Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/UNEG0RbhpGfDIQfxZ4i2ieICO9g.roa
File: UNEG0RbhpGfDIQfxZ4i2ieICO9g.roa (raw, json)
Hash identifier: kKbhwxHzyZ1nQMHyypRvyIhRmV3QS30VEm56g35Omd4=
Subject key identifier: 50:D1:06:D1:16:E1:A4:67:C3:21:07:F1:67:88:B6:89:E2:02:3B:D8
Certificate issuer: /CN=3a00807698f0b097d69ab3926917d1dcc838a624
Certificate serial: 019E8F981819ED0991FFCDF69153B5E897AA
Authority key identifier: 3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/UNEG0RbhpGfDIQfxZ4i2ieICO9g.roa
Signing time: Wed 03 Jun 2026 22:26:10 +0000
ROA not before: Wed 03 Jun 2026 22:26:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55933
IP address blocks: 5.180.96.0/22 maxlen: 22
5.180.96.0/23 maxlen: 23
5.180.98.0/23 maxlen: 23
45.10.175.0/24 maxlen: 24
45.11.76.0/22 maxlen: 22
45.11.76.0/23 maxlen: 23
45.85.76.0/22 maxlen: 22
45.85.76.0/23 maxlen: 23
45.85.78.0/23 maxlen: 23
45.150.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8f:98:18:19:ed:09:91:ff:cd:f6:91:53:b5:e8:97:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a00807698f0b097d69ab3926917d1dcc838a624
Validity
Not Before: Jun 3 22:26:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=50d106d116e1a467c32107f16788b689e2023bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:53:b8:9f:02:a6:a5:f4:75:19:8c:51:1a:76:
10:77:d1:c5:61:89:34:d4:86:c3:25:55:75:79:5b:
17:e9:95:b2:07:3b:2a:2d:c8:ba:25:a2:84:0d:bb:
95:89:8a:8a:a2:73:c1:1d:7a:7d:36:69:c3:18:05:
14:e6:61:fe:83:88:ee:d3:f3:31:18:dd:20:c2:60:
c1:a0:fd:8e:0a:35:bc:10:f3:aa:dd:2d:33:a4:af:
0a:11:2e:aa:31:9d:7b:f9:00:59:4d:76:41:3d:82:
78:fd:de:bc:2f:24:b1:4d:9e:67:0b:ac:3b:aa:52:
ea:da:05:5b:d6:ec:70:8a:39:32:cd:69:53:7d:f1:
3a:d9:91:b1:9f:64:3f:17:63:7d:a6:99:12:ac:03:
53:47:b0:96:5d:35:68:a7:6e:75:89:3a:47:71:5a:
8e:ef:2f:c8:b4:ee:0d:31:6c:6c:a4:dc:54:ee:7f:
dc:14:0b:4f:45:19:b4:e4:b1:8e:a6:38:2b:93:d9:
20:94:4a:11:6b:1d:80:5c:62:cb:af:0e:30:01:dd:
45:4b:eb:64:b0:03:e8:d4:96:69:c1:3c:33:49:a5:
83:19:42:3b:15:c6:91:10:2c:fd:d1:15:6d:82:46:
7f:df:2f:f7:cb:33:4a:aa:ba:85:e8:67:9b:8e:60:
b6:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:D1:06:D1:16:E1:A4:67:C3:21:07:F1:67:88:B6:89:E2:02:3B:D8
X509v3 Authority Key Identifier:
keyid:3A:00:80:76:98:F0:B0:97:D6:9A:B3:92:69:17:D1:DC:C8:38:A6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/UNEG0RbhpGfDIQfxZ4i2ieICO9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/143d29-cf72-4d01-918c-16afc4dffdd4/1/OgCAdpjwsJfWmrOSaRfR3Mg4piQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.96.0/22
