Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/UkgHwb4aR-vfEVW_chFXeZM7ufs.roa
File: UkgHwb4aR-vfEVW_chFXeZM7ufs.roa (raw, json)
Hash identifier: EApidgvlTKfdDWwQPs4AF7dQdfTiN6dGaqCve1W5gyA=
Subject key identifier: 52:48:07:C1:BE:1A:47:EB:DF:11:55:BF:72:11:57:79:93:3B:B9:FB
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 019E82442ED75C6A7BC90A1337EE9EE8C479
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/UkgHwb4aR-vfEVW_chFXeZM7ufs.roa
Signing time: Mon 01 Jun 2026 08:19:27 +0000
ROA not before: Mon 01 Jun 2026 08:19:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44559
IP address blocks: 89.185.78.0/24 maxlen: 24
89.185.86.0/24 maxlen: 24
89.185.87.0/24 maxlen: 24
92.240.201.0/24 maxlen: 24
92.240.205.0/24 maxlen: 24
92.240.214.0/24 maxlen: 24
92.240.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 00:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:82:44:2e:d7:5c:6a:7b:c9:0a:13:37:ee:9e:e8:c4:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jun 1 08:19:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=524807c1be1a47ebdf1155bf72115779933bb9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:62:ad:ea:d6:45:f4:5b:68:96:40:a1:09:12:
f9:e8:1c:65:59:0c:66:21:4b:10:a3:9d:d8:ba:ba:
91:af:20:6a:3e:c1:3d:a0:d6:25:64:06:9a:f9:63:
76:87:50:69:4a:d3:15:4b:0b:b6:40:21:fa:8c:a3:
19:5d:28:00:51:56:c9:5e:68:76:39:ea:4e:0c:b5:
bd:c4:55:3b:a5:8f:5a:eb:5e:d8:4a:d6:2d:79:a6:
27:5b:ac:dd:44:8f:7d:35:dd:ff:b3:58:d7:b9:64:
19:05:4f:61:11:95:70:fb:1d:df:07:09:97:f2:79:
08:73:83:49:12:f4:17:17:56:60:49:6f:ca:1f:b5:
8f:6c:63:d6:64:1e:4a:90:21:b3:33:09:d0:37:b2:
f9:ce:f7:e7:57:d8:d2:ff:9e:87:26:68:b9:6e:af:
fe:f4:94:38:18:22:ca:8b:c5:3b:1e:56:43:fa:88:
f0:61:33:74:20:01:e8:6c:39:65:8f:26:cd:65:14:
57:03:5e:fd:e5:77:65:5e:b1:4a:54:aa:78:14:d4:
ac:5a:0f:66:3b:f1:1b:76:99:90:99:c3:a2:7a:0c:
55:b0:17:04:bc:b1:15:48:bd:01:70:a9:a3:e8:91:
b8:41:da:f3:03:23:d9:87:bf:8a:78:d1:ec:a4:34:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:48:07:C1:BE:1A:47:EB:DF:11:55:BF:72:11:57:79:93:3B:B9:FB
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/UkgHwb4aR-vfEVW_chFXeZM7ufs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.78.0/24
89.185.86.0/23
92.240.201.0/24
92.240.205.0/24
92.240.214.0/24
92.240.216.0/24
Signature Algorithm: sha256WithRSAEncryption
17:2b:76:d6:53:20:57:23:fc:d9:e4:92:7c:0a:15:41:f8:ed:
2b:1a:4d:1e:62:4e:7c:49:42:92:b4:52:af:9a:17:d3:1d:03:
27:9b:6c:ae:18:02:f8:e9:1e:0e:b5:ed:1a:4f:92:f1:b1:0a:
d2:75:6d:bd:dc:e3:f9:27:63:8b:a6:11:c2:b7:36:56:89:81:
cb:68:a3:93:45:23:87:af:fe:43:d7:d4:0c:cd:55:c5:a8:82:
f0:49:d0:1f:7f:ee:17:a6:9c:d5:ff:fd:69:3c:8b:c0:42:45:
43:65:fc:83:86:8f:bd:21:e6:1f:e3:76:f8:04:fd:e7:f8:39:
74:35:1a:60:70:42:ab:06:50:a5:5e:fc:cb:4d:87:da:3c:05:
dd:93:f0:1b:e1:e1:4c:6b:b4:5d:ad:98:e1:5e:84:c3:c3:18:
ef:6d:81:d5:9a:e1:0e:05:9e:d2:b4:63:c8:a9:25:c5:92:54:
86:f1:5f:39:ce:3b:d8:06:d4:7c:3f:e9:63:34:7d:09:d1:c7:
06:8c:b4:e8:0b:2f:85:53:8a:18:35:e9:e2:52:06:e3:8b:dc:
16:6b:38:12:15:02:8f:49:d5:f0:78:b9:76:cf:bc:f4:cb:31:
b3:0d:85:46:2e:a7:8b:38:06:36:c7:01:da:07:3a:08:21:4b:
a0:96:a7:cb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6CRC7XXGp7yQoTN+6e6MR5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjYwNjAxMDgxOTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ4MDdjMWJlMWE0N2ViZGYxMTU1YmY3MjExNTc3OTkzM2JiOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2Kt6tZF9FtolkChCRL56BxlWQxm
IUsQo53YurqRryBqPsE9oNYlZAaa+WN2h1BpStMVSwu2QCH6jKMZXSgAUVbJXmh2
OepODLW9xFU7pY9a617YStYteaYnW6zdRI99Nd3/s1jXuWQZBU9hEZVw+x3fBwmX
8nkIc4NJEvQXF1ZgSW/KH7WPbGPWZB5KkCGzMwnQN7L5zvfnV9jS/56HJmi5bq/+
9JQ4GCLKi8U7HlZD+ojwYTN0IAHobDlljybNZRRXA1795XdlXrFKVKp4FNSsWg9m
O/EbdpmQmcOiegxVsBcEvLEVSL0BcKmj6JG4QdrzAyPZh7+KeNHspDRoGwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFJIB8G+Gkfr3xFVv3IRV3mTO7n7MB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvVWtnSHdiNGFSLXZmRVZXX2NoRlhlWk03dWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAWblOAwQB
WblWAwQAXPDJAwQAXPDNAwQAXPDWAwQAXPDYMA0GCSqGSIb3DQEBCwUAA4IBAQAX
K3bWUyBXI/zZ5JJ8ChVB+O0rGk0eYk58SUKStFKvmhfTHQMnm2yuGAL46R4Ote0a
T5LxsQrSdW293OP5J2OLphHCtzZWiYHLaKOTRSOHr/5D19QMzVXFqILwSdAff+4X
ppzV//1pPIvAQkVDZfyDho+9IeYf43b4BP3n+Dl0NRpgcEKrBlClXvzLTYfaPAXd
k/Ab4eFMa7RdrZjhXoTDwxjvbYHVmuEOBZ7StGPIqSXFklSG8V85zjvYBtR8P+lj
NH0J0ccGjLToCy+FU4oYNeniUgbji9wWazgSFQKPSdXweLl2z7z0yzGzDYVGLqeL
OAY2xwHaBzoIIUuglqfL
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:31:05 2026 by rpki-client