Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/uypIIfN_gqEh3lmpScBuFQ0y2x0.roa
File: uypIIfN_gqEh3lmpScBuFQ0y2x0.roa (raw, json)
Hash identifier: qYsj/xVAas+VL1pl193+WdJRRlNb+wnpITbwyt+RIfM=
Subject key identifier: BB:2A:48:21:F3:7F:82:A1:21:DE:59:A9:49:C0:6E:15:0D:32:DB:1D
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 019D7D623030C35637CE6DEDC94F20FE0249
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/uypIIfN_gqEh3lmpScBuFQ0y2x0.roa
Signing time: Sat 11 Apr 2026 16:31:20 +0000
ROA not before: Sat 11 Apr 2026 16:31:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206264
IP address blocks: 2.57.214.0/24 maxlen: 24
2.57.215.0/24 maxlen: 24
5.61.208.0/24 maxlen: 24
5.61.209.0/24 maxlen: 24
5.183.209.0/24 maxlen: 24
5.187.35.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
80.251.152.0/23 maxlen: 24
89.42.231.0/24 maxlen: 24
89.249.49.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.177.74.0/24 maxlen: 24
185.177.75.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
195.182.16.0/24 maxlen: 24
2a0d:1000::/29 maxlen: 29
2a0d:1000::/30 maxlen: 30
2a0d:1004::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:62:30:30:c3:56:37:ce:6d:ed:c9:4f:20:fe:02:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Apr 11 16:31:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb2a4821f37f82a121de59a949c06e150d32db1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:00:96:18:45:e7:4a:b8:17:29:cb:99:cc:e7:
1e:11:d2:6b:6b:e5:b1:9e:8c:e4:86:99:d6:3d:45:
97:cd:aa:11:31:26:7f:12:32:e1:ac:63:61:53:7b:
35:a0:f1:8f:4b:54:29:c3:a6:a8:95:c7:e4:99:63:
26:bd:5a:bb:f1:a5:99:76:71:1a:a5:b0:7e:a2:27:
de:10:ca:d9:58:f4:35:5e:86:9e:87:f2:d8:47:8b:
c2:aa:2c:8a:a4:dd:c5:af:d2:a7:68:aa:98:92:7f:
d8:c0:d4:5c:ea:31:ec:1a:23:04:f9:09:db:4e:3d:
9a:96:17:26:84:34:5b:4b:ba:e1:35:f3:b6:e5:87:
51:fb:9e:99:38:c4:69:e4:65:ec:85:7f:55:72:d5:
79:ce:84:78:df:c3:cf:8f:cf:43:7d:b9:13:a4:d4:
e2:4d:6a:0f:8c:6b:1d:1d:de:66:44:68:a5:d3:3d:
4d:06:f4:1f:8c:8e:57:63:27:f2:e1:31:8c:90:07:
2f:a5:e8:03:27:61:b6:6a:d4:8f:9f:eb:2c:58:a1:
6f:7e:49:bb:fa:59:5d:aa:21:d4:40:3a:d8:ce:0c:
5a:62:59:01:60:fd:25:e7:37:72:28:ed:1c:4b:5f:
c1:60:20:9d:86:fb:1d:44:3c:ad:8d:4f:77:53:89:
67:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2A:48:21:F3:7F:82:A1:21:DE:59:A9:49:C0:6E:15:0D:32:DB:1D
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/uypIIfN_gqEh3lmpScBuFQ0y2x0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.214.0/23
5.61.208.0/23
5.183.209.0/24
5.187.35.0/24
