Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/ujvUCeMeHFa3WfWN6G6OHhHxhuI.roa
File: ujvUCeMeHFa3WfWN6G6OHhHxhuI.roa (raw, json)
Hash identifier: pG5oPA2yhKapDXzeja3NTKTYlcJo6W9vaHYK9VMmI4o=
Subject key identifier: BA:3B:D4:09:E3:1E:1C:56:B7:59:F5:8D:E8:6E:8E:1E:11:F1:86:E2
Certificate issuer: /CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Certificate serial: 019B7E386D067EA35E5B3355C3C03C7D7467
Authority key identifier: 15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/ujvUCeMeHFa3WfWN6G6OHhHxhuI.roa
Signing time: Fri 02 Jan 2026 10:19:45 +0000
ROA not before: Fri 02 Jan 2026 10:19:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34975
IP address blocks: 95.129.56.0/21 maxlen: 21
95.129.56.0/24 maxlen: 24
95.129.57.0/24 maxlen: 24
95.129.58.0/24 maxlen: 24
95.129.59.0/24 maxlen: 24
95.129.60.0/22 maxlen: 22
95.143.16.0/20 maxlen: 20
95.143.16.0/24 maxlen: 24
95.143.17.0/24 maxlen: 24
95.143.18.0/24 maxlen: 24
95.143.19.0/24 maxlen: 24
95.143.20.0/24 maxlen: 24
95.143.21.0/24 maxlen: 24
95.143.22.0/24 maxlen: 24
95.143.23.0/24 maxlen: 24
95.143.24.0/21 maxlen: 21
185.18.20.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.mft
rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:6d:06:7e:a3:5e:5b:33:55:c3:c0:3c:7d:74:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15cce061d2408d9a8f6b2b94162d1f74fac3dcac
Validity
Not Before: Jan 2 10:19:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba3bd409e31e1c56b759f58de86e8e1e11f186e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8e:fc:ee:0c:cd:53:8e:05:5d:a1:c0:01:0d:
e0:fd:f5:e2:29:f0:cf:be:ae:af:7b:22:73:83:40:
1f:37:2c:97:c8:fa:a5:67:c5:87:0e:b4:13:1a:ac:
52:51:2e:82:65:d4:69:74:e7:67:ed:dc:e4:30:87:
ed:8e:65:13:7d:9c:17:80:02:a0:e6:fd:47:1d:43:
8f:9e:2e:83:90:59:5b:4e:56:b7:a7:91:d7:6f:d8:
3b:2c:04:f3:da:83:43:f6:b0:3f:9d:7b:19:a8:83:
16:c2:fd:60:85:fa:52:0c:85:59:cd:7b:66:a4:a1:
7d:07:f3:86:c0:75:6b:f7:e7:08:15:e6:7a:c9:d5:
2c:31:c0:32:5c:62:8a:a7:66:23:41:f7:4e:48:2e:
76:9e:a0:fc:9a:28:06:4a:35:e0:4e:9d:61:96:37:
60:4d:12:95:e7:fb:ca:bb:d4:99:63:a1:c9:49:85:
ec:11:13:2c:2d:d1:1d:74:2e:b4:87:de:f7:fc:12:
f5:19:5f:57:86:05:77:a0:75:95:30:0b:06:34:19:
b6:6d:8e:ed:25:02:0a:df:4b:2d:e0:96:6c:89:25:
b5:32:e0:5e:2f:47:ee:13:63:ae:73:59:90:79:78:
55:3c:3d:7c:1e:e4:a0:9a:94:e0:75:1c:50:ce:74:
11:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:3B:D4:09:E3:1E:1C:56:B7:59:F5:8D:E8:6E:8E:1E:11:F1:86:E2
X509v3 Authority Key Identifier:
