Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/uZgk1M8YcesoQiOJLss2NtEl25Y.roa
File: uZgk1M8YcesoQiOJLss2NtEl25Y.roa (raw, json)
Hash identifier: 8pk4gDaAxMX31G97vUpvgca9KTrAbnJ/x3eM3x68P7k=
Subject key identifier: B9:98:24:D4:CF:18:71:EB:28:42:23:89:2E:CB:36:36:D1:25:DB:96
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D43EA8D720C636B1EE6E7F28EDF507CEC
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/uZgk1M8YcesoQiOJLss2NtEl25Y.roa
Signing time: Tue 31 Mar 2026 12:42:18 +0000
ROA not before: Tue 31 Mar 2026 12:42:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12722
IP address blocks: 5.182.116.0/24 maxlen: 24
45.15.255.0/24 maxlen: 24
45.86.3.0/24 maxlen: 24
45.90.44.0/24 maxlen: 24
45.90.47.0/24 maxlen: 24
45.128.130.0/23 maxlen: 23
46.149.174.0/24 maxlen: 24
83.171.212.0/22 maxlen: 22
185.253.2.0/24 maxlen: 24
188.64.140.0/24 maxlen: 24
188.93.136.0/24 maxlen: 24
212.60.6.0/24 maxlen: 24
212.107.24.0/24 maxlen: 24
212.115.48.0/24 maxlen: 24
212.115.50.0/24 maxlen: 24
213.166.92.0/24 maxlen: 24
213.166.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:ea:8d:72:0c:63:6b:1e:e6:e7:f2:8e:df:50:7c:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Mar 31 12:42:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b99824d4cf1871eb284223892ecb3636d125db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e3:c0:9f:63:7e:39:bb:67:be:af:dc:2b:d6:
03:a9:11:e7:15:ef:b8:18:0c:df:5d:ea:0e:03:1e:
5d:6d:35:fc:b2:19:7f:27:b2:c9:b9:3d:f6:e1:6c:
5e:4d:2b:fb:72:67:35:68:0d:c1:5b:d5:f4:f9:09:
79:af:19:f8:b3:f7:54:47:a0:da:3c:f1:d2:be:8c:
a2:d7:22:68:d9:25:6f:dd:05:46:6e:29:67:40:bf:
8c:83:2a:0f:76:c4:e9:c2:df:62:34:d2:ce:9f:f9:
96:52:94:f4:2a:c7:38:9a:ad:dc:26:ff:75:7d:86:
e1:4f:15:0a:d5:03:9c:aa:64:99:09:cf:14:50:d9:
4c:17:a6:0f:15:de:52:c0:1d:f9:b8:d9:fb:55:af:
3a:f9:f9:c6:ff:19:8a:34:06:67:5a:2e:15:c7:01:
41:b9:32:72:5e:2a:75:a8:16:4f:4e:9e:08:3c:d9:
6f:9e:42:3f:03:97:7a:42:94:d4:51:4e:3c:28:57:
ee:6f:8a:65:4b:a7:67:26:da:00:3f:84:d3:72:2d:
a7:44:b2:be:d2:6b:6b:53:4c:d5:65:8f:fa:8a:87:
e3:45:6b:4d:54:0d:1a:98:4f:99:02:7e:7d:05:b9:
b8:48:0e:03:75:e4:7a:4a:49:1c:22:d1:e6:ed:7c:
d4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:98:24:D4:CF:18:71:EB:28:42:23:89:2E:CB:36:36:D1:25:DB:96
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/uZgk1M8YcesoQiOJLss2NtEl25Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.116.0/24
45.15.255.0/24
45.86.3.0/24
45.90.44.0/24
45.90.47.0/24
45.128.130.0/23
