Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/uBHFbLgGRV7emHjkgZfqJxhikko.roa
File: uBHFbLgGRV7emHjkgZfqJxhikko.roa (raw, json)
Hash identifier: 5UJr7XXT+HR7D7KcOSg5tDK5BIQwMOoB0sd6pq2mMYA=
Subject key identifier: B8:11:C5:6C:B8:06:45:5E:DE:98:78:E4:81:97:EA:27:18:62:92:4A
Certificate issuer: /CN=eaa00b0a134cc3e59c3bed5f06e90e97acc69226
Certificate serial: 019DD5C4F985F6A5E97F7CEF35CCDA8B69EA
Authority key identifier: EA:A0:0B:0A:13:4C:C3:E5:9C:3B:ED:5F:06:E9:0E:97:AC:C6:92:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qALChNMw-WcO-1fBukOl6zGkiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/uBHFbLgGRV7emHjkgZfqJxhikko.roa
Signing time: Tue 28 Apr 2026 20:25:49 +0000
ROA not before: Tue 28 Apr 2026 20:25:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42290
IP address blocks: 185.202.20.0/24 maxlen: 24
185.202.22.0/24 maxlen: 24
185.202.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/6qALChNMw-WcO-1fBukOl6zGkiY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/6qALChNMw-WcO-1fBukOl6zGkiY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qALChNMw-WcO-1fBukOl6zGkiY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 01 May 2026 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d5:c4:f9:85:f6:a5:e9:7f:7c:ef:35:cc:da:8b:69:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaa00b0a134cc3e59c3bed5f06e90e97acc69226
Validity
Not Before: Apr 28 20:25:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b811c56cb806455ede9878e48197ea271862924a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f2:12:2e:74:10:07:b6:23:04:99:be:42:d1:
69:8b:f0:c2:30:4a:d4:ac:49:0c:22:40:75:d5:69:
9c:d2:e7:db:f2:fe:26:a9:10:90:c1:c0:4c:81:ff:
31:a5:42:cb:b9:51:7b:b3:62:f7:7d:0a:90:c1:cb:
f4:8f:11:da:75:2b:ec:9c:d0:41:46:74:3f:01:66:
7f:df:3d:ae:3c:1a:65:28:a3:da:d5:2b:58:4d:b1:
8e:24:4c:f7:d4:34:2b:85:54:b5:9e:4f:59:e2:c5:
43:e4:13:d1:fe:6c:d6:1e:e9:a8:ce:70:1c:53:04:
bc:c7:95:5b:52:0a:95:62:11:5b:d6:4c:40:47:ae:
13:52:a0:ef:e6:c9:0d:0a:85:e1:ed:a4:b0:98:71:
53:66:44:6b:e5:5b:2e:e2:06:5e:d2:fc:02:84:78:
6d:d6:59:36:5f:aa:de:9c:bd:ca:1b:e5:a1:0d:61:
af:85:30:cf:9d:c7:6d:da:22:73:7f:33:3b:1d:02:
9f:70:60:23:b6:63:5c:ca:46:dc:69:92:17:27:7b:
f4:28:86:4b:88:27:c7:14:8a:97:ea:86:b0:2c:6f:
fd:9f:13:b1:c8:e0:5e:50:50:7f:22:7e:07:00:3b:
b8:bd:e0:57:b0:8f:b0:83:db:20:dd:d2:66:60:aa:
9d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:11:C5:6C:B8:06:45:5E:DE:98:78:E4:81:97:EA:27:18:62:92:4A
X509v3 Authority Key Identifier:
keyid:EA:A0:0B:0A:13:4C:C3:E5:9C:3B:ED:5F:06:E9:0E:97:AC:C6:92:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qALChNMw-WcO-1fBukOl6zGkiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/uBHFbLgGRV7emHjkgZfqJxhikko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/81be14-ffba-42e0-ae93-22aaf540eb5e/1/6qALChNMw-WcO-1fBukOl6zGkiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.20.0/24