45.129.84.0/24
45.139.122.0/24
80.251.152.0/23
89.42.231.0/24
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.177.74.0/23
185.191.124.0/22
195.182.16.0/24
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
63:35:d8:69:0a:1e:b9:af:d0:e1:0c:6a:79:8e:2a:c9:4f:74:
92:27:48:b7:08:10:c9:62:fb:a6:c7:34:44:98:dc:94:63:7d:
89:37:4f:5d:85:31:04:2c:8d:df:fc:f0:f9:c3:a3:7b:bd:00:
d7:c3:07:a7:f9:6e:6b:73:a4:1f:3f:8e:15:2a:fe:fd:52:df:
78:6c:6d:91:4b:f9:ae:17:97:65:f8:8d:53:15:f6:4f:77:87:
e9:73:46:26:d4:e0:73:3f:9c:3b:91:73:86:bc:cf:bb:44:bc:
25:3b:61:2b:ce:5c:96:f7:96:68:24:c8:a4:99:3c:84:27:fe:
b3:3e:c6:b2:f9:4f:2d:a5:50:12:87:41:05:f5:f4:0d:c9:35:
42:ab:f3:c6:a0:f2:d4:83:c3:cb:e7:8d:34:6e:6a:36:f8:30:
e3:25:06:c0:e4:78:23:8e:31:07:97:f1:53:64:a0:1c:fe:fd:
b6:6b:e6:73:5f:b0:03:39:c9:08:93:9c:2d:63:76:1e:15:cb:
bf:05:05:24:b2:e3:a3:a4:6c:38:0a:0c:a3:ee:03:bc:b3:53:
a8:2c:63:d1:b6:cb:db:d9:24:16:a4:9c:d8:e8:f9:01:08:22:
fd:9e:6a:4a:2e:58:40:8e:5d:f8:62:5b:a8:ad:0f:76:76:2c:
61:c4:91:0b
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZ19YjAww1Y3zm3tyU8g/gJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjYwNDExMTYzMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjJhNDgyMWYzN2Y4MmExMjFkZTU5YTk0OWMwNmUxNTBkMzJkYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7QCWGEXnSrgXKcuZzOceEdJra+Wx
nozkhpnWPUWXzaoRMSZ/EjLhrGNhU3s1oPGPS1Qpw6aolcfkmWMmvVq78aWZdnEa
pbB+oifeEMrZWPQ1Xoaeh/LYR4vCqiyKpN3Fr9KnaKqYkn/YwNRc6jHsGiME+Qnb
Tj2alhcmhDRbS7rhNfO25YdR+56ZOMRp5GXshX9VctV5zoR438PPj89DfbkTpNTi
TWoPjGsdHd5mRGil0z1NBvQfjI5XYyfy4TGMkAcvpegDJ2G2atSPn+ssWKFvfkm7
+lldqiHUQDrYzgxaYlkBYP0l5zdyKO0cS1/BYCCdhvsdRDytjU93U4lnCwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFLsqSCHzf4KhId5ZqUnAbhUNMtsdMB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvdXlwSUlmTl9ncUVoM2xtcFNjQnVGUTB5MngwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQBAjnWAwQB
BT3QAwQABbfRAwQABbsjAwQALYFUAwQALYt6AwQBUPuYAwQAWSrnAwQAWfkxAwQA
XXtIAwQAXpwhAwQBubFKAwQCub98AwQAw7YQMA0EAgACMAcDBQMqDRAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBjNdhpCh65r9DhDGp5jirJT3SSJ0i3CBDJYvumxzREmNyU
Y32JN09dhTEELI3f/PD5w6N7vQDXwwen+W5rc6QfP44VKv79Ut94bG2RS/muF5dl
+I1TFfZPd4fpc0Ym1OBzP5w7kXOGvM+7RLwlO2ErzlyW95ZoJMikmTyEJ/6zPsay
+U8tpVASh0EF9fQNyTVCq/PGoPLUg8PL5400bmo2+DDjJQbA5HgjjjEHl/FTZKAc
/v22a+ZzX7ADOckIk5wtY3YeFcu/BQUksuOjpGw4Cgyj7gO8s1OoLGPRtsvb2SQW
pJzY6PkBCCL9nmpKLlhAjl34YluorQ92dixhxJEL
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:28:35 2026 by rpki-client