Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/UyCQmQzgb130efKAikwvTZay9vQ.roa
File: UyCQmQzgb130efKAikwvTZay9vQ.roa (raw, json)
Hash identifier: NfN/ivDYE1D3RgyrEpLsNnMXDrA0/EHnp98caL5ep7Q=
Subject key identifier: 53:20:90:99:0C:E0:6F:5D:F4:79:F2:80:8A:4C:2F:4D:96:B2:F6:F4
Certificate issuer: /CN=226a87216d7e3c59315f778b2c8f4a9ef478b93e
Certificate serial: 019B7EA74900B02152D11F9987EA839CF432
Authority key identifier: 22:6A:87:21:6D:7E:3C:59:31:5F:77:8B:2C:8F:4A:9E:F4:78:B9:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ImqHIW1-PFkxX3eLLI9KnvR4uT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/UyCQmQzgb130efKAikwvTZay9vQ.roa
Signing time: Fri 02 Jan 2026 12:20:51 +0000
ROA not before: Fri 02 Jan 2026 12:20:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62378
IP address blocks: 91.217.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/ImqHIW1-PFkxX3eLLI9KnvR4uT4.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/ImqHIW1-PFkxX3eLLI9KnvR4uT4.mft
rsync://rpki.ripe.net/repository/DEFAULT/ImqHIW1-PFkxX3eLLI9KnvR4uT4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a7:49:00:b0:21:52:d1:1f:99:87:ea:83:9c:f4:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=226a87216d7e3c59315f778b2c8f4a9ef478b93e
Validity
Not Before: Jan 2 12:20:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=532090990ce06f5df479f2808a4c2f4d96b2f6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:05:9f:7f:32:27:0b:f9:7a:e7:4e:63:e4:a9:
d5:82:16:df:6b:84:3e:ed:7a:5a:03:b1:09:76:fa:
27:90:a8:78:17:ed:26:d3:7c:c5:3d:51:72:ec:b7:
e7:10:49:c4:2a:97:5f:c6:fd:ba:df:5b:e5:e1:1d:
aa:e1:e2:d2:3e:af:c8:1d:2d:48:e5:15:b3:8d:0f:
d5:60:de:0b:ca:c9:29:c0:a4:61:49:98:32:49:97:
4e:9c:11:e1:22:0e:40:d6:ad:74:a4:7a:b1:f8:f2:
68:c3:34:4f:ba:c6:82:35:cb:be:c8:d9:f5:89:bd:
7f:7b:21:b6:07:6d:cd:91:84:09:24:43:fd:9c:2a:
74:c8:72:5c:7f:e7:c6:74:25:9d:96:fc:18:a6:e8:
9a:2c:ce:f4:b4:64:0f:fc:3d:14:1e:79:c4:d3:78:
d0:dd:aa:0f:cf:63:af:b1:57:6f:47:34:90:7d:04:
d0:8e:fc:91:b5:96:d0:3d:2e:ef:18:23:75:53:d5:
c3:88:36:be:03:cc:fb:2f:1c:2c:30:d3:c8:af:38:
46:96:99:64:05:7c:41:a2:49:d5:ab:6e:3a:f0:19:
85:aa:86:5b:a8:69:08:1d:bb:51:14:f4:3e:92:17:
c8:cb:6c:e1:dd:e2:1a:1f:62:1c:02:62:45:c9:c2:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:20:90:99:0C:E0:6F:5D:F4:79:F2:80:8A:4C:2F:4D:96:B2:F6:F4
X509v3 Authority Key Identifier:
keyid:22:6A:87:21:6D:7E:3C:59:31:5F:77:8B:2C:8F:4A:9E:F4:78:B9:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ImqHIW1-PFkxX3eLLI9KnvR4uT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/UyCQmQzgb130efKAikwvTZay9vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/021022-0b27-4b4e-ab32-c990003b24ca/1/ImqHIW1-PFkxX3eLLI9KnvR4uT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.178.0/24
