Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/AUJqipu3yyHL71qKjNkR8O6zHZk.roa
File: AUJqipu3yyHL71qKjNkR8O6zHZk.roa (raw, json)
Hash identifier: MBekRC7/l4satOgSzoeiW264yhGwWkcNQASr2IourAA=
Subject key identifier: 01:42:6A:8A:9B:B7:CB:21:CB:EF:5A:8A:8C:D9:11:F0:EE:B3:1D:99
Certificate issuer: /CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Certificate serial: 019B78A33327C37EBBA6AFE73DDC36B7F258
Authority key identifier: 85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/AUJqipu3yyHL71qKjNkR8O6zHZk.roa
Signing time: Thu 01 Jan 2026 08:18:39 +0000
ROA not before: Thu 01 Jan 2026 08:18:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208332
IP address blocks: 185.135.240.0/22 maxlen: 22
185.135.240.0/24 maxlen: 24
185.135.241.0/24 maxlen: 24
185.135.242.0/24 maxlen: 24
185.135.243.0/24 maxlen: 24
2a06:f700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/hVxdD-JZNayRq1qtpkUmAOWNJaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/hVxdD-JZNayRq1qtpkUmAOWNJaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a3:33:27:c3:7e:bb:a6:af:e7:3d:dc:36:b7:f2:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Validity
Not Before: Jan 1 08:18:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01426a8a9bb7cb21cbef5a8a8cd911f0eeb31d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bd:7c:08:2c:0f:48:0c:49:1b:18:e4:0e:57:
40:c1:ee:64:1c:54:76:61:64:bd:9d:f4:94:12:c8:
fb:0d:b3:50:f1:8b:1a:9f:68:9b:09:f3:32:b1:c6:
ad:f9:8e:c1:3e:80:23:76:31:a9:0b:13:b5:bf:36:
46:43:27:69:4a:d2:fb:9f:f5:50:b5:8b:db:86:37:
ca:e5:ef:f3:91:bf:e7:44:f1:05:f1:fb:19:fb:12:
28:ce:26:17:86:20:34:96:4f:ba:d1:aa:15:77:07:
37:4f:80:f1:50:8f:76:87:06:fb:71:ab:bd:1e:f6:
df:4d:eb:26:47:13:86:ea:23:9b:71:dd:5c:b2:11:
d8:78:39:16:16:ce:49:01:d0:5b:d4:a2:7e:67:cf:
cc:e5:43:da:36:dd:7a:81:ed:9a:1f:0a:4c:4e:6b:
93:fe:0c:f3:a3:43:c3:7c:63:64:5b:e0:c3:15:76:
36:54:31:41:56:52:dc:d5:bb:91:eb:c9:ce:54:30:
55:36:65:7d:44:c4:4f:4a:7a:7c:7f:b1:9a:c9:29:
01:e5:70:38:3c:34:e8:90:d0:0b:2e:a7:11:6a:23:
92:2e:e6:3c:83:0e:e9:8e:a4:04:c3:01:c4:90:01:
68:b9:46:fa:0e:f4:ca:f6:96:4b:f2:a6:6d:d1:3b:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:42:6A:8A:9B:B7:CB:21:CB:EF:5A:8A:8C:D9:11:F0:EE:B3:1D:99
X509v3 Authority Key Identifier:
keyid:85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/AUJqipu3yyHL71qKjNkR8O6zHZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/hVxdD-JZNayRq1qtpkUmAOWNJaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.240.0/22
IPv6:
2a06:f700::/29
