Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/uwQyjvjxI-r1rh-v9UxtJU1WLMY.roa
File: uwQyjvjxI-r1rh-v9UxtJU1WLMY.roa (raw, json)
Hash identifier: eAP3wsnG37lrMEGtMd91lAMUBneagoCuBENjELRk9X8=
Subject key identifier: BB:04:32:8E:F8:F1:23:EA:F5:AE:1F:AF:F5:4C:6D:25:4D:56:2C:C6
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019DF4533E68B04291045A04155051BDA25F
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/uwQyjvjxI-r1rh-v9UxtJU1WLMY.roa
Signing time: Mon 04 May 2026 18:49:49 +0000
ROA not before: Mon 04 May 2026 18:49:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:53:3e:68:b0:42:91:04:5a:04:15:50:51:bd:a2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: May 4 18:49:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb04328ef8f123eaf5ae1faff54c6d254d562cc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:51:07:64:b0:51:22:99:fe:6c:73:ca:02:6c:
93:d6:b4:47:fc:a7:44:63:41:97:05:01:3b:4f:8c:
a2:45:0d:80:96:75:5f:8f:58:a7:bd:cc:6a:94:5e:
04:2b:31:65:42:8c:0d:54:21:5e:a9:3a:66:1f:72:
a5:9e:40:b0:b3:13:53:d7:f4:18:37:03:1f:e1:9a:
67:93:20:d3:3d:9e:c8:7e:00:81:a2:f1:28:87:4c:
2a:f3:2b:c5:27:92:07:d8:20:e8:5e:48:04:ed:b8:
84:a9:9a:fe:8b:62:74:7a:07:68:a1:40:ac:75:fe:
91:41:03:02:e7:76:6f:07:1b:e7:da:97:97:8d:62:
67:2e:29:0e:ed:00:1e:84:04:c4:a2:91:65:aa:ec:
93:09:7d:fd:c8:ed:01:87:c9:20:c5:1a:15:ec:01:
3f:07:25:f1:f7:78:c2:98:07:d3:19:27:c3:62:22:
2b:ed:d4:66:a6:82:14:d0:ac:0e:fa:b4:b9:a9:21:
3a:c4:23:f6:d8:5e:32:44:04:bb:0f:75:c4:55:4c:
51:cd:17:71:45:a7:c1:c0:db:4f:03:17:7d:56:31:
02:5f:29:f1:62:94:2d:fc:e9:ad:6f:0e:70:29:ab:
ae:3c:c3:4b:2c:92:88:4f:f2:74:6e:47:52:e1:78:
c6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:04:32:8E:F8:F1:23:EA:F5:AE:1F:AF:F5:4C:6D:25:4D:56:2C:C6
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/uwQyjvjxI-r1rh-v9UxtJU1WLMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.205.0-93.152.206.255
93.152.209.0-93.152.216.255
93.152.220.0/24
Signature Algorithm: sha256WithRSAEncryption
33:17:7c:0b:5d:c0:1d:29:af:cb:29:49:58:38:be:a0:ac:0a:
11:8f:08:11:71:2f:38:11:11:0b:19:c9:6e:46:20:88:f6:9c:
1d:11:02:ed:50:75:1a:68:cf:70:47:ca:82:4e:4a:00:d9:f6:
8d:ca:89:84:f4:39:36:90:2f:42:53:85:60:a1:79:48:53:ea:
e4:1a:b5:22:3b:82:71:2d:55:89:09:34:f6:13:8f:47:6d:b8:
b5:0b:56:72:f5:25:76:e5:db:26:5c:6b:cb:19:f5:4e:3a:d9:
ca:33:22:29:7f:d7:a1:72:ec:5f:8a:db:bf:1e:a6:bd:04:a5:
07:0d:37:78:f8:c4:39:b5:d3:ac:66:69:21:15:c8:e4:17:dc:
02:fb:93:5e:ef:86:e8:74:37:20:6f:7f:5e:80:ca:30:d4:e8:
99:93:c3:f9:a9:f3:94:f0:7c:fc:d8:be:cf:ee:cd:90:2f:00:
35:d8:f9:5d:3e:9e:d5:73:5e:d6:e3:6c:a8:72:fb:21:11:e8:
45:f9:a1:c0:e8:8b:17:85:17:a5:39:2a:1b:7b:c4:3c:3d:a6:
f1:4b:b0:8a:76:0a:a9:2a:79:38:55:64:b9:d3:f2:76:80:b9:
d3:eb:99:c0:e5:6b:40:cd:d5:29:ef:46:30:6e:87:d4:43:23:
09:b5:2b:21
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ30Uz5osEKRBFoEFVBRvaJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjYwNTA0MTg0OTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA0MzI4ZWY4ZjEyM2VhZjVhZTFmYWZmNTRjNmQyNTRkNTYyY2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVEHZLBRIpn+bHPKAmyT1rRH/KdE
Y0GXBQE7T4yiRQ2AlnVfj1invcxqlF4EKzFlQowNVCFeqTpmH3KlnkCwsxNT1/QY
NwMf4ZpnkyDTPZ7IfgCBovEoh0wq8yvFJ5IH2CDoXkgE7biEqZr+i2J0egdooUCs
df6RQQMC53ZvBxvn2peXjWJnLikO7QAehATEopFlquyTCX39yO0Bh8kgxRoV7AE/
ByXx93jCmAfTGSfDYiIr7dRmpoIU0KwO+rS5qSE6xCP22F4yRAS7D3XEVUxRzRdx
RafBwNtPAxd9VjECXynxYpQt/Omtbw5wKauuPMNLLJKIT/J0bkdS4XjG4wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFLsEMo748SPq9a4fr/VMbSVNVizGMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvdXdReWp2anhJLXIxcmgtdjlVeHRKVTFXTE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALY3oAwQA
LY3rAwQAW1wvMAwDBABdmM0DBABdmM4wDAMEAF2Y0QMEAF2Y2AMEAF2Y3DANBgkq
hkiG9w0BAQsFAAOCAQEAMxd8C13AHSmvyylJWDi+oKwKEY8IEXEvOBERCxnJbkYg
iPacHREC7VB1GmjPcEfKgk5KANn2jcqJhPQ5NpAvQlOFYKF5SFPq5Bq1IjuCcS1V
iQk09hOPR224tQtWcvUlduXbJlxryxn1TjrZyjMiKX/XoXLsX4rbvx6mvQSlBw03
ePjEObXTrGZpIRXI5BfcAvuTXu+G6HQ3IG9/XoDKMNTomZPD+anzlPB8/Ni+z+7N
kC8ANdj5XT6e1XNe1uNsqHL7IRHoRfmhwOiLF4UXpTkqG3vEPD2m8UuwinYKqSp5
OFVkudPydoC50+uZwOVrQM3VKe9GMG6H1EMjCbUrIQ==
-----END CERTIFICATE-----
Generated at Wed May 13 11:56:03 2026 by rpki-client