Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/URJzBUsEISSG4FG2wK4plKVqkbA.roa
File: URJzBUsEISSG4FG2wK4plKVqkbA.roa (raw, json)
Hash identifier: d/U8BrAHZytlsN3OdFaMGxSnxJz7rd2AErfm0Q8DI8Y=
Subject key identifier: 51:12:73:05:4B:04:21:24:86:E0:51:B6:C0:AE:29:94:A5:6A:91:B0
Certificate issuer: /CN=76e05e9ee59477e0155fc1edc0a1830729766e88
Certificate serial: 019C8F4DCE64EC243D2565F4CB27B43AF469
Authority key identifier: 76:E0:5E:9E:E5:94:77:E0:15:5F:C1:ED:C0:A1:83:07:29:76:6E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/URJzBUsEISSG4FG2wK4plKVqkbA.roa
Signing time: Tue 24 Feb 2026 10:59:26 +0000
ROA not before: Tue 24 Feb 2026 10:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12978
IP address blocks: 212.31.0.0/19 maxlen: 19
212.31.0.0/22 maxlen: 22
212.31.0.0/24 maxlen: 24
212.31.1.0/24 maxlen: 24
212.31.2.0/24 maxlen: 24
212.31.3.0/24 maxlen: 24
212.31.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.mft
rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:4d:ce:64:ec:24:3d:25:65:f4:cb:27:b4:3a:f4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e05e9ee59477e0155fc1edc0a1830729766e88
Validity
Not Before: Feb 24 10:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=511273054b04212486e051b6c0ae2994a56a91b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ba:6d:2c:e4:41:bd:84:e4:a6:6c:68:da:01:
7d:da:ba:5b:90:ae:08:b2:1a:50:6b:d9:61:16:51:
3b:0d:89:b3:57:01:bb:48:3f:b2:18:f2:cc:71:7b:
ce:38:03:1a:59:a2:0a:d3:65:b4:1b:f0:8e:c7:ea:
bc:96:c2:db:6f:6a:eb:43:ff:8c:3c:ab:df:7b:57:
59:46:8d:6a:1b:91:f1:70:93:27:b3:40:bd:9c:5c:
91:58:42:d7:26:71:91:cb:0c:01:e4:96:4e:bb:dd:
5b:f7:38:bc:65:f9:b6:48:2d:4e:d0:e3:7b:6a:31:
8f:cc:ab:6c:d6:b5:b1:df:35:2c:b4:61:9f:ba:02:
62:70:56:e5:77:8a:3e:ba:c6:43:1f:4a:e7:1b:7e:
9c:fa:d2:2e:ea:13:e7:77:a6:34:1e:18:7e:aa:c3:
81:eb:a5:4b:66:5e:cd:e2:dd:04:96:dc:69:11:81:
92:67:aa:c1:ee:6c:e6:3d:c2:38:34:1c:8e:d8:19:
46:6f:d2:2b:9f:29:29:10:7e:73:80:1b:cf:47:ed:
d9:d1:32:f1:58:2c:b1:3d:0a:a1:c6:c3:a4:be:e3:
e8:d6:87:18:eb:70:33:ae:ec:4b:09:52:a0:30:59:
c7:c5:a8:4b:ad:20:59:3b:d1:12:b2:4c:88:cb:5b:
28:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:12:73:05:4B:04:21:24:86:E0:51:B6:C0:AE:29:94:A5:6A:91:B0
X509v3 Authority Key Identifier:
keyid:76:E0:5E:9E:E5:94:77:E0:15:5F:C1:ED:C0:A1:83:07:29:76:6E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duBenuWUd-AVX8HtwKGDByl2bog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/URJzBUsEISSG4FG2wK4plKVqkbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/66e51a-fe82-4b5d-9884-b533f4941afe/1/duBenuWUd-AVX8HtwKGDByl2bog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.31.0.0/19
