Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/ua-SYQJ09JP0CrjN-4qrwgoyzC0.roa
File: ua-SYQJ09JP0CrjN-4qrwgoyzC0.roa (raw, json)
Hash identifier: o6Eyyurglw8wGzE15d5TZBGXiOCrJZh1nJgMRDhcRpA=
Subject key identifier: B9:AF:92:61:02:74:F4:93:F4:0A:B8:CD:FB:8A:AB:C2:0A:32:CC:2D
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019CCE1D373469F5AC60B05D9539FC668A64
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/ua-SYQJ09JP0CrjN-4qrwgoyzC0.roa
Signing time: Sun 08 Mar 2026 15:42:26 +0000
ROA not before: Sun 08 Mar 2026 15:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216321
IP address blocks: 176.10.89.0/24 maxlen: 24
202.181.204.0/24 maxlen: 24
2a13:d8c0::/40 maxlen: 40
2a13:d8c1::/32 maxlen: 32
2a13:d8c1:ce00::/40 maxlen: 40
2a13:d8c1:fe00::/40 maxlen: 40
2a13:d8c2::/32 maxlen: 48
2a13:d8c3::/32 maxlen: 32
2a13:d8c4:2::/48 maxlen: 48
2a13:d8c4:7::/48 maxlen: 48
2a13:d8c5::/32 maxlen: 32
2a13:d8c6::/32 maxlen: 32
2a13:d8c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 09:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ce:1d:37:34:69:f5:ac:60:b0:5d:95:39:fc:66:8a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: Mar 8 15:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b9af92610274f493f40ab8cdfb8aabc20a32cc2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:17:3e:c9:6d:d2:e6:44:58:00:26:14:9c:61:
d2:58:1f:f4:ac:81:df:4a:3c:2c:58:4b:e2:bf:35:
1b:d7:c2:bd:90:8a:d9:72:9d:c1:7a:0f:f0:0c:d2:
e1:8d:1e:84:54:0a:2f:a0:8c:07:e7:be:03:ee:fe:
fa:d4:88:ed:70:84:3f:3a:12:cf:b7:40:39:d8:bb:
92:4c:f8:31:b5:df:f3:c6:27:cb:7f:86:e9:06:32:
1c:9b:37:ad:e7:5b:da:5b:de:06:c7:a8:43:57:68:
25:39:3d:b3:9d:dd:a6:59:18:a1:75:e5:5e:c1:ac:
1a:3c:4b:e6:a3:58:98:10:01:10:fb:f8:bf:8b:ae:
f7:d4:bd:ed:1f:0a:44:ad:5d:98:6a:91:70:68:0d:
6e:a0:59:4b:87:b5:a1:b6:c1:df:08:01:0c:d7:53:
e5:34:b0:fc:b1:7c:c7:ff:1f:bf:ef:8f:27:94:ed:
c6:7c:ea:ba:db:27:d7:d5:86:2a:13:9f:02:8e:a3:
de:98:bf:1e:a1:4b:54:ba:e9:7b:c8:f1:cb:eb:a7:
de:84:b8:ac:a7:24:43:03:04:af:6b:9b:52:93:d4:
87:3f:a0:58:db:0b:a7:56:26:80:2d:2d:e2:e3:32:
67:9e:8d:8d:ff:b3:ea:94:15:28:8b:e9:00:43:6e:
fb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AF:92:61:02:74:F4:93:F4:0A:B8:CD:FB:8A:AB:C2:0A:32:CC:2D
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/ua-SYQJ09JP0CrjN-4qrwgoyzC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.10.89.0/24
202.181.204.0/24
IPv6:
2a13:d8c0::/40
