Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/uaf2gOufHpjM0-jl-DGzDOPaSjg.roa
File: uaf2gOufHpjM0-jl-DGzDOPaSjg.roa (raw, json)
Hash identifier: BBVjfBboBH9hWUYKXyFs/Wc3kThp/52xPtYPyIqQvr0=
Subject key identifier: B9:A7:F6:80:EB:9F:1E:98:CC:D3:E8:E5:F8:31:B3:0C:E3:DA:4A:38
Certificate issuer: /CN=fab6ba0a660aa88fa54ef8d746ea7e527781fc3c
Certificate serial: 019B78A270C4770BBBE137910F06095DC7D9
Authority key identifier: FA:B6:BA:0A:66:0A:A8:8F:A5:4E:F8:D7:46:EA:7E:52:77:81:FC:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ra6CmYKqI-lTvjXRup-UneB_Dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/uaf2gOufHpjM0-jl-DGzDOPaSjg.roa
Signing time: Thu 01 Jan 2026 08:17:50 +0000
ROA not before: Thu 01 Jan 2026 08:17:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207861
IP address blocks: 193.56.247.0/24 maxlen: 24
193.57.4.0/24 maxlen: 24
193.57.7.0/24 maxlen: 24
193.57.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/1-ra6CmYKqI-lTvjXRup-UneB_Dw.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/1-ra6CmYKqI-lTvjXRup-UneB_Dw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ra6CmYKqI-lTvjXRup-UneB_Dw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Mar 2026 22:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:70:c4:77:0b:bb:e1:37:91:0f:06:09:5d:c7:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fab6ba0a660aa88fa54ef8d746ea7e527781fc3c
Validity
Not Before: Jan 1 08:17:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9a7f680eb9f1e98ccd3e8e5f831b30ce3da4a38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:43:b2:9b:2c:c3:75:fb:08:1b:ef:f4:32:bd:
04:46:ad:87:fc:25:c0:a0:ad:74:d3:97:93:f6:6d:
4c:93:f3:c1:1c:f5:d3:a1:8f:d3:f7:28:3b:c5:3c:
12:26:d2:34:14:1e:fe:d4:cd:33:58:9f:9e:39:b9:
41:a1:7e:8b:cc:7b:9e:db:4c:ca:db:c5:40:fd:b1:
d0:d4:2d:5d:b7:90:12:8f:bd:f1:57:3f:79:13:5a:
e3:46:cd:c7:b4:f3:a9:fb:e7:d0:d9:38:0c:fe:0d:
1d:be:4f:56:ba:93:4c:d8:ad:19:68:4c:8d:2d:6f:
18:b0:93:8c:91:d0:46:91:bf:db:7b:6b:21:28:7e:
5b:81:7c:36:2c:06:eb:a3:5a:31:80:6c:1a:76:31:
7c:a6:f8:06:6e:80:98:13:fc:59:09:2c:18:62:75:
d9:cf:c6:43:dc:73:11:18:f0:1a:91:0f:1b:a0:3e:
db:78:6c:00:f4:d0:99:e0:80:e3:f0:55:87:04:0e:
1c:8f:b7:9a:5c:9c:42:97:0c:c1:eb:e1:55:4a:d4:
ca:fa:2f:2b:6e:20:67:e5:b9:42:d2:24:c6:76:85:
d0:b8:5b:0d:57:8d:2a:03:d8:7e:04:36:de:60:65:
42:34:f7:7b:72:3c:e8:45:58:4b:bb:68:bf:3a:e8:
2c:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A7:F6:80:EB:9F:1E:98:CC:D3:E8:E5:F8:31:B3:0C:E3:DA:4A:38
X509v3 Authority Key Identifier:
keyid:FA:B6:BA:0A:66:0A:A8:8F:A5:4E:F8:D7:46:EA:7E:52:77:81:FC:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ra6CmYKqI-lTvjXRup-UneB_Dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/uaf2gOufHpjM0-jl-DGzDOPaSjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/15773e-ff1c-40ee-ba0b-2a1ba4889635/1/1-ra6CmYKqI-lTvjXRup-UneB_Dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.247.0/24
