Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/Uhz_TUI3Hsi81u75mxMWZpekOT4.roa
File: Uhz_TUI3Hsi81u75mxMWZpekOT4.roa (raw, json)
Hash identifier: q9Go9HD9nYKVh+b76qK8j4mJsOQptkJ61FqLETJCZTU=
Subject key identifier: 52:1C:FF:4D:42:37:1E:C8:BC:D6:EE:F9:9B:13:16:66:97:A4:39:3E
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 019E0044168A491D43EC6BE80099E14C60C0
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/Uhz_TUI3Hsi81u75mxMWZpekOT4.roa
Signing time: Thu 07 May 2026 02:28:42 +0000
ROA not before: Thu 07 May 2026 02:28:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 152586
IP address blocks: 109.69.111.0/24 maxlen: 24
178.239.171.0/24 maxlen: 24
178.239.174.0/24 maxlen: 24
193.176.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:00:44:16:8a:49:1d:43:ec:6b:e8:00:99:e1:4c:60:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: May 7 02:28:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=521cff4d42371ec8bcd6eef99b13166697a4393e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f3:fa:ca:79:bd:5e:a8:bf:fa:39:88:dc:95:
0c:65:da:95:99:e2:89:ae:39:8d:11:39:1e:b3:4b:
59:8c:1e:24:7d:6f:91:c7:07:68:20:b2:4f:d5:b7:
f1:34:d9:cc:c6:88:6a:3c:a0:74:06:75:46:cb:3a:
a0:99:cc:a9:51:35:42:ec:3e:ee:2e:d2:7e:57:eb:
e0:68:f8:75:32:7d:44:90:20:d4:ee:f8:43:a3:87:
91:e5:9c:68:9b:4f:f6:13:a0:8a:d1:c0:a2:8b:27:
f7:cc:86:75:d6:d3:1c:26:67:1e:3a:28:1b:5d:36:
98:68:e2:56:9a:78:7a:3b:d0:ff:e0:91:38:bc:20:
fc:fd:1b:f7:72:d3:8c:82:d8:46:ab:b9:20:5b:2d:
30:ce:40:d3:d9:b8:09:70:b2:2e:2d:14:4d:bc:3c:
31:44:7d:ba:81:ad:ba:1d:0a:66:c2:40:a7:4a:c7:
fc:2b:fb:8b:29:98:e4:61:61:71:83:81:57:bc:87:
de:be:0c:d1:9f:2f:a6:ae:ff:a5:a6:80:96:60:0b:
ae:6a:10:74:9b:f1:d6:0c:6b:28:cc:ad:f7:c6:cf:
8a:d8:a5:bd:53:95:44:a4:24:94:c0:f9:dc:c7:39:
dc:4f:17:e7:e7:a5:b7:2e:7b:88:a6:a8:7d:09:0e:
e5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:1C:FF:4D:42:37:1E:C8:BC:D6:EE:F9:9B:13:16:66:97:A4:39:3E
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/Uhz_TUI3Hsi81u75mxMWZpekOT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.111.0/24
178.239.171.0/24
178.239.174.0/24
193.176.28.0/24
Signature Algorithm: sha256WithRSAEncryption
66:fe:b4:2a:66:a5:50:51:0e:d7:da:ac:30:53:e2:24:56:ab:
f6:ba:cc:9b:e7:34:8a:5d:02:16:9e:6b:92:fd:65:4a:a2:d9:
e7:d2:b4:58:7f:6f:f5:d5:16:38:5d:33:12:a1:4d:50:aa:18:
1f:4f:f7:d9:77:41:a7:b1:6e:36:02:8f:33:7c:05:09:68:a4:
24:51:f1:42:f5:c0:cb:1a:90:b5:2e:89:e5:93:16:0b:77:51:
57:65:8e:d4:52:0c:c9:88:79:5b:f3:65:f5:18:85:63:d6:86:
eb:3a:03:c6:4c:06:61:03:ca:4c:da:14:31:9a:1b:ed:af:16:
0a:c9:9c:35:47:9d:84:59:8f:b9:28:62:ca:d8:88:d3:41:5f:
66:e8:e2:20:fd:bd:68:32:93:5d:77:fc:cd:b5:4a:9c:7a:0b:
48:ed:e9:8f:5a:58:c8:ff:c4:15:e9:41:5c:1c:28:0c:58:8a:
c1:30:ec:ee:e6:49:93:3c:b0:e5:f4:e9:7e:b2:f3:96:07:47:
e0:c5:05:db:78:d0:91:11:6a:01:de:d9:e7:b1:42:26:ff:08:
54:42:93:82:6f:9c:68:1c:86:bd:49:56:fa:9e:13:7c:49:5f:
33:f5:52:b5:82:4f:84:c2:bd:a4:27:b4:2c:49:51:ed:81:ff:
e4:79:14:6d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4ARBaKSR1D7GvoAJnhTGDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjYwNTA3MDIyODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjFjZmY0ZDQyMzcxZWM4YmNkNmVlZjk5YjEzMTY2Njk3YTQzOTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvP6ynm9Xqi/+jmI3JUMZdqVmeKJ
rjmNETkes0tZjB4kfW+RxwdoILJP1bfxNNnMxohqPKB0BnVGyzqgmcypUTVC7D7u
LtJ+V+vgaPh1Mn1EkCDU7vhDo4eR5Zxom0/2E6CK0cCiiyf3zIZ11tMcJmceOigb
XTaYaOJWmnh6O9D/4JE4vCD8/Rv3ctOMgthGq7kgWy0wzkDT2bgJcLIuLRRNvDwx
RH26ga26HQpmwkCnSsf8K/uLKZjkYWFxg4FXvIfevgzRny+mrv+lpoCWYAuuahB0
m/HWDGsozK33xs+K2KW9U5VEpCSUwPncxzncTxfn56W3LnuIpqh9CQ7lDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFIc/01CNx7IvNbu+ZsTFmaXpDk+MB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvVWh6X1RVSTNIc2k4MXU3NW14TVdacGVrT1Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbUVvAwQA
su+rAwQAsu+uAwQAwbAcMA0GCSqGSIb3DQEBCwUAA4IBAQBm/rQqZqVQUQ7X2qww
U+IkVqv2usyb5zSKXQIWnmuS/WVKotnn0rRYf2/11RY4XTMSoU1QqhgfT/fZd0Gn
sW42Ao8zfAUJaKQkUfFC9cDLGpC1LonlkxYLd1FXZY7UUgzJiHlb82X1GIVj1obr
OgPGTAZhA8pM2hQxmhvtrxYKyZw1R52EWY+5KGLK2IjTQV9m6OIg/b1oMpNdd/zN
tUqcegtI7emPWljI/8QV6UFcHCgMWIrBMOzu5kmTPLDl9Ol+svOWB0fgxQXbeNCR
EWoB3tnnsUIm/whUQpOCb5xoHIa9SVb6nhN8SV8z9VK1gk+Ewr2kJ7QsSVHtgf/k
eRRt
-----END CERTIFICATE-----
Generated at Tue May 12 22:04:00 2026 by rpki-client