Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/uR2uktqhw4VUD7MA87wx15LSDMQ.roa
File: uR2uktqhw4VUD7MA87wx15LSDMQ.roa (raw, json)
Hash identifier: dBrAWGqUgoQMO2aAWFKVKmrXl4B58KcbKhMomtwhN/Y=
Subject key identifier: B9:1D:AE:92:DA:A1:C3:85:54:0F:B3:00:F3:BC:31:D7:92:D2:0C:C4
Certificate issuer: /CN=fb12f05fcd59fd1686f929c67bedcef59e550df2
Certificate serial: 019B7EA74BD779B3A1ABE7AC750FCAA76787
Authority key identifier: FB:12:F0:5F:CD:59:FD:16:86:F9:29:C6:7B:ED:CE:F5:9E:55:0D:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/uR2uktqhw4VUD7MA87wx15LSDMQ.roa
Signing time: Fri 02 Jan 2026 12:20:51 +0000
ROA not before: Fri 02 Jan 2026 12:20:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51220
IP address blocks: 45.134.32.0/22 maxlen: 24
2a0e:7ec0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a7:4b:d7:79:b3:a1:ab:e7:ac:75:0f:ca:a7:67:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb12f05fcd59fd1686f929c67bedcef59e550df2
Validity
Not Before: Jan 2 12:20:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b91dae92daa1c385540fb300f3bc31d792d20cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9d:0f:6e:40:b3:a1:b1:4c:ec:c4:7b:2e:ec:
e3:1f:d0:d0:c6:eb:d0:6b:26:03:4a:40:f1:35:26:
44:da:43:83:54:12:59:a8:c4:a7:fc:64:61:08:49:
f7:41:1d:07:7b:d5:2a:8a:1e:53:12:cd:97:2f:8c:
e2:b2:73:6f:2a:86:fe:4c:fd:84:ab:a0:85:80:ff:
de:fb:fc:1c:3e:c0:0e:c8:9e:07:f6:7d:48:65:3b:
ed:4c:1b:7f:d3:46:a8:54:d1:26:6b:76:61:f5:09:
5c:80:f2:80:09:b9:63:50:ad:ed:ef:47:5c:46:27:
e9:9e:48:2d:b0:69:1e:2f:fe:2b:c2:c1:74:75:36:
3f:2b:78:47:63:2d:fc:33:22:22:9d:dd:4a:4c:3f:
33:b9:d6:62:75:c2:22:f5:c2:c7:76:93:83:2d:59:
b0:33:22:b9:72:34:ab:26:46:0f:b9:77:43:ff:99:
cf:82:43:73:ca:30:d5:12:d7:71:c6:26:f6:c6:d2:
57:24:2a:27:ec:5b:4e:8a:91:e4:f8:87:64:a2:27:
ca:35:33:aa:c7:6a:09:3c:14:b9:34:cd:d3:c4:02:
34:d2:36:90:1a:15:6a:21:53:71:6e:45:bf:c4:92:
bd:ab:07:70:93:bc:01:9c:38:7b:8e:68:21:17:51:
88:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1D:AE:92:DA:A1:C3:85:54:0F:B3:00:F3:BC:31:D7:92:D2:0C:C4
X509v3 Authority Key Identifier:
keyid:FB:12:F0:5F:CD:59:FD:16:86:F9:29:C6:7B:ED:CE:F5:9E:55:0D:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/uR2uktqhw4VUD7MA87wx15LSDMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/a037d1-ea7c-4c85-8128-d4d0aab701bf/1/1-xLwX81Z_RaG-SnGe-3O9Z5VDfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.32.0/22
IPv6:
2a0e:7ec0::/29
Signature Algorithm: sha256WithRSAEncryption
9a:22:6c:13:70:f8:db:ae:8c:4f:2c:e8:77:3e:59:46:6f:01:
fb:ea:7f:22:c8:9b:28:0f:6b:34:cd:e9:82:74:65:42:4c:0d:
47:11:b5:dc:c3:1c:27:d5:3d:78:33:30:38:6c:73:d6:ac:ff:
ca:3c:a1:08:4f:f3:ab:76:69:fe:66:68:7d:27:8e:5d:7e:5a:
1f:a6:3f:a2:59:ca:80:a1:ee:d1:ac:88:81:37:13:e9:42:3e:
be:49:9c:bf:3f:51:6a:ff:2e:af:a0:a3:1d:ec:ca:fd:56:00:
03:ac:7a:12:bf:e7:f5:c9:b0:a8:73:be:91:15:cc:90:82:35:
36:7a:01:3c:4b:93:c5:e5:e9:7b:b9:38:bd:43:1b:c2:d6:17:
2f:17:fe:3f:ef:aa:cc:70:90:fe:cc:d4:b3:e8:8b:83:d8:16:
d6:9e:4c:62:1a:9a:b2:26:f0:aa:5d:a7:7e:4f:e4:9c:29:b6:
90:51:0c:92:79:96:86:30:23:f1:08:c0:a2:21:63:b1:94:d9:
e5:f5:5d:39:31:28:84:4d:b8:57:69:4c:24:f1:f6:1a:36:ed:
3a:69:2a:7a:d4:55:aa:61:43:a5:42:f0:e1:44:ba:09:aa:2a:
ad:73:1a:0b:05:47:1e:ad:71:49:c6:3a:cb:d9:07:46:b8:51:
2a:44:b9:55
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt+p0vXebOhq+esdQ/Kp2eHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMTJmMDVmY2Q1OWZkMTY4NmY5MjljNjdiZWRjZWY1OWU1
NTBkZjIwHhcNMjYwMTAyMTIyMDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTFkYWU5MmRhYTFjMzg1NTQwZmIzMDBmM2JjMzFkNzkyZDIwY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ0PbkCzobFM7MR7LuzjH9DQxuvQ
ayYDSkDxNSZE2kODVBJZqMSn/GRhCEn3QR0He9Uqih5TEs2XL4zisnNvKob+TP2E
q6CFgP/e+/wcPsAOyJ4H9n1IZTvtTBt/00aoVNEma3Zh9QlcgPKACbljUK3t70dc
RifpnkgtsGkeL/4rwsF0dTY/K3hHYy38MyIind1KTD8zudZidcIi9cLHdpODLVmw
MyK5cjSrJkYPuXdD/5nPgkNzyjDVEtdxxib2xtJXJCon7FtOipHk+IdkoifKNTOq
x2oJPBS5NM3TxAI00jaQGhVqIVNxbkW/xJK9qwdwk7wBnDh7jmghF1GIcQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLkdrpLaocOFVA+zAPO8MdeS0gzEMB8GA1UdIwQY
MBaAFPsS8F/NWf0WhvkpxnvtzvWeVQ3yMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS14THdYODFaX1JhRy1TbkdlLTNPOVo1VkRmSS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzkvYTAzN2QxLWVhN2MtNGM4NS04MTI4
LWQ0ZDBhYWI3MDFiZi8xL3VSMnVrdHFodzRWVUQ3TUE4N3d4MTVMU0RNUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzkvYTAzN2QxLWVhN2MtNGM4NS04MTI4LWQ0ZDBhYWI3MDFi
Zi8xLzEteEx3WDgxWl9SYUctU25HZS0zTzlaNVZEZkkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAIthiAw
DQQCAAIwBwMFAyoOfsAwDQYJKoZIhvcNAQELBQADggEBAJoibBNw+NuujE8s6Hc+
WUZvAfvqfyLImygPazTN6YJ0ZUJMDUcRtdzDHCfVPXgzMDhsc9as/8o8oQhP86t2
af5maH0njl1+Wh+mP6JZyoCh7tGsiIE3E+lCPr5JnL8/UWr/Lq+gox3syv1WAAOs
ehK/5/XJsKhzvpEVzJCCNTZ6ATxLk8Xl6Xu5OL1DG8LWFy8X/j/vqsxwkP7M1LPo
i4PYFtaeTGIamrIm8Kpdp35P5JwptpBRDJJ5loYwI/EIwKIhY7GU2eX1XTkxKIRN
uFdpTCTx9ho27TppKnrUVaphQ6VC8OFEugmqKq1zGgsFRx6tcUnGOsvZB0a4USpE
uVU=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:54:51 2026 by rpki-client