193.57.4.0/24
193.57.7.0/24
193.57.21.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:46:a8:2e:2e:db:9b:c7:ed:ea:cf:16:b4:5f:a0:6c:e2:b0:
f7:93:2a:52:b0:86:2f:14:4c:55:ac:27:b2:6c:23:73:e2:bc:
5f:d6:f4:f9:7e:a4:a5:1d:66:02:0e:b1:84:9f:3b:c1:cc:95:
7c:1d:50:7f:fc:0f:b4:41:51:a2:d4:88:25:c3:86:c1:c0:87:
0d:b1:42:62:7e:d3:6e:19:03:8b:10:19:de:59:44:c3:d9:39:
20:2b:21:7c:2a:05:ef:2c:de:2a:a0:ae:32:10:1f:a6:d4:c5:
b3:20:b9:91:f4:5c:f5:15:10:45:35:33:d9:2a:a8:20:23:0b:
c5:e8:93:c3:90:3e:ef:50:cf:16:02:cf:21:2a:bf:79:97:cd:
ba:db:da:95:0b:61:4b:03:c9:d1:f4:f0:a7:b2:3f:60:ce:69:
91:d8:47:9c:9b:e7:50:3e:28:73:12:1d:46:ca:7b:3c:06:0c:
f7:0e:ce:bd:a0:5a:4e:bc:4f:cd:15:2b:e2:2d:17:1d:b7:47:
a4:af:bb:cd:06:eb:b2:f3:10:d5:59:28:a4:9d:bf:ad:e4:2b:
ba:2c:bc:af:df:cd:73:81:1e:e7:84:4b:7e:ec:75:21:65:61:
fd:a5:90:2d:ec:e0:3c:78:40:85:55:64:47:c7:3a:4b:e8:94:
06:a6:65:5d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZt4onDEdwu74TeRDwYJXcfZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYjZiYTBhNjYwYWE4OGZhNTRlZjhkNzQ2ZWE3ZTUyNzc4
MWZjM2MwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWE3ZjY4MGViOWYxZTk4Y2NkM2U4ZTVmODMxYjMwY2UzZGE0YTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0OymyzDdfsIG+/0Mr0ERq2H/CXA
oK1005eT9m1Mk/PBHPXToY/T9yg7xTwSJtI0FB7+1M0zWJ+eOblBoX6LzHue20zK
28VA/bHQ1C1dt5ASj73xVz95E1rjRs3HtPOp++fQ2TgM/g0dvk9WupNM2K0ZaEyN
LW8YsJOMkdBGkb/be2shKH5bgXw2LAbro1oxgGwadjF8pvgGboCYE/xZCSwYYnXZ
z8ZD3HMRGPAakQ8boD7beGwA9NCZ4IDj8FWHBA4cj7eaXJxClwzB6+FVStTK+i8r
biBn5blC0iTGdoXQuFsNV40qA9h+BDbeYGVCNPd7cjzoRVhLu2i/OugspQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLmn9oDrnx6YzNPo5fgxswzj2ko4MB8GA1UdIwQY
MBaAFPq2ugpmCqiPpU7410bqflJ3gfw8MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1yYTZDbVlLcUktbFR2alhSdXAtVW5lQl9Edy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEvMTU3NzNlLWZmMWMtNDBlZS1iYTBi
LTJhMWJhNDg4OTYzNS8xL3VhZjJnT3VmSHBqTTAtamwtREd6RE9QYVNqZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMWEvMTU3NzNlLWZmMWMtNDBlZS1iYTBiLTJhMWJhNDg4OTYz
NS8xLzEtcmE2Q21ZS3FJLWxUdmpYUnVwLVVuZUJfRHcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBADBOPcD
BADBOQQDBADBOQcDBADBORUwDQYJKoZIhvcNAQELBQADggEBACpGqC4u25vH7erP
FrRfoGzisPeTKlKwhi8UTFWsJ7JsI3PivF/W9Pl+pKUdZgIOsYSfO8HMlXwdUH/8
D7RBUaLUiCXDhsHAhw2xQmJ+024ZA4sQGd5ZRMPZOSArIXwqBe8s3iqgrjIQH6bU
xbMguZH0XPUVEEU1M9kqqCAjC8Xok8OQPu9QzxYCzyEqv3mXzbrb2pULYUsDydH0
8KeyP2DOaZHYR5yb51A+KHMSHUbKezwGDPcOzr2gWk68T80VK+ItFx23R6Svu80G
67LzENVZKKSdv63kK7osvK/fzXOBHueES37sdSFlYf2lkC3s4Dx4QIVVZEfHOkvo
lAamZV0=
-----END CERTIFICATE-----
Generated at Wed Mar 4 07:53:49 2026 by rpki-client