Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ukkJp3KTuXH-S29_LU0knRG_C4k.roa
File: ukkJp3KTuXH-S29_LU0knRG_C4k.roa (raw, json)
Hash identifier: kibxU+NzLpp4W9Mlazx9kWUgVorsqzTT8YJ3GPSE5WA=
Subject key identifier: BA:49:09:A7:72:93:B9:71:FE:4B:6F:7F:2D:4D:24:9D:11:BF:0B:89
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019E8DB1F386306DF9004E80C8FAADA67AA7
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ukkJp3KTuXH-S29_LU0knRG_C4k.roa
Signing time: Wed 03 Jun 2026 13:35:10 +0000
ROA not before: Wed 03 Jun 2026 13:35:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 91.217.149.0/24 maxlen: 24
192.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8d:b1:f3:86:30:6d:f9:00:4e:80:c8:fa:ad:a6:7a:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 3 13:35:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ba4909a77293b971fe4b6f7f2d4d249d11bf0b89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:85:40:1a:da:28:b6:19:b0:f2:dd:60:13:6b:
c3:71:1d:52:23:db:9a:7f:df:ba:e3:7d:13:65:1c:
34:93:49:6f:92:21:be:13:ed:3c:a3:ad:3d:d3:0b:
cb:dc:fd:97:a2:d5:ac:65:7f:4a:1b:bb:ce:ee:15:
ad:20:f8:31:09:cf:e5:fc:c6:df:b9:39:36:5b:99:
ea:1f:16:86:82:27:4d:06:13:12:08:f9:95:06:4f:
91:ff:7f:ca:d1:6e:09:af:8f:aa:b6:f1:ca:1c:25:
e6:e7:bb:93:ca:15:09:8f:2f:d9:cd:a8:2b:8b:f6:
f5:67:f2:7c:36:ec:8c:c3:9b:95:c4:74:33:bb:49:
a0:ef:02:fb:cc:87:a7:ba:8b:f3:2b:9c:22:9b:f8:
da:30:f7:e5:d9:71:74:41:c5:94:19:23:8f:3b:3a:
21:03:6d:53:87:ca:51:6c:54:81:b9:b7:62:db:32:
28:c8:0b:2f:49:56:13:03:bd:0d:32:97:73:2b:22:
c9:63:30:ad:62:ec:a8:11:ff:84:c5:52:7b:d5:28:
56:1f:fe:7f:23:92:b9:e8:01:21:db:0b:4a:b9:42:
1e:a3:8d:fc:85:c5:e2:e0:30:d3:8a:7b:dd:4a:8a:
aa:26:10:88:f1:e8:07:87:8b:dd:8e:01:b6:79:d8:
00:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:49:09:A7:72:93:B9:71:FE:4B:6F:7F:2D:4D:24:9D:11:BF:0B:89
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ukkJp3KTuXH-S29_LU0knRG_C4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.149.0/24
192.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
24:52:95:2d:a1:40:92:fb:9f:36:32:2a:81:8d:9b:fb:10:83:
f8:fc:2d:8d:8d:bb:ba:49:05:d2:48:fe:e3:9f:3a:77:b3:dd:
da:79:5f:7a:39:b8:bf:66:d8:3e:da:46:c6:20:f6:2b:27:33:
00:35:f2:c9:83:a9:9f:cf:dc:4c:1f:69:28:89:4a:0f:59:26:
c4:85:eb:87:22:a7:a1:85:ef:bd:a3:c4:b7:30:90:bb:fb:54:
51:47:c7:11:96:10:ef:fe:aa:f1:e7:d7:4d:6d:07:1f:c1:9d:
25:19:fe:bf:04:90:12:b2:73:2f:e8:88:dc:5d:df:05:84:7d:
29:25:34:a3:4f:e6:97:e6:dd:31:00:58:b0:61:c3:2c:7e:0b:
09:12:49:bb:62:91:dc:0b:df:0f:9c:a9:38:ab:b0:37:0d:39:
ad:fb:f0:4d:fc:a8:2b:9d:4d:52:03:05:b8:28:2c:c5:d2:a1:
b2:f7:84:fc:13:9f:17:1b:f8:65:5e:80:2a:69:24:ef:1a:a4:
de:2a:76:d6:3c:fd:4f:d2:1c:92:4b:cf:14:bf:f6:39:b8:27:
08:45:da:46:f3:00:d3:51:c5:bd:0a:80:67:92:18:78:14:24:
5b:ec:17:f0:de:63:da:c3:81:28:3b:47:a2:f8:75:e9:07:e8:
d2:36:a2:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ6NsfOGMG35AE6AyPqtpnqnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjAzMTMzNTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTQ5MDlhNzcyOTNiOTcxZmU0YjZmN2YyZDRkMjQ5ZDExYmYwYjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroVAGtoothmw8t1gE2vDcR1SI9ua
f9+6430TZRw0k0lvkiG+E+08o6090wvL3P2XotWsZX9KG7vO7hWtIPgxCc/l/Mbf
uTk2W5nqHxaGgidNBhMSCPmVBk+R/3/K0W4Jr4+qtvHKHCXm57uTyhUJjy/Zzagr
i/b1Z/J8NuyMw5uVxHQzu0mg7wL7zIenuovzK5wim/jaMPfl2XF0QcWUGSOPOzoh
A21Th8pRbFSBubdi2zIoyAsvSVYTA70NMpdzKyLJYzCtYuyoEf+ExVJ71ShWH/5/
I5K56AEh2wtKuUIeo438hcXi4DDTinvdSoqqJhCI8egHh4vdjgG2edgANQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLpJCadyk7lx/ktvfy1NJJ0RvwuJMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdWtrSnAzS1R1WEgtUzI5X0xVMGtuUkdfQzRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9mVAwQA
wG3OMA0GCSqGSIb3DQEBCwUAA4IBAQAkUpUtoUCS+582MiqBjZv7EIP4/C2Njbu6
SQXSSP7jnzp3s93aeV96Obi/Ztg+2kbGIPYrJzMANfLJg6mfz9xMH2koiUoPWSbE
heuHIqehhe+9o8S3MJC7+1RRR8cRlhDv/qrx59dNbQcfwZ0lGf6/BJASsnMv6Ijc
Xd8FhH0pJTSjT+aX5t0xAFiwYcMsfgsJEkm7YpHcC98PnKk4q7A3DTmt+/BN/Kgr
nU1SAwW4KCzF0qGy94T8E58XG/hlXoAqaSTvGqTeKnbWPP1P0hySS88Uv/Y5uCcI
RdpG8wDTUcW9CoBnkhh4FCRb7Bfw3mPaw4EoO0ei+HXpB+jSNqKZ
-----END CERTIFICATE-----
Generated at Thu Jun 4 19:05:24 2026 by rpki-client