Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/uYYAF2CgTPmwA1qAHQwLxmLvnnQ.roa
File: uYYAF2CgTPmwA1qAHQwLxmLvnnQ.roa (raw, json)
Hash identifier: iO1PoQ5KtnZAzQ3JC5Zi0gRiLIzhMEqyWnF2lTVAOrU=
Subject key identifier: B9:86:00:17:60:A0:4C:F9:B0:03:5A:80:1D:0C:0B:C6:62:EF:9E:74
Certificate issuer: /CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Certificate serial: 019CFAB40E093E08A2991B255B9910764920
Authority key identifier: 3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/uYYAF2CgTPmwA1qAHQwLxmLvnnQ.roa
Signing time: Tue 17 Mar 2026 07:30:29 +0000
ROA not before: Tue 17 Mar 2026 07:30:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216472
IP address blocks: 89.43.132.0/24 maxlen: 24
89.43.133.0/24 maxlen: 24
89.43.134.0/24 maxlen: 24
89.43.135.0/24 maxlen: 24
128.0.4.0/24 maxlen: 24
128.0.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 19:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fa:b4:0e:09:3e:08:a2:99:1b:25:5b:99:10:76:49:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e75d49ded20566ca745c28f80cfd9a92f4b7d47
Validity
Not Before: Mar 17 07:30:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b986001760a04cf9b0035a801d0c0bc662ef9e74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d5:d3:4f:06:e6:db:71:eb:fe:db:17:91:b5:
75:da:a7:45:d2:09:9d:cb:88:67:ab:94:c7:10:77:
b5:e4:8e:dd:d2:b0:b6:22:77:05:a9:6a:94:45:1d:
c1:7f:f0:9a:93:b6:93:09:74:eb:59:d4:1b:52:fd:
36:e5:c4:8c:43:c7:4f:0f:93:4d:3c:5c:36:b3:33:
d7:22:f5:8e:4d:9a:92:2f:7d:be:b9:04:8d:0d:dc:
09:a2:c1:10:0f:64:f2:50:c6:25:ce:0f:36:06:bf:
bc:f0:67:17:44:a7:0f:8f:31:0f:21:cf:17:ff:ad:
aa:3a:b3:48:2f:56:90:23:cc:ca:cc:26:49:dc:62:
f9:ed:05:38:c1:e5:7e:9f:1a:ee:2e:d5:c7:cb:1a:
72:33:8f:04:b3:e6:f7:6d:b7:62:58:86:85:63:16:
15:99:c2:d5:96:14:67:22:75:7d:4b:fb:96:fe:cb:
01:4a:bb:40:5e:10:aa:25:5d:51:53:31:52:fa:e8:
9c:30:cb:4f:07:3a:e0:27:b3:64:34:51:c6:27:3d:
25:6e:c6:23:db:c6:85:f3:1f:ca:17:6b:61:78:45:
81:b3:e3:04:84:fe:8e:e1:3a:6e:1b:11:23:f1:89:
83:50:50:09:f0:61:bd:15:de:db:3e:c5:99:57:cf:
16:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:86:00:17:60:A0:4C:F9:B0:03:5A:80:1D:0C:0B:C6:62:EF:9E:74
X509v3 Authority Key Identifier:
keyid:3E:75:D4:9D:ED:20:56:6C:A7:45:C2:8F:80:CF:D9:A9:2F:4B:7D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PnXUne0gVmynRcKPgM_ZqS9LfUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/uYYAF2CgTPmwA1qAHQwLxmLvnnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/1c15a2-d0ec-4c3a-86cd-83638475d8ab/1/PnXUne0gVmynRcKPgM_ZqS9LfUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.132.0/22
