Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uxZ3tGauBQE1arlditb6HW25KKo.roa
File: uxZ3tGauBQE1arlditb6HW25KKo.roa (raw, json)
Hash identifier: dOPFaESAuusLjNX/ADWbHy7GsFRQPmJbR/h966NVvgg=
Subject key identifier: BB:16:77:B4:66:AE:05:01:35:6A:B9:5D:8A:D6:FA:1D:6D:B9:28:AA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CA893D87B50A0C22F1717985CFF6E6DDE
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uxZ3tGauBQE1arlditb6HW25KKo.roa
Signing time: Sun 01 Mar 2026 08:46:27 +0000
ROA not before: Sun 01 Mar 2026 08:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213755
IP address blocks: 45.145.59.0/24 maxlen: 24
45.146.89.0/24 maxlen: 24
45.146.90.0/24 maxlen: 24
45.152.202.0/24 maxlen: 24
103.91.146.0/24 maxlen: 24
193.39.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a8:93:d8:7b:50:a0:c2:2f:17:17:98:5c:ff:6e:6d:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 1 08:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bb1677b466ae0501356ab95d8ad6fa1d6db928aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:f6:b3:0b:a9:c0:4b:01:f2:e2:44:84:a6:c7:
f0:2f:2a:b2:a3:66:37:c2:f1:18:04:75:82:cd:17:
0e:39:1c:32:1d:88:e3:d0:05:4e:e6:a0:af:ff:f5:
3e:72:df:29:b9:a8:c3:33:8c:17:52:3e:7f:1a:d6:
a0:5d:72:8a:0b:3a:7c:ee:50:b7:04:72:db:e6:9f:
87:dc:1e:81:cd:e5:46:fa:09:45:17:0a:b4:17:42:
05:5b:0e:3a:d9:39:06:09:05:d2:62:c7:9c:35:2b:
0d:4e:53:6b:bf:e8:bd:69:59:95:97:16:c0:18:24:
69:86:47:1b:7d:8d:56:ca:95:02:13:d7:05:1f:6d:
de:23:f1:f2:bb:86:32:b1:f0:b5:4d:a9:2a:50:84:
00:d0:92:bd:13:ac:eb:9d:82:f2:f5:0e:47:a8:c5:
21:af:21:12:1e:f2:17:b9:b0:7e:82:35:b5:73:a5:
5f:b9:e7:36:6d:f9:a5:5c:c6:94:5d:40:ec:56:d5:
d7:b1:44:77:32:5e:73:1b:22:75:63:4e:ed:b9:9b:
df:ac:4e:67:b8:94:21:1b:f4:0a:90:81:67:02:c3:
1e:4c:b2:dc:2a:f7:1e:6b:60:3f:23:c6:bb:9d:11:
d1:49:81:55:4f:98:8d:c6:42:43:bd:7e:bb:aa:68:
f5:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:16:77:B4:66:AE:05:01:35:6A:B9:5D:8A:D6:FA:1D:6D:B9:28:AA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/uxZ3tGauBQE1arlditb6HW25KKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.59.0/24
45.146.89.0-45.146.90.255
45.152.202.0/24
103.91.146.0/24
193.39.143.0/24
Signature Algorithm: sha256WithRSAEncryption
60:c9:45:8f:85:ac:74:d3:f0:20:e3:67:c0:87:fb:c7:cc:cf:
d5:cd:80:e6:38:87:8a:2c:fb:b1:94:8e:b2:3d:10:aa:9e:ee:
08:7f:bf:26:a1:e5:3a:9c:cd:d0:74:b3:fc:31:f6:a3:cd:6a:
66:6b:e2:02:57:8b:73:f0:e8:46:7d:69:98:ee:f6:a7:b6:5e:
4a:8e:a7:2e:93:9f:18:6f:8e:b1:11:33:f7:4d:60:e9:4a:49:
4f:70:c9:ac:46:62:0a:0d:8c:80:db:b6:fa:e2:1c:c7:d0:0a:
34:c0:1a:ba:93:2a:4e:e5:a7:d7:9d:0b:a1:f4:8d:f4:6f:f0:
3e:a3:07:d3:62:f9:a7:bf:dd:2f:37:cf:da:da:39:91:2a:f8:
53:26:24:20:28:5d:aa:05:ed:dd:2a:da:66:b4:71:81:d1:8c:
85:5d:a7:2c:c1:4e:ac:3f:ec:7c:59:75:73:6c:e5:f5:d6:bc:
da:b0:65:48:e2:85:e7:f0:68:0d:5d:8f:70:35:0f:be:2d:24:
6a:2d:4b:51:b5:76:e4:52:85:41:5b:99:f9:42:3e:e6:75:2b:
58:82:34:a0:43:ea:b5:26:67:c1:5e:76:ac:7e:93:d6:b0:6c:
fc:fd:4b:02:e8:21:74:33:3c:11:0a:ac:91:5b:db:2a:ef:07:
98:a2:65:f5
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZyok9h7UKDCLxcXmFz/bm3eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzAxMDg0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjE2NzdiNDY2YWUwNTAxMzU2YWI5NWQ4YWQ2ZmExZDZkYjkyOGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyfazC6nASwHy4kSEpsfwLyqyo2Y3
wvEYBHWCzRcOORwyHYjj0AVO5qCv//U+ct8puajDM4wXUj5/GtagXXKKCzp87lC3
BHLb5p+H3B6BzeVG+glFFwq0F0IFWw462TkGCQXSYsecNSsNTlNrv+i9aVmVlxbA
GCRphkcbfY1WypUCE9cFH23eI/Hyu4YysfC1TakqUIQA0JK9E6zrnYLy9Q5HqMUh
ryESHvIXubB+gjW1c6Vfuec2bfmlXMaUXUDsVtXXsUR3Ml5zGyJ1Y07tuZvfrE5n
uJQhG/QKkIFnAsMeTLLcKvcea2A/I8a7nRHRSYFVT5iNxkJDvX67qmj19wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLsWd7RmrgUBNWq5XYrW+h1tuSiqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdXhaM3RHYXVCUUUxYXJsZGl0YjZIVzI1S0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZE7MAwD
BAAtklkDBAAtkloDBAAtmMoDBABnW5IDBADBJ48wDQYJKoZIhvcNAQELBQADggEB
AGDJRY+FrHTT8CDjZ8CH+8fMz9XNgOY4h4os+7GUjrI9EKqe7gh/vyah5TqczdB0
s/wx9qPNamZr4gJXi3Pw6EZ9aZju9qe2XkqOpy6TnxhvjrERM/dNYOlKSU9wyaxG
YgoNjIDbtvriHMfQCjTAGrqTKk7lp9edC6H0jfRv8D6jB9Ni+ae/3S83z9raOZEq
+FMmJCAoXaoF7d0q2ma0cYHRjIVdpyzBTqw/7HxZdXNs5fXWvNqwZUjihefwaA1d
j3A1D74tJGotS1G1duRShUFbmflCPuZ1K1iCNKBD6rUmZ8Fedqx+k9awbPz9SwLo
IXQzPBEKrJFb2yrvB5iiZfU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:49:06 2026 by rpki-client