Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/_ULbu6qlDLNkl4gfmrAZa3cDCKQ.roa
File: _ULbu6qlDLNkl4gfmrAZa3cDCKQ.roa (raw, json)
Hash identifier: TqnqSuTSzSIeCUVxshqZTxT6rnTxHWCsb3vadXoWjSw=
Subject key identifier: FD:42:DB:BB:AA:A5:0C:B3:64:97:88:1F:9A:B0:19:6B:77:03:08:A4
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 019E54AE1AE0C5C074674C7A57C127A28D3E
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/_ULbu6qlDLNkl4gfmrAZa3cDCKQ.roa
Signing time: Sat 23 May 2026 11:52:36 +0000
ROA not before: Sat 23 May 2026 11:52:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:54:ae:1a:e0:c5:c0:74:67:4c:7a:57:c1:27:a2:8d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: May 23 11:52:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fd42dbbbaaa50cb36497881f9ab0196b770308a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:07:6b:a7:62:60:49:a7:71:15:f5:e3:60:2c:
a9:ba:3f:8a:7e:6a:f9:af:95:25:03:cb:c9:be:d5:
6a:cd:a0:64:da:8b:f4:f0:09:7b:8c:31:ef:e3:d6:
20:f9:8c:a6:3b:7a:ec:95:56:26:ce:a4:5c:df:47:
0b:81:d6:b4:27:e7:62:99:c1:b1:75:a4:f6:65:9d:
98:9b:d1:9d:58:0f:58:98:c0:2b:b5:1a:13:09:5d:
65:45:85:a7:1b:69:dd:e9:2f:fb:91:15:f1:37:d1:
7c:cf:a8:e1:21:73:36:24:16:da:49:16:04:29:c8:
dd:ce:5b:2a:da:7a:df:c6:e9:c1:d2:2b:cd:09:40:
4c:f9:c7:b9:5a:c3:a8:3a:6e:c0:d3:e7:ba:89:98:
0c:85:c0:b4:b3:ab:96:48:b2:cc:56:d5:eb:d4:5b:
22:4f:af:34:f8:c0:9e:e4:2c:27:d0:df:7d:89:47:
15:8b:bd:66:8e:98:67:80:c0:2c:79:9f:50:5c:33:
47:5e:df:6d:6d:f4:f0:71:7c:85:9b:4b:f7:5d:b5:
4c:e3:b9:91:b6:a9:5d:19:c6:8d:75:6a:bd:48:5f:
72:d8:62:cb:22:27:ad:0c:60:c4:f3:86:69:2a:66:
7a:99:23:ff:5d:a2:ad:82:50:c5:05:a5:bf:ad:a0:
6f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:42:DB:BB:AA:A5:0C:B3:64:97:88:1F:9A:B0:19:6B:77:03:08:A4
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/_ULbu6qlDLNkl4gfmrAZa3cDCKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
8b:03:4b:8c:8b:56:8b:d9:fb:50:d0:9c:bf:64:4a:75:54:8e:
73:7e:da:bd:89:cb:1c:77:5b:e0:f6:f1:a2:3e:09:9b:2f:99:
6b:ca:76:93:33:aa:c1:11:06:2f:bf:6d:36:1c:b7:ee:ad:44:
1d:35:96:00:b5:20:46:3a:28:9a:87:1e:7e:2e:06:17:fa:fb:
cd:04:3c:c4:89:00:36:82:da:e6:52:2a:1b:d3:4f:86:cb:dc:
48:f1:f7:ac:4a:d2:e3:ef:e5:9a:4f:79:f6:7d:45:db:17:e3:
78:d0:68:93:d1:6c:95:16:dc:4a:65:af:5b:fd:8d:42:0a:23:
f2:be:8f:95:ad:f3:3c:1c:8a:43:02:f7:2e:37:35:86:04:44:
b2:28:ba:af:7a:db:5f:23:6c:9a:f7:1a:79:8a:ae:ca:0a:ec:
52:20:d5:2b:3a:22:b7:76:08:b6:55:b3:24:be:2a:09:0b:63:
70:df:91:fa:ea:72:c5:59:bb:41:cb:18:49:38:fd:b3:0f:9f:
e9:1a:91:3f:7b:9d:6f:56:21:37:65:ad:fd:20:75:d3:91:28:
28:ee:67:fc:e0:b8:d2:f1:6e:e4:19:29:fa:19:12:aa:a8:f8:
71:5a:93:9a:1e:20:7c:4b:5a:c0:6a:d1:40:6d:65:92:85:4f:
85:6e:eb:d6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ5UrhrgxcB0Z0x6V8Enoo0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjYwNTIzMTE1MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDQyZGJiYmFhYTUwY2IzNjQ5Nzg4MWY5YWIwMTk2Yjc3MDMwOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogdrp2JgSadxFfXjYCypuj+Kfmr5
r5UlA8vJvtVqzaBk2ov08Al7jDHv49Yg+YymO3rslVYmzqRc30cLgda0J+dimcGx
daT2ZZ2Ym9GdWA9YmMArtRoTCV1lRYWnG2nd6S/7kRXxN9F8z6jhIXM2JBbaSRYE
Kcjdzlsq2nrfxunB0ivNCUBM+ce5WsOoOm7A0+e6iZgMhcC0s6uWSLLMVtXr1Fsi
T680+MCe5Cwn0N99iUcVi71mjphngMAseZ9QXDNHXt9tbfTwcXyFm0v3XbVM47mR
tqldGcaNdWq9SF9y2GLLIietDGDE84ZpKmZ6mSP/XaKtglDFBaW/raBvIwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFP1C27uqpQyzZJeIH5qwGWt3AwikMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvX1VMYnU2cWxETE5rbDRnZm1yQVphM2NEQ0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBAIsDS4yLVovZ+1DQnL9kSnVUjnN+2r2Jyxx3W+D28aI+CZsvmWvK
dpMzqsERBi+/bTYct+6tRB01lgC1IEY6KJqHHn4uBhf6+80EPMSJADaC2uZSKhvT
T4bL3Ejx96xK0uPv5ZpPefZ9RdsX43jQaJPRbJUW3Eplr1v9jUIKI/K+j5Wt8zwc
ikMC9y43NYYERLIouq96218jbJr3GnmKrsoK7FIg1Ss6Ird2CLZVsyS+KgkLY3Df
kfrqcsVZu0HLGEk4/bMPn+kakT97nW9WITdlrf0gddORKCjuZ/zguNLxbuQZKfoZ
Eqqo+HFak5oeIHxLWsBq0UBtZZKFT4Vu69Y=
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:06:13 2026 by rpki-client