Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/uKVnkxpc55UHCp4G3gmfBYK9lgA.roa
File: uKVnkxpc55UHCp4G3gmfBYK9lgA.roa (raw, json)
Hash identifier: Yl+4aX3AL4iwnArD6mGCgp0IBTVDchipN4aGOMzOCE4=
Subject key identifier: B8:A5:67:93:1A:5C:E7:95:07:0A:9E:06:DE:09:9F:05:82:BD:96:00
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 019E3A85EFAE9AD802B677C58AF1CED70656
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/uKVnkxpc55UHCp4G3gmfBYK9lgA.roa
Signing time: Mon 18 May 2026 09:58:36 +0000
ROA not before: Mon 18 May 2026 09:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16202
IP address blocks: 77.64.128.0/17 maxlen: 20
77.64.128.0/18 maxlen: 18
77.64.128.0/19 maxlen: 19
77.64.146.0/23 maxlen: 23
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
77.64.208.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
83.221.64.0/19 maxlen: 23
83.221.64.0/20 maxlen: 23
83.221.64.0/21 maxlen: 21
83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
89.186.128.0/19 maxlen: 24
89.186.128.0/20 maxlen: 20
89.186.128.0/21 maxlen: 21
89.186.136.0/21 maxlen: 21
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
89.186.152.0/21 maxlen: 21
92.206.0.0/16 maxlen: 16
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.64.0/18 maxlen: 23
92.206.128.0/18 maxlen: 23
92.206.160.0/19 maxlen: 19
92.206.190.0/23 maxlen: 23
92.206.192.0/18 maxlen: 23
92.206.224.0/19 maxlen: 19
95.168.128.0/19 maxlen: 24
95.168.128.0/20 maxlen: 24
95.168.144.0/20 maxlen: 20
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
217.68.176.0/20 maxlen: 20
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
2a02:2454:8000::/33 maxlen: 36
2a02:2457:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3a:85:ef:ae:9a:d8:02:b6:77:c5:8a:f1:ce:d7:06:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: May 18 09:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8a567931a5ce795070a9e06de099f0582bd9600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:b7:7a:c1:95:7f:8b:56:01:a1:c7:fd:bf:db:
64:04:e0:ef:09:77:35:ec:97:aa:45:06:01:5c:93:
0d:34:aa:5b:57:2e:0f:7c:1f:2b:51:42:40:89:25:
78:6c:83:61:e3:8f:05:e7:0b:07:30:b6:2f:30:86:
5e:3f:b9:82:a9:40:ac:a4:3c:fa:73:44:3f:af:83:
88:c7:b9:2f:af:d8:34:3b:ba:6e:af:a3:d2:19:63:
06:5a:f6:95:70:1a:3c:aa:ff:eb:24:1a:19:40:a8:
17:56:25:a3:4f:db:3d:48:f2:fd:dd:28:dc:c4:84:
bf:c8:c6:b2:9a:3c:a5:5b:e7:07:ed:c8:61:4f:41:
31:83:b9:b8:b3:66:9d:41:7c:ae:41:72:8b:71:36:
72:ee:af:0c:e7:12:07:6b:60:59:24:d9:b8:fc:a9:
2f:e8:97:00:0e:b1:ea:16:2d:57:f7:6c:18:e0:08:
