Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/UjQ5_8P-tgBJJ1sJwKgrCTSAhHw.roa
File: UjQ5_8P-tgBJJ1sJwKgrCTSAhHw.roa (raw, json)
Hash identifier: hSVwua4gNpTICWykb8bpfvs1YDj+/tR6yuNNGb31SDc=
Subject key identifier: 52:34:39:FF:C3:FE:B6:00:49:27:5B:09:C0:A8:2B:09:34:80:84:7C
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 019E07400672AF4D0518609EF38B5D873E3E
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/UjQ5_8P-tgBJJ1sJwKgrCTSAhHw.roa
Signing time: Fri 08 May 2026 11:01:36 +0000
ROA not before: Fri 08 May 2026 11:01:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36351
IP address blocks: 89.38.52.0/24 maxlen: 24
89.38.53.0/24 maxlen: 24
89.38.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:40:06:72:af:4d:05:18:60:9e:f3:8b:5d:87:3e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: May 8 11:01:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=523439ffc3feb60049275b09c0a82b093480847c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:72:d1:5d:00:e5:5d:ef:2a:5a:3c:d8:97:2b:
05:ec:e9:50:d5:ba:23:d3:ca:f2:86:7a:7c:22:4e:
4e:61:83:82:03:c3:dc:02:98:db:93:2a:7a:a9:6d:
9a:d3:23:27:da:ba:58:ea:60:a6:18:fe:ea:7c:e5:
b8:18:50:df:05:cf:2b:0a:39:c3:8c:61:e3:e5:c3:
fe:bd:63:98:33:63:b0:cd:cd:57:16:a6:73:b3:06:
1e:ac:af:b2:04:34:05:28:8a:13:9d:e3:fb:44:24:
38:39:26:a8:bf:4f:2b:c5:37:70:ef:9e:12:03:6c:
0b:fd:3b:5a:68:68:23:15:52:25:a0:18:31:b6:17:
07:49:d3:69:43:81:34:7a:bf:18:2c:97:31:db:76:
87:be:05:b3:48:36:0c:5b:30:32:b5:7d:f9:68:05:
ba:f2:72:3b:bd:af:4b:ba:a4:e7:96:31:c9:93:cb:
3f:06:4c:b6:0f:2e:aa:d0:de:a9:04:13:4c:c3:e7:
06:17:c9:ac:a8:2f:6f:1b:a2:bb:c9:cc:1a:c9:20:
a9:db:07:39:6b:56:b6:23:69:57:92:e0:ae:bf:97:
39:99:de:d6:83:25:02:e1:f0:b0:41:1e:30:77:a9:
12:74:f4:01:d0:5d:96:cd:f3:26:f2:d2:ad:b4:8f:
55:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:34:39:FF:C3:FE:B6:00:49:27:5B:09:C0:A8:2B:09:34:80:84:7C
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/UjQ5_8P-tgBJJ1sJwKgrCTSAhHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.52.0-89.38.54.255
Signature Algorithm: sha256WithRSAEncryption
2d:3f:f2:39:b1:f6:f5:85:7a:55:62:7d:dc:1a:46:63:10:32:
4e:bb:32:a4:1e:c8:90:0c:c6:d5:0d:29:c8:15:96:95:09:dd:
c2:14:f2:7a:9e:dd:2a:1e:3b:85:ed:0a:2d:3b:77:78:4e:97:
a5:8a:ba:b9:cd:7e:a3:93:18:e0:bb:d8:c5:9a:80:00:02:c3:
33:65:eb:5a:dc:36:9e:8f:ac:69:8c:bf:fd:d6:c5:2d:97:a7:
ff:a9:ce:7c:23:4f:c6:d3:63:cf:6a:6a:08:44:f9:76:be:a7:
5f:ae:2b:70:50:eb:89:07:41:7d:da:a2:90:fd:de:2a:c3:c8:
ba:d7:b5:8a:5d:ae:bf:96:e3:b1:4f:cd:b2:e1:7d:2c:8e:d2:
aa:d9:b2:af:06:db:31:96:81:e5:49:16:58:0d:a3:f2:6c:de:
e2:9e:f1:17:df:b2:eb:4e:41:5f:70:3e:78:95:80:07:8e:60:
04:8a:63:c4:0d:6c:a7:3a:88:bf:d4:67:ae:37:cc:c2:e6:6b:
bf:cc:b5:3e:e9:77:8c:72:f4:fb:fd:e8:da:a3:62:08:88:67:
20:8b:3c:c4:6d:c5:36:a0:d0:1d:95:d1:8d:80:c1:c2:f7:89:
c2:fe:e9:e9:b5:e3:c3:ce:78:ee:af:ae:e1:75:fe:f8:ed:79:
e6:02:1b:d7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ4HQAZyr00FGGCe84tdhz4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjYwNTA4MTEwMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjM0MzlmZmMzZmViNjAwNDkyNzViMDljMGE4MmIwOTM0ODA4NDdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3LRXQDlXe8qWjzYlysF7OlQ1boj
08ryhnp8Ik5OYYOCA8PcApjbkyp6qW2a0yMn2rpY6mCmGP7qfOW4GFDfBc8rCjnD
jGHj5cP+vWOYM2Owzc1XFqZzswYerK+yBDQFKIoTneP7RCQ4OSaov08rxTdw754S
A2wL/TtaaGgjFVIloBgxthcHSdNpQ4E0er8YLJcx23aHvgWzSDYMWzAytX35aAW6
8nI7va9LuqTnljHJk8s/Bky2Dy6q0N6pBBNMw+cGF8msqC9vG6K7ycwaySCp2wc5
a1a2I2lXkuCuv5c5md7WgyUC4fCwQR4wd6kSdPQB0F2WzfMm8tKttI9VCQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFI0Of/D/rYASSdbCcCoKwk0gIR8MB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvVWpRNV84UC10Z0JKSjFzSndLZ3JDVFNBaEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZJjQD
BABZJjYwDQYJKoZIhvcNAQELBQADggEBAC0/8jmx9vWFelVifdwaRmMQMk67MqQe
yJAMxtUNKcgVlpUJ3cIU8nqe3SoeO4XtCi07d3hOl6WKurnNfqOTGOC72MWagAAC
wzNl61rcNp6PrGmMv/3WxS2Xp/+pznwjT8bTY89qaghE+Xa+p1+uK3BQ64kHQX3a
opD93irDyLrXtYpdrr+W47FPzbLhfSyO0qrZsq8G2zGWgeVJFlgNo/Js3uKe8Rff
sutOQV9wPniVgAeOYASKY8QNbKc6iL/UZ643zMLma7/MtT7pd4xy9Pv96NqjYgiI
ZyCLPMRtxTag0B2V0Y2AwcL3icL+6em148POeO6vruF1/vjteeYCG9c=
-----END CERTIFICATE-----
Generated at Wed May 13 14:25:04 2026 by rpki-client