Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/UhXahydsOo_qiwzRtVGqPmi_pwk.roa
File: UhXahydsOo_qiwzRtVGqPmi_pwk.roa (raw, json)
Hash identifier: DFHZo+ZnvqIq4efxazwJLIWQqpNgr1YvbSZZDY8hdCA=
Subject key identifier: 52:15:DA:87:27:6C:3A:8F:EA:8B:0C:D1:B5:51:AA:3E:68:BF:A7:09
Certificate issuer: /CN=cfeace714c29568ef197007b141d12758cc415d5
Certificate serial: 019C5617E7837B09CBD97597E27959293A71
Authority key identifier: CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/UhXahydsOo_qiwzRtVGqPmi_pwk.roa
Signing time: Fri 13 Feb 2026 08:22:13 +0000
ROA not before: Fri 13 Feb 2026 08:22:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1299
IP address blocks: 45.137.208.0/22 maxlen: 24
81.201.208.0/20 maxlen: 24
84.19.128.0/20 maxlen: 24
84.19.144.0/21 maxlen: 24
91.192.252.0/22 maxlen: 24
91.224.36.0/23 maxlen: 24
185.56.212.0/22 maxlen: 24
185.57.168.0/22 maxlen: 24
185.114.104.0/22 maxlen: 24
185.224.56.0/22 maxlen: 24
188.65.152.0/21 maxlen: 24
193.41.118.0/23 maxlen: 24
193.138.74.0/24 maxlen: 24
193.254.192.0/23 maxlen: 24
195.78.36.0/24 maxlen: 24
2a00:e900::/29 maxlen: 48
2a01:4400::/32 maxlen: 48
2a02:5120::/32 maxlen: 48
2a0b:fd80::/32 maxlen: 48
2a0b:fd81::/32 maxlen: 48
2a0b:fd82::/32 maxlen: 48
2a0b:fd87::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:56:17:e7:83:7b:09:cb:d9:75:97:e2:79:59:29:3a:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfeace714c29568ef197007b141d12758cc415d5
Validity
Not Before: Feb 13 08:22:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5215da87276c3a8fea8b0cd1b551aa3e68bfa709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ba:47:24:75:ea:68:32:e4:2f:ac:e7:77:ec:
1a:27:93:66:10:7d:0f:26:31:6e:6c:19:b1:97:13:
ab:c8:e1:ce:ee:94:96:3d:93:8e:e4:7c:1e:cb:82:
6c:7d:b7:b5:80:63:12:2d:15:57:6a:4f:92:6c:ea:
7d:0c:49:49:84:c4:c6:25:bc:b6:cd:0f:76:97:25:
74:f6:68:c8:cd:89:9a:d0:ca:cd:37:40:25:96:df:
0a:32:66:b8:c7:e3:70:e8:e8:60:6a:6f:21:52:16:
bc:46:6c:80:ee:de:71:4c:c8:0a:56:e1:dd:d8:e4:
3b:44:48:20:1e:76:aa:76:4b:d2:0b:f1:b3:f6:ca:
dd:e6:a8:3b:c2:28:d9:5e:f0:f5:d6:14:bb:e6:bf:
48:09:64:82:f4:f2:8c:5a:32:32:40:5b:42:9a:a5:
1a:fb:7c:ab:33:28:d1:f9:94:2a:ca:5a:ac:31:a2:
c0:aa:1a:a2:ee:9b:52:e0:a4:ca:0e:ed:a4:3d:43:
7d:ea:d2:72:33:82:f5:5d:12:97:d7:fd:3b:01:0e:
42:36:5f:86:10:bb:c0:0b:83:a5:6e:94:a4:40:4b:
8a:fe:77:6b:80:4a:7b:10:c2:0d:57:ce:a1:6c:54:
e8:43:65:2b:ac:d0:e7:43:62:b6:f3:a4:a8:3e:ae:
92:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:15:DA:87:27:6C:3A:8F:EA:8B:0C:D1:B5:51:AA:3E:68:BF:A7:09
X509v3 Authority Key Identifier:
keyid:CF:EA:CE:71:4C:29:56:8E:F1:97:00:7B:14:1D:12:75:8C:C4:15:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z-rOcUwpVo7xlwB7FB0SdYzEFdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/UhXahydsOo_qiwzRtVGqPmi_pwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fc1bef-e72b-4a45-9463-8fd394b5357c/1/z-rOcUwpVo7xlwB7FB0SdYzEFdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.208.0/22
