Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/ULhfeft8ruaAOSycLGgspsB9WDM.roa
File: ULhfeft8ruaAOSycLGgspsB9WDM.roa (raw, json)
Hash identifier: YhwNNP4dPs6tEXJFWm3JKl3sMP3qxhh6F+89COgcPeM=
Subject key identifier: 50:B8:5F:79:FB:7C:AE:E6:80:39:2C:9C:2C:68:2C:A6:C0:7D:58:33
Certificate issuer: /CN=cb324555940ae51af5d1f42bd5ac715864fa1829
Certificate serial: 019B797E60C8C7220196CBDB9CB6AD31B2FA
Authority key identifier: CB:32:45:55:94:0A:E5:1A:F5:D1:F4:2B:D5:AC:71:58:64:FA:18:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yzJFVZQK5Rr10fQr1axxWGT6GCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/ULhfeft8ruaAOSycLGgspsB9WDM.roa
Signing time: Thu 01 Jan 2026 12:18:03 +0000
ROA not before: Thu 01 Jan 2026 12:18:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60393
IP address blocks: 194.55.232.0/23 maxlen: 24
2001:67c:bfc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/yzJFVZQK5Rr10fQr1axxWGT6GCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/yzJFVZQK5Rr10fQr1axxWGT6GCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yzJFVZQK5Rr10fQr1axxWGT6GCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:7e:60:c8:c7:22:01:96:cb:db:9c:b6:ad:31:b2:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb324555940ae51af5d1f42bd5ac715864fa1829
Validity
Not Before: Jan 1 12:18:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50b85f79fb7caee680392c9c2c682ca6c07d5833
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ef:20:56:34:46:40:7e:f1:e5:b9:91:56:d4:
02:d4:1d:f0:d2:b7:24:c3:18:3d:54:5c:f8:e3:be:
b2:eb:d9:08:7d:a7:96:fc:e5:ab:41:ff:37:43:a1:
bc:5e:11:9a:ee:6b:3a:f3:a3:30:28:72:a9:9a:e5:
5e:4e:30:05:30:70:0c:1e:77:09:5d:e7:85:9b:2b:
75:3f:de:6b:1d:65:80:80:2d:06:fa:8d:c4:7e:b6:
16:6b:6c:27:e9:cf:6b:40:a1:c6:d1:15:e4:8d:1a:
26:0e:30:35:3a:68:8f:a3:9c:bf:18:d0:cd:5e:58:
e9:89:10:90:9e:b5:37:04:6d:28:c3:cc:fd:69:5e:
5e:ed:12:83:b6:b4:38:f1:df:96:85:3c:15:dc:ca:
13:ca:98:08:8c:65:30:26:82:a3:38:ef:a0:a6:d7:
99:35:93:0b:eb:e2:6f:82:fa:7b:cd:5c:40:26:d3:
cf:89:6f:00:f2:39:9e:44:a8:b4:dc:97:3f:ba:7b:
ea:2e:6e:a7:3c:eb:55:69:a5:72:aa:45:9c:e1:43:
bc:ec:f7:46:39:09:a6:e9:96:37:5e:dd:9d:a2:db:
b0:d8:cb:58:f8:da:5e:0c:9b:33:07:ef:bd:46:1b:
21:3e:96:9f:90:b6:77:45:cb:02:7f:50:bf:c7:1b:
be:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:B8:5F:79:FB:7C:AE:E6:80:39:2C:9C:2C:68:2C:A6:C0:7D:58:33
X509v3 Authority Key Identifier:
keyid:CB:32:45:55:94:0A:E5:1A:F5:D1:F4:2B:D5:AC:71:58:64:FA:18:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yzJFVZQK5Rr10fQr1axxWGT6GCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/ULhfeft8ruaAOSycLGgspsB9WDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/300983-4dfd-419c-bc20-202c2689dfa0/1/yzJFVZQK5Rr10fQr1axxWGT6GCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.232.0/23
