Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/uLHH6IqO22bZWZTgO9nKR2wQbJE.roa
File: uLHH6IqO22bZWZTgO9nKR2wQbJE.roa (raw, json)
Hash identifier: laj7eTzK3jKEChy9oG/lzbHF9H3dpCdbB2ksudV3h+Y=
Subject key identifier: B8:B1:C7:E8:8A:8E:DB:66:D9:59:94:E0:3B:D9:CA:47:6C:10:6C:91
Certificate issuer: /CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Certificate serial: 019B77C7548A4250BAA2B47C73CFB8D1A58B
Authority key identifier: DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/uLHH6IqO22bZWZTgO9nKR2wQbJE.roa
Signing time: Thu 01 Jan 2026 04:18:30 +0000
ROA not before: Thu 01 Jan 2026 04:18:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8423
IP address blocks: 78.31.128.0/21 maxlen: 24
91.200.96.0/22 maxlen: 24
91.207.124.0/23 maxlen: 24
91.213.16.0/24 maxlen: 24
91.223.45.0/24 maxlen: 24
176.118.184.0/22 maxlen: 24
195.225.84.0/22 maxlen: 24
2001:67c:44::/48 maxlen: 48
2a0d:ca40::/29 maxlen: 48
2a0d:ca47:862::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:54:8a:42:50:ba:a2:b4:7c:73:cf:b8:d1:a5:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de7c82b2276cbdf130ccad046b65feab2c27ed49
Validity
Not Before: Jan 1 04:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8b1c7e88a8edb66d95994e03bd9ca476c106c91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a5:82:a1:83:8e:3d:d6:c3:a5:1e:31:cc:f2:
95:40:3f:6a:2c:81:7d:f1:39:39:13:61:4b:82:8a:
7e:f8:0a:04:13:22:5b:8f:9b:c2:07:df:b1:05:63:
1d:c6:f5:56:d3:ea:04:e6:2b:09:7e:76:66:b4:29:
aa:7a:3a:46:76:6a:b1:df:e0:0d:5f:d1:5e:9d:64:
da:d6:33:bd:19:90:47:89:67:b8:0c:63:35:bf:64:
de:b4:b9:30:0b:fe:82:7c:bd:1e:18:08:36:6f:45:
70:3f:32:bb:a9:1a:fe:18:53:12:b7:82:ef:29:a6:
fa:70:aa:28:f8:8f:2f:ea:45:a9:9b:29:5b:44:ac:
ce:d7:8d:a2:87:36:1c:03:3f:e1:a2:63:86:38:a9:
03:03:45:14:36:7d:5d:e6:f5:30:df:d9:a3:f2:f4:
77:78:cd:c0:6d:df:cd:76:f3:28:5b:95:20:6e:2e:
04:7a:e4:0f:ca:92:26:b7:4e:ea:c6:a8:b3:45:89:
d2:b7:70:91:f9:19:18:50:ed:e1:d2:ad:30:68:24:
ff:14:c9:81:d9:c0:17:21:5b:cf:51:78:7f:4f:77:
ec:3c:5f:e3:a0:34:94:4a:6b:40:3d:e1:12:91:59:
78:b9:7c:8b:f7:1c:c5:ef:85:b6:9f:85:9b:6f:0f:
bd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:B1:C7:E8:8A:8E:DB:66:D9:59:94:E0:3B:D9:CA:47:6C:10:6C:91
X509v3 Authority Key Identifier:
keyid:DE:7C:82:B2:27:6C:BD:F1:30:CC:AD:04:6B:65:FE:AB:2C:27:ED:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3nyCsidsvfEwzK0Ea2X-qywn7Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/uLHH6IqO22bZWZTgO9nKR2wQbJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/6fa5df-fb9f-4ae5-ba89-7faf7c1de7b0/1/3nyCsidsvfEwzK0Ea2X-qywn7Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.128.0/21
