Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/UCw29YjY3cKmFjpAxHmvqF-bUCI.roa
File: UCw29YjY3cKmFjpAxHmvqF-bUCI.roa (raw, json)
Hash identifier: K5I6bkFEX1PYMGH5TucPKknBQXRBL1MadI7utz2hd/A=
Subject key identifier: 50:2C:36:F5:88:D8:DD:C2:A6:16:3A:40:C4:79:AF:A8:5F:9B:50:22
Certificate issuer: /CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Certificate serial: 019D3DCDE961BE36071BFD64711679BDAA23
Authority key identifier: 8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/UCw29YjY3cKmFjpAxHmvqF-bUCI.roa
Signing time: Mon 30 Mar 2026 08:13:17 +0000
ROA not before: Mon 30 Mar 2026 08:13:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.152.178.0/24 maxlen: 24
45.152.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 14:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:cd:e9:61:be:36:07:1b:fd:64:71:16:79:bd:aa:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b37183341a2ab6df3c59ec827ed71200b5a6244
Validity
Not Before: Mar 30 08:13:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=502c36f588d8ddc2a6163a40c479afa85f9b5022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6b:92:5f:0e:7e:f4:a7:10:e4:06:72:43:6f:
c6:3a:43:b3:23:24:c4:06:be:5c:a2:84:c2:01:3e:
62:fa:ed:aa:c1:44:1f:7a:02:aa:a5:a6:06:39:c1:
4a:16:1f:67:7d:2e:da:1e:7c:c4:ee:38:54:30:cf:
7b:c5:75:6e:f8:a6:f4:c4:ab:6c:c3:52:1e:e1:6d:
f5:74:5a:4d:a8:96:bd:8b:2a:11:1e:6e:11:ac:50:
89:3d:fd:dc:3a:95:54:ef:4d:3e:bf:2e:89:59:15:
9f:5f:1e:e1:80:c4:3a:14:66:3e:4e:3b:2e:6c:8e:
35:b5:e4:c4:bf:95:0b:46:f6:45:e7:0e:83:11:a1:
4c:b9:d4:d0:10:0c:42:86:f8:53:4a:3a:70:25:e9:
d6:c6:77:50:40:fa:fb:35:a2:ba:34:9e:7f:58:d2:
8b:a0:77:06:b9:2c:42:66:a7:0c:7e:8b:0d:ed:4a:
3c:ed:2c:49:24:76:03:27:d1:a1:9b:33:d7:74:36:
c2:3b:b0:29:c1:26:2a:4d:50:93:98:79:c6:84:38:
06:cb:a9:cc:e4:0e:80:d0:3f:44:aa:3e:34:20:2a:
82:a8:57:75:3a:44:1e:fd:5d:dc:9a:7c:03:5e:1b:
ec:fb:b6:67:4f:de:03:5e:f4:44:b4:98:50:f1:5e:
2e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2C:36:F5:88:D8:DD:C2:A6:16:3A:40:C4:79:AF:A8:5F:9B:50:22
X509v3 Authority Key Identifier:
keyid:8B:37:18:33:41:A2:AB:6D:F3:C5:9E:C8:27:ED:71:20:0B:5A:62:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/UCw29YjY3cKmFjpAxHmvqF-bUCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/1c78e3-67d6-4e90-aeb5-0852cb353293/1/izcYM0Giq23zxZ7IJ-1xIAtaYkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.178.0/23
