Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/UGqgBRBqZhFQ9_xGc60jPJdvXBw.roa
File: UGqgBRBqZhFQ9_xGc60jPJdvXBw.roa (raw, json)
Hash identifier: 6lJP/ONJ7WkmhdeMMSLMgcQdMNPMZvnVat9TqERCEUM=
Subject key identifier: 50:6A:A0:05:10:6A:66:11:50:F7:FC:46:73:AD:23:3C:97:6F:5C:1C
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019C8B06D76C67F259BC83FC1F343FF8AF69
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/UGqgBRBqZhFQ9_xGc60jPJdvXBw.roa
Signing time: Mon 23 Feb 2026 15:03:27 +0000
ROA not before: Mon 23 Feb 2026 15:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 62.93.164.0/22 maxlen: 24
62.93.176.0/22 maxlen: 24
62.105.208.0/23 maxlen: 23
84.20.4.0/22 maxlen: 24
84.20.16.0/22 maxlen: 24
84.20.24.0/22 maxlen: 24
92.71.34.0/23 maxlen: 24
92.71.40.0/22 maxlen: 24
92.71.44.0/23 maxlen: 24
92.71.66.0/23 maxlen: 24
92.71.98.0/23 maxlen: 24
92.71.124.0/23 maxlen: 24
135.196.185.0/24 maxlen: 24
195.86.208.0/24 maxlen: 24
195.86.223.0/24 maxlen: 24
213.139.8.0/22 maxlen: 24
213.169.206.0/23 maxlen: 23
213.201.134.0/24 maxlen: 24
213.201.242.0/23 maxlen: 24
213.201.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8b:06:d7:6c:67:f2:59:bc:83:fc:1f:34:3f:f8:af:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Feb 23 15:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=506aa005106a661150f7fc4673ad233c976f5c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:66:1c:13:ac:d4:2f:e5:49:84:38:0e:e9:ce:
96:6b:3e:8b:b1:97:6a:96:9f:6a:c7:ee:b1:02:ca:
8b:12:69:dc:a9:d9:e9:5d:aa:6e:1f:88:7a:6e:f8:
be:a1:06:06:46:6c:ca:ce:d0:8a:3a:d6:54:7c:b3:
9a:86:da:a7:8d:ff:59:b5:f4:6b:0a:a8:34:0b:30:
3c:8e:26:42:fc:81:2c:03:cc:b7:b3:90:9b:a4:88:
68:dc:46:62:ec:09:e4:2c:b8:cf:03:d5:c9:db:86:
8e:2e:97:2c:f7:9b:b5:30:70:9f:6c:fb:6b:e0:f8:
11:08:79:79:fa:27:3d:da:a1:c6:80:b9:ed:2a:c8:
25:37:30:7a:c0:5d:29:a1:5a:4c:a4:cc:2a:08:43:
1b:f1:2e:80:02:40:f4:3a:89:fc:c3:ac:63:e9:97:
5e:ee:1b:e4:6b:cb:e7:7d:ed:79:b6:df:16:de:a7:
70:e5:ab:ba:c5:9b:6b:c9:bb:eb:5b:20:81:82:4b:
c3:f7:83:2a:0e:69:d6:77:84:61:2c:e4:e0:6f:ac:
a3:5b:da:65:d9:41:8a:40:e6:b3:13:17:4f:dc:30:
58:0b:09:48:23:48:02:96:76:b8:45:85:c1:78:49:
f3:6b:28:26:fa:d4:9f:29:a1:eb:97:6d:63:07:fe:
04:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6A:A0:05:10:6A:66:11:50:F7:FC:46:73:AD:23:3C:97:6F:5C:1C
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/UGqgBRBqZhFQ9_xGc60jPJdvXBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.93.164.0/22
62.93.176.0/22
62.105.208.0/23
84.20.4.0/22
84.20.16.0/22
84.20.24.0/22
