Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/u1xb8KFhZ9VdPoIT28zdu8VJu3I.roa
File: u1xb8KFhZ9VdPoIT28zdu8VJu3I.roa (raw, json)
Hash identifier: 8UozN5CjZVX2BXRHmeiopdm7WosJKzoXEnI22znMJY4=
Subject key identifier: BB:5C:5B:F0:A1:61:67:D5:5D:3E:82:13:DB:CC:DD:BB:C5:49:BB:72
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 019CC76B594E3E2C29CB873BE99B3124B4C3
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/u1xb8KFhZ9VdPoIT28zdu8VJu3I.roa
Signing time: Sat 07 Mar 2026 08:30:27 +0000
ROA not before: Sat 07 Mar 2026 08:30:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.67.136.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.134.36.0/24 maxlen: 24
45.137.202.0/24 maxlen: 24
45.141.116.0/22 maxlen: 22
45.142.105.0/24 maxlen: 24
45.151.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c7:6b:59:4e:3e:2c:29:cb:87:3b:e9:9b:31:24:b4:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Mar 7 08:30:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb5c5bf0a16167d55d3e8213dbccddbbc549bb72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:d7:da:5d:ee:91:eb:13:ba:e1:73:94:d7:
f5:8b:18:a2:a3:ad:ff:2b:11:48:cf:91:a9:25:a3:
d4:ee:8d:0c:47:b3:f2:ea:b6:4b:29:f6:69:9f:74:
b0:9d:df:19:e6:f4:37:4e:5e:c5:5a:62:ca:03:a0:
c9:e7:db:2b:7e:3d:77:dd:15:c7:64:ee:c8:51:b5:
c6:d5:3a:7a:ea:f4:c7:be:09:81:b1:60:98:c3:a1:
56:00:6a:46:6d:e2:82:f1:c9:42:c2:b8:79:f5:3c:
17:21:de:85:ea:75:12:be:03:1c:0b:7a:28:4a:e8:
12:5e:ac:da:e0:25:a1:af:0a:00:a1:ad:d4:0f:23:
6b:ea:92:52:66:88:ea:f2:81:99:14:fe:13:92:70:
00:e9:cd:1b:c8:b1:ec:7d:80:af:f9:b5:db:60:e4:
1a:51:4b:3f:b9:da:8a:47:2c:12:72:17:7e:42:40:
af:50:9f:ad:01:5a:c8:5b:c8:99:cb:ec:d4:07:44:
a1:ad:d5:02:ec:d6:fa:4a:80:7d:75:53:bb:99:bf:
c9:03:82:01:84:73:fd:3e:af:00:60:40:0c:e0:1c:
50:69:70:55:46:db:e1:81:b7:88:9e:99:0a:f9:21:
0f:5d:47:e0:c1:38:ea:f7:7e:00:4f:bd:a8:d0:59:
53:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5C:5B:F0:A1:61:67:D5:5D:3E:82:13:DB:CC:DD:BB:C5:49:BB:72
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/u1xb8KFhZ9VdPoIT28zdu8VJu3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.136.0/24
45.92.218.0/24
45.134.36.0/24
45.137.202.0/24
45.141.116.0/22
45.142.105.0/24
45.151.56.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e5:ce:28:85:71:3f:8b:c2:e0:ae:80:36:3a:5d:c1:a8:1c:
b7:b6:42:e8:8b:8c:70:bd:4a:6b:70:e5:08:ce:d7:b3:0a:1b:
7a:c2:f0:75:6b:39:e0:8f:f6:8a:89:ad:83:67:4c:84:46:ed:
71:f3:96:84:08:16:8b:f3:46:f6:90:b8:47:06:2c:ac:fe:d1:
53:03:9d:74:76:d4:0a:aa:a6:23:07:13:b3:99:a4:26:31:28:
ce:c2:36:18:51:ae:85:50:83:88:db:f4:47:b4:f0:48:17:ca:
34:6c:58:55:89:22:90:bb:de:c5:bc:4c:d9:90:37:35:da:42:
c8:60:a4:ae:bf:a6:a3:f5:ef:15:fb:54:17:16:dd:56:93:c1:
15:cc:6f:8c:7e:7e:c9:16:ea:3d:c9:93:ad:57:9a:85:b2:c2:
f1:0c:88:ee:d5:d1:77:cd:5b:05:9a:df:87:c4:2a:a1:1c:3d:
64:6b:10:97:ba:f2:56:bf:63:0f:75:9f:3a:81:97:cb:28:73:
5a:99:ce:d2:97:61:61:b8:2c:bf:86:c4:09:83:d0:09:f8:51:
02:e5:d8:41:53:5b:05:bd:cc:eb:af:b3:fe:d4:c1:a5:5d:45:
10:b1:89:16:d3:89:37:02:62:fa:c0:22:93:08:9d:6c:24:7d:
c2:9f:58:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZzHa1lOPiwpy4c76ZsxJLTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjYwMzA3MDgzMDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjVjNWJmMGExNjE2N2Q1NWQzZTgyMTNkYmNjZGRiYmM1NDliYjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxr7X2l3ukesTuuFzlNf1ixiio63/
KxFIz5GpJaPU7o0MR7Py6rZLKfZpn3Swnd8Z5vQ3Tl7FWmLKA6DJ59srfj133RXH
ZO7IUbXG1Tp66vTHvgmBsWCYw6FWAGpGbeKC8clCwrh59TwXId6F6nUSvgMcC3oo
SugSXqza4CWhrwoAoa3UDyNr6pJSZojq8oGZFP4TknAA6c0byLHsfYCv+bXbYOQa
UUs/udqKRywSchd+QkCvUJ+tAVrIW8iZy+zUB0ShrdUC7Nb6SoB9dVO7mb/JA4IB
hHP9Pq8AYEAM4BxQaXBVRtvhgbeInpkK+SEPXUfgwTjq934AT72o0FlTCwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLtcW/ChYWfVXT6CE9vM3bvFSbtyMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvdTF4YjhLRmhaOVZkUG9JVDI4emR1OFZKdTNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALUOIAwQA
LVzaAwQALYYkAwQALYnKAwQCLY10AwQALY5pAwQALZc4MA0GCSqGSIb3DQEBCwUA
A4IBAQAe5c4ohXE/i8LgroA2Ol3BqBy3tkLoi4xwvUprcOUIztezCht6wvB1azng
j/aKia2DZ0yERu1x85aECBaL80b2kLhHBiys/tFTA510dtQKqqYjBxOzmaQmMSjO
wjYYUa6FUIOI2/RHtPBIF8o0bFhViSKQu97FvEzZkDc12kLIYKSuv6aj9e8V+1QX
Ft1Wk8EVzG+Mfn7JFuo9yZOtV5qFssLxDIju1dF3zVsFmt+HxCqhHD1kaxCXuvJW
v2MPdZ86gZfLKHNamc7Sl2FhuCy/hsQJg9AJ+FEC5dhBU1sFvczrr7P+1MGlXUUQ
sYkW04k3AmL6wCKTCJ1sJH3Cn1i9
-----END CERTIFICATE-----
Generated at Mon Mar 30 08:50:04 2026 by rpki-client