Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueup8sKqiBZqSudhKINNwt2I8Qc.roa
File: ueup8sKqiBZqSudhKINNwt2I8Qc.roa (raw, json)
Hash identifier: Q6sGdwm8u/7WQIJJj3Dwti8BTSmrQSExHbTdi3BNduQ=
Subject key identifier: B9:EB:A9:F2:C2:AA:88:16:6A:4A:E7:61:28:83:4D:C2:DD:88:F1:07
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019C9EB412D368533B3DFFA9CFA782CD6B1C
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueup8sKqiBZqSudhKINNwt2I8Qc.roa
Signing time: Fri 27 Feb 2026 10:45:27 +0000
ROA not before: Fri 27 Feb 2026 10:45:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 852
IP address blocks: 45.12.180.0/24 maxlen: 24
171.22.102.0/24 maxlen: 24
171.22.103.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:b4:12:d3:68:53:3b:3d:ff:a9:cf:a7:82:cd:6b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 27 10:45:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9eba9f2c2aa88166a4ae76128834dc2dd88f107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:25:ae:6a:ac:99:89:95:7b:d6:f7:49:42:ef:
cd:43:86:b4:50:67:a8:99:49:f5:6b:92:38:0d:bf:
04:b7:8b:6d:c7:dc:f5:63:fe:b7:18:4d:8a:17:b0:
5b:d2:2b:29:1d:63:0c:c0:d7:4f:05:6e:f1:e3:42:
16:62:80:6b:c3:5c:93:2b:52:c0:54:2a:39:72:d7:
4e:aa:97:13:71:a1:25:6d:10:30:2c:db:10:50:1b:
b0:e2:73:49:d3:27:d7:4b:8e:75:92:c0:03:23:03:
5a:f2:8d:36:d8:95:74:df:ce:8a:b9:b4:50:02:e1:
10:52:12:ed:db:58:bf:41:b7:86:69:49:0a:4c:e0:
96:2d:ef:bb:72:58:9f:9b:a0:9b:a9:42:41:8c:d9:
fb:35:7e:d2:b6:3c:91:8b:c7:45:ea:16:40:48:ab:
e1:76:10:4b:45:02:98:b9:da:ad:74:33:54:c9:a2:
37:a7:d5:49:1c:ac:19:ad:48:d1:7c:3d:da:7c:04:
f3:27:b9:de:15:72:f1:71:5a:91:78:ea:a2:af:05:
40:ef:94:dd:e0:6d:73:c2:5d:d0:8d:0e:23:39:14:
ef:7c:61:b9:46:c9:39:60:93:76:bb:be:d0:87:43:
9e:9f:d9:a7:43:b1:8e:40:cc:db:11:ed:cf:f8:72:
ee:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EB:A9:F2:C2:AA:88:16:6A:4A:E7:61:28:83:4D:C2:DD:88:F1:07
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ueup8sKqiBZqSudhKINNwt2I8Qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.180.0/24
171.22.102.0/23
185.239.242.0/24
Signature Algorithm: sha256WithRSAEncryption
12:53:34:d5:fc:d4:3a:82:d0:55:20:0a:5a:35:2b:9a:cd:30:
83:95:a1:1c:8d:f9:24:59:bc:41:06:92:3e:20:3f:d3:bc:33:
9b:d8:cc:12:a0:36:12:64:11:07:39:ca:35:59:62:d1:2f:16:
c6:4d:c5:d1:4a:42:d0:14:7a:9d:58:3b:4c:cf:85:d9:41:0f:
80:d7:e3:6a:e4:87:86:22:20:55:6a:04:8b:51:4d:97:4a:94:
17:4f:05:a6:da:5a:f9:c8:91:2c:9f:67:bb:98:53:c8:f0:3f:
4f:79:9f:19:ef:9f:6a:78:50:6b:ed:15:83:85:ce:bd:3c:1f:
ef:c2:14:55:fb:b5:71:d2:6f:12:ca:7a:22:c6:4c:b3:ea:af:
18:d0:d3:a1:ae:c9:ae:0f:20:08:dc:0b:6c:71:22:bc:5b:82:
9d:2e:f9:9a:dc:3f:be:f6:40:2f:18:a6:88:ee:e0:bd:74:20:
a2:39:72:87:42:8d:3f:0e:77:c2:44:5e:b7:5a:64:f7:4c:a2:
03:13:f9:63:a6:88:5c:1d:52:53:45:8e:6e:f7:a0:92:67:e2:
a9:5e:25:0d:d2:45:17:1e:0e:9b:d5:85:a9:31:91:2d:a0:4f:
0d:f6:ef:4f:9a:22:fd:d1:53:81:e0:6e:03:d5:e7:b5:5c:4b:
ce:ff:70:bb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZyetBLTaFM7Pf+pz6eCzWscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMjI3MTA0NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWViYTlmMmMyYWE4ODE2NmE0YWU3NjEyODgzNGRjMmRkODhmMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5SWuaqyZiZV71vdJQu/NQ4a0UGeo
mUn1a5I4Db8Et4ttx9z1Y/63GE2KF7Bb0ispHWMMwNdPBW7x40IWYoBrw1yTK1LA
VCo5ctdOqpcTcaElbRAwLNsQUBuw4nNJ0yfXS451ksADIwNa8o022JV0386KubRQ
AuEQUhLt21i/QbeGaUkKTOCWLe+7clifm6CbqUJBjNn7NX7StjyRi8dF6hZASKvh
dhBLRQKYudqtdDNUyaI3p9VJHKwZrUjRfD3afATzJ7neFXLxcVqReOqirwVA75Td
4G1zwl3QjQ4jORTvfGG5Rsk5YJN2u77Qh0Oen9mnQ7GOQMzbEe3P+HLutwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLnrqfLCqogWakrnYSiDTcLdiPEHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdWV1cDhzS3FpQlpxU3VkaEtJTk53dDJJOFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQy0AwQB
qxZmAwQAue/yMA0GCSqGSIb3DQEBCwUAA4IBAQASUzTV/NQ6gtBVIApaNSuazTCD
laEcjfkkWbxBBpI+ID/TvDOb2MwSoDYSZBEHOco1WWLRLxbGTcXRSkLQFHqdWDtM
z4XZQQ+A1+Nq5IeGIiBVagSLUU2XSpQXTwWm2lr5yJEsn2e7mFPI8D9PeZ8Z759q
eFBr7RWDhc69PB/vwhRV+7Vx0m8Synoixkyz6q8Y0NOhrsmuDyAI3AtscSK8W4Kd
Lvma3D++9kAvGKaI7uC9dCCiOXKHQo0/DnfCRF63WmT3TKIDE/ljpohcHVJTRY5u
96CSZ+KpXiUN0kUXHg6b1YWpMZEtoE8N9u9PmiL90VOB4G4D1ee1XEvO/3C7
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:52:56 2026 by rpki-client