Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/uEWwBuW9u4pZ2LI5guO_7bWBD88.roa
File: uEWwBuW9u4pZ2LI5guO_7bWBD88.roa (raw, json)
Hash identifier: wpxWCV/FC/jksdFOugHKtsE0yfmtAepcNeFuewpbO6Y=
Subject key identifier: B8:45:B0:06:E5:BD:BB:8A:59:D8:B2:39:82:E3:BF:ED:B5:81:0F:CF
Certificate issuer: /CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Certificate serial: 019DD519C5F48E25FF487A12159EF441878D
Authority key identifier: 29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/uEWwBuW9u4pZ2LI5guO_7bWBD88.roa
Signing time: Tue 28 Apr 2026 17:18:49 +0000
ROA not before: Tue 28 Apr 2026 17:18:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13335
IP address blocks: 5.10.214.0/24 maxlen: 24
5.10.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:19:c5:f4:8e:25:ff:48:7a:12:15:9e:f4:41:87:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297ef9befd1a7e24c0cc9729987fc065d6b7132f
Validity
Not Before: Apr 28 17:18:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b845b006e5bdbb8a59d8b23982e3bfedb5810fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4e:d4:bf:8f:a8:b7:20:2f:6f:70:83:f0:19:
38:e7:b1:30:44:88:25:cc:97:01:ce:ea:3e:fd:29:
6b:cd:fc:af:e6:c3:d9:5c:42:6b:97:dd:45:fd:37:
d9:45:ec:d9:11:16:ff:0f:1e:66:d0:e9:d4:2b:73:
b2:3b:d7:0e:8e:19:cc:15:a3:fa:9c:e1:75:af:4f:
a5:2e:1b:7e:01:68:06:e8:43:f1:21:a2:17:20:2e:
89:46:d8:ba:55:bd:76:31:ff:b4:6d:4e:e8:71:73:
b3:cb:c1:96:64:ed:80:b3:de:17:89:8d:60:a1:94:
7e:a6:8f:87:43:ed:a8:89:a6:df:51:e1:a2:71:1a:
4b:40:28:e2:5c:03:c3:3c:e2:0a:c0:40:32:f3:ca:
5c:13:e9:97:d9:4f:5f:24:a2:29:83:b5:de:de:0f:
4b:0f:0a:c9:21:e0:71:74:6b:1f:70:32:2a:23:8b:
58:e7:0b:3a:bf:12:e8:b9:5a:ee:82:3b:3c:42:27:
8a:e9:ae:ab:99:9a:7f:24:9e:63:48:46:7a:d6:ab:
24:e9:60:14:89:0c:9f:3b:14:14:fc:ae:e3:55:6c:
29:1f:b7:03:56:89:9a:27:39:8d:1a:dd:58:e4:5e:
14:d6:27:df:91:e7:b4:3e:05:39:78:2c:f7:49:76:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:45:B0:06:E5:BD:BB:8A:59:D8:B2:39:82:E3:BF:ED:B5:81:0F:CF
X509v3 Authority Key Identifier:
keyid:29:7E:F9:BE:FD:1A:7E:24:C0:CC:97:29:98:7F:C0:65:D6:B7:13:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KX75vv0afiTAzJcpmH_AZda3Ey8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/uEWwBuW9u4pZ2LI5guO_7bWBD88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/be4909-745f-4d0c-bfab-dee76860013d/1/KX75vv0afiTAzJcpmH_AZda3Ey8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.214.0/23
