
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/UhdjQtj-FfDyuU6V5WnFSOKYjmk.roa
File: UhdjQtj-FfDyuU6V5WnFSOKYjmk.roa (raw, json)
Hash identifier: QbBqfb3nWseUxtS3InHqu29EzpheC2v8vhkaoLoZ0FY=
Subject key identifier: 52:17:63:42:D8:FE:15:F0:F2:B9:4E:95:E5:69:C5:48:E2:98:8E:69
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 01992D8EE72E36EC0D3028835681C399BB24
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/UhdjQtj-FfDyuU6V5WnFSOKYjmk.roa
Signing time: Tue 09 Sep 2025 08:19:24 +0000
ROA not before: Tue 09 Sep 2025 08:19:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212525
IP address blocks: 78.109.224.0/24 maxlen: 24
78.109.233.0/24 maxlen: 24
78.109.234.0/24 maxlen: 24
78.109.235.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
185.52.102.0/24 maxlen: 24
185.52.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:8e:e7:2e:36:ec:0d:30:28:83:56:81:c3:99:bb:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Sep 9 08:19:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52176342d8fe15f0f2b94e95e569c548e2988e69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:67:f6:89:c3:cb:54:1c:d6:97:76:20:1f:
f3:3c:5c:bd:3e:6c:86:8b:71:c8:b9:b1:c0:93:70:
88:65:b6:96:a1:ed:e9:01:eb:ac:22:36:98:82:71:
78:78:25:54:da:9a:12:fc:01:71:92:5d:f2:f1:98:
3d:44:50:87:29:1f:fd:77:6b:7a:4b:07:46:27:bc:
a7:da:5b:30:3e:8d:6b:2f:62:eb:d6:c6:9b:4f:0f:
cc:54:93:fb:a2:28:98:e0:14:f0:34:1f:d0:41:94:
ab:33:39:e5:a4:13:14:16:ec:21:0f:7c:66:06:c3:
d4:8d:f3:9c:d7:c7:6c:48:bb:0a:fa:d3:1a:f0:d5:
46:54:70:66:9e:01:bd:75:95:d8:2c:84:ae:83:8b:
ae:13:03:9e:27:b7:cc:00:c8:6e:5c:fc:84:a3:c3:
b8:ab:46:f7:6f:ca:00:dd:68:89:55:36:09:87:f0:
8c:8b:9c:e8:22:42:e6:c1:61:cd:09:42:c0:23:ac:
9c:37:10:98:b0:77:1e:f1:d9:68:89:18:af:ed:8d:
09:3c:87:7a:9d:da:d0:da:b7:db:40:d1:f8:94:8f:
42:6d:27:9b:8d:b7:df:5d:7f:61:9e:e1:d0:78:04:
fb:b5:82:5d:b9:9c:bb:59:e6:26:c0:f8:37:63:c6:
cd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:17:63:42:D8:FE:15:F0:F2:B9:4E:95:E5:69:C5:48:E2:98:8E:69
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/UhdjQtj-FfDyuU6V5WnFSOKYjmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.224.0/24
78.109.233.0-78.109.235.255
78.109.238.0/24
185.52.101.0-185.52.103.255
Signature Algorithm: sha256WithRSAEncryption
4d:9c:7d:7f:f2:2e:65:33:34:e4:76:50:60:bc:ea:98:97:45:
9c:63:ef:42:21:be:93:fa:de:47:ff:f7:51:e0:69:bb:c7:44:
fd:c5:cb:57:9f:3b:f6:43:48:71:5c:ce:f1:42:77:e5:13:de:
71:cd:52:a1:e5:01:83:f4:d4:f8:04:d0:61:14:e6:6f:af:8a:
6f:ac:56:0f:9b:96:39:48:bc:8c:99:c9:e8:c2:5f:0d:18:5a:
05:2d:11:cd:e0:85:ce:ce:3d:a0:bf:77:7b:d7:09:6b:f6:d9:
c1:e7:68:02:d4:4e:9c:79:1a:b5:2c:79:4d:8c:eb:2b:bc:72:
e8:31:2c:47:1b:06:f6:8e:c2:0d:bb:de:7c:f8:dc:6d:d0:91:
c4:9e:1f:50:72:b5:3c:72:ea:be:1e:0a:73:1d:56:a6:ad:4d:
ed:6c:d2:15:15:b4:38:5e:63:c6:bf:d9:3b:60:02:f5:d2:5b:
9b:5c:26:f0:45:ec:8a:ce:ce:4d:3e:e9:1c:37:20:19:7a:12:
9c:cf:d3:dc:2f:a5:cd:c1:cd:37:e3:5e:21:86:68:02:22:f6:
2e:11:d8:40:b6:c3:5b:7b:80:15:9b:12:14:e3:38:51:09:b0:
c5:83:b5:38:5f:00:80:e3:70:76:9b:4e:a1:4b:73:e0:ee:c1:
79:3f:dc:6b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZktjucuNuwNMCiDVoHDmbskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjUwOTA5MDgxOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE3NjM0MmQ4ZmUxNWYwZjJiOTRlOTVlNTY5YzU0OGUyOTg4ZTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFJn9onDy1Qc1pd2IB/zPFy9PmyG
i3HIubHAk3CIZbaWoe3pAeusIjaYgnF4eCVU2poS/AFxkl3y8Zg9RFCHKR/9d2t6
SwdGJ7yn2lswPo1rL2Lr1sabTw/MVJP7oiiY4BTwNB/QQZSrMznlpBMUFuwhD3xm
BsPUjfOc18dsSLsK+tMa8NVGVHBmngG9dZXYLISug4uuEwOeJ7fMAMhuXPyEo8O4
q0b3b8oA3WiJVTYJh/CMi5zoIkLmwWHNCULAI6ycNxCYsHce8dloiRiv7Y0JPId6
ndrQ2rfbQNH4lI9CbSebjbffXX9hnuHQeAT7tYJduZy7WeYmwPg3Y8bNiwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFIXY0LY/hXw8rlOleVpxUjimI5pMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL1VoZGpRdGotRmZEeXVVNlY1V25GU09LWWptay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQQYIKwYBBQUHAQcBAf8EMjAwMC4EAgABMCgDBABObeAw
DAMEAE5t6QMEAk5t6AMEAE5t7jAMAwQAuTRlAwQDuTRgMA0GCSqGSIb3DQEBCwUA
A4IBAQBNnH1/8i5lMzTkdlBgvOqYl0WcY+9CIb6T+t5H//dR4Gm7x0T9xctXnzv2
Q0hxXM7xQnflE95xzVKh5QGD9NT4BNBhFOZvr4pvrFYPm5Y5SLyMmcnowl8NGFoF
LRHN4IXOzj2gv3d71wlr9tnB52gC1E6ceRq1LHlNjOsrvHLoMSxHGwb2jsINu958
+Nxt0JHEnh9QcrU8cuq+HgpzHVamrU3tbNIVFbQ4XmPGv9k7YAL10lubXCbwReyK
zs5NPukcNyAZehKcz9PcL6XNwc03414hhmgCIvYuEdhAtsNbe4AVmxIU4zhRCbDF
g7U4XwCA43B2m06hS3Pg7sF5P9xr
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:29:15 2025 by rpki-client