Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/Utz02hbZJOPW1CQ4EsVXUO4T38o.roa
File: Utz02hbZJOPW1CQ4EsVXUO4T38o.roa (raw, json)
Hash identifier: keQ25esGP45+zRwUb+W3bNxJ1oalBtqRIrRFzpRrWDA=
Subject key identifier: 52:DC:F4:DA:16:D9:24:E3:D6:D4:24:38:12:C5:57:50:EE:13:DF:CA
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 019D6C0D8BD915C859233D923EA3D6AF3346
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/Utz02hbZJOPW1CQ4EsVXUO4T38o.roa
Signing time: Wed 08 Apr 2026 07:45:20 +0000
ROA not before: Wed 08 Apr 2026 07:45:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 83.142.208.0/24 maxlen: 24
83.142.210.0/24 maxlen: 24
83.142.211.0/24 maxlen: 24
83.142.212.0/24 maxlen: 24
83.142.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:0d:8b:d9:15:c8:59:23:3d:92:3e:a3:d6:af:33:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Apr 8 07:45:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=52dcf4da16d924e3d6d4243812c55750ee13dfca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b4:3f:d7:e7:b0:ce:18:67:bf:cd:d6:ad:0f:
08:19:97:40:7c:0a:fb:62:4e:91:91:ef:33:29:d5:
41:c5:7b:2a:69:a9:02:ac:cf:c5:2a:92:8b:c8:32:
a7:72:6e:0b:cd:62:b9:cf:bb:34:02:74:c5:4f:ad:
3b:b0:d7:61:88:25:10:63:78:8a:51:c1:b6:96:38:
a2:71:ec:64:f9:ff:7e:23:dc:c4:74:1e:53:37:1b:
fc:14:96:5a:d4:66:5d:89:85:d7:96:1f:bb:cb:f1:
48:15:fa:11:9a:52:04:bf:71:01:dc:d9:33:62:17:
9b:d5:5e:3d:10:f8:4b:67:d5:72:be:40:16:12:e8:
a7:eb:17:94:ae:02:97:0e:b2:5f:df:29:41:da:b3:
2e:02:0e:10:6b:c3:46:3f:67:e6:96:80:43:e1:5e:
0e:2a:a7:12:5d:87:05:78:61:38:aa:f7:3e:48:d3:
24:34:e1:fc:cd:dc:48:57:19:3f:ec:28:64:e9:8b:
c1:88:cb:f3:33:78:23:f6:f0:66:e7:f3:e9:e4:74:
19:f5:ea:6f:88:1f:49:0f:46:84:48:70:a2:fd:fe:
be:aa:e8:f0:27:58:e9:40:e7:0c:38:da:97:f1:b6:
e5:19:c7:76:89:fd:55:3a:a1:99:01:21:06:5b:28:
59:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:DC:F4:DA:16:D9:24:E3:D6:D4:24:38:12:C5:57:50:EE:13:DF:CA
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/Utz02hbZJOPW1CQ4EsVXUO4T38o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.208.0/24
83.142.210.0-83.142.212.255
83.142.215.0/24
Signature Algorithm: sha256WithRSAEncryption
88:e5:00:52:01:e7:a0:de:e3:96:52:99:5e:cf:42:81:b2:b1:
5d:d2:0c:3f:99:56:a8:b1:f5:3c:b9:ac:3f:47:a2:17:92:7f:
54:1d:8b:5f:d9:61:d4:b9:ad:20:47:6c:99:2a:ca:da:58:44:
71:88:9e:43:33:48:82:0e:5e:02:11:35:af:76:b2:ee:fa:c3:
6a:cc:42:ab:63:60:06:9f:eb:44:73:0e:5b:15:96:34:d2:51:
1c:c6:18:e5:f7:b6:11:42:3d:e3:77:45:ce:1b:c5:50:04:2d:
a4:c8:f1:a1:b2:0c:48:3f:c8:60:c8:41:dc:2c:49:6f:64:e6:
dc:98:e3:bc:e7:c0:2d:b0:57:28:35:bb:c6:10:4e:9b:d1:6a:
26:5b:98:c6:35:0e:44:24:4b:fe:ee:b2:1a:f9:10:de:d1:f1:
67:b8:65:d3:49:48:95:59:e4:26:73:6b:50:e8:b4:0b:46:19:
47:6f:25:52:aa:77:b6:95:20:36:6a:e1:e5:8b:10:15:c3:20:
86:ac:f3:c8:2f:e2:c8:9d:f1:7d:a6:f4:41:4e:1f:fb:a6:68:
c3:5e:a0:dc:f9:df:a1:f7:b4:71:06:05:ca:a6:e3:23:a5:81:
fb:80:2f:05:0e:f9:4b:21:8b:5d:22:9f:1b:af:76:c7:84:fa:
5c:c5:5f:72
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1sDYvZFchZIz2SPqPWrzNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjYwNDA4MDc0NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmRjZjRkYTE2ZDkyNGUzZDZkNDI0MzgxMmM1NTc1MGVlMTNkZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLQ/1+ewzhhnv83WrQ8IGZdAfAr7
Yk6Rke8zKdVBxXsqaakCrM/FKpKLyDKncm4LzWK5z7s0AnTFT607sNdhiCUQY3iK
UcG2ljiicexk+f9+I9zEdB5TNxv8FJZa1GZdiYXXlh+7y/FIFfoRmlIEv3EB3Nkz
Yheb1V49EPhLZ9VyvkAWEuin6xeUrgKXDrJf3ylB2rMuAg4Qa8NGP2fmloBD4V4O
KqcSXYcFeGE4qvc+SNMkNOH8zdxIVxk/7Chk6YvBiMvzM3gj9vBm5/Pp5HQZ9epv
iB9JD0aESHCi/f6+qujwJ1jpQOcMONqX8bblGcd2if1VOqGZASEGWyhZ6wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFLc9NoW2STj1tQkOBLFV1DuE9/KMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvVXR6MDJoYlpKT1BXMUNRNEVzVlhVTzRUMzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAU47QMAwD
BAFTjtIDBABTjtQDBABTjtcwDQYJKoZIhvcNAQELBQADggEBAIjlAFIB56De45ZS
mV7PQoGysV3SDD+ZVqix9Ty5rD9HoheSf1Qdi1/ZYdS5rSBHbJkqytpYRHGInkMz
SIIOXgIRNa92su76w2rMQqtjYAaf60RzDlsVljTSURzGGOX3thFCPeN3Rc4bxVAE
LaTI8aGyDEg/yGDIQdwsSW9k5tyY47znwC2wVyg1u8YQTpvRaiZbmMY1DkQkS/7u
shr5EN7R8We4ZdNJSJVZ5CZza1DotAtGGUdvJVKqd7aVIDZq4eWLEBXDIIas88gv
4sid8X2m9EFOH/umaMNeoNz536H3tHEGBcqm4yOlgfuALwUO+Ushi10inxuvdseE
+lzFX3I=
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:33:45 2026 by rpki-client