Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/Uz48FyQhb9AaSm7m073BZ8Z_yk4.roa
File: Uz48FyQhb9AaSm7m073BZ8Z_yk4.roa (raw, json)
Hash identifier: HCjQyg4Fez3HDhNggxWmGc16DqGlbzqep2n+1+abZHk=
Subject key identifier: 53:3E:3C:17:24:21:6F:D0:1A:4A:6E:E6:D3:BD:C1:67:C6:7F:CA:4E
Certificate issuer: /CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Certificate serial: 019D2EF5BE6C2ECE6A1892CC3656DA084B0C
Authority key identifier: 17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/Uz48FyQhb9AaSm7m073BZ8Z_yk4.roa
Signing time: Fri 27 Mar 2026 11:02:30 +0000
ROA not before: Fri 27 Mar 2026 11:02:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 86.110.33.0/24 maxlen: 24
86.110.34.0/24 maxlen: 24
86.110.44.0/24 maxlen: 24
86.110.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 14:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:f5:be:6c:2e:ce:6a:18:92:cc:36:56:da:08:4b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17067977efd14bc89fb0daba03bb0f600fbb0184
Validity
Not Before: Mar 27 11:02:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=533e3c1724216fd01a4a6ee6d3bdc167c67fca4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ef:f5:cd:b5:41:33:68:b2:9f:fa:5b:4d:ff:
3f:fd:dd:5b:b2:6a:ba:e5:a0:a5:58:d8:a5:ba:f5:
af:5d:fc:0d:28:2f:de:fa:af:4d:74:2f:04:67:ad:
bd:3b:ef:d5:45:98:88:37:6b:fc:14:e9:b6:8a:04:
c0:aa:31:04:d2:de:8d:f0:83:ff:86:17:35:3c:a0:
2b:90:53:a2:5d:8d:db:e2:a3:bb:ae:93:a9:f6:9f:
a7:81:05:a2:54:f0:ec:ab:f3:89:19:d2:e6:51:f9:
88:41:82:77:97:ec:74:34:36:3f:e6:50:f1:a8:bd:
1e:3e:2e:78:3f:a3:05:b0:28:ca:9a:5d:e5:aa:c4:
2a:0a:fe:04:be:39:9c:6e:00:3f:b4:b7:89:68:82:
23:de:4b:4b:bc:cd:75:4f:5d:1a:6d:1b:88:17:ba:
ff:58:13:7f:44:db:2a:a8:29:47:fd:30:37:89:c0:
e5:f4:90:52:fd:b5:a4:2f:1f:93:04:fe:65:bb:2d:
eb:0a:8b:9d:7b:04:e9:88:38:80:3e:75:dc:db:b9:
bf:49:9b:3f:6d:1f:85:e2:e2:0b:24:a1:f0:73:ba:
83:83:3c:ce:89:3f:cf:30:20:75:c8:88:85:e0:c7:
14:0c:80:06:a4:34:99:87:76:37:2b:8e:18:37:18:
a4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:3E:3C:17:24:21:6F:D0:1A:4A:6E:E6:D3:BD:C1:67:C6:7F:CA:4E
X509v3 Authority Key Identifier:
keyid:17:06:79:77:EF:D1:4B:C8:9F:B0:DA:BA:03:BB:0F:60:0F:BB:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/Uz48FyQhb9AaSm7m073BZ8Z_yk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/e1ad7a-12e7-4fd0-b61e-d1a7772db076/1/FwZ5d-_RS8ifsNq6A7sPYA-7AYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.110.33.0-86.110.34.255
86.110.44.0/24
