Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/UaWY3mn8ZpJSroP6cEecHZuAhxc.roa
File: UaWY3mn8ZpJSroP6cEecHZuAhxc.roa (raw, json)
Hash identifier: /rzjD3Z+jS7rqWo3AyFxcJnl94gGoptMJUc7wCuHL1g=
Subject key identifier: 51:A5:98:DE:69:FC:66:92:52:AE:83:FA:70:47:9C:1D:9B:80:87:17
Certificate issuer: /CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Certificate serial: 019E44CD29CFBE97D378FEACB090CB4E1640
Authority key identifier: E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/UaWY3mn8ZpJSroP6cEecHZuAhxc.roa
Signing time: Wed 20 May 2026 09:52:36 +0000
ROA not before: Wed 20 May 2026 09:52:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213168
IP address blocks: 91.211.145.0/24 maxlen: 24
147.236.107.0/24 maxlen: 24
147.236.144.0/22 maxlen: 24
147.236.156.0/22 maxlen: 24
212.104.212.0/24 maxlen: 24
212.104.213.0/24 maxlen: 24
2a13:8140::/48 maxlen: 48
2a13:8140:1::/48 maxlen: 48
2a13:8140:2::/48 maxlen: 48
2a13:8140:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:44:cd:29:cf:be:97:d3:78:fe:ac:b0:90:cb:4e:16:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b62bbe9eeb5a3d66e1cc223adedc53b177c4ee
Validity
Not Before: May 20 09:52:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=51a598de69fc669252ae83fa70479c1d9b808717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:07:29:5d:dc:ea:8f:54:08:52:9e:52:c3:e7:
dd:f1:f1:33:f6:5a:fb:ae:a5:e8:e8:fe:a2:fa:17:
38:6f:87:1d:de:5f:35:af:d0:ab:37:25:01:2e:8d:
6b:71:f7:c5:26:60:b6:9e:04:b3:cd:bd:e7:b4:a1:
02:9f:db:d7:4a:4f:8d:9b:48:d8:bf:64:b7:c7:59:
ee:e1:8d:34:7d:64:50:ae:0f:b5:3f:93:4d:c8:e0:
60:e2:13:bf:87:ce:d8:c6:df:52:37:11:9f:2a:6c:
67:8f:ec:d8:d3:18:04:f9:ce:5b:94:48:9f:eb:bf:
58:0d:a8:ae:d5:75:c6:aa:fc:1e:3a:72:a6:34:39:
30:27:82:73:a2:3c:18:08:7c:42:76:a9:1e:69:eb:
ed:fc:1d:f7:7c:37:37:32:e1:a4:d0:4a:43:98:f2:
91:ce:9e:80:93:d0:39:95:82:68:a8:3c:a3:3f:82:
ca:7f:6f:c6:3c:43:96:80:11:fe:24:8c:7d:dd:03:
9b:68:93:41:39:97:51:52:f6:27:b6:a8:5f:bb:91:
65:9a:ca:97:e0:24:bd:0f:09:38:8b:94:1b:08:5b:
c7:7a:cf:0b:5c:26:70:92:c9:e4:79:c9:69:3c:d9:
d8:47:e2:ae:59:5f:b0:98:f4:07:4e:22:cc:7c:7c:
1d:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:A5:98:DE:69:FC:66:92:52:AE:83:FA:70:47:9C:1D:9B:80:87:17
X509v3 Authority Key Identifier:
keyid:E8:B6:2B:BE:9E:EB:5A:3D:66:E1:CC:22:3A:DE:DC:53:B1:77:C4:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LYrvp7rWj1m4cwiOt7cU7F3xO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/UaWY3mn8ZpJSroP6cEecHZuAhxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/0a0ba9-f4fe-49bc-a368-b3cbb5ad2ad0/1/6LYrvp7rWj1m4cwiOt7cU7F3xO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.145.0/24