keyid:15:CC:E0:61:D2:40:8D:9A:8F:6B:2B:94:16:2D:1F:74:FA:C3:DC:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FczgYdJAjZqPayuUFi0fdPrD3Kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/ujvUCeMeHFa3WfWN6G6OHhHxhuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/9af87c-e272-4f84-9143-6682f7827df0/1/FczgYdJAjZqPayuUFi0fdPrD3Kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.129.56.0/21
95.143.16.0/20
185.18.20.0/22
Signature Algorithm: sha256WithRSAEncryption
18:67:0c:3c:1c:51:69:05:03:a1:20:e8:aa:10:e9:68:f5:7c:
1b:fb:64:29:d5:e5:29:d7:f0:fe:a8:5d:72:30:e9:67:45:ab:
ca:57:09:1b:41:6f:76:44:62:bd:7b:1b:da:fb:12:72:f4:63:
2e:c9:b7:cf:a5:40:64:89:18:3e:32:82:5e:b6:45:e2:ee:0d:
04:60:9c:eb:da:19:fa:9e:31:38:f7:e0:29:fe:03:4c:e0:ce:
20:d4:01:d3:3c:09:5c:33:6f:28:07:f3:8b:94:63:63:46:32:
d2:7f:fe:a5:ab:81:be:09:ec:61:04:03:26:47:90:5e:c4:d1:
c9:d8:a0:a6:23:3d:66:e4:18:75:7e:7e:84:92:a1:49:ab:38:
0a:d0:f3:af:61:64:b8:64:0e:3f:aa:d1:39:cb:f1:45:d1:2c:
70:24:40:6f:31:11:2c:4c:87:21:b8:cb:66:5d:22:ea:11:50:
09:54:f3:86:f5:33:63:c5:2c:cd:eb:db:26:cf:87:5c:f8:22:
aa:08:28:b1:0a:01:97:a5:ef:cd:93:2d:21:4d:50:71:68:60:
82:9c:37:0b:78:d5:e7:18:de:2e:d0:a6:1c:cb:db:80:d5:13:
2c:07:0b:7e:f9:f7:d3:3f:46:fc:a2:65:1e:2e:23:7d:ee:ef:
a7:01:af:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt+OG0GfqNeWzNVw8A8fXRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1Y2NlMDYxZDI0MDhkOWE4ZjZiMmI5NDE2MmQxZjc0ZmFj
M2RjYWMwHhcNMjYwMTAyMTAxOTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTNiZDQwOWUzMWUxYzU2Yjc1OWY1OGRlODZlOGUxZTExZjE4NmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI787gzNU44FXaHAAQ3g/fXiKfDP
vq6veyJzg0AfNyyXyPqlZ8WHDrQTGqxSUS6CZdRpdOdn7dzkMIftjmUTfZwXgAKg
5v1HHUOPni6DkFlbTla3p5HXb9g7LATz2oND9rA/nXsZqIMWwv1ghfpSDIVZzXtm
pKF9B/OGwHVr9+cIFeZ6ydUsMcAyXGKKp2YjQfdOSC52nqD8migGSjXgTp1hljdg
TRKV5/vKu9SZY6HJSYXsERMsLdEddC60h973/BL1GV9XhgV3oHWVMAsGNBm2bY7t
JQIK30st4JZsiSW1MuBeL0fuE2Ouc1mQeXhVPD18HuSgmpTgdRxQznQRxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLo71AnjHhxWt1n1jehujh4R8YbiMB8GA1UdIwQY
MBaAFBXM4GHSQI2aj2srlBYtH3T6w9ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMt
NjY4MmY3ODI3ZGYwLzEvdWp2VUNlTWVIRmEzV2ZXTjZHNk9IaEh4aHVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85YWY4N2MtZTI3Mi00Zjg0LTkxNDMtNjY4MmY3ODI3ZGYw
LzEvRmN6Z1lkSkFqWnFQYXl1VUZpMGZkUHJEM0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDX4E4AwQE
X48QAwQCuRIUMA0GCSqGSIb3DQEBCwUAA4IBAQAYZww8HFFpBQOhIOiqEOlo9Xwb
+2Qp1eUp1/D+qF1yMOlnRavKVwkbQW92RGK9exva+xJy9GMuybfPpUBkiRg+MoJe
tkXi7g0EYJzr2hn6njE49+Ap/gNM4M4g1AHTPAlcM28oB/OLlGNjRjLSf/6lq4G+
CexhBAMmR5BexNHJ2KCmIz1m5Bh1fn6EkqFJqzgK0POvYWS4ZA4/qtE5y/FF0Sxw
JEBvMREsTIchuMtmXSLqEVAJVPOG9TNjxSzN69smz4dc+CKqCCixCgGXpe/Nky0h
TVBxaGCCnDcLeNXnGN4u0KYcy9uA1RMsBwt++ffTP0b8omUeLiN97u+nAa/p
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:44:40 2026 by rpki-client