:61:ad:8f:d5:70:1d:7a:c8:08:a7:
61:02:fe:b3:03:44:af:78:62:8f:17:9d:dc:fa:38:
e0:e7:33:44:64:73:4f:c6:cf:a7:b9:0c:65:e6:20:
c7:bf:cc:f8:40:87:1b:19:77:07:26:19:1e:f2:64:
5c:49:3c:0b:53:ba:02:0a:da:96:f7:25:7d:82:9d:
ce:d1:6b:66:e8:23:6e:ea:db:fe:10:6a:c4:24:d2:
c7:dc:16:f7:53:f7:67:af:ca:95:bc:e0:7a:48:11:
f2:c5:36:ed:a3:d7:48:68:99:88:8d:49:6a:60:c1:
a0:bb:97:57:01:ac:2f:87:c6:09:ba:47:ec:ed:d2:
83:97:e7:b3:a9:b6:63:1a:c2:e5:e5:1a:51:e9:69:
10:2b:02:68:eb:2b:f7:12:f5:b9:b0:22:41:45:cb:
87:79:9c:d4:9a:00:69:d1:d4:9b:70:e3:99:92:bb:
af:96:f7:04:da:9d:b6:aa:ca:57:7f:3b:06:11:ad:
38:6e:b9:e7:6a:cc:aa:8f:14:45:bd:87:8e:0e:b0:
5a:6b:c2:bf:ec:56:eb:d2:7a:6f:31:51:79:18:9a:
69:a7:96:76:35:6e:e1:ab:ab:23:28:cc:d4:fa:1b:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DB:94:31:05:12:7C:07:BE:DB:BC:3C:35:BD:39:7D:36:B2:88:65
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/UtuUMQUSfAe-27w8Nb05fTayiGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.184.0/23
45.81.161.0-45.81.163.255
45.130.33.0-45.130.35.255
88.214.0.0/22
88.218.196.0/22
185.114.204.0/24
185.219.160.0/23
193.111.184.0/22
193.135.220.0/22
Signature Algorithm: sha256WithRSAEncryption
68:a5:92:9b:f3:c8:a8:16:00:c8:8a:19:89:3b:d2:41:2d:bb:
f9:6b:ea:78:8a:88:fb:93:72:1b:97:aa:22:b7:0c:82:04:79:
2c:fb:3f:66:dc:32:81:03:fd:0d:b0:f3:95:b4:84:00:c3:41:
93:db:1c:fa:59:aa:4a:05:a0:6c:37:a3:7b:7d:79:5c:4e:a6:
c4:4b:f7:a9:b8:b4:a9:01:d8:d2:fc:f1:15:9d:c9:c6:c6:ed:
ac:ed:4b:e1:de:86:7a:5d:48:c5:e6:46:87:d1:a5:15:dd:a9:
21:79:df:2f:51:57:3b:e7:85:10:d7:26:4e:5f:a2:aa:0a:c6:
c0:af:50:32:ce:84:0e:0c:d5:e0:fc:6f:80:76:fa:07:1c:40:
f1:f8:ed:45:d0:99:fe:a7:c2:d7:24:94:70:df:4c:4e:8c:92:
54:d0:ad:ff:71:18:69:81:fa:d4:95:00:2c:61:82:b2:4e:e5:
a3:ac:f6:48:a8:49:c0:ee:88:b5:c7:26:8e:b6:2c:99:8e:51:
b3:99:44:89:4c:80:07:4d:38:20:0d:94:d7:d2:04:c5:91:49:
af:3a:31:43:63:7a:1c:a2:24:fd:76:88:7f:ad:3d:92:47:7f:
6e:ad:7c:0c:83:6d:47:0b:af:37:d8:87:fe:c0:f6:1b:82:72:
31:6e:6e:cb
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ34qYPLeKQ2IcbsQQ22v5KdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjYwNTA1MTUwMjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRiOTQzMTA1MTI3YzA3YmVkYmJjM2MzNWJkMzk3ZDM2YjI4ODY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNy6HybNkmBH3JjooID/QNFnamGt
j9VwHXrICKdhAv6zA0SveGKPF53c+jjg5zNEZHNPxs+nuQxl5iDHv8z4QIcbGXcH
Jhke8mRcSTwLU7oCCtqW9yV9gp3O0Wtm6CNu6tv+EGrEJNLH3Bb3U/dnr8qVvOB6
SBHyxTbto9dIaJmIjUlqYMGgu5dXAawvh8YJukfs7dKDl+ezqbZjGsLl5RpR6WkQ
KwJo6yv3EvW5sCJBRcuHeZzUmgBp0dSbcOOZkruvlvcE2p22qspXfzsGEa04brnn
asyqjxRFvYeODrBaa8K/7Fbr0npvMVF5GJppp5Z2NW7hq6sjKMzU+huUCQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFLblDEFEnwHvtu8PDW9OX02sohlMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvVXR1VU1RVVNmQWUtMjd3OE5iMDVmVGF5aUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBBf24MAwD
BAAtUaEDBAItUaAwDAMEAC2CIQMEAi2CIAMEAljWAAMEAljaxAMEALlyzAMEAbnb
oAMEAsFvuAMEAsGH3DANBgkqhkiG9w0BAQsFAAOCAQEAaKWSm/PIqBYAyIoZiTvS
QS27+WvqeIqI+5NyG5eqIrcMggR5LPs/ZtwygQP9DbDzlbSEAMNBk9sc+lmqSgWg
bDeje315XE6mxEv3qbi0qQHY0vzxFZ3JxsbtrO1L4d6Gel1IxeZGh9GlFd2pIXnf
L1FXO+eFENcmTl+iqgrGwK9QMs6EDgzV4PxvgHb6BxxA8fjtRdCZ/qfC1ySUcN9M
ToySVNCt/3EYaYH61JUALGGCsk7lo6z2SKhJwO6ItccmjrYsmY5Rs5lEiUyAB004
IA2U19IExZFJrzoxQ2N6HKIk/XaIf609kkd/bq18DINtRwuvN9iH/sD2G4JyMW5u
yw==
-----END CERTIFICATE-----
Generated at Wed May 13 01:44:50 2026 by rpki-client