Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uJdwk4Aq1bwGSd6oxIoJhvM-uXM.roa
File: uJdwk4Aq1bwGSd6oxIoJhvM-uXM.roa (raw, json)
Hash identifier: rwcNnlw/+aFQfBOmrgh3vtA+IVf1hoEhCRRubVwHtmA=
Subject key identifier: B8:97:70:93:80:2A:D5:BC:06:49:DE:A8:C4:8A:09:86:F3:3E:B9:73
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019D3BA22F5A2D662E745B94816D17E7B0BB
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uJdwk4Aq1bwGSd6oxIoJhvM-uXM.roa
Signing time: Sun 29 Mar 2026 22:06:17 +0000
ROA not before: Sun 29 Mar 2026 22:06:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 45.43.142.0/24 maxlen: 24
104.222.176.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Apr 2026 19:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3b:a2:2f:5a:2d:66:2e:74:5b:94:81:6d:17:e7:b0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 29 22:06:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b8977093802ad5bc0649dea8c48a0986f33eb973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1d:1e:ae:12:fc:05:cc:cd:c0:bc:56:3e:04:
2c:df:c3:b5:88:a9:d4:16:d7:91:17:ee:f8:46:c1:
1e:ad:44:cd:5e:55:6b:93:0d:60:4e:fb:3a:71:c7:
03:f1:3d:fb:fe:ba:ad:24:e1:81:ae:5f:42:b4:e8:
5f:d2:60:5a:60:1c:d8:57:08:d4:6c:9c:d5:1f:35:
e9:f1:2f:af:51:1c:ba:8d:a8:28:8c:39:83:c8:b9:
4e:05:fe:2d:22:e1:a0:9c:17:8e:ac:8a:1b:0e:73:
0f:9d:a0:20:b8:b8:26:65:14:65:3c:02:0a:d9:82:
53:ba:b5:93:56:52:95:6a:4f:59:72:57:0e:1e:ea:
ce:0e:48:0f:64:3a:d9:df:17:11:5d:2f:87:f4:9e:
b5:08:16:70:96:f7:61:26:f1:da:e2:98:21:3c:e0:
7a:e8:8a:da:b2:59:e4:66:9e:04:3c:e6:87:7e:7e:
ab:b2:8a:7c:d9:09:a2:d0:de:ab:c8:f8:a7:97:3c:
4d:94:32:6c:b4:2e:bf:be:97:14:06:7c:be:71:86:
95:67:2b:89:34:ef:b4:bd:4a:db:25:ab:2c:2c:fb:
d7:70:e4:3a:18:91:5d:ee:10:01:2c:b5:68:70:09:
85:98:d9:f0:d0:72:3b:fd:a4:14:a4:03:a8:fb:60:
56:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:97:70:93:80:2A:D5:BC:06:49:DE:A8:C4:8A:09:86:F3:3E:B9:73
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/uJdwk4Aq1bwGSd6oxIoJhvM-uXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.142.0/24
104.222.176.0/24
104.222.182.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:20:80:d2:cc:bc:5b:e1:15:d7:43:cd:5d:53:f4:8b:a5:24:
b0:43:44:00:21:dc:b8:b0:be:12:35:84:f9:80:a1:72:81:c5:
1a:2a:ba:eb:11:e8:bc:a9:a9:e7:3c:6a:70:6a:72:37:86:9b:
47:44:84:22:b4:b2:71:8f:61:eb:11:53:c4:67:07:45:89:48:
0c:af:89:89:9e:63:da:02:0b:14:f9:0c:e1:6b:56:e7:1e:d2:
db:d7:4e:bf:c0:cd:a9:dd:dc:68:f7:b6:a7:ae:d2:dc:75:7e:
8c:70:e4:50:7b:c8:9c:80:78:86:71:4d:bf:17:17:c3:d7:0b:
c1:3e:c7:aa:e7:8b:e9:6d:e2:16:eb:cc:44:22:12:5f:96:a4:
a7:ed:15:40:d2:2d:22:a2:43:48:09:f9:f2:1e:f1:c8:9a:80:
02:56:3a:e8:09:8b:4a:7c:d5:38:7a:e2:57:af:1e:92:3b:27:
f2:06:3a:5c:13:9b:e5:4c:3a:69:00:f8:db:b5:16:f4:c2:93:
44:0a:d0:c4:7a:1a:bf:0e:7e:a9:57:04:62:a7:a2:7e:b5:23:
df:b6:b9:11:2c:5c:14:95:fd:8d:88:41:51:57:fa:8d:91:4a:
dd:0e:27:79:b0:4e:85:ce:13:35:82:72:5a:2a:ae:62:62:14:
38:f1:f2:dd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ07oi9aLWYudFuUgW0X57C7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjYwMzI5MjIwNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODk3NzA5MzgwMmFkNWJjMDY0OWRlYThjNDhhMDk4NmYzM2ViOTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR0erhL8BczNwLxWPgQs38O1iKnU
FteRF+74RsEerUTNXlVrkw1gTvs6cccD8T37/rqtJOGBrl9CtOhf0mBaYBzYVwjU
bJzVHzXp8S+vURy6jagojDmDyLlOBf4tIuGgnBeOrIobDnMPnaAguLgmZRRlPAIK
2YJTurWTVlKVak9ZclcOHurODkgPZDrZ3xcRXS+H9J61CBZwlvdhJvHa4pghPOB6
6IraslnkZp4EPOaHfn6rsop82Qmi0N6ryPinlzxNlDJstC6/vpcUBny+cYaVZyuJ
NO+0vUrbJassLPvXcOQ6GJFd7hABLLVocAmFmNnw0HI7/aQUpAOo+2BWuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLiXcJOAKtW8BkneqMSKCYbzPrlzMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdUpkd2s0QXExYndHU2Q2b3hJb0podk0tdVhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALSuOAwQA
aN6wAwQAaN62MA0GCSqGSIb3DQEBCwUAA4IBAQA/IIDSzLxb4RXXQ81dU/SLpSSw
Q0QAIdy4sL4SNYT5gKFygcUaKrrrEei8qannPGpwanI3hptHRIQitLJxj2HrEVPE
ZwdFiUgMr4mJnmPaAgsU+Qzha1bnHtLb106/wM2p3dxo97anrtLcdX6McORQe8ic
gHiGcU2/FxfD1wvBPseq54vpbeIW68xEIhJflqSn7RVA0i0iokNICfnyHvHImoAC
VjroCYtKfNU4euJXrx6SOyfyBjpcE5vlTDppAPjbtRb0wpNECtDEehq/Dn6pVwRi
p6J+tSPftrkRLFwUlf2NiEFRV/qNkUrdDid5sE6FzhM1gnJaKq5iYhQ48fLd
-----END CERTIFICATE-----
Generated at Wed Apr 15 03:51:20 2026 by rpki-client