81.201.208.0/20
84.19.128.0-84.19.151.255
91.192.252.0/22
91.224.36.0/23
185.56.212.0/22
185.57.168.0/22
185.114.104.0/22
185.224.56.0/22
188.65.152.0/21
193.41.118.0/23
193.138.74.0/24
193.254.192.0/23
195.78.36.0/24
IPv6:
2a00:e900::/29
2a01:4400::/32
2a02:5120::/32
2a0b:fd80::-2a0b:fd82:ffff:ffff:ffff:ffff:ffff:ffff
2a0b:fd87::/32
Signature Algorithm: sha256WithRSAEncryption
76:8e:db:90:02:1b:09:d4:7d:04:da:21:a0:1b:6d:17:c1:be:
a0:7a:f2:24:60:ab:6c:58:62:8c:5a:01:65:ab:83:24:49:54:
72:4a:01:3d:85:73:ce:04:2b:69:5e:06:5c:e5:39:3e:19:2b:
42:6e:61:41:c6:c4:33:ff:c8:8b:5a:f7:e4:a2:f1:30:0b:28:
a3:40:5f:3c:38:29:4a:5d:cf:c0:28:3d:31:68:c0:65:98:79:
bc:09:4a:98:98:10:fd:f0:34:1d:1c:e5:da:d0:a9:ec:25:5a:
f8:6e:b6:50:1f:e1:9a:43:9d:f0:40:53:13:66:1f:df:22:04:
d9:90:8a:f5:da:04:18:98:fd:16:b2:a5:c0:17:43:35:b0:0a:
0f:6d:ce:bc:b6:1e:67:08:6a:90:c0:b6:02:5e:30:90:93:2f:
b3:26:2e:6d:20:94:02:9d:40:61:b5:00:86:2d:6f:25:e6:96:
d6:8d:9b:d5:07:6a:c1:02:17:51:07:d3:3d:37:c6:c5:e8:d3:
74:a9:81:5b:84:9d:ca:99:2e:4b:83:84:f1:9a:e4:6b:18:32:
04:d2:d5:98:e1:58:97:0a:92:1f:a3:35:15:6a:f0:79:3e:59:
3c:11:46:8d:08:24:49:c2:d3:9b:78:6c:73:64:bb:0c:0a:d7:
4a:3b:91:55
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZxWF+eDewnL2XWX4nlZKTpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZWFjZTcxNGMyOTU2OGVmMTk3MDA3YjE0MWQxMjc1OGNj
NDE1ZDUwHhcNMjYwMjEzMDgyMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjE1ZGE4NzI3NmMzYThmZWE4YjBjZDFiNTUxYWEzZTY4YmZhNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LpHJHXqaDLkL6znd+waJ5NmEH0P
JjFubBmxlxOryOHO7pSWPZOO5Hwey4Jsfbe1gGMSLRVXak+SbOp9DElJhMTGJby2
zQ92lyV09mjIzYma0MrNN0Allt8KMma4x+Nw6Ohgam8hUha8RmyA7t5xTMgKVuHd
2OQ7REggHnaqdkvSC/Gz9srd5qg7wijZXvD11hS75r9ICWSC9PKMWjIyQFtCmqUa
+3yrMyjR+ZQqylqsMaLAqhqi7ptS4KTKDu2kPUN96tJyM4L1XRKX1/07AQ5CNl+G
ELvAC4OlbpSkQEuK/ndrgEp7EMINV86hbFToQ2UrrNDnQ2K286SoPq6SxQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFFIV2ocnbDqP6osM0bVRqj5ov6cJMB8GA1UdIwQY
MBaAFM/qznFMKVaO8ZcAexQdEnWMxBXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMt
OGZkMzk0YjUzNTdjLzEvVWhYYWh5ZHNPb19xaXd6UnRWR3FQbWlfcHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mYzFiZWYtZTcyYi00YTQ1LTk0NjMtOGZkMzk0YjUzNTdj
LzEvei1yT2NVd3BWbzd4bHdCN0ZCMFNkWXpFRmRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDBiBAIAATBcAwQCLYnQ
AwQEUcnQMAwDBAdUE4ADBANUE5ADBAJbwPwDBAFb4CQDBAK5ONQDBAK5OagDBAK5
cmgDBAK54DgDBAO8QZgDBAHBKXYDBADBikoDBAHB/sADBADDTiQwMgQCAAIwLAMF
AyoA6QADBQAqAUQAAwUAKgJRIDAOAwUHKgv9gAMFACoL/YIDBQAqC/2HMA0GCSqG
SIb3DQEBCwUAA4IBAQB2jtuQAhsJ1H0E2iGgG20Xwb6gevIkYKtsWGKMWgFlq4Mk
SVRySgE9hXPOBCtpXgZc5Tk+GStCbmFBxsQz/8iLWvfkovEwCyijQF88OClKXc/A
KD0xaMBlmHm8CUqYmBD98DQdHOXa0KnsJVr4brZQH+GaQ53wQFMTZh/fIgTZkIr1
2gQYmP0WsqXAF0M1sAoPbc68th5nCGqQwLYCXjCQky+zJi5tIJQCnUBhtQCGLW8l
5pbWjZvVB2rBAhdRB9M9N8bF6NN0qYFbhJ3KmS5Lg4TxmuRrGDIE0tWY4ViXCpIf
ozUVavB5Plk8EUaNCCRJwtObeGxzZLsMCtdKO5FV
-----END CERTIFICATE-----
Generated at Sun Mar 1 14:42:08 2026 by rpki-client