IPv6:
2001:67c:bfc::/48
Signature Algorithm: sha256WithRSAEncryption
99:d7:66:9c:85:68:e1:89:21:db:7d:20:9c:45:03:a4:f2:fb:
10:83:c4:79:2a:44:db:ad:75:04:c3:9d:29:c2:3c:4e:24:98:
25:b8:33:59:ef:95:01:89:27:a2:75:36:66:f3:92:aa:46:54:
8f:68:21:42:e5:45:3a:86:a3:04:af:41:a0:44:09:e9:5e:13:
85:82:6b:74:3a:47:c3:81:8b:14:cb:2d:d6:66:84:f0:52:6c:
ac:5c:32:b3:78:11:f7:a9:ea:c4:ee:89:32:29:9c:4f:57:6a:
2e:36:ee:2a:fa:ed:e7:60:58:a5:8e:78:be:30:8a:a0:cf:72:
cc:97:9a:a2:ac:c2:fb:7b:8a:9c:97:f6:3f:7a:5c:c5:f3:f2:
a0:f0:4d:c7:ff:11:fe:60:3d:43:82:6c:54:c1:a4:97:b2:46:
3e:12:c4:20:a5:f6:40:38:a3:53:21:99:e2:3a:d8:9f:37:e6:
3a:ec:1f:b9:0c:21:ed:71:b6:0a:e2:27:5d:cc:ef:13:e3:23:
26:49:62:64:8c:a3:b9:20:0d:e8:3c:3c:f1:a8:d9:9e:f0:41:
89:fd:1e:e6:18:56:8f:a4:4a:08:be:f4:d4:8f:f2:a1:f6:33:
91:c4:a7:69:31:ea:a8:dc:34:ab:2e:51:fa:57:67:1b:73:97:
e6:e1:8c:49
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt5fmDIxyIBlsvbnLatMbL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMzI0NTU1OTQwYWU1MWFmNWQxZjQyYmQ1YWM3MTU4NjRm
YTE4MjkwHhcNMjYwMTAxMTIxODAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGI4NWY3OWZiN2NhZWU2ODAzOTJjOWMyYzY4MmNhNmMwN2Q1ODMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApu8gVjRGQH7x5bmRVtQC1B3w0rck
wxg9VFz4476y69kIfaeW/OWrQf83Q6G8XhGa7ms686MwKHKpmuVeTjAFMHAMHncJ
XeeFmyt1P95rHWWAgC0G+o3EfrYWa2wn6c9rQKHG0RXkjRomDjA1OmiPo5y/GNDN
XljpiRCQnrU3BG0ow8z9aV5e7RKDtrQ48d+WhTwV3MoTypgIjGUwJoKjOO+gpteZ
NZML6+Jvgvp7zVxAJtPPiW8A8jmeRKi03Jc/unvqLm6nPOtVaaVyqkWc4UO87PdG
OQmm6ZY3Xt2dotuw2MtY+NpeDJszB++9RhshPpafkLZ3RcsCf1C/xxu+zwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFC4X3n7fK7mgDksnCxoLKbAfVgzMB8GA1UdIwQY
MBaAFMsyRVWUCuUa9dH0K9WscVhk+hgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXpKRlZaUUs1UnIxMGZRcjFheHhXR1Q2R0NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zMDA5ODMtNGRmZC00MTljLWJjMjAt
MjAyYzI2ODlkZmEwLzEvVUxoZmVmdDhydWFBT1N5Y0xHZ3Nwc0I5V0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zMDA5ODMtNGRmZC00MTljLWJjMjAtMjAyYzI2ODlkZmEw
LzEveXpKRlZaUUs1UnIxMGZRcjFheHhXR1Q2R0NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBwjfoMA8E
AgACMAkDBwAgAQZ8C/wwDQYJKoZIhvcNAQELBQADggEBAJnXZpyFaOGJIdt9IJxF
A6Ty+xCDxHkqRNutdQTDnSnCPE4kmCW4M1nvlQGJJ6J1NmbzkqpGVI9oIULlRTqG
owSvQaBECeleE4WCa3Q6R8OBixTLLdZmhPBSbKxcMrN4Efep6sTuiTIpnE9Xai42
7ir67edgWKWOeL4wiqDPcsyXmqKswvt7ipyX9j96XMXz8qDwTcf/Ef5gPUOCbFTB
pJeyRj4SxCCl9kA4o1MhmeI62J835jrsH7kMIe1xtgriJ13M7xPjIyZJYmSMo7kg
Deg8PPGo2Z7wQYn9HuYYVo+kSgi+9NSP8qH2M5HEp2kx6qjcNKsuUfpXZxtzl+bh
jEk=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:10:47 2026 by rpki-client