Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/0Uqlzj0wBudtuwo65E7ecBxR-5I.roa
File: 0Uqlzj0wBudtuwo65E7ecBxR-5I.roa (raw, json)
Hash identifier: 3nBce/u/p8RQlISZvZNTZJ4v/xHNCVwY/ApDTxv5Cr0=
Subject key identifier: D1:4A:A5:CE:3D:30:06:E7:6D:BB:0A:3A:E4:4E:DE:70:1C:51:FB:92
Certificate issuer: /CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Certificate serial: 019B7F83B1A7A6732BDC0C0721A2BEA47A3A
Authority key identifier: A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/0Uqlzj0wBudtuwo65E7ecBxR-5I.roa
Signing time: Fri 02 Jan 2026 16:21:35 +0000
ROA not before: Fri 02 Jan 2026 16:21:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201322
IP address blocks: 91.186.68.0/23 maxlen: 23
91.186.70.0/24 maxlen: 24
91.186.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 04:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:83:b1:a7:a6:73:2b:dc:0c:07:21:a2:be:a4:7a:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1864edfa412d77a03cbf59131e3fcc03a60e188
Validity
Not Before: Jan 2 16:21:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d14aa5ce3d3006e76dbb0a3ae44ede701c51fb92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:88:de:25:65:b1:22:0c:e7:16:dc:3a:89:b3:
71:49:1d:9d:8d:4e:83:70:15:18:aa:2e:fa:f9:95:
81:2a:59:73:34:ed:4a:af:4b:ae:d8:19:97:a2:6b:
43:68:13:0b:fe:19:02:d3:ce:bd:33:60:bb:4e:6d:
f8:ba:8a:da:fe:6d:bf:21:05:a6:9c:3a:2f:72:c9:
ae:6a:a0:88:f0:4d:72:1f:65:84:84:d2:a8:ee:f1:
ec:dc:f9:65:e2:23:98:c5:e6:a1:62:a0:d3:f5:7f:
f5:bc:0f:4d:4a:58:cb:9d:cf:13:53:d3:f3:d4:8d:
a2:6b:6e:b3:a1:23:98:ee:e1:24:e9:2d:48:1f:36:
59:1d:98:70:25:ac:65:b6:11:1c:ba:87:14:7e:83:
e7:a5:af:a2:5c:d1:ed:ee:36:3e:12:38:ba:ea:96:
21:f7:e5:7a:a8:6c:1d:ed:f8:26:a9:4a:76:68:c0:
be:4c:28:8a:b4:75:3b:65:6d:d2:45:dc:78:75:f9:
0d:3e:eb:e1:aa:55:6a:c5:ae:0e:c9:2a:33:2c:60:
47:2a:f2:20:d3:61:8f:52:09:22:e8:4b:83:a3:e7:
fb:5b:03:2a:f4:e3:7e:59:90:da:bd:9a:67:af:7e:
53:2b:d9:54:88:6d:99:65:17:75:ff:42:32:00:9a:
63:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4A:A5:CE:3D:30:06:E7:6D:BB:0A:3A:E4:4E:DE:70:1C:51:FB:92
X509v3 Authority Key Identifier:
keyid:A1:86:4E:DF:A4:12:D7:7A:03:CB:F5:91:31:E3:FC:C0:3A:60:E1:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYZO36QS13oDy_WRMeP8wDpg4Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/0Uqlzj0wBudtuwo65E7ecBxR-5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/8c3d5c-a36c-4e3f-a059-1a5579e8c6c0/1/oYZO36QS13oDy_WRMeP8wDpg4Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.68.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:de:64:1c:32:51:e1:c0:0f:79:16:02:96:9d:0f:77:dd:2e:
7d:9c:a2:c4:b9:69:12:d3:85:c9:89:5e:7e:58:eb:ea:4b:8c:
02:eb:81:8f:d1:95:2d:a4:83:6b:ea:6a:17:5f:58:60:12:58:
26:69:52:fe:a3:96:62:22:10:0e:bc:83:50:08:5a:36:d5:66:
de:43:53:86:e9:f4:0c:b1:bf:d0:60:fe:da:fa:a3:e4:cc:e2:
b7:2d:1a:2a:d1:6b:c1:10:05:16:32:45:a7:c1:36:56:a1:30:
a4:e2:1c:b9:c9:08:06:a3:65:7b:0a:3c:d5:a1:86:39:5b:fb:
f0:af:cd:fa:44:1e:a6:8e:ee:77:a5:52:10:fc:a3:57:13:1e:
2c:c2:5c:f9:53:db:04:61:2b:d1:12:a5:04:7b:37:8c:26:7f:
d9:ae:f5:97:59:34:2f:8c:91:74:10:dc:ea:77:bd:7f:9c:65:
e4:96:1b:fe:97:16:65:7e:0d:58:19:54:2a:05:2c:6c:29:bb:
8e:4b:12:c4:ee:a2:fd:18:a8:53:26:69:fc:4b:e1:bf:88:00:
26:51:e3:26:69:25:21:52:64:9a:c3:30:66:19:da:c1:3b:dc:
83:e3:61:bf:e0:92:9a:6e:00:50:b5:f4:74:55:1d:61:41:fc:
91:b4:3a:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/g7GnpnMr3AwHIaK+pHo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODY0ZWRmYTQxMmQ3N2EwM2NiZjU5MTMxZTNmY2MwM2E2
MGUxODgwHhcNMjYwMTAyMTYyMTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRhYTVjZTNkMzAwNmU3NmRiYjBhM2FlNDRlZGU3MDFjNTFmYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4jeJWWxIgznFtw6ibNxSR2djU6D
cBUYqi76+ZWBKllzNO1Kr0uu2BmXomtDaBML/hkC0869M2C7Tm34uora/m2/IQWm
nDovcsmuaqCI8E1yH2WEhNKo7vHs3Pll4iOYxeahYqDT9X/1vA9NSljLnc8TU9Pz
1I2ia26zoSOY7uEk6S1IHzZZHZhwJaxlthEcuocUfoPnpa+iXNHt7jY+Eji66pYh
9+V6qGwd7fgmqUp2aMC+TCiKtHU7ZW3SRdx4dfkNPuvhqlVqxa4OySozLGBHKvIg
02GPUgki6EuDo+f7WwMq9ON+WZDavZpnr35TK9lUiG2ZZRd1/0IyAJpjswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNFKpc49MAbnbbsKOuRO3nAcUfuSMB8GA1UdIwQY
MBaAFKGGTt+kEtd6A8v1kTHj/MA6YOGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTkt
MWE1NTc5ZThjNmMwLzEvMFVxbHpqMHdCdWR0dXdvNjVFN2VjQnhSLTVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS84YzNkNWMtYTM2Yy00ZTNmLWEwNTktMWE1NTc5ZThjNmMw
LzEvb1laTzM2UVMxM29EeV9XUk1lUDh3RHBnNFlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW7pEMA0G
CSqGSIb3DQEBCwUAA4IBAQAv3mQcMlHhwA95FgKWnQ933S59nKLEuWkS04XJiV5+
WOvqS4wC64GP0ZUtpINr6moXX1hgElgmaVL+o5ZiIhAOvINQCFo21WbeQ1OG6fQM
sb/QYP7a+qPkzOK3LRoq0WvBEAUWMkWnwTZWoTCk4hy5yQgGo2V7CjzVoYY5W/vw
r836RB6mju53pVIQ/KNXEx4swlz5U9sEYSvREqUEezeMJn/ZrvWXWTQvjJF0ENzq
d71/nGXklhv+lxZlfg1YGVQqBSxsKbuOSxLE7qL9GKhTJmn8S+G/iAAmUeMmaSUh
UmSawzBmGdrBO9yD42G/4JKabgBQtfR0VR1hQfyRtDrg
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:21:09 2026 by rpki-client