Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/KUjkZ8QU9wVEQTMwvaNEDbxlxDU.roa
File: KUjkZ8QU9wVEQTMwvaNEDbxlxDU.roa (raw, json)
Hash identifier: SSnpC+LDbpJEWW7Dz9SA6laQ6jwgy6aN8IlIVc7fue0=
Subject key identifier: 29:48:E4:67:C4:14:F7:05:44:41:33:30:BD:A3:44:0D:BC:65:C4:35
Certificate issuer: /CN=0a8e93f1961bebc10009cb265c0baf34702a3dab
Certificate serial: 019C3D1C08119B02059F0391AD02A164B7C7
Authority key identifier: 0A:8E:93:F1:96:1B:EB:C1:00:09:CB:26:5C:0B:AF:34:70:2A:3D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Co6T8ZYb68EACcsmXAuvNHAqPas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/KUjkZ8QU9wVEQTMwvaNEDbxlxDU.roa
Signing time: Sun 08 Feb 2026 11:56:13 +0000
ROA not before: Sun 08 Feb 2026 11:56:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48925
IP address blocks: 91.212.19.0/24 maxlen: 24
185.195.237.0/24 maxlen: 24
2001:67c:be8::/48 maxlen: 48
2a01:ec40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/Co6T8ZYb68EACcsmXAuvNHAqPas.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/Co6T8ZYb68EACcsmXAuvNHAqPas.mft
rsync://rpki.ripe.net/repository/DEFAULT/Co6T8ZYb68EACcsmXAuvNHAqPas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:3d:1c:08:11:9b:02:05:9f:03:91:ad:02:a1:64:b7:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a8e93f1961bebc10009cb265c0baf34702a3dab
Validity
Not Before: Feb 8 11:56:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2948e467c414f70544413330bda3440dbc65c435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a1:a5:c3:bc:9b:d7:e0:8b:56:fd:51:6c:dc:
fa:c6:45:84:75:8d:51:4f:80:b7:9a:c3:20:43:e4:
97:ce:61:01:51:19:56:33:c8:f3:a0:c2:e0:c9:94:
56:57:b6:97:62:bc:db:ae:54:b3:4a:9b:e9:4e:8b:
4b:10:c4:0e:f8:69:27:c1:c2:73:a0:a4:c8:92:1c:
77:be:90:b9:6f:4a:0c:30:fb:56:57:cb:d8:d4:05:
a5:8b:b0:18:9e:06:a5:a1:a1:62:e3:dd:ae:33:f2:
d7:da:80:7c:7d:d4:db:a4:45:98:85:98:13:84:44:
d3:74:cf:0f:ca:39:36:b7:de:49:92:d2:be:06:18:
8c:fe:e6:cf:40:6e:66:46:31:dc:b2:ce:e3:f7:eb:
a4:d7:86:16:8b:5e:ca:9c:4f:f3:8b:ab:ff:41:72:
a4:42:76:30:9d:f8:2d:bd:d7:d5:07:06:22:b9:6b:
91:af:52:92:b8:1e:d1:fd:d6:01:ff:bd:28:26:98:
ad:8d:e3:bb:cc:a3:15:25:a6:8e:d4:3c:18:d2:29:
ce:df:ff:31:44:92:19:3a:85:91:fe:cc:a6:6d:62:
e7:79:95:38:2f:89:19:6f:69:22:72:35:74:37:54:
32:86:eb:36:c5:f8:f8:87:2b:8b:7d:6a:6f:b2:fc:
20:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:48:E4:67:C4:14:F7:05:44:41:33:30:BD:A3:44:0D:BC:65:C4:35
X509v3 Authority Key Identifier:
keyid:0A:8E:93:F1:96:1B:EB:C1:00:09:CB:26:5C:0B:AF:34:70:2A:3D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Co6T8ZYb68EACcsmXAuvNHAqPas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/KUjkZ8QU9wVEQTMwvaNEDbxlxDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/39fa43-9794-421a-ba89-b9356e61f73a/1/Co6T8ZYb68EACcsmXAuvNHAqPas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.19.0/24
