Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/U85M-8Lcl66rBLJ0Rg82xwdkDKI.roa
File: U85M-8Lcl66rBLJ0Rg82xwdkDKI.roa (raw, json)
Hash identifier: dzpvd72uVrPjmVZuHFaWm57eN2RjfUP62VYST73g2PE=
Subject key identifier: 53:CE:4C:FB:C2:DC:97:AE:AB:04:B2:74:46:0F:36:C7:07:64:0C:A2
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 019C3CD848073AA507C1BE28E35C4C02F9DD
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/U85M-8Lcl66rBLJ0Rg82xwdkDKI.roa
Signing time: Sun 08 Feb 2026 10:42:13 +0000
ROA not before: Sun 08 Feb 2026 10:42:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216024
IP address blocks: 146.255.188.0/24 maxlen: 24
2a10:9681::/32 maxlen: 32
2a10:9682::/32 maxlen: 32
2a10:9683::/32 maxlen: 32
2a10:9687::/32 maxlen: 32
2a11:c880::/29 maxlen: 29
2a12:6c40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:3c:d8:48:07:3a:a5:07:c1:be:28:e3:5c:4c:02:f9:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Feb 8 10:42:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=53ce4cfbc2dc97aeab04b274460f36c707640ca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f2:f2:45:80:3c:3d:69:2d:53:45:45:27:c4:
17:8e:72:63:02:7d:44:a7:2a:48:dc:3f:6f:02:69:
40:f6:bb:d8:87:4a:65:c8:fd:63:c3:b6:b5:3b:9e:
f8:19:07:16:5b:33:08:81:30:8d:18:32:50:68:bb:
c3:cd:b5:5f:8c:62:88:fd:ec:18:b4:28:36:32:cd:
c3:23:cf:06:da:ac:f3:d7:66:e9:a2:86:f6:0e:c5:
cd:22:f8:94:c2:4f:74:28:d5:41:bd:36:b9:18:19:
12:98:36:95:b7:a5:d4:82:88:65:0e:18:08:97:00:
3e:0c:91:0c:14:c6:b9:0c:8b:66:75:d5:fb:31:09:
4c:18:05:a5:86:e3:7d:a0:73:c0:d0:f1:6c:7b:c9:
c1:5c:1a:9a:fb:ab:0d:8e:f2:aa:54:ef:82:54:78:
df:f1:58:f5:4b:fc:24:d8:dc:91:bc:4c:4e:68:29:
9d:e2:cd:dd:cc:8a:cd:6b:9c:66:45:b2:da:42:ec:
db:c5:b8:c1:0c:ca:98:6f:b4:e5:0b:ee:35:51:42:
c3:a0:da:e6:5f:44:1f:37:33:e8:79:2d:a1:d5:cd:
df:cc:06:60:bf:c1:3f:57:55:85:3d:f7:1d:19:80:
35:7b:2a:48:98:60:67:69:0d:ef:c6:eb:21:b1:4a:
2e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CE:4C:FB:C2:DC:97:AE:AB:04:B2:74:46:0F:36:C7:07:64:0C:A2
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/U85M-8Lcl66rBLJ0Rg82xwdkDKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.188.0/24
IPv6:
2a10:9681::-2a10:9683:ffff:ffff:ffff:ffff:ffff:ffff
2a10:9687::/32
2a11:c880::/29
2a12:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
52:5f:74:ec:61:64:39:fa:f7:e3:af:40:6f:42:59:aa:8c:0b:
a1:a2:2b:21:e4:4f:8a:34:3a:70:a4:1f:c5:ef:8d:d2:15:a4:
1b:63:b6:85:e5:2d:11:e9:9d:e4:06:37:80:5c:be:24:15:39:
93:5d:c6:87:e0:13:56:3c:fd:4f:c6:a0:d8:f8:eb:1d:0c:4f:
32:73:9b:01:aa:30:39:5d:41:f2:36:6f:b5:94:81:a7:f5:98:
d8:33:c0:cc:f6:a2:5c:a1:0d:70:98:cb:6e:41:1d:f7:14:4a:
ad:39:ed:21:28:2d:23:20:77:e7:36:fd:5d:26:95:11:57:2b:
54:da:e2:e8:42:be:7a:5b:ef:09:67:be:88:04:1c:02:0a:5c:
5c:18:fe:df:02:65:8a:be:d0:6a:0e:2c:fc:a1:b9:04:4e:d3:
b9:4d:7f:70:3b:16:c0:40:49:9e:f9:60:05:a3:31:68:d6:69:
d4:db:30:19:f2:df:a7:9e:93:17:13:73:f8:34:c6:9f:fa:31:
55:13:cb:7b:12:1b:40:56:17:91:90:25:3d:aa:3b:ed:64:d8:
ec:49:67:fb:9a:df:83:08:fe:79:94:e6:5c:a8:b5:07:0c:df:
82:64:b8:05:0e:9a:91:b7:06:f7:6f:60:3d:da:fe:93:a5:91:
f3:b5:d3:67
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZw82EgHOqUHwb4o41xMAvndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjYwMjA4MTA0MjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2NlNGNmYmMyZGM5N2FlYWIwNGIyNzQ0NjBmMzZjNzA3NjQwY2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfLyRYA8PWktU0VFJ8QXjnJjAn1E
pypI3D9vAmlA9rvYh0plyP1jw7a1O574GQcWWzMIgTCNGDJQaLvDzbVfjGKI/ewY
tCg2Ms3DI88G2qzz12bpoob2DsXNIviUwk90KNVBvTa5GBkSmDaVt6XUgohlDhgI
lwA+DJEMFMa5DItmddX7MQlMGAWlhuN9oHPA0PFse8nBXBqa+6sNjvKqVO+CVHjf
8Vj1S/wk2NyRvExOaCmd4s3dzIrNa5xmRbLaQuzbxbjBDMqYb7TlC+41UULDoNrm
X0QfNzPoeS2h1c3fzAZgv8E/V1WFPfcdGYA1eypImGBnaQ3vxushsUouPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFPOTPvC3JeuqwSydEYPNscHZAyiMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvVTg1TS04TGNsNjZyQkxKMFJnODJ4d2RrREtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAMBAIAATAGAwQAkv+8MCsE
AgACMCUwDgMFACoQloEDBQIqEJaAAwUAKhCWhwMFAyoRyIADBQAqEmxAMA0GCSqG
SIb3DQEBCwUAA4IBAQBSX3TsYWQ5+vfjr0BvQlmqjAuhoish5E+KNDpwpB/F743S
FaQbY7aF5S0R6Z3kBjeAXL4kFTmTXcaH4BNWPP1PxqDY+OsdDE8yc5sBqjA5XUHy
Nm+1lIGn9ZjYM8DM9qJcoQ1wmMtuQR33FEqtOe0hKC0jIHfnNv1dJpURVytU2uLo
Qr56W+8JZ76IBBwCClxcGP7fAmWKvtBqDiz8obkETtO5TX9wOxbAQEme+WAFozFo
1mnU2zAZ8t+nnpMXE3P4NMaf+jFVE8t7EhtAVheRkCU9qjvtZNjsSWf7mt+DCP55
lOZcqLUHDN+CZLgFDpqRtwb3b2A92v6TpZHztdNn
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:50:53 2026 by rpki-client