2a13:d8c1::-2a13:d8c3:ffff:ffff:ffff:ffff:ffff:ffff
2a13:d8c4:2::/48
2a13:d8c4:7::/48
2a13:d8c5::-2a13:d8c7:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
08:05:05:0a:bf:0a:d5:a7:7d:05:17:4a:df:ad:68:23:b7:2e:
2f:dc:2e:07:ad:33:a3:8b:62:97:99:f3:2f:ae:a9:ce:a3:eb:
3a:24:75:4f:85:98:64:34:fe:b5:f7:b3:08:f8:ac:14:75:1e:
01:77:5c:30:50:ac:29:1e:63:a9:a2:ce:e6:16:1f:97:4f:dc:
57:75:ed:e2:90:27:12:1c:10:bf:fe:93:c4:26:1a:51:ae:fe:
73:ca:af:28:54:80:61:80:84:18:8a:77:15:40:b7:1a:25:e6:
2d:16:6b:2b:de:2e:00:95:ea:5f:1f:94:47:82:af:93:40:d6:
34:59:c7:32:4f:58:fc:c3:88:4c:e9:44:a1:30:85:ab:1d:5a:
f2:5f:a5:35:9b:86:7f:6d:a9:1e:4b:14:76:91:46:09:9a:f9:
7f:68:e1:ff:7c:1a:40:b4:95:4e:ff:b3:97:be:d7:2b:ef:e3:
31:c4:b0:3e:00:3d:dd:b0:ea:61:46:4b:fa:29:9e:6e:b0:92:
c5:01:c5:98:63:a2:44:61:bb:11:b9:70:5d:03:5c:60:d0:25:
98:e6:d9:cf:e4:9e:71:b1:be:1c:6a:0c:87:e8:0b:0e:d2:0c:
d9:63:5b:5b:68:3c:90:cc:2c:e4:e4:7c:f3:ba:84:ce:d8:55:
42:d0:d9:e4
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZzOHTc0afWsYLBdlTn8ZopkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjYwMzA4MTU0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWFmOTI2MTAyNzRmNDkzZjQwYWI4Y2RmYjhhYWJjMjBhMzJjYzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Rc+yW3S5kRYACYUnGHSWB/0rIHf
SjwsWEvivzUb18K9kIrZcp3Beg/wDNLhjR6EVAovoIwH574D7v761IjtcIQ/OhLP
t0A52LuSTPgxtd/zxifLf4bpBjIcmzet51vaW94Gx6hDV2glOT2znd2mWRihdeVe
wawaPEvmo1iYEAEQ+/i/i6731L3tHwpErV2YapFwaA1uoFlLh7WhtsHfCAEM11Pl
NLD8sXzH/x+/748nlO3GfOq62yfX1YYqE58CjqPemL8eoUtUuul7yPHL66fehLis
pyRDAwSva5tSk9SHP6BY2wunViaALS3i4zJnno2N/7PqlBUoi+kAQ277eQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFLmvkmECdPST9Aq4zfuKq8IKMswtMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvdWEtU1lRSjA5SlAwQ3JqTi00cXJ3Z295ekMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjASBAIAATAMAwQAsApZAwQA
yrXMMEAEAgACMDoDBgAqE9jAADAOAwUAKhPYwQMFAioT2MADBwAqE9jEAAIDBwAq
E9jEAAcwDgMFACoT2MUDBQMqE9jAMA0GCSqGSIb3DQEBCwUAA4IBAQAIBQUKvwrV
p30FF0rfrWgjty4v3C4HrTOji2KXmfMvrqnOo+s6JHVPhZhkNP6197MI+KwUdR4B
d1wwUKwpHmOpos7mFh+XT9xXde3ikCcSHBC//pPEJhpRrv5zyq8oVIBhgIQYincV
QLcaJeYtFmsr3i4AlepfH5RHgq+TQNY0WccyT1j8w4hM6UShMIWrHVryX6U1m4Z/
bakeSxR2kUYJmvl/aOH/fBpAtJVO/7OXvtcr7+MxxLA+AD3dsOphRkv6KZ5usJLF
AcWYY6JEYbsRuXBdA1xg0CWY5tnP5J5xsb4cagyH6AsO0gzZY1tbaDyQzCzk5Hzz
uoTO2FVC0Nnk
-----END CERTIFICATE-----
Generated at Tue Mar 24 17:38:46 2026 by rpki-client