Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/uNPVajHEAw2I0yu42-R7sucpLjE.roa
File: uNPVajHEAw2I0yu42-R7sucpLjE.roa (raw, json)
Hash identifier: wuvXlFbIPIHxlIobscDW3l6bBthB20EgUJIBQX2qBNA=
Subject key identifier: B8:D3:D5:6A:31:C4:03:0D:88:D3:2B:B8:DB:E4:7B:B2:E7:29:2E:31
Certificate issuer: /CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Certificate serial: 019B7A5A021FDE65160AC4D771A9041EE82A
Authority key identifier: 48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/uNPVajHEAw2I0yu42-R7sucpLjE.roa
Signing time: Thu 01 Jan 2026 16:17:57 +0000
ROA not before: Thu 01 Jan 2026 16:17:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201295
IP address blocks: 91.243.114.0/24 maxlen: 24
185.252.28.0/24 maxlen: 24
185.252.29.0/24 maxlen: 24
185.252.30.0/24 maxlen: 24
185.252.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5a:02:1f:de:65:16:0a:c4:d7:71:a9:04:1e:e8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=486c2d8af4ce50ce6f43e7df44e0b503700a86c0
Validity
Not Before: Jan 1 16:17:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8d3d56a31c4030d88d32bb8dbe47bb2e7292e31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:49:e4:f7:7b:35:6f:7e:21:cd:41:57:ae:8d:
79:6b:9f:19:d4:bb:a7:ba:fd:f0:11:d6:13:31:46:
ff:32:4a:3e:7e:27:08:53:c6:3e:98:23:e9:1f:04:
2d:f3:98:a1:75:cd:3b:14:6b:60:51:64:5c:22:20:
a6:b9:5c:4e:47:19:05:41:74:02:57:74:8a:2a:4e:
a8:37:2a:42:01:3c:dc:d4:99:e5:56:1b:64:d5:45:
0c:95:85:4c:75:da:d1:d3:8c:fe:02:83:bd:cb:29:
2e:97:08:84:d9:da:14:b6:07:43:23:62:6e:22:4f:
fe:bd:b4:ef:25:38:0d:ed:47:48:cb:bb:d8:cd:0c:
02:bf:b5:ec:a6:bb:c7:a2:a5:33:bb:2a:9d:0f:0d:
67:06:66:b2:df:cd:89:dd:63:44:83:14:8b:95:02:
06:eb:1f:f1:01:64:df:a3:ae:3a:7c:95:54:0e:9d:
e1:c5:bc:e6:7b:58:f4:28:6e:c5:80:6b:41:dd:57:
13:3e:c0:3f:e8:33:0e:6c:07:d4:03:78:70:6d:5f:
b5:b0:60:d1:fe:35:a0:40:06:76:9e:77:df:2b:9b:
10:e2:38:e0:1e:c0:63:13:d4:d6:ce:40:54:5c:c2:
3c:ff:f1:d3:bf:1d:81:22:2d:b4:b6:b4:5a:d8:6c:
02:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:D3:D5:6A:31:C4:03:0D:88:D3:2B:B8:DB:E4:7B:B2:E7:29:2E:31
X509v3 Authority Key Identifier:
keyid:48:6C:2D:8A:F4:CE:50:CE:6F:43:E7:DF:44:E0:B5:03:70:0A:86:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGwtivTOUM5vQ-ffROC1A3AKhsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/uNPVajHEAw2I0yu42-R7sucpLjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/d827c0-d6d5-48f6-8f45-f1a5ddd7798b/1/SGwtivTOUM5vQ-ffROC1A3AKhsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.114.0/24
