Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UbJlpnELENAbOJkg3y8mRdJtNug.roa
File: UbJlpnELENAbOJkg3y8mRdJtNug.roa (raw, json)
Hash identifier: R8XZyKq4b+2UmtcQrg1GUZNwGM29cukfQuERx5uBArw=
Subject key identifier: 51:B2:65:A6:71:0B:10:D0:1B:38:99:20:DF:2F:26:45:D2:6D:36:E8
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 019DDF3B76C394A5789E777DFA205E6A1AD9
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UbJlpnELENAbOJkg3y8mRdJtNug.roa
Signing time: Thu 30 Apr 2026 16:31:49 +0000
ROA not before: Thu 30 Apr 2026 16:31:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49902
IP address blocks: 77.137.224.0/19 maxlen: 20
77.143.0.0/16 maxlen: 18
77.143.17.0/24 maxlen: 24
195.115.116.0/22 maxlen: 22
213.222.64.0/18 maxlen: 19
213.222.96.0/19 maxlen: 19
213.223.46.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:df:3b:76:c3:94:a5:78:9e:77:7d:fa:20:5e:6a:1a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Apr 30 16:31:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=51b265a6710b10d01b389920df2f2645d26d36e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:bf:7c:0d:32:46:93:5d:c9:ff:34:91:56:57:
e8:fe:9d:09:ab:f4:0e:72:08:df:67:10:6d:ed:84:
22:5b:8b:62:1d:73:3e:81:55:7a:7c:ea:83:3e:0f:
3a:2a:ab:b3:6e:26:d3:0d:d6:11:e0:97:94:52:06:
db:5b:48:54:22:41:eb:6e:47:d5:80:27:a5:67:17:
85:dd:87:be:fb:b0:c7:95:4b:e6:ca:77:e1:4c:9e:
78:98:50:73:87:61:65:85:7f:3e:04:35:06:f7:d2:
20:3e:52:fe:fe:bf:1a:d7:fb:36:ba:4e:11:d8:00:
42:9c:c5:32:54:7b:72:5d:ad:77:39:16:93:35:1c:
ee:e5:88:d9:d5:91:cd:58:b4:15:9b:13:ba:03:18:
cf:5c:19:72:0a:e3:e8:b2:41:d4:e9:ce:11:10:b4:
f0:67:18:00:b3:67:0e:26:73:3a:78:44:67:f2:c4:
62:12:28:8e:80:5a:60:bc:e8:f9:2c:bd:0c:a5:3c:
93:f3:ab:75:ff:4e:09:9e:37:86:82:f5:20:e1:08:
73:26:0c:4a:95:1c:aa:14:92:0e:f7:30:a6:15:f9:
a3:c4:c1:71:78:b8:d1:5f:c5:8d:e2:cf:8c:95:60:
ef:71:c7:30:d1:c7:af:b9:d1:32:5d:dc:ad:6a:be:
86:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:B2:65:A6:71:0B:10:D0:1B:38:99:20:DF:2F:26:45:D2:6D:36:E8
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/UbJlpnELENAbOJkg3y8mRdJtNug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.137.224.0/19
77.143.0.0/16
195.115.116.0/22
213.222.64.0/18
213.223.46.0/23
Signature Algorithm: sha256WithRSAEncryption
8b:dc:db:e8:66:bc:87:5b:73:d7:92:ce:b2:52:45:9e:20:a8:
fc:50:cb:25:3b:ba:1f:1a:c8:78:0c:7d:0e:7a:b9:19:fa:aa:
69:f7:ea:55:f6:6a:b7:06:53:f2:dd:ca:14:0c:e0:45:ec:90:
90:71:b7:a9:f0:59:a2:06:80:6a:3b:54:bc:91:c2:e9:66:5f:
2d:3d:c5:30:19:5c:d4:b5:cf:b7:6a:19:70:6e:c0:32:77:a0:
d8:7d:c3:ba:b8:80:e9:b3:a9:87:38:2a:af:2d:5b:4c:1e:df:
bc:8d:d0:b3:64:f1:57:e2:db:32:04:65:29:ac:f6:a0:d5:f2:
9f:64:87:ea:81:57:a0:b7:12:45:cd:57:3f:a0:e2:c3:58:66:
c1:27:fa:3d:1c:42:be:01:20:f3:39:d3:82:05:6d:ef:b3:3f:
ad:40:5e:f6:1b:44:63:d4:b5:5d:c8:c8:d6:3c:0c:1e:fd:b8:
94:52:78:38:90:17:75:fc:c7:38:c9:ea:89:af:f2:97:46:6a:
88:a4:ca:f8:21:01:ad:b1:f3:7c:81:20:e1:51:0c:3e:cb:44:
cb:6c:c6:fc:df:c3:2d:7d:ba:6f:50:c9:4f:26:e5:95:69:80:
0a:a0:f7:7b:40:53:24:e1:a5:8e:c6:81:8d:c9:cd:82:51:75:
f5:bb:0c:4d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ3fO3bDlKV4nnd9+iBeahrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjYwNDMwMTYzMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWIyNjVhNjcxMGIxMGQwMWIzODk5MjBkZjJmMjY0NWQyNmQzNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL98DTJGk13J/zSRVlfo/p0Jq/QO
cgjfZxBt7YQiW4tiHXM+gVV6fOqDPg86KquzbibTDdYR4JeUUgbbW0hUIkHrbkfV
gCelZxeF3Ye++7DHlUvmynfhTJ54mFBzh2FlhX8+BDUG99IgPlL+/r8a1/s2uk4R
2ABCnMUyVHtyXa13ORaTNRzu5YjZ1ZHNWLQVmxO6AxjPXBlyCuPoskHU6c4RELTw
ZxgAs2cOJnM6eERn8sRiEiiOgFpgvOj5LL0MpTyT86t1/04JnjeGgvUg4QhzJgxK
lRyqFJIO9zCmFfmjxMFxeLjRX8WN4s+MlWDvcccw0cevudEyXdytar6G1wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFGyZaZxCxDQGziZIN8vJkXSbTboMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvVWJKbHBuRUxFTkFiT0prZzN5OG1SZEp0TnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwQFTYngAwMA
TY8DBALDc3QDBAbV3kADBAHV3y4wDQYJKoZIhvcNAQELBQADggEBAIvc2+hmvIdb
c9eSzrJSRZ4gqPxQyyU7uh8ayHgMfQ56uRn6qmn36lX2arcGU/LdyhQM4EXskJBx
t6nwWaIGgGo7VLyRwulmXy09xTAZXNS1z7dqGXBuwDJ3oNh9w7q4gOmzqYc4Kq8t
W0we37yN0LNk8Vfi2zIEZSms9qDV8p9kh+qBV6C3EkXNVz+g4sNYZsEn+j0cQr4B
IPM504IFbe+zP61AXvYbRGPUtV3IyNY8DB79uJRSeDiQF3X8xzjJ6omv8pdGaoik
yvghAa2x83yBIOFRDD7LRMtsxvzfwy19um9QyU8m5ZVpgAqg93tAUyThpY7GgY3J
zYJRdfW7DE0=
-----END CERTIFICATE-----
Generated at Wed May 13 11:53:10 2026 by rpki-client