Signature Algorithm: sha256WithRSAEncryption
12:90:68:aa:af:db:2c:df:3c:cd:7b:4e:38:aa:3c:e4:cb:0f:
41:17:96:7f:40:f3:07:d6:b5:63:5d:22:e7:e2:8c:39:f3:5a:
f5:2b:c9:8a:27:6c:0c:06:24:a9:37:de:f5:a1:1c:bd:45:ae:
a1:8d:71:96:c8:c1:89:98:8b:de:b4:64:77:81:f5:41:33:50:
76:c9:87:7d:da:1e:c5:c9:4c:05:62:ad:74:8b:8f:7c:3b:a8:
d8:cc:20:40:ae:1e:1d:83:70:9b:8d:ef:25:e2:c9:2e:29:56:
cc:c0:62:84:f2:c0:04:ee:37:b7:16:8e:5d:c2:42:1e:f7:a0:
7e:7a:ab:90:3d:7a:33:a4:07:7e:d5:1c:cd:df:fb:19:1f:29:
d3:ff:86:20:99:13:52:aa:5d:28:3e:42:d8:83:51:54:29:5c:
fc:e5:d6:24:ed:1d:55:5f:c2:20:43:f9:c5:eb:f4:09:18:84:
34:27:a6:ba:a7:e9:0b:42:81:0c:f4:8e:ad:60:46:e5:c3:dc:
b7:1f:19:cc:c9:4f:09:ac:b2:af:46:e1:45:57:a8:63:92:a6:
ba:6f:47:1a:bc:87:16:8f:db:ab:46:ef:1b:58:5c:a5:54:15:
d7:bf:32:fa:6b:19:08:ef:e1:93:13:47:1b:9c:45:19:38:22:
12:c1:ca:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ09zelhvjYHG/1kcRZ5vaojMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMzcxODMzNDFhMmFiNmRmM2M1OWVjODI3ZWQ3MTIwMGI1
YTYyNDQwHhcNMjYwMzMwMDgxMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDJjMzZmNTg4ZDhkZGMyYTYxNjNhNDBjNDc5YWZhODVmOWI1MDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WuSXw5+9KcQ5AZyQ2/GOkOzIyTE
Br5cooTCAT5i+u2qwUQfegKqpaYGOcFKFh9nfS7aHnzE7jhUMM97xXVu+Kb0xKts
w1Ie4W31dFpNqJa9iyoRHm4RrFCJPf3cOpVU700+vy6JWRWfXx7hgMQ6FGY+Tjsu
bI41teTEv5ULRvZF5w6DEaFMudTQEAxChvhTSjpwJenWxndQQPr7NaK6NJ5/WNKL
oHcGuSxCZqcMfosN7Uo87SxJJHYDJ9GhmzPXdDbCO7ApwSYqTVCTmHnGhDgGy6nM
5A6A0D9Eqj40ICqCqFd1OkQe/V3cmnwDXhvs+7ZnT94DXvREtJhQ8V4upQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFAsNvWI2N3CphY6QMR5r6hfm1AiMB8GA1UdIwQY
MBaAFIs3GDNBoqtt88WeyCftcSALWmJEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUt
MDg1MmNiMzUzMjkzLzEvVUN3MjlZalkzY0ttRmpwQXhIbXZxRi1iVUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xYzc4ZTMtNjdkNi00ZTkwLWFlYjUtMDg1MmNiMzUzMjkz
LzEvaXpjWU0wR2lxMjN6eFo3SUotMXhJQXRhWWtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZiyMA0G
CSqGSIb3DQEBCwUAA4IBAQASkGiqr9ss3zzNe044qjzkyw9BF5Z/QPMH1rVjXSLn
4ow581r1K8mKJ2wMBiSpN971oRy9Ra6hjXGWyMGJmIvetGR3gfVBM1B2yYd92h7F
yUwFYq10i498O6jYzCBArh4dg3Cbje8l4skuKVbMwGKE8sAE7je3Fo5dwkIe96B+
equQPXozpAd+1RzN3/sZHynT/4YgmRNSql0oPkLYg1FUKVz85dYk7R1VX8IgQ/nF
6/QJGIQ0J6a6p+kLQoEM9I6tYEblw9y3HxnMyU8JrLKvRuFFV6hjkqa6b0cavIcW
j9urRu8bWFylVBXXvzL6axkI7+GTE0cbnEUZOCISwcqS
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:24:01 2026 by rpki-client