147.236.107.0/24
147.236.144.0/22
147.236.156.0/22
212.104.212.0/23
IPv6:
2a13:8140::/46
Signature Algorithm: sha256WithRSAEncryption
10:3c:8d:3d:6d:55:5e:31:76:05:33:e7:3a:68:42:46:da:d0:
15:a2:79:4f:e2:d5:51:fe:93:4c:c4:de:d9:33:88:31:0a:82:
a5:b2:46:f6:de:ec:30:f4:87:75:fd:30:39:c8:7d:c9:a9:dc:
f7:bf:e3:75:e3:fd:6c:d5:28:2e:20:f9:0b:25:3a:b8:38:c0:
18:d8:f1:e2:4c:c5:63:ee:e8:12:98:76:25:3e:32:8d:4e:82:
63:36:78:9a:10:18:0f:1c:42:62:07:5f:cc:67:b7:3f:b8:14:
34:65:af:f4:4b:ea:9b:03:7a:68:10:2c:7b:db:ce:dd:91:ef:
5a:d6:1b:79:2c:2c:d1:f1:dc:df:64:e0:59:e0:d7:e2:52:30:
25:7f:d6:b8:d1:17:fe:28:72:32:cd:79:1e:1d:b8:76:d9:36:
d9:da:ad:1d:bf:b3:f5:f6:72:00:02:dc:90:83:80:5f:bb:a2:
5f:40:06:36:81:94:78:f7:de:36:53:b7:fb:1a:76:98:4b:0d:
d0:48:f8:85:54:c9:d6:bd:6e:f7:bb:84:40:75:4a:ed:71:82:
34:83:98:fd:d3:ff:6d:fe:21:01:38:c2:59:7f:8d:62:20:40:
01:27:ae:e6:3c:ee:1c:66:82:f9:fb:6a:1d:67:ae:fb:00:f0:
4e:0c:a9:d6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZ5EzSnPvpfTeP6ssJDLThZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjYyYmJlOWVlYjVhM2Q2NmUxY2MyMjNhZGVkYzUzYjE3
N2M0ZWUwHhcNMjYwNTIwMDk1MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWE1OThkZTY5ZmM2NjkyNTJhZTgzZmE3MDQ3OWMxZDliODA4NzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5wcpXdzqj1QIUp5Sw+fd8fEz9lr7
rqXo6P6i+hc4b4cd3l81r9CrNyUBLo1rcffFJmC2ngSzzb3ntKECn9vXSk+Nm0jY
v2S3x1nu4Y00fWRQrg+1P5NNyOBg4hO/h87Yxt9SNxGfKmxnj+zY0xgE+c5blEif
679YDaiu1XXGqvweOnKmNDkwJ4JzojwYCHxCdqkeaevt/B33fDc3MuGk0EpDmPKR
zp6Ak9A5lYJoqDyjP4LKf2/GPEOWgBH+JIx93QObaJNBOZdRUvYntqhfu5FlmsqX
4CS9Dwk4i5QbCFvHes8LXCZwksnkeclpPNnYR+KuWV+wmPQHTiLMfHwdzQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFGlmN5p/GaSUq6D+nBHnB2bgIcXMB8GA1UdIwQY
MBaAFOi2K76e61o9ZuHMIjre3FOxd8TuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgt
YjNjYmI1YWQyYWQwLzEvVWFXWTNtbjhacEpTcm9QNmNFZWNIWnVBaHhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8wYTBiYTktZjRmZS00OWJjLWEzNjgtYjNjYmI1YWQyYWQw
LzEvNkxZcnZwN3JXajFtNGN3aU90N2NVN0YzeE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW9ORAwQA
k+xrAwQCk+yQAwQCk+ycAwQB1GjUMA8EAgACMAkDBwIqE4FAAAAwDQYJKoZIhvcN
AQELBQADggEBABA8jT1tVV4xdgUz5zpoQkba0BWieU/i1VH+k0zE3tkziDEKgqWy
Rvbe7DD0h3X9MDnIfcmp3Pe/43Xj/WzVKC4g+QslOrg4wBjY8eJMxWPu6BKYdiU+
Mo1OgmM2eJoQGA8cQmIHX8xntz+4FDRlr/RL6psDemgQLHvbzt2R71rWG3ksLNHx
3N9k4Fng1+JSMCV/1rjRF/4ocjLNeR4duHbZNtnarR2/s/X2cgAC3JCDgF+7ol9A
BjaBlHj33jZTt/sadphLDdBI+IVUyda9bve7hEB1Su1xgjSDmP3T/23+IQE4wll/
jWIgQAEnruY87hxmgvn7ah1nrvsA8E4MqdY=
-----END CERTIFICATE-----
Generated at Sun Jun 14 05:18:19 2026 by rpki-client