Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/Um_RzOlxicEhNDIKHBSNs-PRpSQ.roa
File: Um_RzOlxicEhNDIKHBSNs-PRpSQ.roa (raw, json)
Hash identifier: xMiT/EQRShPHgjRGkcH+fcgroOrBUqddxFIB0qcN/nI=
Subject key identifier: 52:6F:D1:CC:E9:71:89:C1:21:34:32:0A:1C:14:8D:B3:E3:D1:A5:24
Certificate issuer: /CN=c34094e3236dcd1c835113791a3824da2973df9b
Certificate serial: 019CFBF825A3E3E116491C2A29162313F51E
Authority key identifier: C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/Um_RzOlxicEhNDIKHBSNs-PRpSQ.roa
Signing time: Tue 17 Mar 2026 13:24:29 +0000
ROA not before: Tue 17 Mar 2026 13:24:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41165
IP address blocks: 94.100.208.0/20 maxlen: 20
185.35.8.0/22 maxlen: 24
195.216.204.0/23 maxlen: 23
195.238.176.0/22 maxlen: 22
2a00:7d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.mft
rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:f8:25:a3:e3:e1:16:49:1c:2a:29:16:23:13:f5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c34094e3236dcd1c835113791a3824da2973df9b
Validity
Not Before: Mar 17 13:24:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=526fd1cce97189c12134320a1c148db3e3d1a524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a2:e6:ac:35:05:0b:19:05:47:d9:06:f7:64:
ad:09:55:ed:91:83:ac:dd:63:f4:bd:42:36:cf:d8:
3d:43:db:ce:6d:da:a9:b4:38:ec:c8:68:bb:5c:7e:
7c:50:92:a8:f0:a7:38:e2:e6:8b:e7:02:d6:88:80:
2f:cb:c4:b6:07:32:2e:85:8e:3d:70:93:96:14:f5:
75:2a:8d:e1:8f:f0:ed:a7:60:db:d3:0b:cb:0d:96:
0c:2a:08:39:ed:e8:f4:96:69:ac:19:31:08:b6:ae:
7c:16:d9:6c:cc:61:5d:8d:a7:d9:5a:a4:27:8e:6d:
8e:e0:b5:2d:90:ec:b6:7d:dc:7e:a5:2e:60:4c:9b:
dc:a1:3a:c1:df:d3:e6:a4:25:c5:47:b7:46:7b:7a:
f2:c6:b9:5e:7a:9f:aa:d5:1b:ff:c0:85:63:70:d2:
8e:e7:3d:41:c3:03:c5:b6:27:50:c3:f2:72:7d:68:
52:9b:d0:2b:c5:39:2f:0d:ef:17:f4:b7:97:21:c0:
30:91:03:c7:39:16:94:f6:a7:ca:20:51:d1:c7:3a:
3c:b9:ec:24:d0:1c:36:5a:47:6e:f3:6d:4d:7c:b7:
f7:19:e8:87:de:a4:7f:07:b9:1d:c2:98:97:c9:ef:
35:11:79:9d:5b:6d:1e:de:90:a5:dd:17:69:54:4b:
8b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:6F:D1:CC:E9:71:89:C1:21:34:32:0A:1C:14:8D:B3:E3:D1:A5:24
X509v3 Authority Key Identifier:
keyid:C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/Um_RzOlxicEhNDIKHBSNs-PRpSQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.208.0/20
185.35.8.0/22
195.216.204.0/23
195.238.176.0/22
IPv6:
2a00:7d00::/32