92.71.34.0/23
92.71.40.0-92.71.45.255
92.71.66.0/23
92.71.98.0/23
92.71.124.0/23
135.196.185.0/24
195.86.208.0/24
195.86.223.0/24
213.139.8.0/22
213.169.206.0/23
213.201.134.0/24
213.201.242.0/23
213.201.252.0/23
Signature Algorithm: sha256WithRSAEncryption
ce:8e:db:ac:0c:89:fa:ac:7b:4c:f0:c5:f6:61:70:7a:b0:d4:
66:3c:84:6b:b3:10:8c:a9:3d:1e:8a:aa:ef:59:e1:b4:6d:d0:
ee:fb:93:e6:b2:51:83:2a:4e:4a:9a:7d:99:e3:7f:02:0c:85:
39:43:d4:1e:75:de:86:b2:0e:ae:f1:73:58:2b:52:2e:88:43:
00:fa:2f:f9:4a:fc:5c:f1:a0:08:fb:20:98:d9:10:43:5e:35:
17:d5:cf:17:8c:51:1c:47:33:58:34:92:94:16:f4:56:30:dc:
10:9a:09:8a:ec:8f:68:bb:38:f7:09:3b:36:ba:d1:60:ef:0e:
44:a8:ae:c5:04:c7:ac:dc:0e:e1:89:68:b3:ad:42:fc:4d:a9:
eb:ef:21:f9:e8:d3:cf:a2:a5:aa:df:e0:7f:0b:1d:2d:a3:db:
76:81:b5:ed:79:bd:37:90:16:46:4d:cb:16:81:8c:24:a4:b0:
46:f0:8d:89:d7:0d:30:3b:1e:b7:d4:a8:d4:9b:ee:2e:69:d7:
a4:66:83:fa:f3:87:0c:58:88:19:43:b9:44:46:3d:3f:20:50:
01:bf:b2:4a:29:d4:03:63:17:57:0f:65:81:73:a1:a0:8b:17:
47:06:83:b8:1e:72:03:3c:e3:21:a3:7e:2f:fe:30:2d:f6:54:
fb:d6:20:01
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZyLBtdsZ/JZvIP8HzQ/+K9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwMjIzMTUwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDZhYTAwNTEwNmE2NjExNTBmN2ZjNDY3M2FkMjMzYzk3NmY1YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2YcE6zUL+VJhDgO6c6Waz6LsZdq
lp9qx+6xAsqLEmncqdnpXapuH4h6bvi+oQYGRmzKztCKOtZUfLOahtqnjf9ZtfRr
Cqg0CzA8jiZC/IEsA8y3s5CbpIho3EZi7AnkLLjPA9XJ24aOLpcs95u1MHCfbPtr
4PgRCHl5+ic92qHGgLntKsglNzB6wF0poVpMpMwqCEMb8S6AAkD0Oon8w6xj6Zde
7hvka8vnfe15tt8W3qdw5au6xZtrybvrWyCBgkvD94MqDmnWd4RhLOTgb6yjW9pl
2UGKQOazExdP3DBYCwlII0gClna4RYXBeEnzaygm+tSfKaHrl21jB/4ELQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFFBqoAUQamYRUPf8RnOtIzyXb1wcMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvVUdxZ0JSQnFaaEZROV94R2M2MGpQSmR2WEJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAj5d
pAMEAj5dsAMEAT5p0AMEAlQUBAMEAlQUEAMEAlQUGAMEAVxHIjAMAwQDXEcoAwQB
XEcsAwQBXEdCAwQBXEdiAwQBXEd8AwQAh8S5AwQAw1bQAwQAw1bfAwQC1YsIAwQB
1anOAwQA1cmGAwQB1cnyAwQB1cn8MA0GCSqGSIb3DQEBCwUAA4IBAQDOjtusDIn6
rHtM8MX2YXB6sNRmPIRrsxCMqT0eiqrvWeG0bdDu+5PmslGDKk5Kmn2Z438CDIU5
Q9Qedd6Gsg6u8XNYK1IuiEMA+i/5Svxc8aAI+yCY2RBDXjUX1c8XjFEcRzNYNJKU
FvRWMNwQmgmK7I9ouzj3CTs2utFg7w5EqK7FBMes3A7hiWizrUL8Tanr7yH56NPP
oqWq3+B/Cx0to9t2gbXteb03kBZGTcsWgYwkpLBG8I2J1w0wOx631KjUm+4uadek
ZoP684cMWIgZQ7lERj0/IFABv7JKKdQDYxdXD2WBc6GgixdHBoO4HnIDPOMho34v
/jAt9lT71iAB
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:19:38 2026 by rpki-client