Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uqsekWJuSw7r3Dya1ubkFFQwZ0A.roa
File: uqsekWJuSw7r3Dya1ubkFFQwZ0A.roa (raw, json)
Hash identifier: uhPlLOwrh4dOokndyH8BP6ushq/h/noadcoE3Lt6ezI=
Subject key identifier: BA:AB:1E:91:62:6E:4B:0E:EB:DC:3C:9A:D6:E6:E4:14:54:30:67:40
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 019D9BC82E0ABD255A1428374D5636FC2871
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uqsekWJuSw7r3Dya1ubkFFQwZ0A.roa
Signing time: Fri 17 Apr 2026 14:11:20 +0000
ROA not before: Fri 17 Apr 2026 14:11:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41457
IP address blocks: 89.36.33.0/24 maxlen: 24
95.175.150.0/24 maxlen: 24
192.40.69.0/24 maxlen: 24
194.46.60.0/24 maxlen: 24
2a0c:2505:1000::/48 maxlen: 48
2a14:6780::/32 maxlen: 32
2a14:6780:2::/48 maxlen: 48
2a14:6780:3::/48 maxlen: 48
2a14:6780:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:c8:2e:0a:bd:25:5a:14:28:37:4d:56:36:fc:28:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 17 14:11:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=baab1e91626e4b0eebdc3c9ad6e6e41454306740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:dd:96:8f:7a:36:42:2a:d1:dc:00:1a:d7:dc:
30:5f:0d:7f:16:86:21:69:b5:a7:ea:d2:47:71:96:
37:8d:74:af:e9:43:d4:d0:30:79:82:c3:ac:11:73:
90:ac:8c:dd:7a:18:ab:22:e5:5f:0e:21:6e:b0:24:
a2:1f:cf:9e:e6:cc:4a:3a:58:0c:ce:21:8d:28:fa:
aa:16:5e:9f:9b:c0:4c:4b:d0:cb:46:d2:3d:91:12:
1f:4c:f5:1f:6f:e8:96:55:57:c3:85:01:0d:83:e4:
d9:06:52:fe:27:30:d8:c5:2d:23:9a:49:55:8e:ea:
25:32:28:c0:49:4a:3f:f2:74:02:6c:3f:96:d6:4c:
e3:85:40:8d:05:de:6a:01:45:d9:8f:b3:94:ec:36:
91:7d:b6:3c:fb:10:cb:eb:5a:0b:f7:e8:b0:17:8b:
44:38:42:2d:c5:99:23:4b:a7:c1:0d:d3:dc:1b:82:
f8:3f:7c:c0:3f:10:71:7e:90:7e:1d:3e:52:f1:fe:
a7:c4:f7:ed:d3:8d:1a:e4:5e:4c:5a:ad:c2:1b:4d:
d6:d6:84:7a:17:7f:30:4f:5c:d7:62:39:7b:0e:e4:
1c:2f:22:17:c5:e7:3b:89:44:b0:94:65:2b:98:71:
27:25:e7:b7:0f:d0:e9:81:27:2f:a1:c2:c2:da:bc:
7a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:AB:1E:91:62:6E:4B:0E:EB:DC:3C:9A:D6:E6:E4:14:54:30:67:40
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/uqsekWJuSw7r3Dya1ubkFFQwZ0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.33.0/24
95.175.150.0/24
192.40.69.0/24
194.46.60.0/24
IPv6:
2a0c:2505:1000::/48
2a14:6780::/32
Signature Algorithm: sha256WithRSAEncryption
8a:67:f0:98:6c:3d:76:bf:e6:b7:50:20:b0:d8:0f:f3:22:7a:
3f:fa:11:e0:c3:df:8a:4d:bc:5d:78:74:2c:bf:c5:82:94:87:
07:7e:cc:43:9e:c9:bc:2e:1c:1d:d9:51:28:7d:7e:ee:2e:35:
d3:86:5f:cb:f7:04:10:91:ae:4c:ed:71:7c:92:78:e8:83:06:
1e:af:d9:f0:0d:33:c8:2c:7f:56:67:77:8a:ab:a3:77:c5:1e:
7c:7a:79:c0:63:38:2b:53:07:da:f7:6f:39:0a:7c:e3:a6:89:
5e:90:cd:df:9b:2b:c9:9f:8d:6f:22:5c:f8:37:bb:57:0b:05:
6d:b0:a1:f2:ed:05:14:1e:7d:cb:49:0c:b7:6b:66:4f:7c:50:
a7:38:00:d3:2e:b0:24:e6:95:e7:1e:88:bb:16:c4:55:fa:68:
74:8a:d6:60:57:7c:4b:d1:6d:76:a6:2c:6d:3a:2e:5c:ab:3a:
6d:43:2b:f6:ef:b0:40:de:96:74:c7:21:79:ce:58:37:a4:d2:
1f:a8:69:db:ee:a6:d1:db:4b:17:96:b7:05:87:d0:c9:36:52:
d0:3e:fa:f3:0f:17:6d:a2:31:14:68:39:d2:29:75:b2:36:1e:
cb:65:16:52:2c:9d:13:bd:19:6b:cc:e6:83:a3:6b:c8:85:12:
53:e2:4b:c7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ2byC4KvSVaFCg3TVY2/ChxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjYwNDE3MTQxMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWFiMWU5MTYyNmU0YjBlZWJkYzNjOWFkNmU2ZTQxNDU0MzA2NzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8t2Wj3o2QirR3AAa19wwXw1/FoYh
abWn6tJHcZY3jXSv6UPU0DB5gsOsEXOQrIzdehirIuVfDiFusCSiH8+e5sxKOlgM
ziGNKPqqFl6fm8BMS9DLRtI9kRIfTPUfb+iWVVfDhQENg+TZBlL+JzDYxS0jmklV
juolMijASUo/8nQCbD+W1kzjhUCNBd5qAUXZj7OU7DaRfbY8+xDL61oL9+iwF4tE
OEItxZkjS6fBDdPcG4L4P3zAPxBxfpB+HT5S8f6nxPft040a5F5MWq3CG03W1oR6
F38wT1zXYjl7DuQcLyIXxec7iUSwlGUrmHEnJee3D9DpgScvocLC2rx63QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLqrHpFibksO69w8mtbm5BRUMGdAMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvdXFzZWtXSnVTdzdyM0R5YTF1YmtGRlF3WjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQAWSQhAwQA
X6+WAwQAwChFAwQAwi48MBYEAgACMBADBwAqDCUFEAADBQAqFGeAMA0GCSqGSIb3
DQEBCwUAA4IBAQCKZ/CYbD12v+a3UCCw2A/zIno/+hHgw9+KTbxdeHQsv8WClIcH
fsxDnsm8Lhwd2VEofX7uLjXThl/L9wQQka5M7XF8knjogwYer9nwDTPILH9WZ3eK
q6N3xR58ennAYzgrUwfa9285CnzjpolekM3fmyvJn41vIlz4N7tXCwVtsKHy7QUU
Hn3LSQy3a2ZPfFCnOADTLrAk5pXnHoi7FsRV+mh0itZgV3xL0W12pixtOi5cqzpt
Qyv277BA3pZ0xyF5zlg3pNIfqGnb7qbR20sXlrcFh9DJNlLQPvrzDxdtojEUaDnS
KXWyNh7LZRZSLJ0TvRlrzOaDo2vIhRJT4kvH
-----END CERTIFICATE-----
Generated at Tue Apr 21 17:25:30 2026 by rpki-client