Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/UK4Q1ou-4RzyU8ZkqdAW7bZ71v4.roa
File: UK4Q1ou-4RzyU8ZkqdAW7bZ71v4.roa (raw, json)
Hash identifier: Uo9npzMSKoS6/XK/1Kx/5n7ypwDrpKkycXGmZ34WNR0=
Subject key identifier: 50:AE:10:D6:8B:BE:E1:1C:F2:53:C6:64:A9:D0:16:ED:B6:7B:D6:FE
Certificate issuer: /CN=c19f75b2593ca2b1b0a5fd0c54015de306c47ee6
Certificate serial: 019CFAE1D3AC9C056E1942A226C5D0554430
Authority key identifier: C1:9F:75:B2:59:3C:A2:B1:B0:A5:FD:0C:54:01:5D:E3:06:C4:7E:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/UK4Q1ou-4RzyU8ZkqdAW7bZ71v4.roa
Signing time: Tue 17 Mar 2026 08:20:29 +0000
ROA not before: Tue 17 Mar 2026 08:20:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33915
IP address blocks: 31.136.0.0/14 maxlen: 14
37.235.8.0/21 maxlen: 21
62.72.192.0/19 maxlen: 19
62.140.128.0/20 maxlen: 20
62.140.140.0/23 maxlen: 23
62.140.156.0/23 maxlen: 23
80.112.192.0/18 maxlen: 18
83.137.136.0/21 maxlen: 21
83.167.192.0/19 maxlen: 19
85.88.96.0/19 maxlen: 19
85.146.192.0/18 maxlen: 18
93.117.192.0/18 maxlen: 18
109.32.0.0/13 maxlen: 13
159.100.64.0/18 maxlen: 18
212.78.192.0/19 maxlen: 19
213.34.128.0/19 maxlen: 19
2a00:18c8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fa:e1:d3:ac:9c:05:6e:19:42:a2:26:c5:d0:55:44:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c19f75b2593ca2b1b0a5fd0c54015de306c47ee6
Validity
Not Before: Mar 17 08:20:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50ae10d68bbee11cf253c664a9d016edb67bd6fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a1:95:bd:29:e9:71:78:0c:a8:a5:99:86:d2:
e2:52:b7:b2:65:ef:03:93:ee:c1:a8:9b:64:4f:1d:
a0:71:e3:7f:52:53:8b:dc:e7:3e:7f:a6:c9:cc:5c:
74:fb:4e:1c:83:76:8f:f1:90:84:cc:f1:ab:0c:d6:
57:58:f5:f6:0c:59:14:cb:32:c7:43:bd:91:33:db:
fb:1e:a8:b5:d5:0d:d5:25:00:a6:d1:38:bf:f8:b1:
e7:1a:05:3f:6a:38:4a:a8:5b:95:00:f2:a0:d3:65:
4b:26:f6:5b:0c:1d:a5:cb:5f:aa:41:b6:86:87:a0:
37:ed:a9:f1:f7:5c:36:a9:c6:64:48:0e:16:a5:f5:
ce:c7:e6:68:33:7e:2a:89:12:49:3d:c2:f5:05:62:
d0:e4:2b:c7:93:66:10:a0:26:55:78:ff:a9:56:9a:
22:2b:d9:1c:b1:cb:fa:45:ba:02:c5:77:d1:67:29:
14:64:a1:a9:75:36:00:a4:ab:92:f3:b6:4f:e5:8d:
2b:2d:22:a3:6b:e2:42:c5:f5:bc:99:e9:96:7f:8a:
19:3c:2d:7e:a1:dd:ad:b1:e8:ae:3d:70:8f:97:48:
47:2b:83:06:14:bc:17:ae:c5:cb:77:4b:a3:dc:51:
9b:90:d0:9f:45:a4:b5:a1:c3:0e:19:c7:75:be:12:
a5:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:AE:10:D6:8B:BE:E1:1C:F2:53:C6:64:A9:D0:16:ED:B6:7B:D6:FE
X509v3 Authority Key Identifier:
keyid:C1:9F:75:B2:59:3C:A2:B1:B0:A5:FD:0C:54:01:5D:E3:06:C4:7E:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wZ91slk8orGwpf0MVAFd4wbEfuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/UK4Q1ou-4RzyU8ZkqdAW7bZ71v4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/37a8d2-3466-4616-bc1c-01240bcfdb42/1/wZ91slk8orGwpf0MVAFd4wbEfuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.136.0.0/14
37.235.8.0/21
