Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1uykX7XuB8BdjpT1ugfsAuVxO_o.roa
File: 1uykX7XuB8BdjpT1ugfsAuVxO_o.roa (raw, json)
Hash identifier: +nVFIj8xJeJ89FbQF7uxdxGPy/z6Fq4PX9E3VSgew2Y=
Subject key identifier: D6:EC:A4:5F:B5:EE:07:C0:5D:8E:94:F5:BA:07:EC:02:E5:71:3B:FA
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 019DAB24767763A7A9ED97BF3ADF89CC07FF
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1uykX7XuB8BdjpT1ugfsAuVxO_o.roa
Signing time: Mon 20 Apr 2026 13:46:26 +0000
ROA not before: Mon 20 Apr 2026 13:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
46.28.67.0/24 maxlen: 24
46.28.70.0/24 maxlen: 24
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
85.90.199.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.206.0/23 maxlen: 23
217.12.215.0/24 maxlen: 24
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 01:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ab:24:76:77:63:a7:a9:ed:97:bf:3a:df:89:cc:07:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Apr 20 13:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6eca45fb5ee07c05d8e94f5ba07ec02e5713bfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cf:73:30:83:73:2f:bc:da:88:77:14:e0:5c:
25:10:ed:c0:78:c1:89:07:74:9e:0d:9a:a6:b0:23:
f9:97:bc:15:99:5e:c7:fa:12:8d:25:26:33:37:c8:
32:7e:6f:35:2b:a7:14:77:a6:13:94:f8:89:b8:fb:
f6:2c:cb:a1:84:f3:06:d5:46:01:07:4b:77:42:05:
f8:d8:a3:f2:f0:ec:a7:d3:9b:8a:73:9c:d6:fa:7c:
91:ed:85:d6:a9:c0:4e:82:8f:66:79:4a:88:2c:05:
37:83:a8:30:58:38:34:2f:b3:12:3c:cf:0e:7d:8f:
84:bd:78:28:bb:6d:38:a9:da:f5:ad:02:14:0a:01:
1b:ed:d2:23:b7:09:e8:6a:15:3d:8b:91:60:10:96:
2b:4b:7f:d8:29:d0:0e:d7:67:25:5a:3e:6a:c8:9f:
f8:ed:34:a3:7c:69:09:6a:12:14:99:b2:f0:c0:96:
a2:62:e7:7d:e8:9d:2b:dd:5e:27:32:c6:73:ec:83:
af:1b:4e:50:7f:39:33:91:96:2c:de:08:9b:f4:cf:
63:d2:5d:03:04:0e:ac:b6:60:fa:ff:6a:b1:b0:7b:
65:d4:26:2d:0d:92:77:96:ae:e5:2b:78:cf:db:a1:
fe:08:e5:9c:42:6a:50:49:bd:cb:8b:d7:3a:68:82:
1f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:EC:A4:5F:B5:EE:07:C0:5D:8E:94:F5:BA:07:EC:02:E5:71:3B:FA
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/1uykX7XuB8BdjpT1ugfsAuVxO_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
46.28.67.0/24
46.28.70.0/24
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
85.90.199.0/24
195.123.232.0/22
195.123.240.0/21
195.211.96.0/22
217.12.206.0/23
217.12.215.0/24
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0e:ae:8b:b5:c3:65:f5:5b:d3:59:bb:19:90:cb:48:f9:5c:c5:
f1:1b:e0:5f:bb:5d:6c:dd:9c:0d:ce:79:a8:ac:44:5e:05:62:
82:8a:aa:72:bf:b6:51:f2:f9:05:53:e4:78:ed:00:b2:db:43:
f9:fc:55:62:cf:c6:1b:2f:2d:18:a3:65:ef:83:ff:31:76:43:
86:8a:57:1b:0d:09:4d:a9:ec:fc:9c:43:3d:08:aa:b4:1a:08:
34:67:e8:eb:c4:e7:94:d0:92:f5:38:d2:e8:17:00:33:31:ea:
47:7e:70:f6:e2:07:4c:b7:3d:8c:f2:ef:f5:83:75:f5:83:fe:
50:9b:95:3d:19:c2:de:bc:89:cb:f6:08:e7:9c:8f:11:d5:bc:
ff:99:8d:d0:b6:36:54:b2:e5:eb:41:a8:47:ce:5a:b2:4c:65:
44:a0:ce:9b:43:59:d8:42:2f:5d:92:1c:20:d3:e1:f1:0b:93:
81:34:df:40:80:b5:4a:97:60:0f:eb:f3:56:c8:25:39:52:8e:
fa:c2:9b:a6:91:2b:b3:1b:e2:f9:d2:90:6b:ea:32:6f:3e:76:
cf:f6:7e:cb:f7:fd:92:2e:be:27:1d:d1:1d:ac:7b:19:71:43:
1d:96:55:a4:0e:58:2e:20:c5:8f:e4:90:8d:68:85:c6:6f:9f:
8a:13:a9:4b
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZ2rJHZ3Y6ep7Ze/Ot+JzAf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjYwNDIwMTM0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmVjYTQ1ZmI1ZWUwN2MwNWQ4ZTk0ZjViYTA3ZWMwMmU1NzEzYmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnc9zMINzL7zaiHcU4FwlEO3AeMGJ
B3SeDZqmsCP5l7wVmV7H+hKNJSYzN8gyfm81K6cUd6YTlPiJuPv2LMuhhPMG1UYB
B0t3QgX42KPy8Oyn05uKc5zW+nyR7YXWqcBOgo9meUqILAU3g6gwWDg0L7MSPM8O
fY+EvXgou204qdr1rQIUCgEb7dIjtwnoahU9i5FgEJYrS3/YKdAO12clWj5qyJ/4
7TSjfGkJahIUmbLwwJaiYud96J0r3V4nMsZz7IOvG05QfzkzkZYs3gib9M9j0l0D
BA6stmD6/2qxsHtl1CYtDZJ3lq7lK3jP26H+COWcQmpQSb3Li9c6aIIfMQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFNbspF+17gfAXY6U9boH7ALlcTv6MB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvMXV5a1g3WHVCOEJkanBUMXVnZnNBdVZ4T19vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzBaBAIAATBUAwQCBSKw
AwQCLVo4AwQALhxDAwQALhxGAwQAPuk5AwQCUnX8AwQCUnYUAwQAVVrEAwQAVVrH
AwQCw3voAwQDw3vwAwQCw9NgAwQB2QzOAwQA2QzXMCUEAgACMB8wDQMEAioFlAMF
ACoFlAYwDgMFBioSb8ADBQAqEm/CMA0GCSqGSIb3DQEBCwUAA4IBAQAOrou1w2X1
W9NZuxmQy0j5XMXxG+Bfu11s3ZwNznmorEReBWKCiqpyv7ZR8vkFU+R47QCy20P5
/FViz8YbLy0Yo2Xvg/8xdkOGilcbDQlNqez8nEM9CKq0Ggg0Z+jrxOeU0JL1ONLo
FwAzMepHfnD24gdMtz2M8u/1g3X1g/5Qm5U9GcLevInL9gjnnI8R1bz/mY3QtjZU
suXrQahHzlqyTGVEoM6bQ1nYQi9dkhwg0+HxC5OBNN9AgLVKl2AP6/NWyCU5Uo76
wpumkSuzG+L50pBr6jJvPnbP9n7L9/2SLr4nHdEdrHsZcUMdllWkDlguIMWP5JCN
aIXGb5+KE6lL
-----END CERTIFICATE-----
Generated at Mon Apr 27 10:38:22 2026 by rpki-client