128.0.4.0/24
128.0.7.0/24
Signature Algorithm: sha256WithRSAEncryption
94:b4:4e:90:28:c0:7f:8a:dd:38:d6:2c:ef:de:5c:08:4a:7b:
ac:ae:fb:cf:5f:00:b3:4c:f0:24:5e:61:ef:cb:4e:05:1a:7e:
11:3f:80:6c:43:43:32:28:96:1a:4e:4c:d5:db:60:b1:d8:9e:
82:f2:e8:76:fe:b1:27:91:96:19:06:56:61:5f:d1:5c:2c:e2:
40:90:c0:d7:b8:36:2c:6b:ab:0d:86:67:68:20:2f:82:6a:49:
0a:58:b7:dc:3e:01:0f:2f:ac:85:ed:e9:ed:bd:90:a8:26:7e:
6b:92:9b:f7:29:ed:f9:f9:5a:e0:d5:6f:04:04:4e:66:f9:c4:
d4:06:12:11:4b:77:11:cc:dc:3f:aa:40:63:9b:3c:0c:ae:a2:
86:00:1e:44:f5:07:c6:5f:a4:2a:f3:d5:d3:fc:e4:da:c7:58:
c1:11:07:3b:d8:9c:5d:0b:ef:53:92:76:53:9a:13:10:83:9e:
91:f4:a9:ff:d4:21:9c:3c:a9:74:0b:3f:ce:16:8b:43:55:31:
90:44:d2:9b:2b:74:3f:77:06:70:40:89:7a:56:21:91:6e:81:
28:07:c5:a4:ff:21:63:14:07:82:8e:97:a7:76:22:06:e0:61:
c5:4b:3b:02:8a:cf:2f:52:55:1b:2a:82:65:cb:81:ca:3a:34:
06:c2:59:3a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZz6tA4JPgiimRslW5kQdkkgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNzVkNDlkZWQyMDU2NmNhNzQ1YzI4ZjgwY2ZkOWE5MmY0
YjdkNDcwHhcNMjYwMzE3MDczMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTg2MDAxNzYwYTA0Y2Y5YjAwMzVhODAxZDBjMGJjNjYyZWY5ZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdXTTwbm23Hr/tsXkbV12qdF0gmd
y4hnq5THEHe15I7d0rC2IncFqWqURR3Bf/Cak7aTCXTrWdQbUv025cSMQ8dPD5NN
PFw2szPXIvWOTZqSL32+uQSNDdwJosEQD2TyUMYlzg82Br+88GcXRKcPjzEPIc8X
/62qOrNIL1aQI8zKzCZJ3GL57QU4weV+nxruLtXHyxpyM48Es+b3bbdiWIaFYxYV
mcLVlhRnInV9S/uW/ssBSrtAXhCqJV1RUzFS+uicMMtPBzrgJ7NkNFHGJz0lbsYj
28aF8x/KF2theEWBs+MEhP6O4TpuGxEj8YmDUFAJ8GG9Fd7bPsWZV88WIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLmGABdgoEz5sANagB0MC8Zi7550MB8GA1UdIwQY
MBaAFD511J3tIFZsp0XCj4DP2akvS31HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2Qt
ODM2Mzg0NzVkOGFiLzEvdVlZQUYyQ2dUUG13QTFxQUhRd0x4bUx2bm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8xYzE1YTItZDBlYy00YzNhLTg2Y2QtODM2Mzg0NzVkOGFi
LzEvUG5YVW5lMGdWbXluUmNLUGdNX1pxUzlMZlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWSuEAwQA
gAAEAwQAgAAHMA0GCSqGSIb3DQEBCwUAA4IBAQCUtE6QKMB/it041izv3lwISnus
rvvPXwCzTPAkXmHvy04FGn4RP4BsQ0MyKJYaTkzV22Cx2J6C8uh2/rEnkZYZBlZh
X9FcLOJAkMDXuDYsa6sNhmdoIC+CakkKWLfcPgEPL6yF7entvZCoJn5rkpv3Ke35
+Vrg1W8EBE5m+cTUBhIRS3cRzNw/qkBjmzwMrqKGAB5E9QfGX6Qq89XT/OTax1jB
EQc72JxdC+9TknZTmhMQg56R9Kn/1CGcPKl0Cz/OFotDVTGQRNKbK3Q/dwZwQIl6
ViGRboEoB8Wk/yFjFAeCjpendiIG4GHFSzsCis8vUlUbKoJly4HKOjQGwlk6
-----END CERTIFICATE-----
Generated at Sun Mar 22 04:21:23 2026 by rpki-client