8c:88:8c:8d:0a:f9:62:21:19:83:16:b0:2a:a0:a5:
0c:cf:13:93:fb:75:01:c7:5b:f1:2f:f0:2d:47:a7:
01:ed:7a:ce:68:cf:47:b5:05:11:8d:4b:c6:f1:6a:
f6:0f:55:74:27:fd:08:8a:9d:f5:d3:96:dd:e0:34:
be:97:05:c2:db:ff:9b:04:a9:54:aa:b7:f8:6b:81:
17:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A5:67:93:1A:5C:E7:95:07:0A:9E:06:DE:09:9F:05:82:BD:96:00
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/uKVnkxpc55UHCp4G3gmfBYK9lgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
9e:7e:e4:43:d9:f0:bc:52:ff:23:37:01:b7:d7:f0:ae:af:64:
e4:d9:77:09:eb:24:f6:e0:5f:06:fe:55:34:4d:79:46:22:74:
c4:04:76:5b:f0:e0:aa:f1:72:41:8b:c5:f7:5e:82:60:b9:f5:
e4:38:8d:ad:8e:2d:93:b0:f8:c0:8c:c6:86:09:07:9f:56:4a:
0e:88:dd:71:f1:b7:de:a7:ba:db:d7:b0:8b:ec:a1:d4:1e:5f:
3d:5a:16:74:71:09:8d:85:e8:08:66:90:ad:3d:11:3a:5a:64:
28:73:e7:3d:10:fc:9e:57:5f:1c:a8:b1:6c:3c:10:dd:f8:ee:
75:8e:f0:6b:40:0a:8d:f6:1b:f8:16:b9:d1:e8:8f:41:42:bd:
ba:bd:21:f4:c6:02:b8:40:23:ba:9d:4a:b8:dd:d4:05:a6:eb:
28:f2:89:a0:b9:6f:2c:ff:7c:dd:10:32:4f:5b:3c:65:9a:ca:
3f:b5:7c:c7:23:30:cc:31:85:56:b8:d1:85:8c:ee:bd:6e:b2:
df:e3:60:2b:9c:53:0e:67:f7:89:8b:c3:f3:6e:ad:bd:e7:7d:
b0:cf:04:a0:c2:8b:cd:0e:36:19:a2:14:de:6a:bb:4f:8d:59:
ea:30:45:b7:c1:e6:85:e2:8d:9c:b4:b7:25:48:73:b5:40:2e:
8d:ef:8e:d4
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZ46he+umtgCtnfFivHO1wZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjYwNTE4MDk1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGE1Njc5MzFhNWNlNzk1MDcwYTllMDZkZTA5OWYwNTgyYmQ5NjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA87d6wZV/i1YBocf9v9tkBODvCXc1
7JeqRQYBXJMNNKpbVy4PfB8rUUJAiSV4bINh448F5wsHMLYvMIZeP7mCqUCspDz6
c0Q/r4OIx7kvr9g0O7pur6PSGWMGWvaVcBo8qv/rJBoZQKgXViWjT9s9SPL93Sjc
xIS/yMaymjylW+cH7chhT0Exg7m4s2adQXyuQXKLcTZy7q8M5xIHa2BZJNm4/Kkv
6JcADrHqFi1X92wY4AiMiIyNCvliIRmDFrAqoKUMzxOT+3UBx1vxL/AtR6cB7XrO
aM9HtQURjUvG8Wr2D1V0J/0Iip3105bd4DS+lwXC2/+bBKlUqrf4a4EXFwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLilZ5MaXOeVBwqeBt4JnwWCvZYAMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvdUtWbmt4cGM1NVVIQ3A0RzNnbWZCWUs5bGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQCefuRD2fC8Uv8jNwG3
1/Cur2Tk2XcJ6yT24F8G/lU0TXlGInTEBHZb8OCq8XJBi8X3XoJgufXkOI2tji2T
sPjAjMaGCQefVkoOiN1x8bfep7rb17CL7KHUHl89WhZ0cQmNhegIZpCtPRE6WmQo
c+c9EPyeV18cqLFsPBDd+O51jvBrQAqN9hv4FrnR6I9BQr26vSH0xgK4QCO6nUq4
3dQFpuso8omguW8s/3zdEDJPWzxlmso/tXzHIzDMMYVWuNGFjO69brLf42ArnFMO
Z/eJi8Pzbq29532wzwSgwovNDjYZohTeartPjVnqMEW3weaF4o2ctLclSHO1QC6N
747U
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:15:07 2026 by rpki-client