Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/ugt-KDKTow7I2OvsokQhSiya3XI.roa
File: ugt-KDKTow7I2OvsokQhSiya3XI.roa (raw, json)
Hash identifier: OVTlzU2wxqtsRIKxmANkEt2lrONo18X84ePf8/OFh9A=
Subject key identifier: BA:0B:7E:28:32:93:A3:0E:C8:D8:EB:EC:A2:44:21:4A:2C:9A:DD:72
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 01993A8EB6FB8D3FAEE8CE0D2C41FC0A3839
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/ugt-KDKTow7I2OvsokQhSiya3XI.roa
Signing time: Thu 11 Sep 2025 20:54:15 +0000
ROA not before: Thu 11 Sep 2025 20:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211057
IP address blocks: 46.253.85.0/24 maxlen: 24
46.253.86.0/24 maxlen: 24
46.253.87.0/24 maxlen: 24
46.253.88.0/23 maxlen: 23
46.253.88.0/24 maxlen: 24
46.253.91.0/24 maxlen: 24
46.253.92.0/24 maxlen: 24
185.21.120.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.71.140.0/22 maxlen: 22
185.71.140.0/23 maxlen: 23
185.71.140.0/24 maxlen: 24
185.71.141.0/24 maxlen: 24
185.71.142.0/24 maxlen: 24
185.71.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3a:8e:b6:fb:8d:3f:ae:e8:ce:0d:2c:41:fc:0a:38:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Sep 11 20:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ba0b7e283293a30ec8d8ebeca244214a2c9add72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:fb:a8:2b:73:a8:29:bb:39:ff:1e:21:76:
3c:04:ee:1a:da:0c:c0:93:d1:4c:ab:69:04:ef:9f:
d3:9f:e1:02:8a:7f:c8:5a:a5:91:53:b3:4f:6d:ba:
76:ad:12:f7:b5:d5:66:54:4c:38:d3:d9:b5:dd:59:
fa:ed:b6:cb:b0:6a:8c:4a:da:cf:6e:22:68:b2:3f:
79:29:43:23:29:72:a7:b6:c9:80:5b:aa:93:ea:d8:
df:58:94:31:b7:76:e4:95:12:19:2b:a3:86:43:d4:
c7:e2:f8:ee:02:78:af:5e:ca:b2:95:9f:4f:ea:bc:
a8:77:6e:cf:03:f2:e4:6c:49:fb:21:b7:78:4e:ce:
a8:ec:8f:c7:42:17:bd:13:45:8e:ac:4f:b9:e2:fe:
86:68:9f:33:5f:8f:01:ea:05:98:4f:41:4d:ef:37:
33:7c:cb:94:c0:3c:1c:1f:cb:98:c3:4e:b0:01:fb:
76:42:21:28:50:36:3f:56:ae:ba:50:0f:ea:bf:fd:
9c:13:1c:dd:c0:29:1a:e1:04:33:7c:9e:4b:d2:7c:
d2:2e:b0:51:ab:54:30:ed:88:df:6a:6b:98:60:9d:
e4:f7:76:f8:bb:9f:72:43:d6:37:44:a4:3e:46:a3:
cc:c6:b0:28:75:d2:d2:ad:24:7a:8a:6b:9d:f2:15:
da:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:0B:7E:28:32:93:A3:0E:C8:D8:EB:EC:A2:44:21:4A:2C:9A:DD:72
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/ugt-KDKTow7I2OvsokQhSiya3XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.85.0-46.253.89.255
46.253.91.0-46.253.92.255
185.21.120.0/22
185.71.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:ad:47:1d:d9:70:31:22:d2:44:b4:7c:dc:c9:f1:4d:fa:cb:
44:00:91:42:12:fc:57:c9:47:36:6a:7e:b4:ef:3d:36:e6:cd:
da:5d:af:25:67:58:27:f3:18:60:e0:cf:50:ae:22:30:06:d8:
5a:f8:d1:c2:bb:5e:26:9a:13:00:e5:08:40:6b:f0:f4:27:3c:
68:d7:9a:c9:ad:b0:fc:9a:e5:85:18:7c:8e:f2:5b:95:0d:66:
0e:bf:a9:e6:b6:d2:a1:64:49:f2:c3:4f:58:00:4c:7f:ef:c2:
ea:e6:74:98:e0:a7:77:0f:6d:64:d5:61:b3:5c:e3:98:33:bf:
3a:89:e5:cf:a4:02:f5:ad:07:87:d5:b5:cc:88:b2:83:90:4a:
18:85:3f:0c:07:40:e1:27:26:d6:8e:c9:44:6a:57:e7:c3:d1:
c1:10:a3:8d:36:df:01:5b:22:61:1d:8e:77:ba:48:4a:64:f1:
94:64:07:a1:35:83:72:dc:d3:e9:fc:0f:6c:bf:fa:b4:74:6a:
c5:b4:e9:04:17:c8:3b:3c:60:84:2a:23:41:a4:fc:e8:e4:7b:
b8:c2:04:07:2c:2f:34:41:21:5b:18:9b:81:d6:74:72:11:59:
51:07:c1:16:6e:69:69:1d:bd:58:50:67:1e:c5:c0:a7:e5:43:
dd:4a:26:cc
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZk6jrb7jT+u6M4NLEH8Cjg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjUwOTExMjA1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTBiN2UyODMyOTNhMzBlYzhkOGViZWNhMjQ0MjE0YTJjOWFkZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/T7qCtzqCm7Of8eIXY8BO4a2gzA
k9FMq2kE75/Tn+ECin/IWqWRU7NPbbp2rRL3tdVmVEw409m13Vn67bbLsGqMStrP
biJosj95KUMjKXKntsmAW6qT6tjfWJQxt3bklRIZK6OGQ9TH4vjuAnivXsqylZ9P
6ryod27PA/LkbEn7Ibd4Ts6o7I/HQhe9E0WOrE+54v6GaJ8zX48B6gWYT0FN7zcz
fMuUwDwcH8uYw06wAft2QiEoUDY/Vq66UA/qv/2cExzdwCka4QQzfJ5L0nzSLrBR
q1Qw7YjfamuYYJ3k93b4u59yQ9Y3RKQ+RqPMxrAoddLSrSR6imud8hXaqwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLoLfigyk6MOyNjr7KJEIUosmt1yMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvdWd0LUtES1RvdzdJMk92c29rUWhTaXlhM1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAAu/VUD
BAEu/VgwDAMEAC79WwMEAC79XAMEArkVeAMEArlHjDANBgkqhkiG9w0BAQsFAAOC
AQEAtK1HHdlwMSLSRLR83MnxTfrLRACRQhL8V8lHNmp+tO89NubN2l2vJWdYJ/MY
YODPUK4iMAbYWvjRwrteJpoTAOUIQGvw9Cc8aNeaya2w/JrlhRh8jvJblQ1mDr+p
5rbSoWRJ8sNPWABMf+/C6uZ0mOCndw9tZNVhs1zjmDO/Oonlz6QC9a0Hh9W1zIiy
g5BKGIU/DAdA4Scm1o7JRGpX58PRwRCjjTbfAVsiYR2Od7pISmTxlGQHoTWDctzT
6fwPbL/6tHRqxbTpBBfIOzxghCojQaT86OR7uMIEBywvNEEhWxibgdZ0chFZUQfB
Fm5paR29WFBnHsXAp+VD3UomzA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:16:09 2025 by rpki-client