Signature Algorithm: sha256WithRSAEncryption
15:a1:28:a2:91:5f:58:98:42:6c:6e:43:ec:e0:09:2c:02:92:
62:60:37:04:4b:bd:fa:40:ca:6d:27:8a:43:96:90:d6:6e:52:
74:81:8f:a1:1c:e6:ae:90:5b:ed:df:37:d9:c9:66:67:2c:7a:
8a:fe:69:5a:5f:4f:c1:bd:68:17:19:00:be:43:f0:c1:57:b0:
bb:53:ef:54:08:73:6d:74:82:b6:ee:b5:37:23:31:0c:c3:ac:
52:41:e8:4c:5c:9b:e0:54:14:b1:64:f4:2f:b1:07:92:ce:25:
a2:0a:56:f2:af:45:54:58:b5:02:b1:57:a4:3f:f4:74:b3:b2:
29:06:03:cf:18:eb:48:6c:af:e4:a1:0b:1c:76:08:46:89:e4:
74:cb:3b:20:cf:7d:bd:66:34:f5:f9:6d:6b:1d:e2:32:c1:5d:
49:07:60:9a:e7:b3:36:7f:a5:04:e6:11:0a:30:38:49:df:b4:
d3:b1:0d:60:aa:08:81:af:7a:d8:ac:b0:8e:ab:e3:3d:39:e7:
02:1a:6c:41:5f:66:11:59:31:dc:65:8d:be:ee:54:3d:40:b0:
54:72:de:2c:8b:0a:7b:16:21:e5:6a:a2:69:b4:2c:c8:a0:fb:
e4:8d:24:0d:a9:bd:76:34:8b:8a:d6:6b:b5:5a:d8:5a:a4:b7:
94:6a:85:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyPTc5k7CQ9JWX0yye0OvRpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTA1ZTllZTU5NDc3ZTAxNTVmYzFlZGMwYTE4MzA3Mjk3
NjZlODgwHhcNMjYwMjI0MTA1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTEyNzMwNTRiMDQyMTI0ODZlMDUxYjZjMGFlMjk5NGE1NmE5MWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rptLORBvYTkpmxo2gF92rpbkK4I
shpQa9lhFlE7DYmzVwG7SD+yGPLMcXvOOAMaWaIK02W0G/COx+q8lsLbb2rrQ/+M
PKvfe1dZRo1qG5HxcJMns0C9nFyRWELXJnGRywwB5JZOu91b9zi8Zfm2SC1O0ON7
ajGPzKts1rWx3zUstGGfugJicFbld4o+usZDH0rnG36c+tIu6hPnd6Y0Hhh+qsOB
66VLZl7N4t0EltxpEYGSZ6rB7mzmPcI4NByO2BlGb9IrnykpEH5zgBvPR+3Z0TLx
WCyxPQqhxsOkvuPo1ocY63AzruxLCVKgMFnHxahLrSBZO9ESskyIy1soMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFEScwVLBCEkhuBRtsCuKZSlapGwMB8GA1UdIwQY
MBaAFHbgXp7llHfgFV/B7cChgwcpdm6IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVCZW51V1VkLUFWWDhIdHdLR0RCeWwyYm9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS82NmU1MWEtZmU4Mi00YjVkLTk4ODQt
YjUzM2Y0OTQxYWZlLzEvVVJKekJVc0VJU1NHNEZHMndLNHBsS1Zxa2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS82NmU1MWEtZmU4Mi00YjVkLTk4ODQtYjUzM2Y0OTQxYWZl
LzEvZHVCZW51V1VkLUFWWDhIdHdLR0RCeWwyYm9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1B8AMA0G
CSqGSIb3DQEBCwUAA4IBAQAVoSiikV9YmEJsbkPs4AksApJiYDcES736QMptJ4pD
lpDWblJ0gY+hHOaukFvt3zfZyWZnLHqK/mlaX0/BvWgXGQC+Q/DBV7C7U+9UCHNt
dIK27rU3IzEMw6xSQehMXJvgVBSxZPQvsQeSziWiClbyr0VUWLUCsVekP/R0s7Ip
BgPPGOtIbK/koQscdghGieR0yzsgz329ZjT1+W1rHeIywV1JB2Ca57M2f6UE5hEK
MDhJ37TTsQ1gqgiBr3rYrLCOq+M9OecCGmxBX2YRWTHcZY2+7lQ9QLBUct4siwp7
FiHlaqJptCzIoPvkjSQNqb12NIuK1mu1WthapLeUaoX8
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:03:48 2026 by rpki-client