185.202.22.0/23
Signature Algorithm: sha256WithRSAEncryption
50:1b:8b:9b:8c:62:f1:ad:d1:b3:2b:f5:c2:6c:2c:cb:fc:89:
cc:86:2f:fe:50:1d:29:64:af:d8:e6:26:a5:a1:08:83:ce:a8:
e0:ba:b8:54:30:d2:10:e9:d3:51:e8:99:36:a6:b6:f4:ed:db:
20:88:b6:15:62:99:78:f3:a4:0d:08:35:a2:24:fa:1a:12:66:
74:cc:35:b8:8b:15:bd:30:e7:f5:f6:4f:8d:eb:90:bf:4e:39:
31:e1:a7:29:57:f5:08:ae:89:79:31:33:44:5f:33:25:a7:1e:
83:ad:81:47:71:5d:58:ef:0c:25:48:26:03:02:53:3e:b2:91:
c8:36:99:f8:e8:a8:9c:33:38:d5:48:1e:8c:d5:01:be:14:06:
39:e3:13:f6:7d:73:cd:0a:28:5c:a8:c0:ed:e4:6c:35:25:7c:
34:90:05:69:f5:98:a4:14:d4:8e:de:7d:01:5c:29:20:fb:5a:
9d:1d:fe:b2:48:e9:18:59:4e:f9:88:04:3e:34:b4:4f:14:d3:
fd:75:4c:ea:bf:e3:3d:6b:94:dc:e0:31:62:6c:fe:82:ef:ce:
b9:7e:78:e1:f3:e8:39:b6:70:3e:33:86:02:0f:1c:1c:89:cb:
5b:ae:8b:07:60:7b:a3:6d:a6:1b:31:bf:49:4c:d8:0b:fc:88:
69:45:55:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3VxPmF9qXpf3zvNczai2nqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYTAwYjBhMTM0Y2MzZTU5YzNiZWQ1ZjA2ZTkwZTk3YWNj
NjkyMjYwHhcNMjYwNDI4MjAyNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODExYzU2Y2I4MDY0NTVlZGU5ODc4ZTQ4MTk3ZWEyNzE4NjI5MjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPISLnQQB7YjBJm+QtFpi/DCMErU
rEkMIkB11Wmc0ufb8v4mqRCQwcBMgf8xpULLuVF7s2L3fQqQwcv0jxHadSvsnNBB
RnQ/AWZ/3z2uPBplKKPa1StYTbGOJEz31DQrhVS1nk9Z4sVD5BPR/mzWHumoznAc
UwS8x5VbUgqVYhFb1kxAR64TUqDv5skNCoXh7aSwmHFTZkRr5Vsu4gZe0vwChHht
1lk2X6renL3KG+WhDWGvhTDPncdt2iJzfzM7HQKfcGAjtmNcykbcaZIXJ3v0KIZL
iCfHFIqX6oawLG/9nxOxyOBeUFB/In4HADu4veBXsI+wg9sg3dJmYKqdOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLgRxWy4BkVe3ph45IGX6icYYpJKMB8GA1UdIwQY
MBaAFOqgCwoTTMPlnDvtXwbpDpesxpImMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFBTENoTk13LVdjTy0xZkJ1a09sNnpHa2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84MWJlMTQtZmZiYS00MmUwLWFlOTMt
MjJhYWY1NDBlYjVlLzEvdUJIRmJMZ0dSVjdlbUhqa2daZnFKeGhpa2tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84MWJlMTQtZmZiYS00MmUwLWFlOTMtMjJhYWY1NDBlYjVl
LzEvNnFBTENoTk13LVdjTy0xZkJ1a09sNnpHa2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucoUAwQB
ucoWMA0GCSqGSIb3DQEBCwUAA4IBAQBQG4ubjGLxrdGzK/XCbCzL/InMhi/+UB0p
ZK/Y5ialoQiDzqjgurhUMNIQ6dNR6Jk2prb07dsgiLYVYpl486QNCDWiJPoaEmZ0
zDW4ixW9MOf19k+N65C/Tjkx4acpV/UIrol5MTNEXzMlpx6DrYFHcV1Y7wwlSCYD
AlM+spHINpn46KicMzjVSB6M1QG+FAY54xP2fXPNCihcqMDt5Gw1JXw0kAVp9Zik
FNSO3n0BXCkg+1qdHf6ySOkYWU75iAQ+NLRPFNP9dUzqv+M9a5Tc4DFibP6C7865
fnjh8+g5tnA+M4YCDxwcictbrosHYHujbaYbMb9JTNgL/IhpRVXL
-----END CERTIFICATE-----
Generated at Thu Apr 30 12:40:18 2026 by rpki-client