Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/dUjFQLESWsl_QXSBInmxoIlDaEw.roa
File: dUjFQLESWsl_QXSBInmxoIlDaEw.roa (raw, json)
Hash identifier: pbE9s/6VGIS0LorujhO3ihuwl0L3NPmLHXN9zAPkenI=
Subject key identifier: 75:48:C5:40:B1:12:5A:C9:7F:41:74:81:22:79:B1:A0:89:43:68:4C
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 019CAAF595B6354FFA6B2EF571DD01FB7D3B
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/dUjFQLESWsl_QXSBInmxoIlDaEw.roa
Signing time: Sun 01 Mar 2026 19:52:27 +0000
ROA not before: Sun 01 Mar 2026 19:52:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207567
IP address blocks: 81.90.17.0/24 maxlen: 24
81.90.22.0/24 maxlen: 24
81.90.25.0/24 maxlen: 24
81.90.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:f5:95:b6:35:4f:fa:6b:2e:f5:71:dd:01:fb:7d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Mar 1 19:52:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7548c540b1125ac97f4174812279b1a08943684c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:fb:ba:1b:2a:f5:20:e7:15:75:d6:df:26:
df:e4:c6:ea:72:77:c9:aa:ca:bf:77:aa:ad:4f:b6:
15:b7:5f:ec:2c:a4:09:c2:c6:11:ff:0c:db:3d:08:
a0:97:88:72:b0:2a:96:b6:a2:7a:b0:0b:e5:43:1b:
3b:56:c8:ec:ca:c2:2a:d6:ca:e8:b3:67:25:58:c0:
cd:03:77:90:70:f7:36:bc:43:ff:83:7a:23:ce:dd:
d7:b7:82:4d:03:93:e7:77:5b:b7:97:40:d9:46:8f:
fb:54:c6:47:82:39:3d:c6:92:ad:d0:50:1f:fe:9b:
af:29:4a:2d:cf:49:af:ad:ef:0a:45:d4:c2:e7:ec:
ba:81:49:f4:d3:d2:2e:48:e4:12:d3:f8:9d:9e:57:
b3:93:61:e6:58:e5:dd:f0:d1:3a:cb:e8:d6:0f:de:
07:82:a5:e1:5e:05:a4:db:ce:6c:65:77:bd:0e:49:
29:de:c4:98:c4:ca:21:87:b3:19:d7:ac:65:7a:d7:
34:ac:80:8e:69:07:fc:83:fb:d3:a8:ef:f6:a3:d7:
23:97:33:df:a1:c0:e8:1e:af:11:10:00:d8:e9:b9:
b6:8d:a8:f6:04:25:36:bb:25:1c:a3:09:da:ae:bc:
a0:fe:d0:9b:6a:cd:65:d7:bc:8c:aa:eb:31:ef:56:
81:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:48:C5:40:B1:12:5A:C9:7F:41:74:81:22:79:B1:A0:89:43:68:4C
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/dUjFQLESWsl_QXSBInmxoIlDaEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.17.0/24
81.90.22.0/24
81.90.25.0/24
81.90.28.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:f7:92:f2:8a:d9:1d:ee:11:74:bf:c4:eb:32:98:b8:99:84:
27:c8:20:33:d2:bd:eb:75:0a:31:bd:63:b6:53:69:08:7e:2e:
1e:0c:eb:19:78:ba:cc:14:e7:10:9a:bd:2c:11:3f:b2:bd:04:
37:3f:18:30:c6:48:dc:4b:f2:70:51:00:47:a9:7b:d7:6e:27:
32:65:80:63:b1:3c:e8:03:2b:d7:85:85:04:da:9b:b0:a0:65:
b1:09:6e:22:9c:89:7d:bb:2f:c0:ea:6e:78:2a:ec:30:bb:7c:
bf:f7:84:32:74:32:5b:b5:92:83:b9:db:5c:75:03:3a:13:b4:
3f:2f:65:18:cc:82:0f:98:99:a7:2e:35:d1:8f:ad:5d:0e:a6:
4b:bd:cb:14:e8:7e:c4:f9:b8:11:e6:bc:53:fc:09:2f:84:b7:
cb:3d:83:aa:71:34:09:1b:31:f3:6a:b4:cd:ba:c4:4b:d3:e6:
3d:2c:93:9e:c9:dc:f1:96:c2:3d:2e:43:ef:e8:6f:82:40:60:
5d:e8:e8:ca:fa:21:b4:e2:77:23:bd:ee:63:02:44:66:73:e4:
69:dc:82:56:e7:6c:dd:f6:a9:b5:cb:21:d2:57:8b:98:0b:47:
78:74:a3:c9:74:c9:36:28:ad:f1:e5:68:36:8c:c2:41:3a:0f:
a0:0f:30:66
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyq9ZW2NU/6ay71cd0B+307MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjYwMzAxMTk1MjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTQ4YzU0MGIxMTI1YWM5N2Y0MTc0ODEyMjc5YjFhMDg5NDM2ODRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucf7uhsq9SDnFXXW3ybf5MbqcnfJ
qsq/d6qtT7YVt1/sLKQJwsYR/wzbPQigl4hysCqWtqJ6sAvlQxs7VsjsysIq1sro
s2clWMDNA3eQcPc2vEP/g3ojzt3Xt4JNA5Pnd1u3l0DZRo/7VMZHgjk9xpKt0FAf
/puvKUotz0mvre8KRdTC5+y6gUn009IuSOQS0/idnlezk2HmWOXd8NE6y+jWD94H
gqXhXgWk285sZXe9Dkkp3sSYxMohh7MZ16xletc0rICOaQf8g/vTqO/2o9cjlzPf
ocDoHq8READY6bm2jaj2BCU2uyUcownarryg/tCbas1l17yMqusx71aBwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHVIxUCxElrJf0F0gSJ5saCJQ2hMMB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvZFVqRlFMRVNXc2xfUVhTQklubXhvSWxEYUV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUVoRAwQA
UVoWAwQAUVoZAwQAUVocMA0GCSqGSIb3DQEBCwUAA4IBAQBf95Lyitkd7hF0v8Tr
Mpi4mYQnyCAz0r3rdQoxvWO2U2kIfi4eDOsZeLrMFOcQmr0sET+yvQQ3Pxgwxkjc
S/JwUQBHqXvXbicyZYBjsTzoAyvXhYUE2puwoGWxCW4inIl9uy/A6m54Kuwwu3y/
94QydDJbtZKDudtcdQM6E7Q/L2UYzIIPmJmnLjXRj61dDqZLvcsU6H7E+bgR5rxT
/AkvhLfLPYOqcTQJGzHzarTNusRL0+Y9LJOeydzxlsI9LkPv6G+CQGBd6OjK+iG0
4ncjve5jAkRmc+Rp3IJW52zd9qm1yyHSV4uYC0d4dKPJdMk2KK3x5Wg2jMJBOg+g
DzBm
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:57:50 2026 by rpki-client