Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/uHFpwLwkxJsSubwZokUf-p2XV20.roa
File: uHFpwLwkxJsSubwZokUf-p2XV20.roa (raw, json)
Hash identifier: IouP6vQ/ym8cKwDacGJPs32rG/gCfqCNIrj/brdFbOk=
Subject key identifier: B8:71:69:C0:BC:24:C4:9B:12:B9:BC:19:A2:45:1F:FA:9D:97:57:6D
Certificate issuer: /CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Certificate serial: 019EABBC670488D4805150E9F3953DD4B902
Authority key identifier: 49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/uHFpwLwkxJsSubwZokUf-p2XV20.roa
Signing time: Tue 09 Jun 2026 09:35:11 +0000
ROA not before: Tue 09 Jun 2026 09:35:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200736
IP address blocks: 45.66.40.0/22 maxlen: 24
45.66.40.0/24 maxlen: 24
45.66.41.0/24 maxlen: 24
45.66.42.0/24 maxlen: 24
45.66.43.0/24 maxlen: 24
78.109.28.0/22 maxlen: 24
78.109.28.0/24 maxlen: 24
78.109.29.0/24 maxlen: 24
78.109.30.0/24 maxlen: 24
78.109.31.0/24 maxlen: 24
195.20.114.0/24 maxlen: 24
195.214.208.0/22 maxlen: 24
195.214.208.0/24 maxlen: 24
195.214.211.0/24 maxlen: 24
2a10:9300::/29 maxlen: 42
2a10:9300::/36 maxlen: 42
2a10:9300:100::/42 maxlen: 42
2a10:9300:140::/42 maxlen: 42
2a10:9300:200::/42 maxlen: 42
2a10:9300:400::/42 maxlen: 42
2a10:9300:500::/42 maxlen: 42
2a10:9300:600::/42 maxlen: 42
2a10:9300:700::/42 maxlen: 42
2a10:9300:900::/42 maxlen: 42
2a10:9300:980::/42 maxlen: 42
2a10:9300:b00::/42 maxlen: 42
2a10:9300:c00::/42 maxlen: 42
2a10:9301::/36 maxlen: 42
2a10:9301:40::/42 maxlen: 42
2a10:9301:100::/42 maxlen: 42
2a10:9301:140::/42 maxlen: 42
2a10:9301:180::/42 maxlen: 42
2a10:9301:300::/42 maxlen: 42
2a10:9301:340::/42 maxlen: 42
2a10:9301:700::/42 maxlen: 42
2a10:9301:740::/42 maxlen: 42
2a10:9301:980::/42 maxlen: 42
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.mft
rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:bc:67:04:88:d4:80:51:50:e9:f3:95:3d:d4:b9:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4987941e74c1c03e7aba3b878530095eb6fa874e
Validity
Not Before: Jun 9 09:35:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b87169c0bc24c49b12b9bc19a2451ffa9d97576d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:de:34:6f:e0:59:b1:a5:af:1c:93:c6:c0:b2:
66:81:8f:b6:1a:c2:17:1c:f7:c0:dd:b8:b0:f3:dc:
86:44:4b:b9:ba:d9:a6:37:ba:12:26:e6:69:45:c1:
65:af:12:7b:31:75:e6:23:1d:73:d6:87:92:b4:e8:
8b:ab:c1:cc:63:49:5a:27:9a:f7:26:45:9a:6a:26:
b0:cf:3f:f2:25:15:11:43:7e:47:0f:33:ee:58:3b:
85:44:1d:87:4c:35:e6:83:ba:b0:7d:85:8d:98:30:
dd:82:7f:48:82:cd:c7:43:dc:8e:08:fb:5a:f5:fc:
38:75:39:f1:92:12:ca:bd:f1:cd:31:f3:c1:e8:21:
e3:8a:28:eb:00:62:61:0f:e4:c3:aa:3b:91:4d:36:
51:a1:a5:93:4e:92:8d:c4:64:92:16:77:2f:50:9c:
fe:c3:35:08:12:b6:7f:db:92:7d:6d:e7:1d:19:a0:
f3:9d:2b:bc:51:9a:16:2f:35:83:aa:02:f5:8a:f4:
65:6c:c7:9b:17:45:8d:9f:82:c3:65:24:48:df:64:
12:1f:a3:f3:dd:22:83:23:b0:f7:02:66:71:e5:2e:
69:64:ac:7b:40:ad:2c:36:d4:d1:c6:59:df:6c:69:
d6:de:00:63:aa:e5:bb:f9:b5:c6:ad:2a:d6:8e:21:
a3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:71:69:C0:BC:24:C4:9B:12:B9:BC:19:A2:45:1F:FA:9D:97:57:6D
