Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uc_XBa2QcZuP6HgmnGq9tjGR9Kc.roa
File: uc_XBa2QcZuP6HgmnGq9tjGR9Kc.roa (raw, json)
Hash identifier: 3Tw2zJIp+T6/QPUUzG3FtTE+wSFvopK9f6BS3HXD/JY=
Subject key identifier: B9:CF:D7:05:AD:90:71:9B:8F:E8:78:26:9C:6A:BD:B6:31:91:F4:A7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DE7F1B4A6079A2F11941F7B1C9735FF4B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uc_XBa2QcZuP6HgmnGq9tjGR9Kc.roa
Signing time: Sat 02 May 2026 09:07:50 +0000
ROA not before: Sat 02 May 2026 09:07:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199785
IP address blocks: 87.120.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 May 2026 02:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e7:f1:b4:a6:07:9a:2f:11:94:1f:7b:1c:97:35:ff:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 09:07:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9cfd705ad90719b8fe878269c6abdb63191f4a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:88:f5:88:3d:ee:05:1b:8d:a7:0f:ca:47:66:
f9:e1:76:e5:81:15:fb:4a:c9:e0:12:9d:f0:21:44:
6a:95:d1:fb:24:15:5f:91:0d:d2:8a:14:16:27:7f:
e5:cc:fa:2d:7f:c1:e4:be:31:47:4b:99:56:b9:f0:
b7:5a:f2:ec:38:d8:d8:d0:80:bb:ed:8c:e5:b0:19:
c1:ae:ad:6d:5e:90:14:96:9c:b7:eb:ad:3c:3d:93:
18:b1:03:77:21:e3:74:dc:b4:69:70:4f:42:f3:5a:
7d:89:18:b6:40:a5:2c:57:e9:6f:a9:4e:e5:d5:22:
2a:55:77:38:67:84:4b:91:88:1d:5b:f6:f2:6d:2c:
ba:9c:96:16:ee:9c:2e:cd:6c:02:31:4e:c7:c1:99:
a8:f8:6e:98:87:c4:fd:7b:a4:bb:ee:52:b9:03:fd:
7c:be:08:fb:8a:31:82:0e:8a:95:c9:01:10:28:33:
01:65:77:c2:46:1a:ad:86:0b:60:2c:0f:1b:7b:9d:
88:f0:dc:b1:46:24:db:df:1e:dd:bc:a5:3b:2d:94:
f7:28:aa:3f:38:b9:01:fc:a4:19:ee:53:23:6e:95:
55:b7:1e:be:f2:ab:61:d7:41:09:6f:4c:e8:ef:ef:
4f:14:28:18:f4:e1:f2:fd:bb:27:5a:44:52:47:35:
d5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:CF:D7:05:AD:90:71:9B:8F:E8:78:26:9C:6A:BD:B6:31:91:F4:A7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uc_XBa2QcZuP6HgmnGq9tjGR9Kc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.36.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:81:9a:bb:ff:00:07:d0:28:db:27:b1:53:3e:61:92:e7:a9:
7c:0c:e1:14:59:4a:19:69:c7:94:7c:65:2d:07:a2:a4:f1:fe:
b2:4f:4b:43:31:63:f5:2d:93:4a:d5:b7:15:f1:ca:5b:43:c4:
f7:9b:0a:15:f0:fe:71:a6:bc:94:0e:3a:d8:a6:3d:ab:7e:2c:
9e:fe:52:2c:67:ae:9f:5d:eb:95:03:39:53:91:4f:1d:a3:87:
a0:fd:ef:8b:fb:a3:b6:70:00:8f:21:1b:b5:8c:7e:f3:ba:2b:
32:05:69:2b:52:3d:cd:40:f4:6e:49:3b:b8:c9:b9:1c:17:8c:
b2:c0:2d:8f:95:a4:7d:57:d2:e7:5a:da:7e:94:15:94:3a:2a:
fb:5e:e2:28:22:61:f7:ac:30:68:6a:8b:55:f1:67:2b:99:ba:
61:28:5e:3b:84:3f:34:61:3a:e6:b2:0d:1c:79:2f:c6:94:5c:
ba:fc:80:a1:53:14:47:27:95:6f:c3:b7:0b:28:ae:c4:6e:b5:
f1:98:09:0a:74:df:c4:f2:ce:b1:ad:8b:a5:40:6a:c8:63:b5:
e7:4b:75:87:ed:bb:dc:d3:5c:75:4e:9a:6e:67:06:fb:24:85:
a0:c2:72:ed:cd:ce:c4:fe:7c:25:9d:5a:c7:b3:ac:b5:4b:fb:
60:fc:a2:d9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3n8bSmB5ovEZQfexyXNf9LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTAyMDkwNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWNmZDcwNWFkOTA3MTliOGZlODc4MjY5YzZhYmRiNjMxOTFmNGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIj1iD3uBRuNpw/KR2b54XblgRX7
SsngEp3wIURqldH7JBVfkQ3SihQWJ3/lzPotf8HkvjFHS5lWufC3WvLsONjY0IC7
7YzlsBnBrq1tXpAUlpy36608PZMYsQN3IeN03LRpcE9C81p9iRi2QKUsV+lvqU7l
1SIqVXc4Z4RLkYgdW/bybSy6nJYW7pwuzWwCMU7HwZmo+G6Yh8T9e6S77lK5A/18
vgj7ijGCDoqVyQEQKDMBZXfCRhqthgtgLA8be52I8NyxRiTb3x7dvKU7LZT3KKo/
OLkB/KQZ7lMjbpVVtx6+8qth10EJb0zo7+9PFCgY9OHy/bsnWkRSRzXVOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLnP1wWtkHGbj+h4JpxqvbYxkfSnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdWNfWEJhMlFjWnVQNkhnbW5HcTl0akdSOUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV3gkMA0G
CSqGSIb3DQEBCwUAA4IBAQCagZq7/wAH0CjbJ7FTPmGS56l8DOEUWUoZaceUfGUt
B6Kk8f6yT0tDMWP1LZNK1bcV8cpbQ8T3mwoV8P5xpryUDjrYpj2rfiye/lIsZ66f
XeuVAzlTkU8do4eg/e+L+6O2cACPIRu1jH7zuisyBWkrUj3NQPRuSTu4ybkcF4yy
wC2PlaR9V9LnWtp+lBWUOir7XuIoImH3rDBoaotV8WcrmbphKF47hD80YTrmsg0c
eS/GlFy6/IChUxRHJ5Vvw7cLKK7EbrXxmAkKdN/E8s6xrYulQGrIY7XnS3WH7bvc
01x1TppuZwb7JIWgwnLtzc7E/nwlnVrHs6y1S/tg/KLZ
-----END CERTIFICATE-----
Generated at Sun May 3 06:57:43 2026 by rpki-client