Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/UuI1NuE1iBkF113PZe9PjrTUve8.roa
File: UuI1NuE1iBkF113PZe9PjrTUve8.roa (raw, json)
Hash identifier: z47plfnTVc8sT1xa3CA67pAIDEwPbdIhyEWSYRV0H1c=
Subject key identifier: 52:E2:35:36:E1:35:88:19:05:D7:5D:CF:65:EF:4F:8E:B4:D4:BD:EF
Certificate issuer: /CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Certificate serial: 019DF8379CA1FB7474D2740ABDD973AECD54
Authority key identifier: 55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/UuI1NuE1iBkF113PZe9PjrTUve8.roa
Signing time: Tue 05 May 2026 12:58:07 +0000
ROA not before: Tue 05 May 2026 12:58:07 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31529
IP address blocks: 81.91.164.0/24 maxlen: 24
185.151.140.0/24 maxlen: 24
185.151.141.0/24 maxlen: 24
185.151.142.0/24 maxlen: 24
185.151.143.0/24 maxlen: 24
194.0.0.0/24 maxlen: 24
194.0.11.0/24 maxlen: 24
194.246.96.0/24 maxlen: 24
2001:678:2::/48 maxlen: 48
2001:678:e::/48 maxlen: 48
2a02:568::/48 maxlen: 48
2a02:568:fe00::/48 maxlen: 48
2a02:568:fe01::/48 maxlen: 48
2a02:568:fe02::/48 maxlen: 48
2a02:56f::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f8:37:9c:a1:fb:74:74:d2:74:0a:bd:d9:73:ae:cd:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55b296d6b534fe3a32cc1c3a4e81358f216c93c7
Validity
Not Before: May 5 12:58:07 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52e23536e135881905d75dcf65ef4f8eb4d4bdef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:4d:33:3b:90:83:d0:a2:8c:8c:db:0b:6f:cc:
eb:2d:17:28:37:b5:b4:ab:7e:79:a7:df:e8:dc:fa:
71:6f:82:3d:c6:57:77:8d:c7:d1:aa:33:e3:60:1c:
e0:2c:3d:23:12:7a:40:5b:cb:f8:42:ef:e0:81:8b:
8b:31:38:83:0c:c9:9e:54:6f:3c:ca:1f:41:e3:a8:
9d:93:f6:b9:da:c5:ec:7c:75:e2:59:6d:2e:18:f4:
a1:8c:4b:bf:74:d7:bb:98:59:7c:a3:ef:30:16:e9:
de:d6:ed:ad:0d:8f:d6:26:9e:61:27:de:58:c5:25:
f9:f3:cc:3a:24:36:f6:89:e6:22:8c:88:49:53:33:
f6:40:1a:f6:17:b2:43:d1:c7:d7:4f:d0:47:cb:7d:
39:6c:dd:59:37:ee:45:86:47:0c:98:6a:6d:cd:33:
de:e5:a5:74:77:1e:ad:ed:17:e7:94:e2:7a:cf:22:
b9:04:fa:a1:36:56:eb:c6:06:12:01:0c:1c:f5:31:
90:97:73:13:cd:92:2d:85:e5:c8:66:31:fb:91:b5:
98:a9:88:bd:00:58:49:26:99:5e:9c:ee:04:67:82:
f7:fb:e7:3b:77:11:4d:b5:61:fe:66:2d:e6:0b:62:
d7:60:af:e9:a8:8b:77:76:ab:e9:d7:24:4d:20:1b:
63:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E2:35:36:E1:35:88:19:05:D7:5D:CF:65:EF:4F:8E:B4:D4:BD:EF
X509v3 Authority Key Identifier:
keyid:55:B2:96:D6:B5:34:FE:3A:32:CC:1C:3A:4E:81:35:8F:21:6C:93:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbKW1rU0_joyzBw6ToE1jyFsk8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/UuI1NuE1iBkF113PZe9PjrTUve8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/d7ab0c-3c22-4c61-a201-dd6cc97c9bdd/1/VbKW1rU0_joyzBw6ToE1jyFsk8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.164.0/24