185.252.28.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:a9:f0:be:e0:b4:84:97:51:aa:d3:b3:ba:2c:c4:ef:17:31:
ce:c4:24:20:70:ac:9d:96:44:2e:60:e6:0c:60:72:6f:15:98:
fd:33:e1:ce:50:9b:3b:9a:7e:9c:7d:90:f2:2e:8d:dd:86:2c:
d1:12:35:a3:d9:b9:86:c3:b3:34:7e:10:d3:b9:83:51:a3:09:
f8:ca:21:45:2f:25:d5:ac:de:8a:a8:21:bf:fd:b3:dd:ea:5c:
b3:8d:14:43:4a:e7:af:4e:dd:33:9d:59:56:77:04:e3:68:30:
62:a5:d8:59:8d:a9:b2:2c:bf:b0:c5:22:f6:f2:3f:7c:31:e9:
5b:72:c2:5b:d8:b8:81:ab:45:f5:87:da:5f:cc:88:05:b5:7d:
f3:94:4e:08:6a:d3:30:78:e4:a3:df:53:4e:9f:41:a7:27:90:
06:75:de:5f:d3:6d:a1:2c:3a:f0:61:6d:b1:d3:d3:74:65:14:
2e:9b:f0:8c:38:90:fc:65:c4:25:af:21:8e:c0:2b:7a:0e:87:
22:51:7d:93:c3:41:ee:ee:c8:01:f0:79:20:84:a7:6f:e1:ea:
f2:ea:60:e9:c7:f7:d7:9d:93:5f:bc:ee:7a:54:94:e7:d2:58:
6c:46:cf:c5:26:e0:13:e6:ff:6d:26:4e:45:a2:12:e6:31:56:
e4:f8:c2:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt6WgIf3mUWCsTXcakEHugqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NmMyZDhhZjRjZTUwY2U2ZjQzZTdkZjQ0ZTBiNTAzNzAw
YTg2YzAwHhcNMjYwMTAxMTYxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGQzZDU2YTMxYzQwMzBkODhkMzJiYjhkYmU0N2JiMmU3MjkyZTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Enk93s1b34hzUFXro15a58Z1Lun
uv3wEdYTMUb/Mko+ficIU8Y+mCPpHwQt85ihdc07FGtgUWRcIiCmuVxORxkFQXQC
V3SKKk6oNypCATzc1JnlVhtk1UUMlYVMddrR04z+AoO9yykulwiE2doUtgdDI2Ju
Ik/+vbTvJTgN7UdIy7vYzQwCv7XsprvHoqUzuyqdDw1nBmay382J3WNEgxSLlQIG
6x/xAWTfo646fJVUDp3hxbzme1j0KG7FgGtB3VcTPsA/6DMObAfUA3hwbV+1sGDR
/jWgQAZ2nnffK5sQ4jjgHsBjE9TWzkBUXMI8//HTvx2BIi20trRa2GwC6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLjT1WoxxAMNiNMruNvke7LnKS4xMB8GA1UdIwQY
MBaAFEhsLYr0zlDOb0Pn30TgtQNwCobAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUt
ZjFhNWRkZDc3OThiLzEvdU5QVmFqSEVBdzJJMHl1NDItUjdzdWNwTGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9kODI3YzAtZDZkNS00OGY2LThmNDUtZjFhNWRkZDc3OThi
LzEvU0d3dGl2VE9VTTV2US1mZlJPQzFBM0FLaHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW/NyAwQC
ufwcMA0GCSqGSIb3DQEBCwUAA4IBAQCrqfC+4LSEl1Gq07O6LMTvFzHOxCQgcKyd
lkQuYOYMYHJvFZj9M+HOUJs7mn6cfZDyLo3dhizREjWj2bmGw7M0fhDTuYNRown4
yiFFLyXVrN6KqCG//bPd6lyzjRRDSuevTt0znVlWdwTjaDBipdhZjamyLL+wxSL2
8j98MelbcsJb2LiBq0X1h9pfzIgFtX3zlE4IatMweOSj31NOn0GnJ5AGdd5f022h
LDrwYW2x09N0ZRQum/CMOJD8ZcQlryGOwCt6DociUX2Tw0Hu7sgB8HkghKdv4ery
6mDpx/fXnZNfvO56VJTn0lhsRs/FJuAT5v9tJk5FohLmMVbk+MKS
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:10:37 2026 by rpki-client