Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/uFxrwUPGahsgU0NhkE7IqtKwEU4.roa
File: uFxrwUPGahsgU0NhkE7IqtKwEU4.roa (raw, json)
Hash identifier: ARBCNl7Ei4KTeE+J4rvd49qxKn5dAvgnf3fgdzfEo9Y=
Subject key identifier: B8:5C:6B:C1:43:C6:6A:1B:20:53:43:61:90:4E:C8:AA:D2:B0:11:4E
Certificate issuer: /CN=9447ad84b84baec47d5621e2f75623f3eaf13960
Certificate serial: 019E874F133897EB822ED6EE271DA4A67AD6
Authority key identifier: 94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/uFxrwUPGahsgU0NhkE7IqtKwEU4.roa
Signing time: Tue 02 Jun 2026 07:49:26 +0000
ROA not before: Tue 02 Jun 2026 07:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213518
IP address blocks: 79.170.96.0/22 maxlen: 24
91.220.16.0/24 maxlen: 24
2a14:d300::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.mft
rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 10:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:4f:13:38:97:eb:82:2e:d6:ee:27:1d:a4:a6:7a:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9447ad84b84baec47d5621e2f75623f3eaf13960
Validity
Not Before: Jun 2 07:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b85c6bc143c66a1b20534361904ec8aad2b0114e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:92:06:99:eb:af:d4:a3:4b:a9:b5:d2:bb:76:
f5:55:9d:48:89:43:0d:e3:c0:4b:59:ea:9e:3d:f0:
b8:28:93:82:5e:41:0e:f9:51:a2:f3:c1:d1:93:3a:
60:29:10:cf:e4:49:67:a8:89:57:40:d9:20:37:a4:
28:bf:c6:18:da:09:cc:3c:53:e7:a3:2e:f3:f5:7e:
44:fa:65:27:22:67:d8:2d:90:da:6c:0a:5b:45:c7:
6d:a2:3f:fd:1e:5a:68:07:72:cc:f8:61:10:6b:2d:
9a:07:ae:60:9c:6c:d6:79:03:da:94:21:2f:08:e3:
0c:9c:c9:fa:66:8e:cb:d9:06:61:b0:80:e6:6b:10:
74:4c:1c:f3:d1:ee:77:44:27:32:e3:05:ce:76:50:
94:c8:4d:53:59:63:b0:35:39:d1:18:ad:44:b7:fd:
87:de:67:fc:8b:3c:34:a8:9e:d3:1d:d3:cd:5e:dc:
17:01:47:4a:e1:27:1e:ec:2d:23:db:a2:5e:07:d7:
80:8a:5a:83:a0:b7:07:c6:c2:4f:ed:8f:51:31:34:
ef:7c:af:7e:80:6e:d6:a9:5f:eb:73:64:a7:84:80:
48:4a:41:21:0c:f1:48:cb:ba:38:d1:f9:c0:f3:fc:
c9:37:6c:d7:5a:65:15:23:e8:b9:ad:e6:dc:08:59:
7e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:5C:6B:C1:43:C6:6A:1B:20:53:43:61:90:4E:C8:AA:D2:B0:11:4E
X509v3 Authority Key Identifier:
keyid:94:47:AD:84:B8:4B:AE:C4:7D:56:21:E2:F7:56:23:F3:EA:F1:39:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lEethLhLrsR9ViHi91Yj8-rxOWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/uFxrwUPGahsgU0NhkE7IqtKwEU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/238c56-c25e-4fd6-b916-5b318c3499fb/1/lEethLhLrsR9ViHi91Yj8-rxOWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.170.96.0/22
