Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/uLFuSxmniVdOOB-xJoPZwASxLt4.roa
File: uLFuSxmniVdOOB-xJoPZwASxLt4.roa (raw, json)
Hash identifier: FLb2IX6npCXvVAUlOdGVEYczSWz0bZw/0vsaAGxi3UI=
Subject key identifier: B8:B1:6E:4B:19:A7:89:57:4E:38:1F:B1:26:83:D9:C0:04:B1:2E:DE
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 019CDCBF504A8FC8537390650BD37F4D81B3
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/uLFuSxmniVdOOB-xJoPZwASxLt4.roa
Signing time: Wed 11 Mar 2026 11:54:11 +0000
ROA not before: Wed 11 Mar 2026 11:54:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209024
IP address blocks: 62.113.64.0/24 maxlen: 24
62.113.73.0/24 maxlen: 24
176.109.64.0/24 maxlen: 24
176.109.65.0/24 maxlen: 24
176.109.66.0/24 maxlen: 24
176.109.67.0/24 maxlen: 24
176.109.68.0/24 maxlen: 24
176.109.69.0/24 maxlen: 24
176.109.70.0/24 maxlen: 24
176.109.80.0/24 maxlen: 24
178.236.24.0/24 maxlen: 24
178.236.25.0/24 maxlen: 24
2a02:28:d::/48 maxlen: 48
2a02:2a:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:bf:50:4a:8f:c8:53:73:90:65:0b:d3:7f:4d:81:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Mar 11 11:54:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8b16e4b19a789574e381fb12683d9c004b12ede
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ce:32:51:7b:dc:e9:b8:8b:e2:d9:74:8e:97:
01:a3:ca:02:7d:e8:1d:ab:09:59:55:21:55:fa:d9:
58:5a:a9:7c:46:e4:ea:85:97:b1:d2:34:1a:e5:f1:
c8:61:b5:b4:09:f7:9e:e6:6d:d2:07:89:77:c2:ce:
d8:91:f7:dd:03:4d:48:07:ef:b5:46:86:2d:96:05:
5a:48:f7:36:6a:b8:06:ad:91:a4:cd:5a:e4:4a:9e:
31:93:67:6f:96:82:b3:ad:1b:a2:44:8f:3d:b3:78:
2c:34:70:f0:d1:dc:cf:67:7f:d0:e1:7c:d2:c7:97:
78:77:0e:ad:c6:87:52:f0:4c:0a:5c:d2:7a:3c:e6:
1e:dc:a6:bc:c0:73:8c:f3:ef:d8:5e:42:f1:f3:4f:
0c:4a:1f:0c:7b:c0:33:26:91:99:f0:2a:8c:15:30:
de:09:1c:5b:3e:9f:43:76:35:64:d6:48:5c:0a:59:
bf:51:4c:8a:a4:7f:3a:14:d2:70:e3:69:aa:44:36:
e8:b0:4c:75:36:bb:44:ba:36:2f:3f:3c:b1:ad:c5:
35:38:ca:1e:bb:42:27:d5:5e:aa:8f:4d:6c:47:ff:
76:69:2a:50:87:f1:55:2b:f1:70:3a:5c:ae:8d:af:
9c:16:1c:4e:9e:d0:ae:a5:d8:36:af:07:6f:7a:dc:
01:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B1:6E:4B:19:A7:89:57:4E:38:1F:B1:26:83:D9:C0:04:B1:2E:DE
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/uLFuSxmniVdOOB-xJoPZwASxLt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.64.0/24
62.113.73.0/24