62.72.192.0/19
62.140.128.0/20
62.140.156.0/23
80.112.192.0/18
83.137.136.0/21
83.167.192.0/19
85.88.96.0/19
85.146.192.0/18
93.117.192.0/18
109.32.0.0/13
159.100.64.0/18
212.78.192.0/19
213.34.128.0/19
IPv6:
2a00:18c8::/29
Signature Algorithm: sha256WithRSAEncryption
18:f5:2a:55:60:9b:9c:d0:53:31:e4:52:c2:f0:a4:ef:2d:7c:
62:73:cb:da:9a:ca:26:c1:87:e2:29:7e:6d:75:ee:7b:a1:a5:
49:fb:70:4b:23:96:f5:58:57:f0:8b:86:e0:b4:ff:c3:33:d9:
c3:56:64:10:d8:f3:57:c5:4c:5f:bb:23:84:11:6b:8b:e1:50:
33:03:c5:90:5c:e6:b7:5e:04:2c:cd:bd:89:dd:6d:aa:61:79:
d5:eb:03:8c:7d:0d:c8:54:53:f9:bf:ac:3d:cc:4c:ac:8e:c2:
04:af:74:61:45:4a:44:76:af:28:84:51:79:f9:07:4c:c9:a6:
2a:a3:a7:c8:9e:d5:6a:81:04:ce:e1:01:69:9e:49:4e:55:31:
9b:3b:5d:fb:f8:62:61:91:0b:2a:c3:44:46:1d:3f:26:08:65:
80:05:a2:83:ee:72:4e:05:e0:94:6f:f5:2a:66:a4:c8:b7:44:
8e:a2:bb:e6:e3:22:e2:36:70:bf:2c:44:b8:0a:ba:d8:32:f0:
1b:82:1f:0e:3b:be:bd:fd:73:26:cc:35:8d:3e:b9:61:62:a0:
c4:94:0d:7e:f9:53:69:05:93:b6:65:9a:fa:a5:8b:90:56:c4:
6f:65:69:2f:66:b2:24:7d:39:29:5a:6c:54:58:9e:cc:3a:b7:
10:70:c7:b4
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZz64dOsnAVuGUKiJsXQVUQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxOWY3NWIyNTkzY2EyYjFiMGE1ZmQwYzU0MDE1ZGUzMDZj
NDdlZTYwHhcNMjYwMzE3MDgyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGFlMTBkNjhiYmVlMTFjZjI1M2M2NjRhOWQwMTZlZGI2N2JkNmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6GVvSnpcXgMqKWZhtLiUreyZe8D
k+7BqJtkTx2gceN/UlOL3Oc+f6bJzFx0+04cg3aP8ZCEzPGrDNZXWPX2DFkUyzLH
Q72RM9v7Hqi11Q3VJQCm0Ti/+LHnGgU/ajhKqFuVAPKg02VLJvZbDB2ly1+qQbaG
h6A37anx91w2qcZkSA4WpfXOx+ZoM34qiRJJPcL1BWLQ5CvHk2YQoCZVeP+pVpoi
K9kcscv6RboCxXfRZykUZKGpdTYApKuS87ZP5Y0rLSKja+JCxfW8memWf4oZPC1+
od2tseiuPXCPl0hHK4MGFLwXrsXLd0uj3FGbkNCfRaS1ocMOGcd1vhKlxQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFFCuENaLvuEc8lPGZKnQFu22e9b+MB8GA1UdIwQY
MBaAFMGfdbJZPKKxsKX9DFQBXeMGxH7mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1o5MXNsazhvckd3cGYwTVZBRmQ0d2JFZnVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zN2E4ZDItMzQ2Ni00NjE2LWJjMWMt
MDEyNDBiY2ZkYjQyLzEvVUs0UTFvdS00Unp5VThaa3FkQVc3Ylo3MXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zN2E4ZDItMzQ2Ni00NjE2LWJjMWMtMDEyNDBiY2ZkYjQy
LzEvd1o5MXNsazhvckd3cGYwTVZBRmQ0d2JFZnVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wXgQCAAEwWAMDAh+IAwQD
JesIAwQFPkjAAwQEPoyAAwQBPoycAwQGUHDAAwQDU4mIAwQFU6fAAwQFVVhgAwQG
VZLAAwQGXXXAAwMDbSADBAafZEADBAXUTsADBAXVIoAwDQQCAAIwBwMFAyoAGMgw
DQYJKoZIhvcNAQELBQADggEBABj1KlVgm5zQUzHkUsLwpO8tfGJzy9qayibBh+Ip
fm117nuhpUn7cEsjlvVYV/CLhuC0/8Mz2cNWZBDY81fFTF+7I4QRa4vhUDMDxZBc
5rdeBCzNvYndbaphedXrA4x9DchUU/m/rD3MTKyOwgSvdGFFSkR2ryiEUXn5B0zJ
piqjp8ie1WqBBM7hAWmeSU5VMZs7Xfv4YmGRCyrDREYdPyYIZYAFooPuck4F4JRv
9SpmpMi3RI6iu+bjIuI2cL8sRLgKutgy8BuCHw47vr39cybMNY0+uWFioMSUDX75
U2kFk7Zlmvqli5BWxG9laS9msiR9OSlabFRYnsw6txBwx7Q=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:13 2026 by rpki-client