Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/UppVVnVbhW896K6XSXwo0aax_7U.roa
File: UppVVnVbhW896K6XSXwo0aax_7U.roa (raw, json)
Hash identifier: UNM/g9tgWKXVsv2rJCX3IpagNuPemJxP01hCnrm2WRQ=
Subject key identifier: 52:9A:55:56:75:5B:85:6F:3D:E8:AE:97:49:7C:28:D1:A6:B1:FF:B5
Certificate issuer: /CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Certificate serial: 019EAC5A51060E018C109133BE4F24585EA5
Authority key identifier: 3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/UppVVnVbhW896K6XSXwo0aax_7U.roa
Signing time: Tue 09 Jun 2026 12:27:40 +0000
ROA not before: Tue 09 Jun 2026 12:27:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29555
IP address blocks: 81.91.188.0/24 maxlen: 24
176.64.0.0/24 maxlen: 24
176.64.1.0/24 maxlen: 24
176.64.2.0/24 maxlen: 24
176.64.3.0/24 maxlen: 24
176.64.4.0/24 maxlen: 24
176.64.5.0/24 maxlen: 24
176.64.6.0/24 maxlen: 24
176.64.7.0/24 maxlen: 24
176.64.8.0/24 maxlen: 24
176.64.9.0/24 maxlen: 24
176.64.10.0/24 maxlen: 24
176.64.11.0/24 maxlen: 24
176.64.12.0/24 maxlen: 24
176.64.13.0/24 maxlen: 24
176.64.14.0/24 maxlen: 24
176.64.15.0/24 maxlen: 24
176.64.16.0/24 maxlen: 24
176.64.17.0/24 maxlen: 24
176.64.18.0/24 maxlen: 24
176.64.19.0/24 maxlen: 24
176.64.20.0/24 maxlen: 24
176.64.21.0/24 maxlen: 24
176.64.22.0/24 maxlen: 24
176.64.23.0/24 maxlen: 24
176.64.24.0/24 maxlen: 24
176.64.25.0/24 maxlen: 24
176.64.26.0/24 maxlen: 24
176.64.27.0/24 maxlen: 24
176.64.28.0/24 maxlen: 24
176.64.29.0/24 maxlen: 24
176.64.30.0/24 maxlen: 24
176.64.31.0/24 maxlen: 24
176.64.32.0/24 maxlen: 24
176.64.33.0/24 maxlen: 24
176.64.34.0/24 maxlen: 24
176.64.35.0/24 maxlen: 24
212.96.66.0/24 maxlen: 24
212.96.69.0/24 maxlen: 24
212.96.74.0/24 maxlen: 24
212.96.75.0/24 maxlen: 24
212.96.76.0/24 maxlen: 24
212.96.79.0/24 maxlen: 24
212.96.80.0/24 maxlen: 24
212.96.81.0/24 maxlen: 24
212.96.82.0/24 maxlen: 24
212.96.84.0/24 maxlen: 24
212.96.86.0/24 maxlen: 24
212.96.87.0/24 maxlen: 24
212.96.88.0/24 maxlen: 24
212.96.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 14:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ac:5a:51:06:0e:01:8c:10:91:33:be:4f:24:58:5e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5dc2ba5942e04fdd8ba99516a1b93b1e4f9624
Validity
Not Before: Jun 9 12:27:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=529a5556755b856f3de8ae97497c28d1a6b1ffb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:36:0f:f8:f4:bb:ef:ef:ed:c7:a7:3d:95:d3:
67:c7:53:06:fe:b3:ac:4c:7a:fb:2f:89:0e:4b:a2:
87:1d:ba:16:9e:ec:dc:53:50:3d:42:00:d5:3b:cd:
27:3e:df:92:62:86:00:e9:55:d2:53:e2:36:69:fa:
79:c8:b9:d9:1d:1c:3e:14:24:22:aa:8b:d2:4e:ca:
38:61:a5:b8:a7:b2:dd:b8:3e:76:77:08:26:c2:3e:
31:53:e7:9c:ae:a4:68:60:66:8a:89:69:b9:5f:f0:
37:b9:9f:4b:be:78:c3:a6:83:1f:c5:fa:a3:aa:0d:
bc:e2:c9:48:3b:8c:3f:63:2f:5b:37:1f:98:04:a3:
59:ce:9e:95:e3:9a:74:8a:db:bc:be:0e:9b:f9:d7:
9a:db:f3:9a:4e:3e:7f:0c:4f:44:2f:62:97:03:80:
ac:81:d1:df:a7:9c:4f:14:2e:10:52:d1:e7:b8:cf:
d5:d3:80:6a:a1:d3:ff:da:83:74:e0:d8:c1:f2:a2:
95:97:89:fe:39:b1:70:aa:0c:5e:7d:70:42:c7:b9:
4c:a7:eb:03:74:5a:d8:b0:e3:ec:ed:1d:ac:c3:71:
8a:f5:55:96:c9:69:22:b2:f9:4c:7a:44:c2:85:90:
22:04:a8:f8:fe:09:e0:2f:b7:ce:b3:b9:00:1d:fd:
9c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:9A:55:56:75:5B:85:6F:3D:E8:AE:97:49:7C:28:D1:A6:B1:FF:B5
X509v3 Authority Key Identifier:
keyid:3A:5D:C2:BA:59:42:E0:4F:DD:8B:A9:95:16:A1:B9:3B:1E:4F:96:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol3CullC4E_di6mVFqG5Ox5PliQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/UppVVnVbhW896K6XSXwo0aax_7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/714f54-fa75-4091-8c0b-9c15fbd5ee5e/1/Ol3CullC4E_di6mVFqG5Ox5PliQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.188.0/24
176.64.0.0-176.64.35.255
212.96.66.0/24
212.96.69.0/24
212.96.74.0-212.96.76.255
212.96.79.0-212.96.82.255
212.96.84.0/24
212.96.86.0-212.96.88.255
212.96.95.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e9:2c:53:d3:bf:03:e4:31:4d:e0:fe:dd:be:88:d9:ad:a6:
cb:30:a3:c4:64:ae:f7:66:e6:1d:fb:32:c7:92:e9:14:38:78:
e4:4d:82:7a:2b:fa:1a:cb:bc:d1:e6:c8:01:03:c9:f3:52:56:
63:ce:73:ff:2f:53:b1:de:f6:15:07:e7:fa:c5:06:ed:33:2a:
6c:eb:06:f0:53:a2:9b:e2:50:bb:64:4c:18:d6:2b:85:b1:c3:
ed:8c:c1:7e:84:61:42:ef:93:71:d4:1b:04:2e:b5:82:74:cc:
63:16:8f:9d:c7:e1:1d:67:44:c2:a5:ad:59:69:3a:55:a8:50:
dd:00:ff:28:c9:80:41:ec:2e:c6:e8:ee:de:47:c4:d8:2a:b2:
1c:0e:8a:63:85:51:55:cd:30:98:e1:da:9c:63:80:69:00:b9:
d0:40:f0:2e:21:95:df:0c:02:c2:9a:f3:2a:c1:27:b5:dd:aa:
07:47:53:81:08:7b:fb:c7:52:c3:38:1c:11:4b:71:5c:65:f2:
99:ea:35:a8:be:e9:e4:41:b5:31:f9:5a:e7:89:71:9f:0a:74:
ee:bf:af:94:a2:74:f0:e3:a0:99:c2:16:96:f5:0d:79:e5:37:
e2:82:60:7f:f3:ca:03:e7:2e:a3:86:c9:bc:68:a6:d5:0b:5d:
69:ec:3f:1e
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZ6sWlEGDgGMEJEzvk8kWF6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWRjMmJhNTk0MmUwNGZkZDhiYTk5NTE2YTFiOTNiMWU0
Zjk2MjQwHhcNMjYwNjA5MTIyNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjlhNTU1Njc1NWI4NTZmM2RlOGFlOTc0OTdjMjhkMWE2YjFmZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDYP+PS77+/tx6c9ldNnx1MG/rOs
THr7L4kOS6KHHboWnuzcU1A9QgDVO80nPt+SYoYA6VXSU+I2afp5yLnZHRw+FCQi
qovSTso4YaW4p7LduD52dwgmwj4xU+ecrqRoYGaKiWm5X/A3uZ9LvnjDpoMfxfqj
qg284slIO4w/Yy9bNx+YBKNZzp6V45p0itu8vg6b+dea2/OaTj5/DE9EL2KXA4Cs
gdHfp5xPFC4QUtHnuM/V04BqodP/2oN04NjB8qKVl4n+ObFwqgxefXBCx7lMp+sD
dFrYsOPs7R2sw3GK9VWWyWkisvlMekTChZAiBKj4/gngL7fOs7kAHf2cDQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFFKaVVZ1W4VvPeiul0l8KNGmsf+1MB8GA1UdIwQY
MBaAFDpdwrpZQuBP3YuplRahuTseT5YkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGIt
OWMxNWZiZDVlZTVlLzEvVXBwVlZuVmJoVzg5Nks2WFNYd28wYWF4XzdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC83MTRmNTQtZmE3NS00MDkxLThjMGItOWMxNWZiZDVlZTVl
LzEvT2wzQ3VsbEM0RV9kaTZtVkZxRzVPeDVQbGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBbBAIAATBVAwQAUVu8MAsD
AwawQAMEArBAIAMEANRgQgMEANRgRTAMAwQB1GBKAwQA1GBMMAwDBADUYE8DBADU
YFIDBADUYFQwDAMEAdRgVgMEANRgWAMEANRgXzANBgkqhkiG9w0BAQsFAAOCAQEA
O+ksU9O/A+QxTeD+3b6I2a2myzCjxGSu92bmHfsyx5LpFDh45E2Ceiv6Gsu80ebI
AQPJ81JWY85z/y9Tsd72FQfn+sUG7TMqbOsG8FOim+JQu2RMGNYrhbHD7YzBfoRh
Qu+TcdQbBC61gnTMYxaPncfhHWdEwqWtWWk6VahQ3QD/KMmAQewuxuju3kfE2Cqy
HA6KY4VRVc0wmOHanGOAaQC50EDwLiGV3wwCwprzKsEntd2qB0dTgQh7+8dSwzgc
EUtxXGXymeo1qL7p5EG1Mfla54lxnwp07r+vlKJ08OOgmcIWlvUNeeU34oJgf/PK
A+cuo4bJvGim1Qtdaew/Hg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:52:24 2026 by rpki-client