91.200.96.0/22
91.207.124.0/23
91.213.16.0/24
91.223.45.0/24
176.118.184.0/22
195.225.84.0/22
IPv6:
2001:67c:44::/48
2a0d:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
9e:d5:68:50:be:e7:27:c7:af:f6:77:2d:38:10:94:da:69:61:
52:19:fe:31:c8:2f:6e:67:81:3c:89:1c:59:28:65:e2:4e:b0:
6d:a6:81:4a:3e:16:06:b9:92:7f:fc:32:f0:b4:e5:34:c7:ef:
ca:5f:c8:6f:52:aa:8c:67:d4:8b:d4:cf:14:bc:92:5c:85:3c:
14:16:05:ad:ac:a7:46:e1:a9:91:28:c6:95:5b:3d:23:65:80:
bd:09:68:aa:8b:96:2c:85:03:a8:28:ad:0c:4d:97:fb:de:90:
f4:81:ab:10:ea:75:34:9f:6c:a4:74:0d:ab:de:46:3b:97:11:
e7:a4:35:90:f1:28:02:4d:54:ec:a0:19:72:d2:ca:cb:93:35:
bd:74:08:75:54:4f:ff:81:76:a3:6a:96:fd:14:3d:fe:6e:31:
cd:a7:19:6f:47:0d:26:17:52:82:5c:59:01:ab:a6:b1:ed:e1:
38:9c:f8:e8:0d:80:a3:cb:7e:72:82:9c:6d:86:36:8d:b0:19:
90:52:bb:b2:fd:f7:b8:84:db:ce:89:a7:72:a1:9d:a8:bd:db:
fa:ee:f6:da:43:64:49:02:b0:a2:c3:d3:38:2f:b0:7a:f4:91:
df:49:02:78:f7:85:a2:b6:87:d6:64:69:2d:6d:66:01:8c:ff:
ea:ff:9c:5b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZt3x1SKQlC6orR8c8+40aWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlN2M4MmIyMjc2Y2JkZjEzMGNjYWQwNDZiNjVmZWFiMmMy
N2VkNDkwHhcNMjYwMTAxMDQxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGIxYzdlODhhOGVkYjY2ZDk1OTk0ZTAzYmQ5Y2E0NzZjMTA2YzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KWCoYOOPdbDpR4xzPKVQD9qLIF9
8Tk5E2FLgop++AoEEyJbj5vCB9+xBWMdxvVW0+oE5isJfnZmtCmqejpGdmqx3+AN
X9FenWTa1jO9GZBHiWe4DGM1v2TetLkwC/6CfL0eGAg2b0VwPzK7qRr+GFMSt4Lv
Kab6cKoo+I8v6kWpmylbRKzO142ihzYcAz/homOGOKkDA0UUNn1d5vUw39mj8vR3
eM3Abd/NdvMoW5Ugbi4EeuQPypImt07qxqizRYnSt3CR+RkYUO3h0q0waCT/FMmB
2cAXIVvPUXh/T3fsPF/joDSUSmtAPeESkVl4uXyL9xzF74W2n4Wbbw+9tQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLixx+iKjttm2VmU4DvZykdsEGyRMB8GA1UdIwQY
MBaAFN58grInbL3xMMytBGtl/qssJ+1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODkt
N2ZhZjdjMWRlN2IwLzEvdUxISDZJcU8yMmJaV1pUZ085bktSMndRYkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi82ZmE1ZGYtZmI5Zi00YWU1LWJhODktN2ZhZjdjMWRlN2Iw
LzEvM255Q3NpZHN2ZkV3ekswRWEyWC1xeXduN1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAwBAIAATAqAwQDTh+AAwQC
W8hgAwQBW898AwQAW9UQAwQAW98tAwQCsHa4AwQCw+FUMBYEAgACMBADBwAgAQZ8
AEQDBQMqDcpAMA0GCSqGSIb3DQEBCwUAA4IBAQCe1WhQvucnx6/2dy04EJTaaWFS
Gf4xyC9uZ4E8iRxZKGXiTrBtpoFKPhYGuZJ//DLwtOU0x+/KX8hvUqqMZ9SL1M8U
vJJchTwUFgWtrKdG4amRKMaVWz0jZYC9CWiqi5YshQOoKK0MTZf73pD0gasQ6nU0
n2ykdA2r3kY7lxHnpDWQ8SgCTVTsoBly0srLkzW9dAh1VE//gXajapb9FD3+bjHN
pxlvRw0mF1KCXFkBq6ax7eE4nPjoDYCjy35ygpxthjaNsBmQUruy/fe4hNvOiady
oZ2ovdv67vbaQ2RJArCiw9M4L7B69JHfSQJ494WitofWZGktbWYBjP/q/5xb
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:24:41 2026 by rpki-client