Signature Algorithm: sha256WithRSAEncryption
76:a0:e3:97:60:63:19:c5:ab:16:db:15:55:cb:4a:a8:5e:05:
a9:98:a5:e4:70:de:86:7e:bc:1d:93:88:36:51:78:af:16:b4:
53:f9:23:4d:db:f8:50:d0:7c:2d:dd:a6:e7:6d:19:04:0f:7f:
df:62:31:2c:64:f2:31:59:67:d3:02:a5:c6:b0:98:ae:fa:f1:
d8:77:30:d8:dd:95:79:75:6a:ef:ee:24:e6:4e:b8:61:fe:96:
b3:ba:02:ea:c7:19:b2:bc:ba:39:3d:2a:6f:20:16:fd:c1:c6:
c0:2d:6c:c6:c1:b7:84:99:8d:7a:03:48:7d:a0:9b:5c:7f:55:
e1:a2:e6:26:c5:80:48:50:4f:f6:f6:b5:a4:f7:e3:c5:a1:d7:
21:d3:68:b9:d7:6a:da:c4:e9:2b:25:19:ef:a1:b2:47:fc:cf:
3d:d0:e1:de:01:0d:9e:c5:d6:0c:92:2d:5b:6f:7f:b8:2b:cd:
8a:eb:9f:a1:f0:c2:c4:bb:9c:2b:ac:28:23:ae:7a:51:d4:b8:
e2:32:de:0c:6c:b5:49:cd:8a:bd:2e:aa:e3:63:c8:08:10:81:
fb:d3:86:64:26:72:fd:39:2d:22:0c:52:2c:ee:76:81:f0:8e:
2e:e2:5b:99:af:7f:80:12:95:e9:4c:d7:60:43:06:26:44:d8:
3b:15:1f:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3VGcX0jiX/SHoSFZ70QYeNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2VmOWJlZmQxYTdlMjRjMGNjOTcyOTk4N2ZjMDY1ZDZi
NzEzMmYwHhcNMjYwNDI4MTcxODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ1YjAwNmU1YmRiYjhhNTlkOGIyMzk4MmUzYmZlZGI1ODEwZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA307Uv4+otyAvb3CD8Bk457EwRIgl
zJcBzuo+/Slrzfyv5sPZXEJrl91F/TfZRezZERb/Dx5m0OnUK3OyO9cOjhnMFaP6
nOF1r0+lLht+AWgG6EPxIaIXIC6JRti6Vb12Mf+0bU7ocXOzy8GWZO2As94XiY1g
oZR+po+HQ+2oiabfUeGicRpLQCjiXAPDPOIKwEAy88pcE+mX2U9fJKIpg7Xe3g9L
DwrJIeBxdGsfcDIqI4tY5ws6vxLouVrugjs8QieK6a6rmZp/JJ5jSEZ61qsk6WAU
iQyfOxQU/K7jVWwpH7cDVomaJzmNGt1Y5F4U1iffkee0PgU5eCz3SXYPjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLhFsAblvbuKWdiyOYLjv+21gQ/PMB8GA1UdIwQY
MBaAFCl++b79Gn4kwMyXKZh/wGXWtxMvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWIt
ZGVlNzY4NjAwMTNkLzEvdUVXd0J1Vzl1NHBaMkxJNWd1T183YldCRDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iZTQ5MDktNzQ1Zi00ZDBjLWJmYWItZGVlNzY4NjAwMTNk
LzEvS1g3NXZ2MGFmaVRBekpjcG1IX0FaZGEzRXk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBQrWMA0G
CSqGSIb3DQEBCwUAA4IBAQB2oOOXYGMZxasW2xVVy0qoXgWpmKXkcN6Gfrwdk4g2
UXivFrRT+SNN2/hQ0Hwt3abnbRkED3/fYjEsZPIxWWfTAqXGsJiu+vHYdzDY3ZV5
dWrv7iTmTrhh/pazugLqxxmyvLo5PSpvIBb9wcbALWzGwbeEmY16A0h9oJtcf1Xh
ouYmxYBIUE/29rWk9+PFodch02i512raxOkrJRnvobJH/M890OHeAQ2exdYMki1b
b3+4K82K65+h8MLEu5wrrCgjrnpR1LjiMt4MbLVJzYq9LqrjY8gIEIH704ZkJnL9
OS0iDFIs7naB8I4u4luZr3+AEpXpTNdgQwYmRNg7FR8+
-----END CERTIFICATE-----
Generated at Wed May 13 02:26:09 2026 by rpki-client