176.109.64.0-176.109.70.255
176.109.80.0/24
178.236.24.0/23
IPv6:
2a02:28:d::/48
2a02:2a:1000::/36
Signature Algorithm: sha256WithRSAEncryption
55:ff:7e:c3:de:fd:b8:25:a7:1a:b5:97:97:4e:43:8e:bc:68:
3d:8c:0b:44:12:a2:95:73:fc:f4:e5:0a:63:8b:fe:1f:3c:de:
46:49:03:79:aa:4e:3b:57:1f:c0:99:68:47:be:bb:fc:dd:a0:
d2:43:73:cd:22:dc:df:a3:7c:09:39:32:28:90:16:fd:25:2c:
a2:62:ad:ff:09:ab:b7:b4:b0:cf:cf:5f:22:26:95:16:75:81:
6f:eb:79:6e:01:05:99:0e:41:e6:da:ec:66:2c:7a:d6:bd:42:
09:4c:a5:68:3d:42:16:7b:ea:af:d7:2c:a8:d8:af:d6:d8:71:
3d:76:43:8a:aa:47:3a:df:9a:20:47:e7:60:fd:9e:a4:e7:47:
bd:5c:53:56:b2:06:c1:3e:e2:fd:ce:87:d8:86:3e:09:17:ea:
e5:a8:a4:86:10:e8:85:4a:94:f9:5e:ef:46:01:d4:91:7d:2c:
fe:9c:61:93:bb:ee:af:74:34:ae:3a:d2:06:cb:16:1b:9b:a4:
27:cc:4f:1b:10:2f:aa:0f:bf:d6:61:d5:28:c2:2e:f8:b7:f7:
fb:54:5d:67:3c:4c:91:3b:6d:8a:6d:a3:9d:38:c0:07:46:ea:
62:4d:c3:1a:2d:8c:c0:b8:68:ad:a1:bb:ff:b5:c4:20:8f:29:
c1:b1:0c:47
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZzcv1BKj8hTc5BlC9N/TYGzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjYwMzExMTE1NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIxNmU0YjE5YTc4OTU3NGUzODFmYjEyNjgzZDljMDA0YjEyZWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc4yUXvc6biL4tl0jpcBo8oCfegd
qwlZVSFV+tlYWql8RuTqhZex0jQa5fHIYbW0Cfee5m3SB4l3ws7YkffdA01IB++1
RoYtlgVaSPc2argGrZGkzVrkSp4xk2dvloKzrRuiRI89s3gsNHDw0dzPZ3/Q4XzS
x5d4dw6txodS8EwKXNJ6POYe3Ka8wHOM8+/YXkLx808MSh8Me8AzJpGZ8CqMFTDe
CRxbPp9DdjVk1khcClm/UUyKpH86FNJw42mqRDbosEx1NrtEujYvPzyxrcU1OMoe
u0In1V6qj01sR/92aSpQh/FVK/FwOlyuja+cFhxOntCupdg2rwdvetwB9QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFLixbksZp4lXTjgfsSaD2cAEsS7eMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvdUxGdVN4bW5pVmRPT0IteEpvUFp3QVN4THQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAsBAIAATAmAwQAPnFAAwQA
PnFJMAwDBAawbUADBACwbUYDBACwbVADBAGy7BgwFwQCAAIwEQMHACoCACgADQMG
BCoCACoQMA0GCSqGSIb3DQEBCwUAA4IBAQBV/37D3v24JacatZeXTkOOvGg9jAtE
EqKVc/z05Qpji/4fPN5GSQN5qk47Vx/AmWhHvrv83aDSQ3PNItzfo3wJOTIokBb9
JSyiYq3/Cau3tLDPz18iJpUWdYFv63luAQWZDkHm2uxmLHrWvUIJTKVoPUIWe+qv
1yyo2K/W2HE9dkOKqkc635ogR+dg/Z6k50e9XFNWsgbBPuL9zofYhj4JF+rlqKSG
EOiFSpT5Xu9GAdSRfSz+nGGTu+6vdDSuOtIGyxYbm6QnzE8bEC+qD7/WYdUowi74
t/f7VF1nPEyRO22KbaOdOMAHRupiTcMaLYzAuGitobv/tcQgjynBsQxH
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:11:02 2026 by rpki-client