46.149.174.0/24
83.171.212.0/22
185.253.2.0/24
188.64.140.0/24
188.93.136.0/24
212.60.6.0/24
212.107.24.0/24
212.115.48.0/24
212.115.50.0/24
213.166.92.0/24
213.166.95.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:8e:dd:c2:35:b5:ac:1a:80:f3:28:bf:fd:83:3f:e1:21:3b:
20:5f:84:da:82:40:a1:cc:fc:a8:2d:d9:c6:3a:81:b9:d1:d9:
3a:b6:d0:e7:20:dc:d3:e6:f1:b9:fe:df:8e:dd:51:58:06:2b:
1e:e8:03:74:c9:c4:98:e2:f5:0a:10:c1:ad:d9:2e:e0:32:86:
e8:2b:f5:0e:81:ea:9a:7c:ad:fb:aa:f2:16:b5:c9:b0:b1:49:
05:a5:7c:5b:91:8b:39:07:1f:db:27:4d:04:20:c8:a7:33:91:
e9:97:90:eb:8c:36:5c:c2:66:5b:0d:ae:f6:de:b0:c0:a6:3c:
9a:61:c2:82:ed:1e:22:37:ad:83:f5:e2:da:b2:87:3e:39:ee:
7f:e7:08:ea:89:0f:dc:e0:72:93:2d:28:c6:11:9b:f5:5a:f9:
89:55:05:f2:96:cc:2a:9a:a3:1d:db:18:20:2a:7a:a2:d4:0c:
44:bb:9d:24:16:d9:fe:6a:07:57:2d:40:14:e5:28:a1:9f:b4:
16:ca:57:6e:92:10:7a:48:ce:4a:ac:02:eb:df:54:00:c3:65:
e2:0e:a4:9c:ea:04:92:5d:28:67:b7:b9:4b:c2:26:72:3b:6c:
e4:44:5c:dc:0e:fa:8c:f5:d1:50:60:aa:b5:3a:47:2c:d6:55:
6e:a0:0c:25
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ1D6o1yDGNrHubn8o7fUHzsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwMzMxMTI0MjE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTk4MjRkNGNmMTg3MWViMjg0MjIzODkyZWNiMzYzNmQxMjVkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+PAn2N+Obtnvq/cK9YDqRHnFe+4
GAzfXeoOAx5dbTX8shl/J7LJuT324WxeTSv7cmc1aA3BW9X0+Ql5rxn4s/dUR6Da
PPHSvoyi1yJo2SVv3QVGbilnQL+MgyoPdsTpwt9iNNLOn/mWUpT0Ksc4mq3cJv91
fYbhTxUK1QOcqmSZCc8UUNlMF6YPFd5SwB35uNn7Va86+fnG/xmKNAZnWi4VxwFB
uTJyXip1qBZPTp4IPNlvnkI/A5d6QpTUUU48KFfub4plS6dnJtoAP4TTci2nRLK+
0mtrU0zVZY/6iofjRWtNVA0amE+ZAn59Bbm4SA4DdeR6SkkcItHm7XzUaQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFLmYJNTPGHHrKEIjiS7LNjbRJduWMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdVpnazFNOFljZXNvUWlPSkxzczJOdEVsMjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABbZ0AwQA
LQ//AwQALVYDAwQALVosAwQALVovAwQBLYCCAwQALpWuAwQCU6vUAwQAuf0CAwQA
vECMAwQAvF2IAwQA1DwGAwQA1GsYAwQA1HMwAwQA1HMyAwQA1aZcAwQA1aZfMA0G
CSqGSIb3DQEBCwUAA4IBAQAMjt3CNbWsGoDzKL/9gz/hITsgX4TagkChzPyoLdnG
OoG50dk6ttDnINzT5vG5/t+O3VFYBise6AN0ycSY4vUKEMGt2S7gMoboK/UOgeqa
fK37qvIWtcmwsUkFpXxbkYs5Bx/bJ00EIMinM5Hpl5DrjDZcwmZbDa723rDApjya
YcKC7R4iN62D9eLasoc+Oe5/5wjqiQ/c4HKTLSjGEZv1WvmJVQXylswqmqMd2xgg
Knqi1AxEu50kFtn+agdXLUAU5Sihn7QWyldukhB6SM5KrALr31QAw2XiDqSc6gSS
XShnt7lLwiZyO2zkRFzcDvqM9dFQYKq1Okcs1lVuoAwl
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:51 2026 by rpki-client