Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/uYe5oaUK8hVW2om_IAHy0X4_gSc.roa
File: uYe5oaUK8hVW2om_IAHy0X4_gSc.roa (raw, json)
Hash identifier: MzIlUgDKPBOByTPkQl8istY2JT1L8/f98rWrZ5ecX8k=
Subject key identifier: B9:87:B9:A1:A5:0A:F2:15:56:DA:89:BF:20:01:F2:D1:7E:3F:81:27
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019DFCBFF7E1DF88C3FA5DE954579A492EE1
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/uYe5oaUK8hVW2om_IAHy0X4_gSc.roa
Signing time: Wed 06 May 2026 10:05:32 +0000
ROA not before: Wed 06 May 2026 10:05:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6830
IP address blocks: 80.174.136.0/22 maxlen: 22
80.174.140.0/22 maxlen: 22
103.228.128.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fc:bf:f7:e1:df:88:c3:fa:5d:e9:54:57:9a:49:2e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 6 10:05:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b987b9a1a50af21556da89bf2001f2d17e3f8127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:6c:02:94:58:fc:50:06:55:7e:30:d4:33:70:
f2:76:bd:1e:12:54:73:cd:60:2f:6a:4a:c5:47:a0:
fd:59:f9:01:42:8e:94:7b:4a:9a:c1:ad:0e:2e:5e:
ee:b0:08:d7:34:3b:86:2c:95:8c:bd:65:18:c4:39:
4b:73:1c:bc:63:5f:11:35:0d:c8:97:c9:04:ad:4d:
8c:ce:10:ad:66:0e:58:5b:51:89:b2:04:fa:fa:af:
4a:07:98:8b:1e:6a:48:cf:58:e6:72:f6:b5:92:e4:
dc:55:39:2b:f4:af:aa:16:b1:bf:ec:10:d8:77:75:
d8:c0:96:a0:0c:e0:b0:df:18:49:67:90:e4:d6:6c:
6a:d7:d3:3f:01:6a:ad:7e:2b:40:80:01:d9:63:9a:
8a:f1:61:3f:0e:c5:a1:61:d8:e7:46:fc:c5:39:01:
1e:af:bc:dc:3b:30:87:30:d1:00:d1:5b:a6:ff:7a:
b3:26:c3:32:b8:76:29:3b:84:fb:43:e3:ee:9e:1d:
b6:6b:f8:c2:13:c0:3b:b5:4a:51:e9:b4:36:ed:2d:
4f:15:2b:12:89:e0:98:3e:1e:ad:62:be:92:61:91:
dd:fe:52:0d:ac:0e:79:2b:9a:7b:8b:3f:49:5b:07:
51:b5:a7:78:29:89:6f:4d:59:67:83:71:89:7f:b2:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:87:B9:A1:A5:0A:F2:15:56:DA:89:BF:20:01:F2:D1:7E:3F:81:27
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/uYe5oaUK8hVW2om_IAHy0X4_gSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.136.0/21
103.228.128.0/22
Signature Algorithm: sha256WithRSAEncryption
46:55:52:39:68:7e:e2:b3:13:23:45:f5:9f:92:d4:bb:b7:60:
cd:3a:81:fd:c0:bf:50:bd:c5:9b:6a:64:01:bb:70:09:f7:d7:
83:64:61:85:c2:f2:eb:50:11:23:a7:6e:57:61:c3:79:60:66:
aa:6b:82:d6:94:e3:10:61:d7:24:d4:aa:ef:39:d4:31:ef:1c:
59:52:5c:4e:08:e9:c1:99:49:6b:bb:f5:39:31:a2:2b:71:57:
37:49:30:60:e5:d1:ba:87:0b:96:b2:6f:ea:59:a9:e7:b7:14:
79:c8:a8:f3:78:ce:3b:b2:4a:13:c6:dd:ab:e8:90:ba:78:d7:
c7:94:6a:5a:90:85:76:1a:dd:5f:4d:7f:e9:1e:78:38:20:78:
07:2d:54:77:a7:46:61:96:c7:70:b1:db:9f:3e:dd:1a:a5:6a:
05:5f:4e:9c:3e:de:99:24:7e:5b:c0:41:62:fc:c3:6f:b2:2c:
a5:61:98:af:a3:94:28:a2:f9:f8:c9:cb:02:ce:94:1e:ca:65:
cf:05:9e:d2:06:b7:39:b0:6e:00:41:67:46:ee:7f:81:f7:1a:
b1:5a:97:3e:48:78:44:68:d3:17:f9:4d:cf:36:95:07:f3:92:
f8:7f:eb:8b:e2:53:b3:dd:ab:78:73:c2:a7:f2:14:88:9c:af:
d9:a6:b3:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ38v/fh34jD+l3pVFeaSS7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTA2MTAwNTMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg3YjlhMWE1MGFmMjE1NTZkYTg5YmYyMDAxZjJkMTdlM2Y4MTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmwClFj8UAZVfjDUM3Dydr0eElRz
zWAvakrFR6D9WfkBQo6Ue0qawa0OLl7usAjXNDuGLJWMvWUYxDlLcxy8Y18RNQ3I
l8kErU2MzhCtZg5YW1GJsgT6+q9KB5iLHmpIz1jmcva1kuTcVTkr9K+qFrG/7BDY
d3XYwJagDOCw3xhJZ5Dk1mxq19M/AWqtfitAgAHZY5qK8WE/DsWhYdjnRvzFOQEe
r7zcOzCHMNEA0Vum/3qzJsMyuHYpO4T7Q+Punh22a/jCE8A7tUpR6bQ27S1PFSsS
ieCYPh6tYr6SYZHd/lINrA55K5p7iz9JWwdRtad4KYlvTVlng3GJf7Kz1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLmHuaGlCvIVVtqJvyAB8tF+P4EnMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvdVllNW9hVUs4aFZXMm9tX0lBSHkwWDRfZ1NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDUK6IAwQC
Z+SAMA0GCSqGSIb3DQEBCwUAA4IBAQBGVVI5aH7isxMjRfWfktS7t2DNOoH9wL9Q
vcWbamQBu3AJ99eDZGGFwvLrUBEjp25XYcN5YGaqa4LWlOMQYdck1KrvOdQx7xxZ
UlxOCOnBmUlru/U5MaIrcVc3STBg5dG6hwuWsm/qWanntxR5yKjzeM47skoTxt2r
6JC6eNfHlGpakIV2Gt1fTX/pHng4IHgHLVR3p0ZhlsdwsdufPt0apWoFX06cPt6Z
JH5bwEFi/MNvsiylYZivo5Qoovn4ycsCzpQeymXPBZ7SBrc5sG4AQWdG7n+B9xqx
Wpc+SHhEaNMX+U3PNpUH85L4f+uL4lOz3at4c8Kn8hSInK/ZprOS
-----END CERTIFICATE-----
Generated at Tue May 12 21:42:00 2026 by rpki-client