Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/_uh_DMB3rYBsnp2qK766WttZHT8.roa
File: _uh_DMB3rYBsnp2qK766WttZHT8.roa (raw, json)
Hash identifier: nO/tkSe37ekCMoyfOqnQ4/hpFXhIjm+P8b+U359bfdw=
Subject key identifier: FE:E8:7F:0C:C0:77:AD:80:6C:9E:9D:AA:2B:BE:BA:5A:DB:59:1D:3F
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019CB9399EDECB3558F63BBE39DC765275A4
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/_uh_DMB3rYBsnp2qK766WttZHT8.roa
Signing time: Wed 04 Mar 2026 14:21:27 +0000
ROA not before: Wed 04 Mar 2026 14:21:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200740
IP address blocks: 45.134.12.0/23 maxlen: 23
45.134.14.0/23 maxlen: 23
80.76.32.0/23 maxlen: 23
80.76.34.0/23 maxlen: 23
89.44.84.0/23 maxlen: 23
91.200.14.0/24 maxlen: 24
91.200.15.0/24 maxlen: 24
92.118.8.0/23 maxlen: 23
95.81.77.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.94.0/23 maxlen: 23
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
103.249.132.0/23 maxlen: 23
103.249.134.0/23 maxlen: 23
104.128.131.0/24 maxlen: 24
104.128.138.0/23 maxlen: 23
104.128.142.0/23 maxlen: 23
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.58.0/23 maxlen: 23
185.103.252.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
185.114.72.0/23 maxlen: 23
2a0c:5d00:3002::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 10:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:39:9e:de:cb:35:58:f6:3b:be:39:dc:76:52:75:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Mar 4 14:21:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fee87f0cc077ad806c9e9daa2bbeba5adb591d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:45:a4:9d:39:46:70:cf:c0:a3:06:49:e4:6d:
e3:a9:36:d5:a0:c5:10:26:57:03:71:a9:7d:2f:61:
2b:56:c5:9f:ee:57:ac:4d:cc:0a:43:ee:a3:30:91:
cf:bc:80:74:e2:59:a2:3c:06:97:9d:63:6f:fb:02:
ef:af:89:84:40:2b:dd:6d:2f:44:99:bf:28:9a:59:
6d:b5:bb:99:de:9e:ae:3f:0b:ff:a5:c9:3d:ed:14:
13:0d:d6:0c:f9:a8:67:f2:92:04:29:9a:c6:57:d1:
7d:49:87:57:7d:b2:ac:e2:14:9b:8d:68:35:c6:0a:
67:e5:66:13:ea:41:41:d4:4d:70:53:15:20:18:a1:
ae:9a:0e:cd:6f:13:24:57:70:7a:6f:c4:8f:5d:ae:
d6:22:bb:69:63:7d:cb:ed:2f:59:1b:9e:9c:94:cb:
9b:61:87:3d:4c:3b:b5:b3:41:27:d8:0b:e6:c2:17:
82:df:f7:74:94:70:05:7d:7b:be:a6:c2:3f:ca:d5:
31:34:76:69:b2:ac:fa:b3:2b:4e:25:f7:a0:f8:36:
e8:84:ed:8c:5b:86:0c:34:d5:2e:45:7b:03:ca:f5:
15:72:04:c8:1c:04:03:b3:77:b1:8d:ef:26:f1:db:
07:de:92:ea:c7:47:69:03:73:53:91:95:28:55:06:
07:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E8:7F:0C:C0:77:AD:80:6C:9E:9D:AA:2B:BE:BA:5A:DB:59:1D:3F