45.10.175.0/24
45.11.76.0/22
45.85.76.0/22
45.150.236.0/22
Signature Algorithm: sha256WithRSAEncryption
78:ff:4c:35:fa:8f:4e:8e:c7:d1:56:2a:9a:23:04:29:c7:2a:
da:76:45:89:de:78:fa:4f:f6:4d:f1:fe:1b:e7:84:95:a0:eb:
35:35:83:2e:66:54:5a:8d:04:a3:6d:0b:38:3f:13:8c:98:78:
9a:80:67:42:3f:6c:7b:8d:10:2d:73:e0:79:a7:1c:ce:82:94:
4e:5b:43:6a:18:3e:6b:2b:09:45:45:53:a6:54:1a:ef:78:97:
72:e2:5a:ce:6b:c3:6d:bd:d8:fd:63:14:2b:c8:f2:e6:bf:9f:
c1:a8:f1:a5:17:d7:25:5f:8e:ed:1e:7b:59:15:8a:37:8e:0f:
f5:f8:67:3e:9f:4d:14:b2:83:97:ef:69:2c:a6:03:40:01:58:
44:31:33:e5:a6:1e:a2:b4:2e:96:23:11:f0:b8:81:55:84:e6:
00:81:9a:cb:1a:a6:ea:a3:de:30:0b:c7:0b:9b:69:8b:b9:c8:
f4:dc:41:75:46:58:d2:1f:5c:a6:d4:bf:2d:fc:47:f9:b0:f5:
be:86:4a:41:a6:d5:44:18:32:eb:74:02:0f:36:eb:22:98:34:
29:fa:5e:33:18:b5:1a:5f:d3:3b:cd:a2:b2:c2:0f:5a:01:16:
5e:12:63:f7:0f:77:60:1d:fb:25:e3:b8:8f:95:1b:ad:af:86:
a2:d4:ed:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6PmBgZ7QmR/832kVO16JeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhMDA4MDc2OThmMGIwOTdkNjlhYjM5MjY5MTdkMWRjYzgz
OGE2MjQwHhcNMjYwNjAzMjIyNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGQxMDZkMTE2ZTFhNDY3YzMyMTA3ZjE2Nzg4YjY4OWUyMDIzYmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklO4nwKmpfR1GYxRGnYQd9HFYYk0
1IbDJVV1eVsX6ZWyBzsqLci6JaKEDbuViYqKonPBHXp9NmnDGAUU5mH+g4ju0/Mx
GN0gwmDBoP2OCjW8EPOq3S0zpK8KES6qMZ17+QBZTXZBPYJ4/d68LySxTZ5nC6w7
qlLq2gVb1uxwijkyzWlTffE62ZGxn2Q/F2N9ppkSrANTR7CWXTVop251iTpHcVqO
7y/ItO4NMWxspNxU7n/cFAtPRRm05LGOpjgrk9kglEoRax2AXGLLrw4wAd1FS+tk
sAPo1JZpwTwzSaWDGUI7FcaRECz90RVtgkZ/3y/3yzNKqrqF6GebjmC26QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFDRBtEW4aRnwyEH8WeItoniAjvYMB8GA1UdIwQY
MBaAFDoAgHaY8LCX1pqzkmkX0dzIOKYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMt
MTZhZmM0ZGZmZGQ0LzEvVU5FRzBSYmhwR2ZESVFmeFo0aTJpZUlDTzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8xNDNkMjktY2Y3Mi00ZDAxLTkxOGMtMTZhZmM0ZGZmZGQ0
LzEvT2dDQWRwandzSmZXbXJPU2FSZlIzTWc0cGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBbRgAwQA
LQqvAwQCLQtMAwQCLVVMAwQCLZbsMA0GCSqGSIb3DQEBCwUAA4IBAQB4/0w1+o9O
jsfRViqaIwQpxyradkWJ3nj6T/ZN8f4b54SVoOs1NYMuZlRajQSjbQs4PxOMmHia
gGdCP2x7jRAtc+B5pxzOgpROW0NqGD5rKwlFRVOmVBrveJdy4lrOa8Ntvdj9YxQr
yPLmv5/BqPGlF9clX47tHntZFYo3jg/1+Gc+n00UsoOX72kspgNAAVhEMTPlph6i
tC6WIxHwuIFVhOYAgZrLGqbqo94wC8cLm2mLucj03EF1RljSH1ym1L8t/Ef5sPW+
hkpBptVEGDLrdAIPNusimDQp+l4zGLUaX9M7zaKywg9aARZeEmP3D3dgHfsl47iP
lRutr4ai1O1s
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:37:34 2026 by rpki-client