91.220.16.0/24
IPv6:
2a14:d300::/29
Signature Algorithm: sha256WithRSAEncryption
43:47:e7:34:8b:b8:0d:75:15:31:5d:2f:ea:68:38:72:a0:34:
21:fd:2e:a8:cf:87:f7:58:21:36:ef:f1:d9:42:af:06:bb:4d:
a5:68:da:68:d9:1f:2f:3a:e2:7e:53:e1:db:e6:38:a4:6d:ba:
ea:74:0f:b8:e3:d6:36:ef:84:1a:19:b3:71:62:72:f6:88:86:
67:7a:80:3a:de:19:7e:4b:19:2f:bc:c4:2e:e7:e0:29:b9:66:
8e:e4:d2:2f:e8:f5:fa:12:11:e5:2f:df:35:a2:8b:0c:55:65:
ae:90:16:05:99:ec:8c:cd:a0:7e:ed:d4:7a:2b:19:c9:60:49:
bb:ab:4f:14:34:08:b8:72:50:f8:27:2b:99:06:e8:69:97:b5:
75:4a:6a:42:6f:06:5b:45:58:3a:80:73:8e:42:e7:92:ce:a9:
7a:f1:70:40:7d:ca:34:52:14:c4:ef:8c:83:c4:90:6b:3e:b2:
d6:b4:11:a1:cd:42:c6:19:ef:21:dd:c4:99:dc:dc:89:64:7a:
3a:26:25:15:be:54:8a:61:c4:cd:bf:de:64:21:5c:81:b1:e5:
10:6b:0e:fb:c2:92:2a:3f:fd:76:9e:02:65:2d:7d:9d:e5:71:
c1:33:6e:40:04:8a:b2:da:5d:a6:06:b3:26:18:28:73:29:01:
c3:aa:f1:38
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ6HTxM4l+uCLtbuJx2kpnrWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0NDdhZDg0Yjg0YmFlYzQ3ZDU2MjFlMmY3NTYyM2YzZWFm
MTM5NjAwHhcNMjYwNjAyMDc0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODVjNmJjMTQzYzY2YTFiMjA1MzQzNjE5MDRlYzhhYWQyYjAxMTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpIGmeuv1KNLqbXSu3b1VZ1IiUMN
48BLWeqePfC4KJOCXkEO+VGi88HRkzpgKRDP5ElnqIlXQNkgN6Qov8YY2gnMPFPn
oy7z9X5E+mUnImfYLZDabApbRcdtoj/9HlpoB3LM+GEQay2aB65gnGzWeQPalCEv
COMMnMn6Zo7L2QZhsIDmaxB0TBzz0e53RCcy4wXOdlCUyE1TWWOwNTnRGK1Et/2H
3mf8izw0qJ7THdPNXtwXAUdK4Sce7C0j26JeB9eAilqDoLcHxsJP7Y9RMTTvfK9+
gG7WqV/rc2SnhIBISkEhDPFIy7o40fnA8/zJN2zXWmUVI+i5rebcCFl+0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLhca8FDxmobIFNDYZBOyKrSsBFOMB8GA1UdIwQY
MBaAFJRHrYS4S67EfVYh4vdWI/Pq8TlgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYt
NWIzMThjMzQ5OWZiLzEvdUZ4cndVUEdhaHNnVTBOaGtFN0lxdEt3RVU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yMzhjNTYtYzI1ZS00ZmQ2LWI5MTYtNWIzMThjMzQ5OWZi
LzEvbEVldGhMaExyc1I5VmlIaTkxWWo4LXJ4T1dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCT6pgAwQA
W9wQMA0EAgACMAcDBQMqFNMAMA0GCSqGSIb3DQEBCwUAA4IBAQBDR+c0i7gNdRUx
XS/qaDhyoDQh/S6oz4f3WCE27/HZQq8Gu02laNpo2R8vOuJ+U+Hb5jikbbrqdA+4
49Y274QaGbNxYnL2iIZneoA63hl+SxkvvMQu5+ApuWaO5NIv6PX6EhHlL981oosM
VWWukBYFmeyMzaB+7dR6KxnJYEm7q08UNAi4clD4JyuZBuhpl7V1SmpCbwZbRVg6
gHOOQueSzql68XBAfco0UhTE74yDxJBrPrLWtBGhzULGGe8h3cSZ3NyJZHo6JiUV
vlSKYcTNv95kIVyBseUQaw77wpIqP/12ngJlLX2d5XHBM25ABIqy2l2mBrMmGChz
KQHDqvE4
-----END CERTIFICATE-----
Generated at Wed Jun 3 20:13:46 2026 by rpki-client