Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/UJmrzzmZkriiyqqLqg-H4VtX7kg.roa
File: UJmrzzmZkriiyqqLqg-H4VtX7kg.roa (raw, json)
Hash identifier: WDuI1Ev3hKiEKyqljuPHG/axZuaiMi/BKngrm5HtvP8=
Subject key identifier: 50:99:AB:CF:39:99:92:B8:A2:CA:AA:8B:AA:0F:87:E1:5B:57:EE:48
Certificate issuer: /CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Certificate serial: 019DC08AFA36FCB12F086D4E1EB08D372261
Authority key identifier: A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/UJmrzzmZkriiyqqLqg-H4VtX7kg.roa
Signing time: Fri 24 Apr 2026 17:30:26 +0000
ROA not before: Fri 24 Apr 2026 17:30:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397477
IP address blocks: 185.174.144.0/24 maxlen: 24
185.174.146.0/24 maxlen: 24
185.174.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c0:8a:fa:36:fc:b1:2f:08:6d:4e:1e:b0:8d:37:22:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Validity
Not Before: Apr 24 17:30:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5099abcf399992b8a2caaa8baa0f87e15b57ee48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:bb:91:8c:7a:a4:e9:2f:f2:75:7d:aa:ba:49:
50:72:4e:58:aa:eb:0c:64:b2:09:a8:c7:d7:49:e6:
f5:0d:89:a2:63:46:4b:ce:38:c9:84:6a:b6:f1:9f:
db:06:d5:3b:59:f1:4b:45:9d:cf:4a:3a:29:98:e0:
6a:13:00:e1:61:e0:1b:03:c2:4d:e0:7b:bf:a2:04:
23:3a:68:b1:26:f4:ec:b1:0c:a9:f7:39:35:3f:0b:
0e:c2:cf:73:ad:90:9c:b9:76:5d:79:f0:2a:ae:fd:
45:7e:e6:53:f9:41:24:75:60:1b:f4:a9:47:fd:84:
d4:4a:83:3e:88:38:7a:94:61:8d:21:f0:51:c7:d1:
47:06:41:f4:2d:40:b7:75:12:98:b2:41:69:d4:ed:
60:36:32:bd:6e:ec:39:a9:35:70:f9:01:9b:12:50:
7f:55:21:35:62:01:42:0e:c4:c5:73:3a:59:66:0b:
a2:5c:7f:39:09:8a:ff:e8:d3:d9:61:b9:06:ff:b5:
43:d0:42:96:9e:3b:76:3a:56:0e:39:75:ca:41:4f:
03:a4:c0:b8:e6:9a:74:84:ce:18:0d:55:3e:9f:9a:
16:d0:de:cb:b4:63:75:7d:6c:d4:28:98:4a:a5:95:
b0:2c:ce:50:68:67:5e:86:8b:5c:35:e0:b0:94:3d:
cb:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:99:AB:CF:39:99:92:B8:A2:CA:AA:8B:AA:0F:87:E1:5B:57:EE:48
X509v3 Authority Key Identifier:
keyid:A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/UJmrzzmZkriiyqqLqg-H4VtX7kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.144.0/24
185.174.146.0/23
Signature Algorithm: sha256WithRSAEncryption
55:c2:4f:49:3b:fd:23:ce:46:f5:15:70:2f:b4:e8:d2:b1:8c:
31:d3:b3:61:d8:18:44:a5:68:c0:3e:99:f8:0d:12:f7:11:42:
70:e1:fc:63:91:8d:90:8e:90:4a:18:74:0a:3c:38:99:87:b8:
d7:32:2f:4d:9e:0e:23:7a:a6:07:24:f7:08:4a:ce:76:5d:c1:
da:84:d4:ab:71:c8:30:f6:24:26:e2:ad:38:49:e9:52:b1:5a:
92:5f:d5:4a:9e:c7:9e:ce:0d:4b:8b:49:56:1f:e3:03:7c:7e:
eb:50:8a:80:fe:14:cc:a7:35:6d:a2:5f:15:30:4d:fc:f7:eb:
ac:a6:2c:54:c4:4d:0c:62:16:48:9c:ff:2c:45:ba:93:3d:e2:
07:a4:13:3f:0a:b8:38:b4:15:7a:b5:5f:30:73:96:28:6e:46:
17:8d:44:95:6e:24:40:e8:c2:89:2d:a2:30:da:8c:22:77:35:
7c:d3:5c:20:02:55:c0:48:db:15:a9:46:93:79:03:98:20:2e:
5f:23:36:cc:1b:6d:4c:bb:20:de:8d:13:f2:02:fa:ee:65:3c:
64:ff:c2:56:d7:37:f7:41:30:43:f9:07:35:58:17:d9:d0:ab:
b7:47:c2:0e:93:1e:45:a6:e4:ef:6f:a3:bd:df:77:b3:e5:8a:
6f:8a:95:01
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3Aivo2/LEvCG1OHrCNNyJhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWNjYTljNGZlOWJmOWVkZjNiYzZlNWNhYmM1MjgzOGQ5
M2NiMTMwHhcNMjYwNDI0MTczMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDk5YWJjZjM5OTk5MmI4YTJjYWFhOGJhYTBmODdlMTViNTdlZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjruRjHqk6S/ydX2quklQck5YqusM
ZLIJqMfXSeb1DYmiY0ZLzjjJhGq28Z/bBtU7WfFLRZ3PSjopmOBqEwDhYeAbA8JN
4Hu/ogQjOmixJvTssQyp9zk1PwsOws9zrZCcuXZdefAqrv1FfuZT+UEkdWAb9KlH
/YTUSoM+iDh6lGGNIfBRx9FHBkH0LUC3dRKYskFp1O1gNjK9buw5qTVw+QGbElB/
VSE1YgFCDsTFczpZZguiXH85CYr/6NPZYbkG/7VD0EKWnjt2OlYOOXXKQU8DpMC4
5pp0hM4YDVU+n5oW0N7LtGN1fWzUKJhKpZWwLM5QaGdehotcNeCwlD3LkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFCZq885mZK4osqqi6oPh+FbV+5IMB8GA1UdIwQY
MBaAFKCsypxP6b+e3zvG5cq8UoONk8sTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2Et
MmVkZmUyNWJiNThhLzEvVUptcnp6bVprcmlpeXFxTHFnLUg0VnRYN2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2EtMmVkZmUyNWJiNThh
LzEvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAua6QAwQB
ua6SMA0GCSqGSIb3DQEBCwUAA4IBAQBVwk9JO/0jzkb1FXAvtOjSsYwx07Nh2BhE
pWjAPpn4DRL3EUJw4fxjkY2QjpBKGHQKPDiZh7jXMi9Nng4jeqYHJPcISs52XcHa
hNSrccgw9iQm4q04SelSsVqSX9VKnseezg1Li0lWH+MDfH7rUIqA/hTMpzVtol8V
ME389+uspixUxE0MYhZInP8sRbqTPeIHpBM/Crg4tBV6tV8wc5YobkYXjUSVbiRA
6MKJLaIw2owidzV801wgAlXASNsVqUaTeQOYIC5fIzbMG21MuyDejRPyAvruZTxk
/8JW1zf3QTBD+Qc1WBfZ0Ku3R8IOkx5FpuTvb6O933ez5YpvipUB
-----END CERTIFICATE-----
Generated at Wed May 13 10:40:01 2026 by rpki-client