Signature Algorithm: sha256WithRSAEncryption
67:bb:64:a6:99:03:62:16:dd:53:32:f6:2c:3d:f4:52:c1:3e:
20:06:62:ab:e6:d8:3d:89:7d:83:71:68:7a:80:5b:49:9a:16:
26:a5:d9:55:5e:78:3b:d1:49:88:74:8b:83:8e:c3:93:c7:dd:
1e:dd:23:8e:29:96:03:27:ca:ba:a5:40:c6:82:09:0d:0f:0b:
5b:02:b6:cf:c0:7a:bf:05:8f:1b:91:a1:48:64:7a:7e:0d:81:
5b:7e:ee:ce:9b:85:3f:20:2c:f9:23:af:e3:d7:6b:99:02:00:
3f:74:f0:77:74:3e:f8:b8:c0:d9:25:85:85:16:8d:e8:68:f0:
54:3d:fc:c2:db:fb:21:4f:47:a7:ac:40:14:96:a4:d5:72:f3:
52:e8:08:d0:a9:51:69:8c:21:49:1e:ab:b0:c2:68:dd:a6:52:
48:8e:18:79:eb:5a:a8:c8:eb:f0:9b:1c:0f:7e:56:6a:87:fd:
d5:c1:31:b1:2c:62:76:b0:eb:25:43:18:a1:44:53:e8:1f:de:
2f:95:a0:f6:4e:10:f7:76:d6:c6:e6:31:e5:3f:07:93:42:58:
99:e0:10:4d:42:f1:7f:48:53:76:88:80:fc:d0:86:43:ca:7b:
45:09:4e:a2:6c:28:72:2d:f1:c7:10:e9:61:c4:28:31:a5:05:
bd:53:1b:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZz7+CWj4+EWSRwqKRYjE/UeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5NGUzMjM2ZGNkMWM4MzUxMTM3OTFhMzgyNGRhMjk3
M2RmOWIwHhcNMjYwMzE3MTMyNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjZmZDFjY2U5NzE4OWMxMjEzNDMyMGExYzE0OGRiM2UzZDFhNTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKLmrDUFCxkFR9kG92StCVXtkYOs
3WP0vUI2z9g9Q9vObdqptDjsyGi7XH58UJKo8Kc44uaL5wLWiIAvy8S2BzIuhY49
cJOWFPV1Ko3hj/Dtp2Db0wvLDZYMKgg57ej0lmmsGTEItq58FtlszGFdjafZWqQn
jm2O4LUtkOy2fdx+pS5gTJvcoTrB39PmpCXFR7dGe3ryxrleep+q1Rv/wIVjcNKO
5z1BwwPFtidQw/JyfWhSm9ArxTkvDe8X9LeXIcAwkQPHORaU9qfKIFHRxzo8uewk
0Bw2Wkdu821NfLf3GeiH3qR/B7kdwpiXye81EXmdW20e3pCl3RdpVEuLVQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFFJv0czpcYnBITQyChwUjbPj0aUkMB8GA1UdIwQY
MBaAFMNAlOMjbc0cg1ETeRo4JNopc9+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzIt
ZThhMzlkZDYwODY0LzEvVW1fUnpPbHhpY0VoTkRJS0hCU05zLVBScFNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzItZThhMzlkZDYwODY0
LzEvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXmTQAwQC
uSMIAwQBw9jMAwQCw+6wMA0EAgACMAcDBQAqAH0AMA0GCSqGSIb3DQEBCwUAA4IB
AQBnu2SmmQNiFt1TMvYsPfRSwT4gBmKr5tg9iX2DcWh6gFtJmhYmpdlVXng70UmI
dIuDjsOTx90e3SOOKZYDJ8q6pUDGggkNDwtbArbPwHq/BY8bkaFIZHp+DYFbfu7O
m4U/ICz5I6/j12uZAgA/dPB3dD74uMDZJYWFFo3oaPBUPfzC2/shT0enrEAUlqTV
cvNS6AjQqVFpjCFJHquwwmjdplJIjhh561qoyOvwmxwPflZqh/3VwTGxLGJ2sOsl
QxihRFPoH94vlaD2ThD3dtbG5jHlPweTQliZ4BBNQvF/SFN2iID80IZDyntFCU6i
bChyLfHHEOlhxCgxpQW9Uxud
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:16 2026 by rpki-client