Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/UPYPtFt9hA7Fshl044W18IsW6iI.roa
File: UPYPtFt9hA7Fshl044W18IsW6iI.roa (raw, json)
Hash identifier: +/X5gYeSTMRTy1HrrsqCpkKxEcusQnKC9lCBav6Kbf8=
Subject key identifier: 50:F6:0F:B4:5B:7D:84:0E:C5:B2:19:74:E3:85:B5:F0:8B:16:EA:22
Certificate issuer: /CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
Certificate serial: 019C4EDCB52F087762148A991241771D2EF3
Authority key identifier: 69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/UPYPtFt9hA7Fshl044W18IsW6iI.roa
Signing time: Wed 11 Feb 2026 22:40:12 +0000
ROA not before: Wed 11 Feb 2026 22:40:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21738
IP address blocks: 185.125.142.0/24 maxlen: 24
2a01:e286::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:4e:dc:b5:2f:08:77:62:14:8a:99:12:41:77:1d:2e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69dbe1e7d9e87d68701a4035a76c51bfecd88d81
Validity
Not Before: Feb 11 22:40:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50f60fb45b7d840ec5b21974e385b5f08b16ea22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:20:72:4b:d5:e6:43:0f:e6:43:ca:68:7d:
ed:5a:92:e8:ec:90:32:1e:1e:a1:1c:62:93:ec:85:
8d:f1:39:96:11:5f:fc:15:8c:1d:33:f2:f0:42:8b:
c4:7a:19:ac:92:6a:17:c1:50:7f:85:23:f3:6c:06:
24:d6:68:ad:d3:9b:10:8c:10:d2:dc:6e:92:e1:15:
da:6f:bc:85:1c:12:1e:fe:7a:08:b5:ee:25:db:0f:
f5:a4:15:4a:8b:56:80:e6:3b:b9:bd:fe:0b:25:d2:
cf:33:4d:b0:0d:87:1b:a1:80:42:26:a4:6c:4d:f0:
f1:d9:d2:8c:31:3c:d4:d9:28:c5:18:39:d1:a7:ab:
39:9f:a9:9d:8c:80:2b:62:b0:57:76:c7:72:6b:54:
27:cb:39:92:61:f3:b8:d4:72:dc:96:48:28:23:b1:
73:86:02:25:e5:23:7a:7a:72:00:e3:a3:e2:f8:ca:
91:79:f7:88:45:5d:54:de:ef:f1:e5:64:b5:bb:d4:
70:e5:de:0c:4a:d0:94:29:c6:3c:be:71:4b:4b:4b:
99:f0:e5:3e:25:41:6b:31:a0:70:11:86:af:1e:20:
66:28:08:a8:4b:74:42:67:62:40:43:61:ca:d3:af:
88:bd:9c:67:43:2a:c7:35:1a:5a:fd:a9:db:6f:62:
6e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F6:0F:B4:5B:7D:84:0E:C5:B2:19:74:E3:85:B5:F0:8B:16:EA:22
X509v3 Authority Key Identifier:
keyid:69:DB:E1:E7:D9:E8:7D:68:70:1A:40:35:A7:6C:51:BF:EC:D8:8D:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/advh59nofWhwGkA1p2xRv-zYjYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/UPYPtFt9hA7Fshl044W18IsW6iI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/727015-e14e-4d41-b05b-8d94553b75e1/1/advh59nofWhwGkA1p2xRv-zYjYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.142.0/24
IPv6:
2a01:e286::/32