185.195.237.0/24
IPv6:
2001:67c:be8::/48
2a01:ec40::/48
Signature Algorithm: sha256WithRSAEncryption
06:68:c6:1d:14:ff:da:1f:d5:14:e5:67:3d:d3:f2:a0:b0:f6:
8f:44:b2:ee:a4:f5:00:f8:ee:41:92:59:12:c2:15:ec:1a:0d:
70:c9:d0:d6:eb:c5:fe:4f:89:6d:45:f6:57:7a:76:12:94:1a:
20:4c:c5:4f:14:e0:f3:33:19:f1:e9:8b:1e:d6:c3:6e:1a:d7:
1a:0c:d1:f7:33:42:6c:ef:4e:7a:df:8e:77:b5:fd:10:df:06:
9a:dc:64:53:52:84:5a:e9:e3:76:aa:ba:96:b2:7e:47:ce:a2:
c3:fc:fb:eb:3c:d9:c3:0a:fe:43:41:5f:b1:68:8f:8e:5b:25:
01:88:e0:6f:c4:90:cf:7a:38:25:ef:82:50:a7:19:b3:33:f3:
ee:74:de:7f:b0:dd:f8:cb:02:d4:0f:07:39:4b:cd:b6:5c:29:
0b:1a:88:0b:c2:61:a2:fe:08:df:17:2d:8b:af:ea:bc:10:db:
6b:58:0b:0e:54:b5:81:76:97:b1:32:19:d7:6a:95:a2:15:09:
fe:70:b1:1c:53:c8:0f:ef:20:b6:07:1b:6f:05:e6:9d:87:c5:
13:ee:23:bd:77:ae:08:2c:e0:e4:18:88:27:98:7e:26:a7:f9:
7b:78:de:18:3f:70:46:7b:0c:29:e4:e4:c2:bd:91:bd:cd:86:
bf:d6:b8:bf
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZw9HAgRmwIFnwORrQKhZLfHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOGU5M2YxOTYxYmViYzEwMDA5Y2IyNjVjMGJhZjM0NzAy
YTNkYWIwHhcNMjYwMjA4MTE1NjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQ4ZTQ2N2M0MTRmNzA1NDQ0MTMzMzBiZGEzNDQwZGJjNjVjNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqGlw7yb1+CLVv1RbNz6xkWEdY1R
T4C3msMgQ+SXzmEBURlWM8jzoMLgyZRWV7aXYrzbrlSzSpvpTotLEMQO+GknwcJz
oKTIkhx3vpC5b0oMMPtWV8vY1AWli7AYngaloaFi492uM/LX2oB8fdTbpEWYhZgT
hETTdM8Pyjk2t95JktK+BhiM/ubPQG5mRjHcss7j9+uk14YWi17KnE/zi6v/QXKk
QnYwnfgtvdfVBwYiuWuRr1KSuB7R/dYB/70oJpitjeO7zKMVJaaO1DwY0inO3/8x
RJIZOoWR/symbWLneZU4L4kZb2kicjV0N1Qyhus2xfj4hyuLfWpvsvwg3wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFClI5GfEFPcFREEzML2jRA28ZcQ1MB8GA1UdIwQY
MBaAFAqOk/GWG+vBAAnLJlwLrzRwKj2rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ282VDhaWWI2OEVBQ2NzbVhBdXZOSEFxUGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zOWZhNDMtOTc5NC00MjFhLWJhODkt
YjkzNTZlNjFmNzNhLzEvS1Vqa1o4UVU5d1ZFUVRNd3ZhTkVEYnhseERVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zOWZhNDMtOTc5NC00MjFhLWJhODktYjkzNTZlNjFmNzNh
LzEvQ282VDhaWWI2OEVBQ2NzbVhBdXZOSEFxUGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAW9QTAwQA
ucPtMBgEAgACMBIDBwAgAQZ8C+gDBwAqAexAAAAwDQYJKoZIhvcNAQELBQADggEB
AAZoxh0U/9of1RTlZz3T8qCw9o9Esu6k9QD47kGSWRLCFewaDXDJ0Nbrxf5PiW1F
9ld6dhKUGiBMxU8U4PMzGfHpix7Ww24a1xoM0fczQmzvTnrfjne1/RDfBprcZFNS
hFrp43aqupayfkfOosP8++s82cMK/kNBX7Foj45bJQGI4G/EkM96OCXvglCnGbMz
8+503n+w3fjLAtQPBzlLzbZcKQsaiAvCYaL+CN8XLYuv6rwQ22tYCw5UtYF2l7Ey
GddqlaIVCf5wsRxTyA/vILYHG28F5p2HxRPuI713rggs4OQYiCeYfian+Xt43hg/
cEZ7DCnk5MK9kb3Nhr/WuL8=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:25:16 2026 by rpki-client