X509v3 Authority Key Identifier:
keyid:49:87:94:1E:74:C1:C0:3E:7A:BA:3B:87:85:30:09:5E:B6:FA:87:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYeUHnTBwD56ujuHhTAJXrb6h04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/uHFpwLwkxJsSubwZokUf-p2XV20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/70777b-68b0-42a8-9e9d-e8ada51ee8ff/1/SYeUHnTBwD56ujuHhTAJXrb6h04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.40.0/22
78.109.28.0/22
195.20.114.0/24
195.214.208.0/22
IPv6:
2a10:9300::/29
Signature Algorithm: sha256WithRSAEncryption
0e:ad:fc:1e:c5:56:6e:9c:0f:06:7c:a8:30:b3:69:f4:bf:72:
92:75:96:36:b4:7c:24:85:6d:ef:6c:02:5c:6f:7d:8a:42:77:
59:f1:c7:ff:2e:eb:5a:e7:e5:a9:1d:86:78:85:af:a1:24:81:
6b:96:aa:c9:a0:7c:af:a8:95:b5:91:69:70:20:d7:c6:38:49:
5a:09:d5:40:53:c2:3f:10:fe:76:8c:45:98:4d:82:fe:cd:39:
ec:5e:d9:7a:54:f9:87:65:c0:d2:d3:f6:d9:bb:e3:63:ed:9e:
0e:a4:74:a1:4a:03:56:7e:07:21:7b:b0:38:e7:6d:c6:39:8a:
82:38:82:2d:98:18:be:0d:34:5d:ac:af:5b:bd:4f:69:db:3d:
15:59:d3:6e:4d:11:9c:86:6b:14:9e:e7:f9:d2:41:98:84:2e:
f3:20:fd:2d:f8:c6:0a:a1:6a:65:d4:29:67:4b:bc:19:a1:90:
40:ab:b8:21:ed:b6:94:aa:11:59:82:24:ae:18:ec:9f:fa:c3:
2e:8a:c8:45:32:f6:2f:08:6c:58:4f:77:ec:fa:20:3e:23:a6:
ac:90:70:35:df:3f:6b:b4:06:7b:5a:10:0c:67:57:b6:3c:88:
e0:3c:5c:1c:70:6b:e9:28:a1:b5:47:ad:91:1c:db:2b:f7:fb:
5f:40:58:a7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ6rvGcEiNSAUVDp85U91LkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODc5NDFlNzRjMWMwM2U3YWJhM2I4Nzg1MzAwOTVlYjZm
YTg3NGUwHhcNMjYwNjA5MDkzNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODcxNjljMGJjMjRjNDliMTJiOWJjMTlhMjQ1MWZmYTlkOTc1NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN40b+BZsaWvHJPGwLJmgY+2GsIX
HPfA3biw89yGREu5utmmN7oSJuZpRcFlrxJ7MXXmIx1z1oeStOiLq8HMY0laJ5r3
JkWaaiawzz/yJRURQ35HDzPuWDuFRB2HTDXmg7qwfYWNmDDdgn9Igs3HQ9yOCPta
9fw4dTnxkhLKvfHNMfPB6CHjiijrAGJhD+TDqjuRTTZRoaWTTpKNxGSSFncvUJz+
wzUIErZ/25J9becdGaDznSu8UZoWLzWDqgL1ivRlbMebF0WNn4LDZSRI32QSH6Pz
3SKDI7D3AmZx5S5pZKx7QK0sNtTRxlnfbGnW3gBjquW7+bXGrSrWjiGjHQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLhxacC8JMSbErm8GaJFH/qdl1dtMB8GA1UdIwQY
MBaAFEmHlB50wcA+ero7h4UwCV62+odOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQt
ZThhZGE1MWVlOGZmLzEvdUhGcHdMd2t4SnNTdWJ3Wm9rVWYtcDJYVjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MDc3N2ItNjhiMC00MmE4LTllOWQtZThhZGE1MWVlOGZm
LzEvU1llVUhuVEJ3RDU2dWp1SGhUQUpYcmI2aDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLUIoAwQC
Tm0cAwQAwxRyAwQCw9bQMA0EAgACMAcDBQMqEJMAMA0GCSqGSIb3DQEBCwUAA4IB
AQAOrfwexVZunA8GfKgws2n0v3KSdZY2tHwkhW3vbAJcb32KQndZ8cf/Luta5+Wp
HYZ4ha+hJIFrlqrJoHyvqJW1kWlwINfGOElaCdVAU8I/EP52jEWYTYL+zTnsXtl6
VPmHZcDS0/bZu+Nj7Z4OpHShSgNWfgche7A4523GOYqCOIItmBi+DTRdrK9bvU9p
2z0VWdNuTRGchmsUnuf50kGYhC7zIP0t+MYKoWpl1ClnS7wZoZBAq7gh7baUqhFZ
giSuGOyf+sMuishFMvYvCGxYT3fs+iA+I6askHA13z9rtAZ7WhAMZ1e2PIjgPFwc
cGvpKKG1R62RHNsr9/tfQFin
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:01:25 2026 by rpki-client