Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/uLsTVxEaNduNnG1jmD6a-ydOs34.roa
File: uLsTVxEaNduNnG1jmD6a-ydOs34.roa (raw, json)
Hash identifier: niH+M4UZIe9fMjOMqZQoXGbZ0XEyo51YSGCWK4wDPDc=
Subject key identifier: B8:BB:13:57:11:1A:35:DB:8D:9C:6D:63:98:3E:9A:FB:27:4E:B3:7E
Certificate issuer: /CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Certificate serial: 019DAA3654CB6E759843AA89199FCD00F548
Authority key identifier: D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/uLsTVxEaNduNnG1jmD6a-ydOs34.roa
Signing time: Mon 20 Apr 2026 09:26:20 +0000
ROA not before: Mon 20 Apr 2026 09:26:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15699
IP address blocks: 185.134.104.0/24 maxlen: 32
194.36.122.0/23 maxlen: 32
194.36.138.0/23 maxlen: 32
195.162.18.0/23 maxlen: 32
2a0a:1680::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:36:54:cb:6e:75:98:43:aa:89:19:9f:cd:00:f5:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d027c609faf4a6c22adf1f8c4a70a07ae7cf2e81
Validity
Not Before: Apr 20 09:26:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8bb1357111a35db8d9c6d63983e9afb274eb37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:c0:5e:39:f7:83:c9:9a:5a:cb:d7:f5:d1:
e9:f5:35:12:9e:3a:67:d3:47:a8:0b:28:fb:25:3c:
03:ce:9c:85:10:47:99:d7:1a:77:50:ce:7f:82:20:
4e:52:aa:0e:ac:1a:a1:64:58:4b:bc:d9:43:4e:f7:
4b:c1:0d:4c:82:32:b5:35:63:2b:30:ec:39:49:21:
cf:1d:ec:af:77:1b:b2:60:8f:d9:be:12:8b:b4:59:
7e:d2:50:22:25:bb:9c:6b:a3:ca:ee:02:b0:1d:9d:
5c:cc:7e:f3:a4:15:eb:2e:c7:09:4e:33:ad:33:5a:
96:23:9b:b5:cf:be:00:9e:9d:59:4f:6a:b3:61:d9:
09:f2:59:07:2e:ed:56:76:6a:c3:a6:f9:fc:74:c2:
43:2e:bd:2d:e8:41:ef:30:d8:f0:cc:89:32:d1:d5:
d7:5c:f0:e8:6a:98:ff:a5:9d:78:31:de:cc:f4:37:
93:72:b2:b6:1a:b1:f6:2b:70:8e:dd:55:0b:05:1e:
78:b5:91:8c:24:d1:db:e7:02:65:4b:f3:f5:1d:bc:
c5:e8:43:57:4f:fc:23:78:10:8d:ed:cb:97:f2:d1:
84:07:10:02:99:b7:11:bf:76:cb:5b:89:27:28:4f:
b1:f4:1f:77:31:36:cd:da:07:18:57:1b:00:75:80:
23:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BB:13:57:11:1A:35:DB:8D:9C:6D:63:98:3E:9A:FB:27:4E:B3:7E
X509v3 Authority Key Identifier:
keyid:D0:27:C6:09:FA:F4:A6:C2:2A:DF:1F:8C:4A:70:A0:7A:E7:CF:2E:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0CfGCfr0psIq3x-MSnCgeufPLoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/uLsTVxEaNduNnG1jmD6a-ydOs34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f71d6f-7ea7-45fc-b1b5-3acb814904a0/1/0CfGCfr0psIq3x-MSnCgeufPLoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.104.0/24
194.36.122.0/23
