Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uh5nDCho1PXG81FTkJ42LWU6kC0.roa
File: uh5nDCho1PXG81FTkJ42LWU6kC0.roa (raw, json)
Hash identifier: o6BPR4CURooY3WIQWOfy5DdD3dqIqIuV6wFFCllxTm8=
Subject key identifier: BA:1E:67:0C:28:68:D4:F5:C6:F3:51:53:90:9E:36:2D:65:3A:90:2D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D8AF4A1B96D0889B72CB77DD51EA176E7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uh5nDCho1PXG81FTkJ42LWU6kC0.roa
Signing time: Tue 14 Apr 2026 07:46:21 +0000
ROA not before: Tue 14 Apr 2026 07:46:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
92.119.199.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 13:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:f4:a1:b9:6d:08:89:b7:2c:b7:7d:d5:1e:a1:76:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 14 07:46:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba1e670c2868d4f5c6f35153909e362d653a902d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:3a:94:20:34:3d:aa:24:75:8c:60:d3:f5:
9b:b6:74:47:35:b4:49:d5:6d:3f:df:47:0e:cf:e7:
12:9c:8a:8d:59:f3:66:17:d9:33:b7:3b:c2:24:ca:
5e:10:5f:f5:c0:66:a1:2b:48:ef:90:f4:7f:cf:6a:
9c:ca:f2:3d:17:9a:ed:33:dc:c5:83:7a:43:27:9c:
c2:7d:c0:50:42:03:c9:c7:d6:c8:0f:46:a1:33:22:
ff:0e:40:b5:2b:a3:5b:df:71:b2:82:e3:f0:30:a4:
10:15:92:da:ff:9e:de:2e:e6:d0:19:79:2c:a6:16:
ad:e3:ab:09:c3:18:d6:dd:f6:3f:ff:2f:53:a2:bd:
23:ec:e1:56:93:7c:5e:52:8f:b5:8c:94:9a:63:9c:
df:d7:b4:2c:0b:2c:94:23:6e:46:d5:fd:d4:7c:14:
86:86:8c:6c:f6:c2:69:48:66:05:12:e4:c5:9d:25:
8a:de:b0:e1:96:7d:60:ac:43:05:69:a3:e9:79:79:
14:55:88:53:e8:9d:36:97:82:0c:13:91:98:83:c0:
55:f9:12:94:b5:c8:0e:04:b2:57:62:fa:ab:4a:86:
ca:ae:e4:c4:2c:8a:2a:04:28:33:6f:8a:89:65:42:
c6:9d:87:61:4b:b1:e9:5e:08:45:5b:0b:59:74:54:
09:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:1E:67:0C:28:68:D4:F5:C6:F3:51:53:90:9E:36:2D:65:3A:90:2D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uh5nDCho1PXG81FTkJ42LWU6kC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
92.119.199.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
68:17:e9:26:46:d6:b6:92:2b:7a:19:bf:d2:15:5e:9b:14:2c:
0e:73:79:77:87:fe:dc:c2:5b:32:10:52:4f:d5:ba:45:58:c9:
1b:01:79:08:96:12:56:c2:58:0a:38:0b:c8:06:3e:93:16:dd:
05:3a:be:c0:5b:90:4b:e6:2d:56:53:67:0e:ff:fc:ec:d2:47:
7f:e7:e9:1b:0c:4a:84:20:c7:87:ea:13:1d:9b:d7:e5:c7:94:
9d:31:41:7a:56:38:a7:54:05:0f:0b:3d:91:be:66:95:b1:8f:
10:f7:53:05:4b:18:f0:8c:fd:5e:9c:02:87:39:08:1c:fa:47:
05:1f:96:f2:23:15:cf:c9:24:7d:bc:9b:9a:47:49:58:15:05:
97:75:ec:d9:08:64:19:74:9e:01:0f:16:51:5e:de:0c:1c:68:
12:7f:cb:2f:7d:2b:3d:9f:3f:34:e5:4e:b7:45:b8:ed:f5:6d:
88:6a:4d:28:53:3d:e1:79:94:2b:e4:2e:dc:c9:d6:73:2e:09:
52:87:1d:9b:d0:4c:22:04:7e:af:85:4a:8a:bd:4c:fb:66:3c:
d9:c8:b6:d9:38:06:ac:b7:41:05:ae:dd:00:5f:61:19:a8:8c:
33:93:1f:02:63:a2:47:48:59:e2:bd:35:38:ed:b5:63:33:83:
7c:3a:1f:23
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZ2K9KG5bQiJtyy3fdUeoXbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDE0MDc0NjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTFlNjcwYzI4NjhkNGY1YzZmMzUxNTM5MDllMzYyZDY1M2E5MDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbY6lCA0PaokdYxg0/WbtnRHNbRJ
1W0/30cOz+cSnIqNWfNmF9kztzvCJMpeEF/1wGahK0jvkPR/z2qcyvI9F5rtM9zF
g3pDJ5zCfcBQQgPJx9bID0ahMyL/DkC1K6Nb33GyguPwMKQQFZLa/57eLubQGXks
phat46sJwxjW3fY//y9Tor0j7OFWk3xeUo+1jJSaY5zf17QsCyyUI25G1f3UfBSG
hoxs9sJpSGYFEuTFnSWK3rDhln1grEMFaaPpeXkUVYhT6J02l4IME5GYg8BV+RKU
tcgOBLJXYvqrSobKruTELIoqBCgzb4qJZULGnYdhS7HpXghFWwtZdFQJkwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFLoeZwwoaNT1xvNRU5CeNi1lOpAtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdWg1bkRDaG8xUFhHODFGVGtKNDJMV1U2a0MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAt
QuQDBAAtQucDBAAtWfcDBAAtjZ4DBABRoe4DBABTj3EDBABUNjMDBABVHy8DBAFV
2YIDBABXeFcDBABXeH4DBABXeKYDBABXeL8DBABcd8cDBABc+TIDBABde20DBACT
TmUDBAK52lQDBAC53qADBADBGdgDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQAD
ggEBAGgX6SZG1raSK3oZv9IVXpsULA5zeXeH/tzCWzIQUk/VukVYyRsBeQiWElbC
WAo4C8gGPpMW3QU6vsBbkEvmLVZTZw7//OzSR3/n6RsMSoQgx4fqEx2b1+XHlJ0x
QXpWOKdUBQ8LPZG+ZpWxjxD3UwVLGPCM/V6cAoc5CBz6RwUflvIjFc/JJH28m5pH
SVgVBZd17NkIZBl0ngEPFlFe3gwcaBJ/yy99Kz2fPzTlTrdFuO31bYhqTShTPeF5
lCvkLtzJ1nMuCVKHHZvQTCIEfq+FSoq9TPtmPNnIttk4Bqy3QQWu3QBfYRmojDOT
HwJjokdIWeK9NTjttWMzg3w6HyM=
-----END CERTIFICATE-----
Generated at Thu Apr 16 22:35:41 2026 by rpki-client