Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/UKpsyLZnsONm3nziQLW_Dy86-kc.roa
File: UKpsyLZnsONm3nziQLW_Dy86-kc.roa (raw, json)
Hash identifier: sOSR0eDOaucZOE58pbyPZwUjeC+8MtIsg4Yj+A0vOoE=
Subject key identifier: 50:AA:6C:C8:B6:67:B0:E3:66:DE:7C:E2:40:B5:BF:0F:2F:3A:FA:47
Certificate issuer: /CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Certificate serial: 01989CE056C55BF4CEB8105928EA03F12145
Authority key identifier: B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/UKpsyLZnsONm3nziQLW_Dy86-kc.roa
Signing time: Tue 12 Aug 2025 06:03:24 +0000
ROA not before: Tue 12 Aug 2025 06:03:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39442
IP address blocks: 92.39.104.0/21 maxlen: 21
185.125.72.0/22 maxlen: 22
185.183.48.0/22 maxlen: 22
185.183.48.0/23 maxlen: 23
188.247.32.0/19 maxlen: 19
188.247.40.0/24 maxlen: 24
188.247.44.0/22 maxlen: 22
188.247.44.0/24 maxlen: 24
188.247.54.0/24 maxlen: 24
188.247.55.0/24 maxlen: 24
188.247.56.0/21 maxlen: 21
213.234.0.0/20 maxlen: 20
213.234.0.0/24 maxlen: 24
213.234.1.0/24 maxlen: 24
213.234.5.0/24 maxlen: 24
213.234.6.0/24 maxlen: 24
213.234.8.0/24 maxlen: 24
213.234.10.0/24 maxlen: 24
213.234.11.0/24 maxlen: 24
213.234.16.0/21 maxlen: 21
213.234.16.0/22 maxlen: 22
213.234.16.0/24 maxlen: 24
213.234.18.0/23 maxlen: 23
213.234.20.0/24 maxlen: 24
213.234.21.0/24 maxlen: 24
213.234.22.0/24 maxlen: 24
217.149.176.0/20 maxlen: 20
217.149.176.0/21 maxlen: 21
217.149.176.0/22 maxlen: 22
217.149.176.0/24 maxlen: 24
217.149.177.0/24 maxlen: 24
217.149.179.0/24 maxlen: 24
217.149.181.0/24 maxlen: 24
217.149.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9c:e0:56:c5:5b:f4:ce:b8:10:59:28:ea:03:f1:21:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Validity
Not Before: Aug 12 06:03:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50aa6cc8b667b0e366de7ce240b5bf0f2f3afa47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ff:8c:56:65:f8:3a:e5:b4:d9:88:9e:d6:d9:
fc:be:4c:dd:01:6f:1e:ec:ef:e5:ed:1a:fc:8c:ea:
ee:f7:e2:16:34:76:96:90:df:a8:f3:d3:8a:aa:56:
3d:1b:62:79:1a:25:9c:f1:80:57:9e:7b:30:c7:d7:
45:b0:64:5c:4b:80:48:08:26:1b:af:2a:90:c8:75:
31:39:d2:21:7b:98:80:05:e9:b4:35:01:0c:1e:37:
a6:89:01:7b:2c:50:90:ad:04:a7:1b:24:d7:25:88:
8a:7b:57:c6:6f:ab:55:8c:ae:3c:03:20:6f:11:47:
44:b7:9e:8d:19:8a:83:24:3c:44:6a:5b:7e:a1:65:
33:c0:9a:6f:93:1c:bf:20:cd:e7:99:17:bc:2b:0b:
24:d6:52:c2:50:96:8f:a3:bc:eb:db:b3:37:85:45:
2e:18:9c:1c:6d:ae:bd:37:73:51:d5:93:68:13:6d:
2c:d7:03:65:0b:e7:43:6e:b0:8f:17:49:cc:52:ca:
b6:d2:15:7a:8a:9d:c9:3e:a3:83:6c:82:7f:13:38:
2b:4e:82:59:ce:b9:bb:fb:84:12:da:83:5a:0c:1d:
76:e5:be:9a:e0:c3:cc:71:a5:90:2e:a9:78:16:e8:
96:32:9e:94:e2:65:df:c8:51:b2:c0:db:8a:91:a8:
71:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AA:6C:C8:B6:67:B0:E3:66:DE:7C:E2:40:B5:BF:0F:2F:3A:FA:47
X509v3 Authority Key Identifier:
keyid:B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/UKpsyLZnsONm3nziQLW_Dy86-kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.104.0/21
185.125.72.0/22
185.183.48.0/22
188.247.32.0/19
213.234.0.0-213.234.23.255
217.149.176.0/20
Signature Algorithm: sha256WithRSAEncryption
94:31:ea:ab:ea:10:2b:14:f2:1e:cf:8f:c0:a3:aa:c1:fe:46:
00:0d:eb:77:a8:6e:15:f8:51:40:45:94:68:77:f1:16:52:b9:
0b:70:ba:c9:4c:ba:45:60:8d:c7:92:57:c1:48:49:2e:39:c2:
d2:5a:0a:7b:bd:5f:07:58:71:23:84:28:a6:9d:58:54:97:72:
fe:7b:9e:bf:e0:2c:a7:26:06:05:e6:ac:37:1e:4a:d9:c9:a9:
31:ab:a6:73:1a:41:99:1a:6d:7d:40:55:4d:e8:c7:dd:e8:ef:
9b:2f:b6:b9:8a:a5:73:da:94:25:80:8e:f3:60:62:39:9a:0b:
f9:7d:13:98:52:f1:2d:9f:f1:d9:44:18:b3:ab:2b:26:38:45:
26:33:f4:ea:aa:cc:c9:b8:5c:b8:f2:a6:65:cb:de:9f:62:62:
25:ff:56:48:21:f4:c8:bc:74:6c:03:36:ff:fe:46:1a:f2:89:
06:7a:7a:c3:37:a5:0a:25:57:bb:77:40:16:1b:f0:59:f6:ac:
61:4b:bd:39:be:d3:f4:08:bf:28:8b:98:31:bf:a4:ee:0b:f5:
f3:f0:4a:eb:bc:27:15:a1:20:1e:d0:35:e4:08:05:e8:14:ae:
c4:79:9d:08:99:cc:3b:68:19:ab:b6:7b:91:03:5d:b8:d0:b6:
ed:86:f9:f0
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZic4FbFW/TOuBBZKOoD8SFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjgxMzk5OTNiZTY2NWYzYjVkMGY2OTA5ZWYwNThmYThm
OTc5MjIwHhcNMjUwODEyMDYwMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFhNmNjOGI2NjdiMGUzNjZkZTdjZTI0MGI1YmYwZjJmM2FmYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv+MVmX4OuW02Yie1tn8vkzdAW8e
7O/l7Rr8jOru9+IWNHaWkN+o89OKqlY9G2J5GiWc8YBXnnswx9dFsGRcS4BICCYb
ryqQyHUxOdIhe5iABem0NQEMHjemiQF7LFCQrQSnGyTXJYiKe1fGb6tVjK48AyBv
EUdEt56NGYqDJDxEalt+oWUzwJpvkxy/IM3nmRe8Kwsk1lLCUJaPo7zr27M3hUUu
GJwcba69N3NR1ZNoE20s1wNlC+dDbrCPF0nMUsq20hV6ip3JPqODbIJ/EzgrToJZ
zrm7+4QS2oNaDB125b6a4MPMcaWQLql4FuiWMp6U4mXfyFGywNuKkahx0QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFFCqbMi2Z7DjZt584kC1vw8vOvpHMB8GA1UdIwQY
MBaAFLm4E5mTvmZfO10PaQnvBY+o+XkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEt
N2JjNzNlZWUxNDQ3LzEvVUtwc3lMWm5zT05tM256aVFMV19EeTg2LWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEtN2JjNzNlZWUxNDQ3
LzEvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAxBAIAATArAwQDXCdoAwQC
uX1IAwQCubcwAwQFvPcgMAsDAwHV6gMEA9XqEAMEBNmVsDANBgkqhkiG9w0BAQsF
AAOCAQEAlDHqq+oQKxTyHs+PwKOqwf5GAA3rd6huFfhRQEWUaHfxFlK5C3C6yUy6
RWCNx5JXwUhJLjnC0loKe71fB1hxI4Qopp1YVJdy/nuev+AspyYGBeasNx5K2cmp
MaumcxpBmRptfUBVTejH3ejvmy+2uYqlc9qUJYCO82BiOZoL+X0TmFLxLZ/x2UQY
s6srJjhFJjP06qrMybhcuPKmZcven2JiJf9WSCH0yLx0bAM2//5GGvKJBnp6wzel
CiVXu3dAFhvwWfasYUu9Ob7T9Ai/KIuYMb+k7gv18/BK67wnFaEgHtA15AgF6BSu
xHmdCJnMO2gZq7Z7kQNduNC27Yb58A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:38:40 2025 by rpki-client