Signature Algorithm: sha256WithRSAEncryption
00:db:83:77:b1:f3:e4:21:99:83:bd:62:dd:d2:72:7b:35:a9:
0f:29:37:ad:96:96:e7:35:bf:d4:4f:44:b6:9b:33:49:e1:d4:
c5:69:91:83:bf:3d:58:9e:9f:52:2d:24:54:c8:71:9b:3f:03:
a1:5f:a9:d5:3c:4b:13:45:87:d9:5a:0a:8d:70:9e:e9:f1:6b:
75:db:34:0c:97:71:fe:22:f2:5f:e0:54:7b:6c:77:66:ab:ab:
54:0c:b8:f6:dc:e2:2a:e3:26:a6:11:2c:ab:6b:0a:ca:db:c1:
4c:53:fe:45:a9:ba:a6:c3:04:f2:c5:6b:c6:a9:88:6d:ed:43:
35:d0:dc:0a:cf:39:d8:bd:6c:79:ef:a0:98:44:6e:5e:10:75:
e0:92:7d:61:69:22:df:af:fc:b9:93:78:6a:5a:3e:11:5f:40:
79:1d:14:e8:c8:39:e9:15:d2:f8:64:13:1b:91:fb:20:82:a8:
2f:32:db:37:01:a8:f8:d5:cd:aa:7f:bc:c4:1b:80:df:24:06:
3f:2a:cc:45:34:60:d6:1c:f8:ad:5e:f9:55:69:df:d4:d6:b6:
ae:7b:17:f7:a0:3e:0b:45:c5:ed:36:b4:07:19:99:58:34:6b:
2c:1f:53:eb:c4:ba:ba:f6:f4:ab:1b:8f:22:50:7d:23:1c:a0:
b7:63:5d:ee
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+p0kAsCFS0R+Zh+qDnPQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNmE4NzIxNmQ3ZTNjNTkzMTVmNzc4YjJjOGY0YTllZjQ3
OGI5M2UwHhcNMjYwMTAyMTIyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzIwOTA5OTBjZTA2ZjVkZjQ3OWYyODA4YTRjMmY0ZDk2YjJmNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7gWffzInC/l6505j5KnVghbfa4Q+
7XpaA7EJdvonkKh4F+0m03zFPVFy7LfnEEnEKpdfxv2631vl4R2q4eLSPq/IHS1I
5RWzjQ/VYN4LyskpwKRhSZgySZdOnBHhIg5A1q10pHqx+PJowzRPusaCNcu+yNn1
ib1/eyG2B23NkYQJJEP9nCp0yHJcf+fGdCWdlvwYpuiaLM70tGQP/D0UHnnE03jQ
3aoPz2OvsVdvRzSQfQTQjvyRtZbQPS7vGCN1U9XDiDa+A8z7LxwsMNPIrzhGlplk
BXxBoknVq2468BmFqoZbqGkIHbtRFPQ+khfIy2zh3eIaH2IcAmJFycLP7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFMgkJkM4G9d9HnygIpML02Wsvb0MB8GA1UdIwQY
MBaAFCJqhyFtfjxZMV93iyyPSp70eLk+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW1xSElXMS1QRmt4WDNlTExJOUtudlI0dVQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wMjEwMjItMGIyNy00YjRlLWFiMzIt
Yzk5MDAwM2IyNGNhLzEvVXlDUW1RemdiMTMwZWZLQWlrd3ZUWmF5OXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wMjEwMjItMGIyNy00YjRlLWFiMzItYzk5MDAwM2IyNGNh
LzEvSW1xSElXMS1QRmt4WDNlTExJOUtudlI0dVQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9myMA0G
CSqGSIb3DQEBCwUAA4IBAQAA24N3sfPkIZmDvWLd0nJ7NakPKTetlpbnNb/UT0S2
mzNJ4dTFaZGDvz1Ynp9SLSRUyHGbPwOhX6nVPEsTRYfZWgqNcJ7p8Wt12zQMl3H+
IvJf4FR7bHdmq6tUDLj23OIq4yamESyrawrK28FMU/5FqbqmwwTyxWvGqYht7UM1
0NwKzznYvWx576CYRG5eEHXgkn1haSLfr/y5k3hqWj4RX0B5HRToyDnpFdL4ZBMb
kfsggqgvMts3Aaj41c2qf7zEG4DfJAY/KsxFNGDWHPitXvlVad/U1rauexf3oD4L
RcXtNrQHGZlYNGssH1PrxLq69vSrG48iUH0jHKC3Y13u
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:50:05 2026 by rpki-client