Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UWhRMvZrvqIekHtN5Ldp-o3_ZIc.roa
File: UWhRMvZrvqIekHtN5Ldp-o3_ZIc.roa (raw, json)
Hash identifier: u+iufQ3+SrngnloW2biOAnRr40OObBVxsCwCeLYaf5w=
Subject key identifier: 51:68:51:32:F6:6B:BE:A2:1E:90:7B:4D:E4:B7:69:FA:8D:FF:64:87
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019D8654D83137C2A026929B5DF0C3BF2276
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UWhRMvZrvqIekHtN5Ldp-o3_ZIc.roa
Signing time: Mon 13 Apr 2026 10:13:20 +0000
ROA not before: Mon 13 Apr 2026 10:13:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 45.9.12.0/24 maxlen: 24
45.9.13.0/24 maxlen: 24
45.9.14.0/24 maxlen: 24
45.9.15.0/24 maxlen: 24
45.9.16.0/24 maxlen: 24
45.12.112.0/24 maxlen: 24
45.12.113.0/24 maxlen: 24
45.12.128.0/24 maxlen: 24
45.15.153.0/24 maxlen: 24
45.83.27.0/24 maxlen: 24
45.83.84.0/24 maxlen: 24
45.83.85.0/24 maxlen: 24
45.83.86.0/24 maxlen: 24
45.83.87.0/24 maxlen: 24
45.83.150.0/24 maxlen: 24
45.83.151.0/24 maxlen: 24
45.86.71.0/24 maxlen: 24
45.86.76.0/24 maxlen: 24
45.86.77.0/24 maxlen: 24
45.86.78.0/24 maxlen: 24
45.86.79.0/24 maxlen: 24
45.88.168.0/24 maxlen: 24
45.88.169.0/24 maxlen: 24
45.88.170.0/24 maxlen: 24
45.88.171.0/24 maxlen: 24
45.88.178.0/24 maxlen: 24
45.88.179.0/24 maxlen: 24
45.88.181.0/24 maxlen: 24
45.89.96.0/24 maxlen: 24
45.89.98.0/24 maxlen: 24
45.89.197.0/24 maxlen: 24
45.89.198.0/24 maxlen: 24
45.89.199.0/24 maxlen: 24
45.128.55.0/24 maxlen: 24
45.128.56.0/24 maxlen: 24
45.128.73.0/24 maxlen: 24
45.128.74.0/24 maxlen: 24
45.128.75.0/24 maxlen: 24
139.28.235.0/24 maxlen: 24
141.98.160.0/24 maxlen: 24
171.22.128.0/24 maxlen: 24
171.22.136.0/24 maxlen: 24
171.22.137.0/24 maxlen: 24
171.22.138.0/24 maxlen: 24
185.106.97.0/24 maxlen: 24
185.161.71.0/24 maxlen: 24
213.59.113.0/24 maxlen: 24
213.59.114.0/24 maxlen: 24
213.59.115.0/24 maxlen: 24
213.59.116.0/24 maxlen: 24
213.59.117.0/24 maxlen: 24
213.59.118.0/24 maxlen: 24
213.59.121.0/24 maxlen: 24
213.59.122.0/24 maxlen: 24
213.59.123.0/24 maxlen: 24
213.59.124.0/24 maxlen: 24
213.59.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:54:d8:31:37:c2:a0:26:92:9b:5d:f0:c3:bf:22:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 13 10:13:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=51685132f66bbea21e907b4de4b769fa8dff6487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5b:46:e9:1d:43:7a:88:87:e7:fa:fc:77:26:
75:4c:f2:a7:d7:be:ef:29:2c:75:eb:1e:d4:4c:f7:
39:74:45:23:2d:51:2e:b7:89:41:08:7a:ca:68:68:
8a:12:a9:a5:85:27:d1:92:ab:84:93:75:f0:58:49:
ee:d4:4e:3f:7d:07:a1:04:c7:92:b3:cc:ef:24:a1:
4c:db:d9:2e:51:d5:9f:a3:c4:77:fd:31:8c:92:e3:
c5:6e:36:ef:96:ea:e1:84:0c:c5:22:04:36:1a:a1:
60:64:89:50:2b:6b:a7:83:20:bb:d0:91:48:a1:47:
2c:b4:af:4a:a5:c9:c0:4c:a3:aa:44:cc:8a:88:79:
1a:a5:6b:6e:b5:0d:92:59:3d:f8:6c:71:0a:3f:ac:
89:6d:d8:82:7c:98:07:74:0b:d2:ca:5a:a0:dd:00:
ed:4f:c8:c5:9d:21:bd:54:8f:40:dd:78:97:3e:38:
bc:a8:19:bd:15:5c:78:c1:65:4d:e0:c2:05:b1:79:
f5:3d:f0:a5:40:22:34:17:18:72:4a:53:63:9d:6e:
94:e8:3c:12:2c:4b:2c:8f:ca:13:58:cd:9c:f6:68:
13:0b:3c:b0:49:bc:c5:13:fa:21:cb:52:50:4f:30:
23:63:0d:5d:b0:01:ee:a2:f3:c5:54:12:b0:bd:a2:
1e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:68:51:32:F6:6B:BE:A2:1E:90:7B:4D:E4:B7:69:FA:8D:FF:64:87
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/UWhRMvZrvqIekHtN5Ldp-o3_ZIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.12.0-45.9.16.255
45.12.112.0/23
45.12.128.0/24
45.15.153.0/24
45.83.27.0/24
45.83.84.0/22
45.83.150.0/23
45.86.71.0/24
45.86.76.0/22
45.88.168.0/22
45.88.178.0/23
45.88.181.0/24
45.89.96.0/24
45.89.98.0/24
45.89.197.0-45.89.199.255
45.128.55.0-45.128.56.255
45.128.73.0-45.128.75.255
139.28.235.0/24
141.98.160.0/24
171.22.128.0/24
171.22.136.0-171.22.138.255
185.106.97.0/24
185.161.71.0/24
213.59.113.0-213.59.118.255
213.59.121.0-213.59.125.255
Signature Algorithm: sha256WithRSAEncryption
28:c1:6a:8b:28:fd:ed:8c:f5:c0:f4:d7:d1:cc:fc:b0:e2:68:
50:b1:53:9e:3b:59:56:36:39:24:18:9a:b9:54:bc:66:25:96:
6f:13:da:d6:5f:92:62:22:7b:11:b3:f5:45:5f:50:43:43:25:
46:23:8a:0b:31:a7:c9:20:2f:a2:41:47:16:c6:fa:b7:87:2f:
1b:53:ef:b1:a2:56:a3:44:c3:98:94:ca:a0:0c:dc:10:53:94:
22:ff:5a:cd:17:c0:73:a8:5f:af:f1:2a:f7:e5:48:27:b4:7a:
41:a3:6e:76:bf:b1:03:59:c3:d3:9e:bd:43:db:21:64:e5:0c:
cb:64:b6:ec:f6:83:0e:8b:c5:3c:3c:5e:2d:ed:1e:54:27:88:
68:c4:e8:91:eb:64:f4:44:b3:c2:27:48:a5:7a:3b:89:c9:5d:
9b:df:08:0a:8e:bf:e3:07:aa:5c:40:27:c6:7f:3b:b0:76:a0:
2a:19:9a:95:36:c1:69:f5:e5:a1:ee:84:57:ac:af:5c:fc:ab:
a9:a5:f2:15:d3:87:69:3a:b9:cb:66:2b:e8:86:0c:68:f5:9c:
e3:1f:a5:e7:40:46:7d:71:25:23:b2:aa:52:ea:f6:36:c6:6d:
f4:72:02:99:01:83:3f:35:ce:25:66:d6:89:6f:61:93:4d:64:
23:fd:fa:5e
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZ2GVNgxN8KgJpKbXfDDvyJ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNDEzMTAxMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTY4NTEzMmY2NmJiZWEyMWU5MDdiNGRlNGI3NjlmYThkZmY2NDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1tG6R1DeoiH5/r8dyZ1TPKn177v
KSx16x7UTPc5dEUjLVEut4lBCHrKaGiKEqmlhSfRkquEk3XwWEnu1E4/fQehBMeS
s8zvJKFM29kuUdWfo8R3/TGMkuPFbjbvlurhhAzFIgQ2GqFgZIlQK2ungyC70JFI
oUcstK9KpcnATKOqRMyKiHkapWtutQ2SWT34bHEKP6yJbdiCfJgHdAvSylqg3QDt
T8jFnSG9VI9A3XiXPji8qBm9FVx4wWVN4MIFsXn1PfClQCI0FxhySlNjnW6U6DwS
LEssj8oTWM2c9mgTCzywSbzFE/ohy1JQTzAjYw1dsAHuovPFVBKwvaIe7wIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFFFoUTL2a76iHpB7TeS3afqN/2SHMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvVVdoUk12WnJ2cUlla0h0TjVMZHAtbzNfWkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4wDAME
Ai0JDAMEAC0JEAMEAS0McAMEAC0MgAMEAC0PmQMEAC1TGwMEAi1TVAMEAS1TlgME
AC1WRwMEAi1WTAMEAi1YqAMEAS1YsgMEAC1YtQMEAC1ZYAMEAC1ZYjAMAwQALVnF
AwQDLVnAMAwDBAAtgDcDBAAtgDgwDAMEAC2ASQMEAi2ASAMEAIsc6wMEAI1ioAME
AKsWgDAMAwQDqxaIAwQAqxaKAwQAuWphAwQAuaFHMAwDBADVO3EDBADVO3YwDAME
ANU7eQMEAdU7fDANBgkqhkiG9w0BAQsFAAOCAQEAKMFqiyj97Yz1wPTX0cz8sOJo
ULFTnjtZVjY5JBiauVS8ZiWWbxPa1l+SYiJ7EbP1RV9QQ0MlRiOKCzGnySAvokFH
Fsb6t4cvG1PvsaJWo0TDmJTKoAzcEFOUIv9azRfAc6hfr/Eq9+VIJ7R6QaNudr+x
A1nD0569Q9shZOUMy2S27PaDDovFPDxeLe0eVCeIaMToketk9ESzwidIpXo7icld
m98ICo6/4weqXEAnxn87sHagKhmalTbBafXloe6EV6yvXPyrqaXyFdOHaTq5y2Yr
6IYMaPWc4x+l50BGfXElI7KqUur2NsZt9HICmQGDPzXOJWbWiW9hk01kI/36Xg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:31 2026 by rpki-client