Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ULuA3nXJZRH_ouW4LqHx-8vCpg0.roa
File: ULuA3nXJZRH_ouW4LqHx-8vCpg0.roa (raw, json)
Hash identifier: FGx6744omArw5/uhQTJQ5hdY0lkQbielxqMqQof0/cg=
Subject key identifier: 50:BB:80:DE:75:C9:65:11:FF:A2:E5:B8:2E:A1:F1:FB:CB:C2:A6:0D
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01989854B571D93A8E417BD0F16EFDABA33B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ULuA3nXJZRH_ouW4LqHx-8vCpg0.roa
Signing time: Mon 11 Aug 2025 08:52:25 +0000
ROA not before: Mon 11 Aug 2025 08:52:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:54:b5:71:d9:3a:8e:41:7b:d0:f1:6e:fd:ab:a3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Aug 11 08:52:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50bb80de75c96511ffa2e5b82ea1f1fbcbc2a60d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:88:a6:18:dd:c4:00:3b:30:fa:eb:b0:80:5f:
2a:fd:ab:75:33:23:c3:22:fb:54:74:75:a0:1d:f7:
a4:c3:a4:e4:18:39:f2:07:50:6e:89:f3:ac:7b:d4:
d7:4c:11:c7:70:fb:1f:be:8c:46:5f:1f:2c:df:3f:
3d:18:28:f4:2a:73:cc:16:79:f9:e8:bb:99:9a:35:
78:34:2c:b2:76:fb:09:2f:41:4c:1c:9c:3e:a4:61:
5e:b0:9c:1b:8d:a1:b7:18:10:bf:62:37:60:fb:da:
4a:e1:16:15:68:07:7b:b3:82:74:48:5b:96:6a:cc:
c4:a9:61:5f:8e:bf:c1:fb:07:d6:d7:99:4b:e0:1d:
70:0b:12:ed:e2:cd:fc:3e:83:81:eb:bd:ae:d4:f0:
0a:be:f3:9d:b6:17:ba:b6:5f:ed:55:00:26:59:cc:
83:bc:58:2c:bc:8b:58:a4:2d:4d:c7:9a:8a:ab:08:
d7:66:5f:4d:87:20:b2:17:a0:84:da:79:a4:6c:3c:
8a:bf:29:bd:61:d6:58:42:5e:62:c2:61:c8:3a:ee:
f3:05:d1:cc:ae:fc:8c:20:90:d7:90:4e:d0:e4:3a:
6d:74:0c:c6:55:a2:07:bc:d3:62:31:67:59:cf:f4:
f6:7f:99:d4:bb:12:37:0a:ef:65:fd:21:8b:74:3a:
4c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:BB:80:DE:75:C9:65:11:FF:A2:E5:B8:2E:A1:F1:FB:CB:C2:A6:0D
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ULuA3nXJZRH_ouW4LqHx-8vCpg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.199.54.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.210.235.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/24
185.220.250.0/23
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.5.64.0/24
194.5.67.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
36:f4:0f:86:dd:15:49:9d:ab:a7:07:74:fb:cb:f5:5c:d3:24:
7d:f8:70:12:e8:67:26:2d:36:a4:b0:9e:19:50:a8:13:f1:2b:
f0:55:83:fb:50:4f:29:96:c9:53:d7:33:01:7b:f9:16:ee:3a:
82:68:1f:7b:44:1d:cc:66:dd:fe:9d:ff:8a:4e:a2:0a:b5:7d:
06:5d:db:43:3c:ac:9c:a1:92:bd:ea:36:96:1e:8b:fd:8f:e9:
92:d4:49:44:cd:81:24:7b:07:ce:b4:8c:fd:57:65:24:d8:6d:
bd:6b:ac:e6:fc:6e:b7:13:85:b2:11:48:12:bf:59:40:0b:ee:
46:8b:49:57:ec:ec:db:e2:1a:82:4f:cf:8a:79:3b:32:e1:ef:
44:c4:98:3b:65:e7:75:fe:3c:a6:9f:97:a6:b8:f2:1f:5c:61:
2d:9a:a4:2c:a3:09:f0:1b:95:f9:ce:1b:72:fe:8d:52:96:5e:
cf:f2:e1:af:fe:27:a9:e6:23:7d:61:93:eb:a2:3c:10:5b:39:
01:ff:39:e1:9c:01:d2:ae:bc:f6:55:28:19:e5:31:bc:fc:60:
ad:a3:06:fc:82:11:bb:2e:62:14:de:91:47:c9:28:dd:43:89:
47:76:9a:3a:0e:75:5e:d0:61:05:c4:9f:c9:86:2c:e2:6c:aa:
d3:4c:59:c6
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZiYVLVx2TqOQXvQ8W79q6M7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwODExMDg1MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGJiODBkZTc1Yzk2NTExZmZhMmU1YjgyZWExZjFmYmNiYzJhNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4imGN3EADsw+uuwgF8q/at1MyPD
IvtUdHWgHfekw6TkGDnyB1BuifOse9TXTBHHcPsfvoxGXx8s3z89GCj0KnPMFnn5
6LuZmjV4NCyydvsJL0FMHJw+pGFesJwbjaG3GBC/Yjdg+9pK4RYVaAd7s4J0SFuW
aszEqWFfjr/B+wfW15lL4B1wCxLt4s38PoOB672u1PAKvvOdthe6tl/tVQAmWcyD
vFgsvItYpC1Nx5qKqwjXZl9NhyCyF6CE2nmkbDyKvym9YdZYQl5iwmHIOu7zBdHM
rvyMIJDXkE7Q5DptdAzGVaIHvNNiMWdZz/T2f5nUuxI3Cu9l/SGLdDpMBQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFFC7gN51yWUR/6LluC6h8fvLwqYNMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVUx1QTNuWEpaUkhfb3VXNExxSHgtOHZDcGcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAAt
WhEDBAC5flIDBAC5xzYDBAC5zvsDBAC50SYwDAMEALnRSQMEArnRSAMEALnS6QME
ALnS6wMEALnWbAMEALnaFAMEALnaZQMEALnc+AMEAbnc+gMEAbneHAMEALnfUAME
ALnfmwMEAbnhAAMEALnhAwMEALniaAMEALniawMEALnjkAMEAbnjkgMEALnkSwME
ALnozgMEALn2cDAMAwQEwQhwAwQAwQhyAwQBwTqSAwQAwgVAAwQAwgVDAwQAwkyp
AwQAwkysAwQAwnxFMA0GCSqGSIb3DQEBCwUAA4IBAQA29A+G3RVJnaunB3T7y/Vc
0yR9+HAS6GcmLTaksJ4ZUKgT8SvwVYP7UE8plslT1zMBe/kW7jqCaB97RB3MZt3+
nf+KTqIKtX0GXdtDPKycoZK96jaWHov9j+mS1ElEzYEkewfOtIz9V2Uk2G29a6zm
/G63E4WyEUgSv1lAC+5Gi0lX7Ozb4hqCT8+KeTsy4e9ExJg7Zed1/jymn5emuPIf
XGEtmqQsownwG5X5zhty/o1Sll7P8uGv/iep5iN9YZProjwQWzkB/znhnAHSrrz2
VSgZ5TG8/GCtowb8ghG7LmIU3pFHySjdQ4lHdpo6DnVe0GEFxJ/JhizibKrTTFnG
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:14:20 2025 by rpki-client