Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/uWzsh13780WlQ44M3rfglByUCB8.roa
File: uWzsh13780WlQ44M3rfglByUCB8.roa (raw, json)
Hash identifier: yGLdoL/Xc8KKRv7LLREr+ACqHv9uN9Icl3Uh1WiiuFY=
Subject key identifier: B9:6C:EC:87:5D:FB:F3:45:A5:43:8E:0C:DE:B7:E0:94:1C:94:08:1F
Certificate issuer: /CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Certificate serial: 019D177A61F21EBD376670AF648A727C569E
Authority key identifier: 74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/uWzsh13780WlQ44M3rfglByUCB8.roa
Signing time: Sun 22 Mar 2026 21:36:29 +0000
ROA not before: Sun 22 Mar 2026 21:36:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210318
IP address blocks: 94.156.75.0/24 maxlen: 24
95.133.251.0/24 maxlen: 24
185.37.232.0/24 maxlen: 24
185.37.232.12/32 maxlen: 32
185.37.232.13/32 maxlen: 32
185.37.232.26/32 maxlen: 32
185.37.232.27/32 maxlen: 32
185.37.232.29/32 maxlen: 32
185.37.232.33/32 maxlen: 32
185.37.232.34/32 maxlen: 32
185.37.232.40/32 maxlen: 32
185.37.232.41/32 maxlen: 32
185.37.232.53/32 maxlen: 32
185.37.232.54/32 maxlen: 32
185.37.232.60/32 maxlen: 32
185.37.232.61/32 maxlen: 32
185.37.232.67/32 maxlen: 32
185.37.232.81/32 maxlen: 32
185.37.232.87/32 maxlen: 32
185.37.232.126/32 maxlen: 32
185.37.232.129/32 maxlen: 32
185.37.232.130/32 maxlen: 32
185.37.232.131/32 maxlen: 32
185.37.232.135/32 maxlen: 32
185.37.232.197/32 maxlen: 32
185.37.232.199/32 maxlen: 32
185.37.232.201/32 maxlen: 32
185.37.232.204/32 maxlen: 32
185.37.232.205/32 maxlen: 32
185.37.232.220/32 maxlen: 32
185.37.232.221/32 maxlen: 32
185.37.232.252/32 maxlen: 32
185.37.233.0/24 maxlen: 24
185.37.234.0/24 maxlen: 24
185.37.235.0/24 maxlen: 24
185.37.235.2/32 maxlen: 32
194.55.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.mft
rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 15:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:17:7a:61:f2:1e:bd:37:66:70:af:64:8a:72:7c:56:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74a59b7fb4e034f67775f2875efbfc9eff247e8e
Validity
Not Before: Mar 22 21:36:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b96cec875dfbf345a5438e0cdeb7e0941c94081f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:43:df:00:6b:4b:05:ee:0d:29:20:83:1a:06:
83:04:36:48:04:23:b0:7e:cb:0e:65:fb:0f:05:cd:
9c:81:3f:b0:2a:ae:47:56:34:c5:80:c1:54:35:d2:
0d:b3:32:ff:39:a8:7a:59:d2:36:b1:85:df:08:8a:
1f:8f:d3:51:2d:c9:39:bd:e3:1c:03:a0:9c:4d:88:
2f:d3:b1:06:5d:c4:e0:88:3b:c2:d0:4e:4d:4b:95:
32:31:ac:16:f2:ef:44:c1:6b:35:da:3e:6d:49:5d:
d6:b1:a2:66:9d:68:65:74:34:c4:b4:c4:cd:f2:91:
f9:34:b1:e6:d8:0a:d2:d5:a6:ca:13:b5:04:51:b0:
b7:c5:ff:86:aa:8d:25:ce:bb:1d:7f:45:70:85:e1:
c2:99:5d:5d:8e:44:b9:d6:88:5d:46:d1:07:ab:2a:
11:b2:9e:52:53:80:e0:27:23:1f:10:e6:f1:9b:95:
e7:13:62:19:c9:d0:cb:04:ae:b5:bc:ae:97:f9:73:
6f:1c:77:cb:e4:9d:f1:31:ce:b1:11:b3:1d:7d:69:
54:82:85:36:2b:41:c5:97:ea:7d:36:a0:52:0f:46:
d2:8e:48:8c:ff:4c:42:88:c4:87:64:e4:08:0c:23:
96:b3:2a:d7:69:95:0f:c2:97:7b:a6:d9:15:a6:48:
92:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:6C:EC:87:5D:FB:F3:45:A5:43:8E:0C:DE:B7:E0:94:1C:94:08:1F
X509v3 Authority Key Identifier:
keyid:74:A5:9B:7F:B4:E0:34:F6:77:75:F2:87:5E:FB:FC:9E:FF:24:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/uWzsh13780WlQ44M3rfglByUCB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/2b195e-0aba-47d4-8e3b-ad32ef49d419/1/dKWbf7TgNPZ3dfKHXvv8nv8kfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.75.0/24
95.133.251.0/24
185.37.232.0/22
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
99:80:fc:75:8b:a1:9f:78:c0:8f:49:20:5c:68:c1:7d:a5:a2:
38:a8:07:ca:53:ba:5f:37:85:ff:55:b2:30:a2:28:d0:cb:93:
e1:c8:8e:a5:92:b5:f3:70:7a:ad:4d:f4:86:4e:5b:64:15:1e:
40:75:8f:89:47:fb:1f:46:d6:74:56:1a:3c:68:3e:4c:a5:b7:
df:7b:30:40:1c:04:59:36:19:cf:9a:8a:f5:2c:97:6f:7a:fe:
08:46:d8:9a:d9:91:b3:ed:1c:54:f0:ca:fe:45:fc:f2:ab:ba:
ea:64:8b:b3:c1:34:97:df:4f:e3:9c:79:67:9d:e4:bf:c2:2e:
b5:17:83:06:30:13:a7:88:29:b5:eb:66:0f:f9:62:82:23:9d:
61:35:0a:ca:be:9d:3e:37:5a:4a:12:63:c5:85:f2:10:a9:31:
44:2d:2a:b1:02:ba:60:b5:cd:6a:a2:3c:ef:03:c6:fc:fa:86:
53:7f:fb:1f:74:ec:83:f3:c7:4c:40:a8:82:bf:0b:15:11:94:
ae:5c:26:4a:42:b3:cc:62:da:bf:ab:cc:e4:9f:dd:7e:31:54:
87:21:cc:3a:32:f9:1f:0d:23:d0:d7:8b:50:e9:da:8c:e0:cb:
9a:79:57:ac:a1:5f:0e:2d:06:d3:73:0d:7a:50:77:95:9c:62:
09:96:0e:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0XemHyHr03ZnCvZIpyfFaeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YTU5YjdmYjRlMDM0ZjY3Nzc1ZjI4NzVlZmJmYzllZmYy
NDdlOGUwHhcNMjYwMzIyMjEzNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTZjZWM4NzVkZmJmMzQ1YTU0MzhlMGNkZWI3ZTA5NDFjOTQwODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokPfAGtLBe4NKSCDGgaDBDZIBCOw
fssOZfsPBc2cgT+wKq5HVjTFgMFUNdINszL/Oah6WdI2sYXfCIofj9NRLck5veMc
A6CcTYgv07EGXcTgiDvC0E5NS5UyMawW8u9EwWs12j5tSV3WsaJmnWhldDTEtMTN
8pH5NLHm2ArS1abKE7UEUbC3xf+Gqo0lzrsdf0VwheHCmV1djkS51ohdRtEHqyoR
sp5SU4DgJyMfEObxm5XnE2IZydDLBK61vK6X+XNvHHfL5J3xMc6xEbMdfWlUgoU2
K0HFl+p9NqBSD0bSjkiM/0xCiMSHZOQIDCOWsyrXaZUPwpd7ptkVpkiS+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLls7Idd+/NFpUOODN634JQclAgfMB8GA1UdIwQY
MBaAFHSlm3+04DT2d3Xyh177/J7/JH6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2It
YWQzMmVmNDlkNDE5LzEvdVd6c2gxMzc4MFdsUTQ0TTNyZmdsQnlVQ0I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8yYjE5NWUtMGFiYS00N2Q0LThlM2ItYWQzMmVmNDlkNDE5
LzEvZEtXYmY3VGdOUFozZGZLSFh2djhudjhrZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXpxLAwQA
X4X7AwQCuSXoAwQAwje7MA0GCSqGSIb3DQEBCwUAA4IBAQCZgPx1i6GfeMCPSSBc
aMF9paI4qAfKU7pfN4X/VbIwoijQy5PhyI6lkrXzcHqtTfSGTltkFR5AdY+JR/sf
RtZ0Vho8aD5MpbffezBAHARZNhnPmor1LJdvev4IRtia2ZGz7RxU8Mr+Rfzyq7rq
ZIuzwTSX30/jnHlnneS/wi61F4MGMBOniCm162YP+WKCI51hNQrKvp0+N1pKEmPF
hfIQqTFELSqxArpgtc1qojzvA8b8+oZTf/sfdOyD88dMQKiCvwsVEZSuXCZKQrPM
Ytq/q8zkn91+MVSHIcw6MvkfDSPQ14tQ6dqM4MuaeVesoV8OLQbTcw16UHeVnGIJ
lg6Y
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:08:26 2026 by rpki-client