Signature Algorithm: sha256WithRSAEncryption
3f:3a:8a:f0:8d:f1:1f:eb:e3:5f:37:b3:f1:d7:af:69:3e:61:
a9:e8:b5:4e:25:a6:51:b8:12:29:73:f2:f4:6e:f8:07:d0:12:
a4:c1:00:3b:d4:e6:8b:f0:c8:31:17:b3:0d:11:b8:f2:0b:12:
09:d8:72:e5:7f:07:20:1c:f8:93:76:44:01:e0:b6:b1:90:d7:
31:31:ed:2d:a5:9b:05:2e:54:c2:e5:32:68:bc:79:23:49:69:
24:e7:63:03:fb:bd:4d:8c:0d:92:92:5e:f5:c1:bc:45:47:1b:
73:ec:5f:e8:46:ed:ae:74:71:0b:cd:37:2a:6b:f2:d8:97:5f:
da:68:9a:d8:98:46:da:d8:c2:4e:e5:22:19:db:98:a2:c6:0f:
4a:d6:5c:5c:5c:24:9f:fa:75:18:30:7e:a6:f4:7a:27:8a:b1:
ee:83:2d:7f:3d:b1:50:c3:f7:3e:ba:56:7a:fe:60:5c:57:36:
96:6d:de:3d:03:11:82:f4:f1:b4:f6:84:f7:a0:d7:97:e3:e0:
b2:09:f9:6c:7c:20:52:45:c2:59:52:d9:bf:3e:f3:eb:c4:fa:
bf:ac:54:50:8f:d6:8a:b3:b9:fa:66:72:9f:43:f0:3b:c5:3f:
56:67:6c:eb:5d:11:fa:e1:71:25:31:63:75:5a:bf:b6:15:99:
00:d0:ff:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt4ozMnw367pq/nPdw2t/JYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NWM1ZDBmZTI1OTM1YWM5MWFiNWFhZGE2NDUyNjAwZTU4
ZDI1YTUwHhcNMjYwMTAxMDgxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQyNmE4YTliYjdjYjIxY2JlZjVhOGE4Y2Q5MTFmMGVlYjMxZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs718CCwPSAxJGxjkDldAwe5kHFR2
YWS9nfSUEsj7DbNQ8Ysan2ibCfMyscat+Y7BPoAjdjGpCxO1vzZGQydpStL7n/VQ
tYvbhjfK5e/zkb/nRPEF8fsZ+xIoziYXhiA0lk+60aoVdwc3T4DxUI92hwb7cau9
HvbfTesmRxOG6iObcd1cshHYeDkWFs5JAdBb1KJ+Z8/M5UPaNt16ge2aHwpMTmuT
/gzzo0PDfGNkW+DDFXY2VDFBVlLc1buR68nOVDBVNmV9RMRPSnp8f7GaySkB5XA4
PDTokNALLqcRaiOSLuY8gw7pjqQEwwHEkAFouUb6DvTK9pZL8qZt0TtdpQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAFCaoqbt8shy+9aiozZEfDusx2ZMB8GA1UdIwQY
MBaAFIVcXQ/iWTWskataraZFJgDljSWlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFZ4ZEQtSlpOYXlScTFxdHBrVW1BT1dOSmFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMmIwNTEtM2EyMy00ODM1LWIzMGQt
MmFmNDc5MWQ5NmViLzEvQVVKcWlwdTN5eUhMNzFxS2pOa1I4TzZ6SFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMmIwNTEtM2EyMy00ODM1LWIzMGQtMmFmNDc5MWQ5NmVi
LzEvaFZ4ZEQtSlpOYXlScTFxdHBrVW1BT1dOSmFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYfwMA0E
AgACMAcDBQMqBvcAMA0GCSqGSIb3DQEBCwUAA4IBAQA/OorwjfEf6+NfN7Px169p
PmGp6LVOJaZRuBIpc/L0bvgH0BKkwQA71OaL8MgxF7MNEbjyCxIJ2HLlfwcgHPiT
dkQB4LaxkNcxMe0tpZsFLlTC5TJovHkjSWkk52MD+71NjA2Skl71wbxFRxtz7F/o
Ru2udHELzTcqa/LYl1/aaJrYmEba2MJO5SIZ25iixg9K1lxcXCSf+nUYMH6m9Hon
irHugy1/PbFQw/c+ulZ6/mBcVzaWbd49AxGC9PG09oT3oNeX4+CyCflsfCBSRcJZ
Utm/PvPrxPq/rFRQj9aKs7n6ZnKfQ/A7xT9WZ2zrXRH64XElMWN1Wr+2FZkA0P/e
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:39:39 2026 by rpki-client