Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Ucca3RaZdjMWnn67R04BLea-ttU.roa
File: Ucca3RaZdjMWnn67R04BLea-ttU.roa (raw, json)
Hash identifier: CzJfRjlyJl7P43rMU8tIstGzfSxyVareresLUP4UMaU=
Subject key identifier: 51:C7:1A:DD:16:99:76:33:16:9E:7E:BB:47:4E:01:2D:E6:BE:B6:D5
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019C47BC0FF21D16AF67F83A75EEEE6EE7BF
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Ucca3RaZdjMWnn67R04BLea-ttU.roa
Signing time: Tue 10 Feb 2026 13:27:13 +0000
ROA not before: Tue 10 Feb 2026 13:27:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216472
IP address blocks: 131.222.246.0/24 maxlen: 24
131.222.247.0/24 maxlen: 24
131.222.248.0/24 maxlen: 24
131.222.249.0/24 maxlen: 24
131.222.250.0/24 maxlen: 24
131.222.251.0/24 maxlen: 24
131.222.252.0/24 maxlen: 24
131.222.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:bc:0f:f2:1d:16:af:67:f8:3a:75:ee:ee:6e:e7:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Feb 10 13:27:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=51c71add16997633169e7ebb474e012de6beb6d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:2f:26:ca:12:db:50:e9:74:63:fa:55:c0:
24:3d:f3:d5:23:76:c8:ff:81:c1:63:de:07:f4:c3:
a1:60:77:a0:3a:a2:91:a4:ef:c6:1d:a0:88:46:ff:
f9:20:c4:1e:11:5a:71:a5:17:42:33:83:ce:53:7e:
cc:27:b5:f1:26:d5:be:6d:8f:c0:aa:0f:eb:3d:0c:
c3:62:37:e5:7a:e0:44:35:af:b4:99:9e:71:5e:7b:
05:61:ac:d6:d7:7d:12:24:ca:72:2b:49:03:50:0e:
5b:58:5e:7f:da:f1:b3:95:b5:6f:ba:44:7f:8d:17:
d8:98:d3:4b:d9:56:8c:b0:97:02:c7:3f:f1:9c:0a:
00:31:b3:a3:6f:e2:b4:0f:f6:45:98:7d:39:d2:0e:
a6:da:23:f1:40:41:10:c0:d0:08:62:8e:ed:a7:02:
c7:61:80:cb:a0:0d:4e:c9:00:6b:10:a9:4d:eb:8e:
d9:0b:62:f7:20:b8:91:d6:40:cf:3d:5a:23:39:ba:
27:55:96:1c:2e:fe:97:24:d0:8f:5c:db:4a:57:62:
b6:33:c8:3f:7f:8a:9b:af:d8:03:a2:1b:67:e5:53:
cd:c0:d1:17:93:54:fe:8d:a8:af:b5:8e:c5:e7:08:
de:6d:2d:a7:40:45:00:b7:aa:e7:95:ff:d4:8f:c5:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C7:1A:DD:16:99:76:33:16:9E:7E:BB:47:4E:01:2D:E6:BE:B6:D5
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/Ucca3RaZdjMWnn67R04BLea-ttU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.222.246.0-131.222.253.255
Signature Algorithm: sha256WithRSAEncryption
86:76:74:a9:ea:c0:66:2d:8b:86:3f:3b:1b:9a:40:61:50:c8:
16:29:fc:fc:2e:d2:1f:a9:e5:c7:a6:52:3c:ab:19:8d:3d:22:
f7:2f:13:2e:f9:eb:de:1a:80:00:1e:53:a0:b6:2b:0a:73:bd:
c9:a5:87:29:3d:de:61:45:3b:2f:9b:19:4d:e9:ed:26:4e:75:
00:bb:1a:fe:c8:b1:dc:99:cc:b9:b5:d9:63:7c:90:fd:7e:7f:
41:24:1e:a7:97:51:48:ee:f9:59:59:a5:b1:e7:5a:5b:71:e9:
10:86:8c:d3:bb:a6:1b:40:a1:e5:82:92:c6:3e:de:98:e2:38:
b7:df:04:7c:fe:8c:dd:9b:48:92:20:e1:5b:f7:ac:7b:99:26:
47:d5:a9:34:f8:24:dd:de:b0:66:81:b9:76:08:e2:48:c1:f3:
f2:db:cb:74:cc:33:b8:24:36:62:ab:9e:19:6b:e9:3f:8c:2c:
cb:ed:e0:bd:c8:b4:b2:0f:ca:b4:94:99:87:65:cc:29:ea:6f:
a8:a5:f9:72:d8:b6:f7:d1:dd:ae:94:c4:33:c9:78:be:86:12:
7b:49:f3:0e:63:e3:89:a1:d0:ac:e7:de:53:91:18:b4:38:2b:
db:e1:41:0e:e4:dd:85:79:2a:3d:7f:19:55:c1:95:46:e6:da:
36:c9:e4:fa
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZxHvA/yHRavZ/g6de7ubue/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwMjEwMTMyNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM3MWFkZDE2OTk3NjMzMTY5ZTdlYmI0NzRlMDEyZGU2YmViNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA238vJsoS21DpdGP6VcAkPfPVI3bI
/4HBY94H9MOhYHegOqKRpO/GHaCIRv/5IMQeEVpxpRdCM4POU37MJ7XxJtW+bY/A
qg/rPQzDYjfleuBENa+0mZ5xXnsFYazW130SJMpyK0kDUA5bWF5/2vGzlbVvukR/
jRfYmNNL2VaMsJcCxz/xnAoAMbOjb+K0D/ZFmH050g6m2iPxQEEQwNAIYo7tpwLH
YYDLoA1OyQBrEKlN647ZC2L3ILiR1kDPPVojObonVZYcLv6XJNCPXNtKV2K2M8g/
f4qbr9gDohtn5VPNwNEXk1T+jaivtY7F5wjebS2nQEUAt6rnlf/Uj8VLAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFFHHGt0WmXYzFp5+u0dOAS3mvrbVMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvVWNjYTNSYVpkak1Xbm42N1IwNEJMZWEtdHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGD3vYD
BAGD3vwwDQYJKoZIhvcNAQELBQADggEBAIZ2dKnqwGYti4Y/OxuaQGFQyBYp/Pwu
0h+p5cemUjyrGY09IvcvEy75694agAAeU6C2Kwpzvcmlhyk93mFFOy+bGU3p7SZO
dQC7Gv7IsdyZzLm12WN8kP1+f0EkHqeXUUju+VlZpbHnWltx6RCGjNO7phtAoeWC
ksY+3pjiOLffBHz+jN2bSJIg4Vv3rHuZJkfVqTT4JN3esGaBuXYI4kjB8/Lby3TM
M7gkNmKrnhlr6T+MLMvt4L3ItLIPyrSUmYdlzCnqb6il+XLYtvfR3a6UxDPJeL6G
EntJ8w5j44mh0Kzn3lORGLQ4K9vhQQ7k3YV5Kj1/GVXBlUbm2jbJ5Po=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:23:22 2026 by rpki-client