185.151.140.0/22
194.0.0.0/24
194.0.11.0/24
194.246.96.0/24
IPv6:
2001:678:2::/48
2001:678:e::/48
2a02:568::/48
2a02:568:fe00::-2a02:568:fe02:ffff:ffff:ffff:ffff:ffff
2a02:56f::/32
Signature Algorithm: sha256WithRSAEncryption
97:c1:18:8a:b3:d1:0e:de:a9:5f:1d:61:54:97:76:d8:48:04:
7a:4f:e5:f0:10:52:b7:9d:d9:8d:47:1c:8d:d0:c1:d3:9b:45:
06:b7:4b:16:47:ab:39:4a:4a:c7:e0:f6:ca:9b:dd:20:6a:33:
93:7c:eb:be:c1:86:0b:ec:68:6a:e8:ca:66:ee:d1:5a:50:09:
ef:dc:a9:61:3d:d7:57:bd:8c:76:4e:53:a5:f8:67:71:28:8b:
91:85:8d:66:a9:b3:b5:91:b3:bd:3a:dc:20:60:bf:70:2f:c7:
de:25:55:1c:6b:18:db:b3:bb:54:7a:ab:c7:04:28:ff:48:a1:
fd:6d:cd:d8:13:a5:20:8f:0f:8a:77:cc:31:73:dd:3d:fd:d4:
df:08:e6:41:dc:63:f7:4b:cb:c3:c2:62:89:68:60:c4:f2:59:
5a:44:45:46:f3:5b:5d:06:fc:c6:d0:ce:f1:a5:cb:84:d9:4d:
f0:50:ad:27:22:3d:9a:0d:ad:6b:e5:41:51:65:23:99:80:13:
33:e5:ad:c9:2c:ee:7b:21:4c:34:1f:33:2a:45:c1:70:bb:b1:
06:02:c0:a4:b1:bc:19:70:4a:3f:16:db:7b:17:2c:be:44:7c:
c6:1a:ce:af:d3:09:8a:46:28:1c:34:41:eb:47:61:42:aa:5a:
1a:21:e3:00
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZ34N5yh+3R00nQKvdlzrs1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YjI5NmQ2YjUzNGZlM2EzMmNjMWMzYTRlODEzNThmMjE2
YzkzYzcwHhcNMjYwNTA1MTI1ODA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmUyMzUzNmUxMzU4ODE5MDVkNzVkY2Y2NWVmNGY4ZWI0ZDRiZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt00zO5CD0KKMjNsLb8zrLRcoN7W0
q355p9/o3Ppxb4I9xld3jcfRqjPjYBzgLD0jEnpAW8v4Qu/ggYuLMTiDDMmeVG88
yh9B46idk/a52sXsfHXiWW0uGPShjEu/dNe7mFl8o+8wFune1u2tDY/WJp5hJ95Y
xSX588w6JDb2ieYijIhJUzP2QBr2F7JD0cfXT9BHy305bN1ZN+5FhkcMmGptzTPe
5aV0dx6t7RfnlOJ6zyK5BPqhNlbrxgYSAQwc9TGQl3MTzZItheXIZjH7kbWYqYi9
AFhJJplenO4EZ4L3++c7dxFNtWH+Zi3mC2LXYK/pqIt3dqvp1yRNIBtjFwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFFLiNTbhNYgZBdddz2XvT4601L3vMB8GA1UdIwQY
MBaAFFWylta1NP46MswcOk6BNY8hbJPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEt
ZGQ2Y2M5N2M5YmRkLzEvVXVJMU51RTFpQmtGMTEzUFplOVBqclRVdmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9kN2FiMGMtM2MyMi00YzYxLWEyMDEtZGQ2Y2M5N2M5YmRk
LzEvVmJLVzFyVTBfam95ekJ3NlRvRTFqeUZzazhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzAkBAIAATAeAwQAUVukAwQC
uZeMAwQAwgAAAwQAwgALAwQAwvZgMDsEAgACMDUDBwAgAQZ4AAIDBwAgAQZ4AA4D
BwAqAgVoAAAwEQMGASoCBWj+AwcAKgIFaP4CAwUAKgIFbzANBgkqhkiG9w0BAQsF
AAOCAQEAl8EYirPRDt6pXx1hVJd22EgEek/l8BBSt53ZjUccjdDB05tFBrdLFker
OUpKx+D2ypvdIGozk3zrvsGGC+xoaujKZu7RWlAJ79ypYT3XV72Mdk5TpfhncSiL
kYWNZqmztZGzvTrcIGC/cC/H3iVVHGsY27O7VHqrxwQo/0ih/W3N2BOlII8PinfM
MXPdPf3U3wjmQdxj90vLw8JiiWhgxPJZWkRFRvNbXQb8xtDO8aXLhNlN8FCtJyI9
mg2ta+VBUWUjmYATM+WtySzueyFMNB8zKkXBcLuxBgLApLG8GXBKPxbbexcsvkR8
xhrOr9MJikYoHDRB60dhQqpaGiHjAA==
-----END CERTIFICATE-----
Generated at Wed May 13 10:43:43 2026 by rpki-client