194.36.138.0/23
195.162.18.0/23
IPv6:
2a0a:1680::/29
Signature Algorithm: sha256WithRSAEncryption
16:cf:b2:61:c5:e1:59:26:6f:9c:34:de:7e:ec:5f:0a:8a:a8:
35:ad:82:a5:49:cb:f2:a9:0d:ec:44:22:ea:31:e2:da:c3:cf:
d1:d2:dd:5e:9d:50:6d:18:40:7b:3e:32:fd:ba:93:67:9d:2a:
25:d3:a7:62:21:6b:52:31:f2:a0:6d:f4:b1:34:88:c6:ce:a5:
5e:e4:fb:b1:ed:d4:d5:ad:3a:f3:14:62:94:6e:fd:d9:eb:0c:
ae:93:91:e6:16:6d:94:88:e8:5a:e3:93:60:e5:38:ab:19:43:
51:70:37:34:9a:2c:75:e5:c7:82:70:db:5f:47:d7:4c:bf:17:
db:ee:7c:e1:b9:b3:35:a9:f3:02:70:90:5b:03:27:47:97:08:
12:9c:42:91:49:38:b9:c9:54:6f:ca:75:45:08:dd:ed:34:b2:
d4:94:3c:ff:f2:02:c5:98:8d:65:7e:17:1c:ac:3e:48:bf:d3:
33:a1:e4:c0:c7:70:7e:64:be:f8:e7:75:bb:5e:2b:b0:a3:53:
e2:ce:c2:b6:89:21:80:3e:69:c0:8b:6e:62:0b:b1:1d:b7:88:
6a:4c:a7:01:fd:99:f9:1b:e2:7f:02:98:55:91:df:10:f3:92:
71:0b:df:89:dd:39:23:e4:2a:8c:c5:88:8b:42:7a:08:28:bb:
03:c4:4a:d6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ2qNlTLbnWYQ6qJGZ/NAPVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMjdjNjA5ZmFmNGE2YzIyYWRmMWY4YzRhNzBhMDdhZTdj
ZjJlODEwHhcNMjYwNDIwMDkyNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGJiMTM1NzExMWEzNWRiOGQ5YzZkNjM5ODNlOWFmYjI3NGViMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaTAXjn3g8maWsvX9dHp9TUSnjpn
00eoCyj7JTwDzpyFEEeZ1xp3UM5/giBOUqoOrBqhZFhLvNlDTvdLwQ1MgjK1NWMr
MOw5SSHPHeyvdxuyYI/ZvhKLtFl+0lAiJbuca6PK7gKwHZ1czH7zpBXrLscJTjOt
M1qWI5u1z74Anp1ZT2qzYdkJ8lkHLu1WdmrDpvn8dMJDLr0t6EHvMNjwzIky0dXX
XPDoapj/pZ14Md7M9DeTcrK2GrH2K3CO3VULBR54tZGMJNHb5wJlS/P1HbzF6ENX
T/wjeBCN7cuX8tGEBxACmbcRv3bLW4knKE+x9B93MTbN2gcYVxsAdYAjfwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLi7E1cRGjXbjZxtY5g+mvsnTrN+MB8GA1UdIwQY
MBaAFNAnxgn69KbCKt8fjEpwoHrnzy6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUt
M2FjYjgxNDkwNGEwLzEvdUxzVFZ4RWFOZHVObkcxam1ENmEteWRPczM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mNzFkNmYtN2VhNy00NWZjLWIxYjUtM2FjYjgxNDkwNGEw
LzEvMENmR0NmcjBwc0lxM3gtTVNuQ2dldWZQTG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAuYZoAwQB
wiR6AwQBwiSKAwQBw6ISMA0EAgACMAcDBQMqChaAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWz7JhxeFZJm+cNN5+7F8Kiqg1rYKlScvyqQ3sRCLqMeLaw8/R0t1enVBtGEB7
PjL9upNnnSol06diIWtSMfKgbfSxNIjGzqVe5Pux7dTVrTrzFGKUbv3Z6wyuk5Hm
Fm2UiOha45Ng5TirGUNRcDc0mix15ceCcNtfR9dMvxfb7nzhubM1qfMCcJBbAydH
lwgSnEKRSTi5yVRvynVFCN3tNLLUlDz/8gLFmI1lfhccrD5Iv9MzoeTAx3B+ZL74
53W7Xiuwo1PizsK2iSGAPmnAi25iC7Edt4hqTKcB/Zn5G+J/AphVkd8Q85JxC9+J
3Tkj5CqMxYiLQnoIKLsDxErW
-----END CERTIFICATE-----
Generated at Wed May 13 02:47:11 2026 by rpki-client