Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/ubGuCjFPVxiulreO2SsJV28pVp0.roa
File: ubGuCjFPVxiulreO2SsJV28pVp0.roa (raw, json)
Hash identifier: 3l6ifc5EarfHeykyetQk/cEwR8Fv+CohcJmFJI84qI0=
Subject key identifier: B9:B1:AE:0A:31:4F:57:18:AE:96:B7:8E:D9:2B:09:57:6F:29:56:9D
Certificate issuer: /CN=54deb1d6a377ac9d1f5b888c5cd1d400c7997271
Certificate serial: 019C006CB61A8BB73BA42DBB2540EC07B30C
Authority key identifier: 54:DE:B1:D6:A3:77:AC:9D:1F:5B:88:8C:5C:D1:D4:00:C7:99:72:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/ubGuCjFPVxiulreO2SsJV28pVp0.roa
Signing time: Tue 27 Jan 2026 17:07:30 +0000
ROA not before: Tue 27 Jan 2026 17:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215812
IP address blocks: 193.58.116.0/24 maxlen: 24
2a01:fec0::/48 maxlen: 48
2a01:fec0:1::/48 maxlen: 48
2a01:fec0:2::/48 maxlen: 48
2a01:fec0:3::/48 maxlen: 48
2a01:fec0:4::/48 maxlen: 48
2a01:fec0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:00:6c:b6:1a:8b:b7:3b:a4:2d:bb:25:40:ec:07:b3:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54deb1d6a377ac9d1f5b888c5cd1d400c7997271
Validity
Not Before: Jan 27 17:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9b1ae0a314f5718ae96b78ed92b09576f29569d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4a:a6:cb:11:66:de:ad:c7:6b:9b:e4:ee:44:
00:ea:22:1c:0c:30:36:0d:8f:a8:6c:b7:f3:13:19:
e0:d8:ec:93:d5:e5:a8:48:d5:90:af:08:43:ca:79:
b9:f2:82:c5:39:83:a7:c8:3e:c2:26:0e:d3:2f:6c:
e2:d8:75:8e:46:4a:03:6f:36:27:3c:02:d6:ef:ba:
38:62:16:e9:cb:b6:80:89:3f:e9:36:1b:f0:f7:85:
ab:7d:25:9e:a2:5f:b9:c2:bb:27:86:d3:f5:af:ed:
52:71:42:b9:a2:15:aa:ea:5b:59:d6:9f:c2:de:d1:
d9:d5:97:58:b5:f5:07:7c:2d:a0:09:46:28:b2:b1:
8a:8d:4d:b1:7f:24:42:b7:83:93:37:9c:14:b8:5e:
63:d6:af:ed:a5:12:d5:92:35:dc:70:3f:00:4b:07:
eb:84:fa:c1:06:4f:a7:03:c0:7f:5c:79:8b:43:6a:
96:26:d0:1d:98:77:21:c2:96:2f:97:9d:99:f7:9b:
8a:b0:f1:1c:66:b5:5d:33:86:02:d2:a7:80:8d:13:
2b:e4:5c:e5:a5:38:46:02:c9:bb:3a:e6:2f:6b:17:
de:29:53:8d:69:6f:73:f6:26:e8:e4:ff:1c:7f:c8:
c2:7f:03:5a:71:f4:7e:4c:6c:3b:c7:27:f5:e3:b8:
64:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:B1:AE:0A:31:4F:57:18:AE:96:B7:8E:D9:2B:09:57:6F:29:56:9D
X509v3 Authority Key Identifier:
keyid:54:DE:B1:D6:A3:77:AC:9D:1F:5B:88:8C:5C:D1:D4:00:C7:99:72:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/ubGuCjFPVxiulreO2SsJV28pVp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/04439f-42e3-4e6c-bd3b-b336f31e4a74/1/VN6x1qN3rJ0fW4iMXNHUAMeZcnE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.116.0/24
IPv6:
2a01:fec0::-2a01:fec0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:1c:59:00:d7:7d:51:04:66:a3:f2:d9:e2:ab:de:3e:67:4e:
f1:88:4b:24:1f:07:77:a0:a8:25:f4:17:f5:d8:d3:ff:7b:8f:
e6:9d:a7:9e:08:59:80:ce:3a:e1:17:71:2b:f8:98:44:6f:2c:
a0:9c:d5:a3:59:d4:f1:ea:2a:5d:ea:37:61:b8:b0:72:04:10:
3f:1c:f5:5b:45:7a:98:39:1c:70:1e:75:86:1a:db:75:6c:77:
73:35:5c:aa:7c:61:e4:6e:1e:07:96:32:2f:e9:91:af:c3:81:
99:9d:95:a0:89:89:8f:8b:96:c5:41:1a:27:60:e0:0b:d3:f8:
60:a4:cd:d7:91:30:9c:4e:6c:d0:51:d2:d9:60:14:db:f4:fc:
43:50:f0:b4:df:ba:80:79:10:e3:f8:8e:5d:77:81:32:20:b8:
d9:b6:78:45:26:59:90:d5:69:23:be:45:89:b5:0c:9d:35:96:
a0:e8:9b:db:57:95:1d:92:51:f3:16:17:9f:29:50:c8:b7:65:
aa:35:33:3d:36:27:3c:ab:2c:0b:bc:ab:ff:8b:5d:3c:94:8f:
3c:b3:02:89:f0:46:ff:86:30:76:0a:8e:e4:21:41:f1:80:1b:
60:63:0b:e4:d1:c5:a0:5b:c8:a9:4e:5e:38:3b:0a:1c:82:48:
3d:93:f1:b5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZwAbLYai7c7pC27JUDsB7MMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0ZGViMWQ2YTM3N2FjOWQxZjViODg4YzVjZDFkNDAwYzc5
OTcyNzEwHhcNMjYwMTI3MTcwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWIxYWUwYTMxNGY1NzE4YWU5NmI3OGVkOTJiMDk1NzZmMjk1NjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEqmyxFm3q3Ha5vk7kQA6iIcDDA2
DY+obLfzExng2OyT1eWoSNWQrwhDynm58oLFOYOnyD7CJg7TL2zi2HWORkoDbzYn
PALW77o4Yhbpy7aAiT/pNhvw94WrfSWeol+5wrsnhtP1r+1ScUK5ohWq6ltZ1p/C
3tHZ1ZdYtfUHfC2gCUYosrGKjU2xfyRCt4OTN5wUuF5j1q/tpRLVkjXccD8ASwfr
hPrBBk+nA8B/XHmLQ2qWJtAdmHchwpYvl52Z95uKsPEcZrVdM4YC0qeAjRMr5Fzl
pThGAsm7OuYvaxfeKVONaW9z9ibo5P8cf8jCfwNacfR+TGw7xyf147hk0wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLmxrgoxT1cYrpa3jtkrCVdvKVadMB8GA1UdIwQY
MBaAFFTesdajd6ydH1uIjFzR1ADHmXJxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVk42eDFxTjNySjBmVzRpTVhOSFVBTWVaY25FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8wNDQzOWYtNDJlMy00ZTZjLWJkM2It
YjMzNmYzMWU0YTc0LzEvdWJHdUNqRlBWeGl1bHJlTzJTc0pWMjhwVnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8wNDQzOWYtNDJlMy00ZTZjLWJkM2ItYjMzNmYzMWU0YTc0
LzEvVk42eDFxTjNySjBmVzRpTVhOSFVBTWVaY25FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAwTp0MBgE
AgACMBIwEAMFBioB/sADBwEqAf7AAAQwDQYJKoZIhvcNAQELBQADggEBAJIcWQDX
fVEEZqPy2eKr3j5nTvGISyQfB3egqCX0F/XY0/97j+adp54IWYDOOuEXcSv4mERv
LKCc1aNZ1PHqKl3qN2G4sHIEED8c9VtFepg5HHAedYYa23Vsd3M1XKp8YeRuHgeW
Mi/pka/DgZmdlaCJiY+LlsVBGidg4AvT+GCkzdeRMJxObNBR0tlgFNv0/ENQ8LTf
uoB5EOP4jl13gTIguNm2eEUmWZDVaSO+RYm1DJ01lqDom9tXlR2SUfMWF58pUMi3
Zao1Mz02JzyrLAu8q/+LXTyUjzyzAonwRv+GMHYKjuQhQfGAG2BjC+TRxaBbyKlO
Xjg7ChyCSD2T8bU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:35:18 2026 by rpki-client