86.110.63.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e0:6a:ca:0a:df:9d:e7:73:a3:d2:e2:e7:4a:cb:0e:21:cc:
62:46:0d:2e:8d:38:c9:0b:77:c5:e2:5f:cc:c7:59:53:21:cd:
a9:9c:61:b7:85:39:20:5f:b8:04:51:1d:79:cd:bd:cd:84:d5:
aa:4d:8b:ab:ce:c8:0a:1a:2e:cc:22:2c:61:13:61:aa:05:bf:
c3:1f:c8:ee:91:7a:ec:d1:93:36:52:92:15:a6:ac:b7:f2:06:
a1:d7:15:cc:4a:da:ca:59:ca:9b:08:b8:da:a7:8e:07:12:52:
65:eb:fd:43:3f:f9:3d:58:1b:72:d1:c3:87:39:59:d7:18:07:
1f:c7:d7:8d:35:51:70:57:51:10:0b:3d:72:0a:a1:66:0e:80:
a7:93:99:e0:ad:4d:8a:9b:78:95:84:ec:41:ac:73:11:3d:66:
0e:95:be:fc:2f:90:bd:12:99:37:39:9d:d6:c7:c7:1a:50:96:
7e:86:c0:6f:24:9d:0e:b0:16:89:ee:7b:33:45:93:07:d2:33:
c4:66:db:18:d0:f6:cf:ab:0a:d4:16:c5:f2:61:40:ea:3a:78:
d6:e3:7d:dd:a0:d1:27:74:d9:c5:b7:96:ef:b5:41:c2:c0:97:
ab:fc:bb:ef:c9:8a:8a:29:72:3f:02:59:12:21:cd:9c:44:ff:
2b:fb:30:94
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ0u9b5sLs5qGJLMNlbaCEsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3MDY3OTc3ZWZkMTRiYzg5ZmIwZGFiYTAzYmIwZjYwMGZi
YjAxODQwHhcNMjYwMzI3MTEwMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzNlM2MxNzI0MjE2ZmQwMWE0YTZlZTZkM2JkYzE2N2M2N2ZjYTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+/1zbVBM2iyn/pbTf8//d1bsmq6
5aClWNiluvWvXfwNKC/e+q9NdC8EZ629O+/VRZiIN2v8FOm2igTAqjEE0t6N8IP/
hhc1PKArkFOiXY3b4qO7rpOp9p+ngQWiVPDsq/OJGdLmUfmIQYJ3l+x0NDY/5lDx
qL0ePi54P6MFsCjKml3lqsQqCv4EvjmcbgA/tLeJaIIj3ktLvM11T10abRuIF7r/
WBN/RNsqqClH/TA3icDl9JBS/bWkLx+TBP5luy3rCoudewTpiDiAPnXc27m/SZs/
bR+F4uILJKHwc7qDgzzOiT/PMCB1yIiF4McUDIAGpDSZh3Y3K44YNxikqwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFM+PBckIW/QGkpu5tO9wWfGf8pOMB8GA1UdIwQY
MBaAFBcGeXfv0UvIn7DaugO7D2APuwGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUt
ZDFhNzc3MmRiMDc2LzEvVXo0OEZ5UWhiOUFhU203bTA3M0JaOFpfeWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9lMWFkN2EtMTJlNy00ZmQwLWI2MWUtZDFhNzc3MmRiMDc2
LzEvRndaNWQtX1JTOGlmc05xNkE3c1BZQS03QVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABWbiED
BABWbiIDBABWbiwDBABWbj8wDQYJKoZIhvcNAQELBQADggEBAA/gasoK353nc6PS
4udKyw4hzGJGDS6NOMkLd8XiX8zHWVMhzamcYbeFOSBfuARRHXnNvc2E1apNi6vO
yAoaLswiLGETYaoFv8MfyO6ReuzRkzZSkhWmrLfyBqHXFcxK2spZypsIuNqnjgcS
UmXr/UM/+T1YG3LRw4c5WdcYBx/H1401UXBXURALPXIKoWYOgKeTmeCtTYqbeJWE
7EGscxE9Zg6VvvwvkL0SmTc5ndbHxxpQln6GwG8knQ6wFonuezNFkwfSM8Rm2xjQ
9s+rCtQWxfJhQOo6eNbjfd2g0Sd02cW3lu+1QcLAl6v8u+/Jioopcj8CWRIhzZxE
/yv7MJQ=
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:24:02 2026 by rpki-client