Signature Algorithm: sha256WithRSAEncryption
20:3f:13:9c:b7:bb:4d:dd:08:7f:94:0f:b2:ce:8b:1c:8e:a8:
76:da:32:c4:65:14:ac:af:35:55:2e:6b:85:f3:ab:f8:a7:f5:
1b:67:a1:f7:9c:ef:af:3f:b9:fd:22:5e:34:d4:e6:28:8b:c0:
5f:fd:25:67:45:43:31:a9:aa:49:9e:d5:79:3e:68:b4:7f:92:
ca:2b:27:76:86:0e:37:74:9a:cf:8e:45:b7:51:bc:5e:07:09:
23:c5:50:96:f9:3b:3e:9f:04:4a:de:26:e9:33:6d:00:cd:d2:
03:f2:41:5d:a1:09:bf:28:fd:76:ec:ac:cb:0b:99:cc:8e:5d:
41:49:29:4e:99:47:6c:93:d0:64:0e:7e:d6:b3:b7:b8:c0:e0:
20:1b:2d:c2:1c:45:f4:51:87:f6:da:e0:c3:66:69:0e:4e:4b:
7c:10:f5:3d:64:ed:1b:55:ee:6e:d6:94:bb:ac:98:9e:ad:16:
8a:67:44:57:86:ea:5d:03:8c:b8:36:81:86:f0:b8:b0:02:c3:
46:6c:b7:cf:49:bc:dc:86:c9:07:b5:a4:b6:f7:3a:51:da:87:
ea:6e:23:a9:a1:5c:98:3f:63:3c:0d:7a:20:b9:c6:21:e0:e4:
3f:78:3b:c1:0c:96:71:91:eb:75:4f:64:f7:31:cb:68:07:6f:
65:21:00:66
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZxO3LUvCHdiFIqZEkF3HS7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5ZGJlMWU3ZDllODdkNjg3MDFhNDAzNWE3NmM1MWJmZWNk
ODhkODEwHhcNMjYwMjExMjI0MDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGY2MGZiNDViN2Q4NDBlYzViMjE5NzRlMzg1YjVmMDhiMTZlYTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIIgckvV5kMP5kPKaH3tWpLo7JAy
Hh6hHGKT7IWN8TmWEV/8FYwdM/LwQovEehmskmoXwVB/hSPzbAYk1mit05sQjBDS
3G6S4RXab7yFHBIe/noIte4l2w/1pBVKi1aA5ju5vf4LJdLPM02wDYcboYBCJqRs
TfDx2dKMMTzU2SjFGDnRp6s5n6mdjIArYrBXdsdya1QnyzmSYfO41HLclkgoI7Fz
hgIl5SN6enIA46Pi+MqRefeIRV1U3u/x5WS1u9Rw5d4MStCUKcY8vnFLS0uZ8OU+
JUFrMaBwEYavHiBmKAioS3RCZ2JAQ2HK06+IvZxnQyrHNRpa/anbb2JusQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFD2D7RbfYQOxbIZdOOFtfCLFuoiMB8GA1UdIwQY
MBaAFGnb4efZ6H1ocBpANadsUb/s2I2BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWIt
OGQ5NDU1M2I3NWUxLzEvVVBZUHRGdDloQTdGc2hsMDQ0VzE4SXNXNmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83MjcwMTUtZTE0ZS00ZDQxLWIwNWItOGQ5NDU1M2I3NWUx
LzEvYWR2aDU5bm9mV2h3R2tBMXAyeFJ2LXpZallFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuX2OMA0E
AgACMAcDBQAqAeKGMA0GCSqGSIb3DQEBCwUAA4IBAQAgPxOct7tN3Qh/lA+yzosc
jqh22jLEZRSsrzVVLmuF86v4p/UbZ6H3nO+vP7n9Il401OYoi8Bf/SVnRUMxqapJ
ntV5Pmi0f5LKKyd2hg43dJrPjkW3UbxeBwkjxVCW+Ts+nwRK3ibpM20AzdID8kFd
oQm/KP127KzLC5nMjl1BSSlOmUdsk9BkDn7Ws7e4wOAgGy3CHEX0UYf22uDDZmkO
Tkt8EPU9ZO0bVe5u1pS7rJierRaKZ0RXhupdA4y4NoGG8LiwAsNGbLfPSbzchskH
taS29zpR2ofqbiOpoVyYP2M8DXogucYh4OQ/eDvBDJZxket1T2T3MctoB29lIQBm
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:53:27 2026 by rpki-client