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/_uh_DMB3rYBsnp2qK766WttZHT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/22
80.76.32.0/22
89.44.84.0/23
91.200.14.0/23
92.118.8.0/23
95.81.77.0/24
95.81.93.0-95.81.95.255
95.81.112.0/23
95.81.119.0-95.81.120.255
103.85.112.0/23
103.249.132.0/22
104.128.131.0/24
104.128.138.0/23
104.128.142.0/23
109.69.56.0/22
185.103.252.0/22
185.114.72.0/23
IPv6:
2a0c:5d00:3002::/48
Signature Algorithm: sha256WithRSAEncryption
22:52:e5:38:1c:0a:a8:7d:ed:42:3a:ce:e5:bd:da:f0:63:a6:
d9:5b:69:26:72:e0:7a:6f:ae:27:fc:0a:93:31:04:69:c2:c7:
89:ed:a6:bf:84:46:f0:15:23:87:f7:05:9d:c5:58:44:7c:5e:
ff:a5:ed:30:1c:2d:56:8c:4c:1b:10:9f:71:31:53:45:aa:6a:
8e:d9:85:b3:3a:8d:92:6a:70:1f:07:bd:64:eb:6a:0d:df:dd:
43:d1:62:a9:c7:55:a9:f7:ad:52:92:a1:8d:27:da:8b:c8:8e:
54:e1:5c:be:af:4f:3a:51:9c:47:ba:89:e6:c3:c1:9e:a3:26:
5e:e5:ac:df:aa:d3:77:69:16:d6:12:e5:61:c9:68:c7:92:fa:
78:28:1a:dc:d6:ae:e0:16:c5:9e:47:34:af:b4:bc:14:ea:6a:
70:1a:b2:ae:a3:18:1e:83:f2:06:1b:4e:32:31:cc:b4:43:0e:
72:95:36:6d:5c:f1:c6:5e:39:5e:a0:4c:a4:62:38:83:60:77:
60:c1:01:f5:a7:47:7e:7e:cf:65:1e:9d:38:8f:02:f1:cd:21:
c5:60:14:78:27:c0:d6:1c:85:f3:cb:2b:4b:36:2b:b4:99:58:
25:a9:87:c4:77:17:ad:17:29:fa:16:b1:30:9b:9a:f5:1c:49:
8c:1d:83:ad
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZy5OZ7eyzVY9ju+Odx2UnWkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwMzA0MTQyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWU4N2YwY2MwNzdhZDgwNmM5ZTlkYWEyYmJlYmE1YWRiNTkxZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkWknTlGcM/AowZJ5G3jqTbVoMUQ
JlcDcal9L2ErVsWf7lesTcwKQ+6jMJHPvIB04lmiPAaXnWNv+wLvr4mEQCvdbS9E
mb8omllttbuZ3p6uPwv/pck97RQTDdYM+ahn8pIEKZrGV9F9SYdXfbKs4hSbjWg1
xgpn5WYT6kFB1E1wUxUgGKGumg7NbxMkV3B6b8SPXa7WIrtpY33L7S9ZG56clMub
YYc9TDu1s0En2AvmwheC3/d0lHAFfXu+psI/ytUxNHZpsqz6sytOJfeg+DbohO2M
W4YMNNUuRXsDyvUVcgTIHAQDs3exje8m8dsH3pLqx0dpA3NTkZUoVQYHrQIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFP7ofwzAd62AbJ6dqiu+ulrbWR0/MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvX3VoX0RNQjNyWUJzbnAycUs3NjZXdHRaSFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB8BAIAATB2AwQCLYYM
AwQCUEwgAwQBWSxUAwQBW8gOAwQBXHYIAwQAX1FNMAwDBABfUV0DBAVfUUADBAFf
UXAwDAMEAF9RdwMEAF9ReAMEAWdVcAMEAmf5hAMEAGiAgwMEAWiAigMEAWiAjgME
Am1FOAMEArln/AMEAblySDAPBAIAAjAJAwcAKgxdADACMA0GCSqGSIb3DQEBCwUA
A4IBAQAiUuU4HAqofe1COs7lvdrwY6bZW2kmcuB6b64n/AqTMQRpwseJ7aa/hEbw
FSOH9wWdxVhEfF7/pe0wHC1WjEwbEJ9xMVNFqmqO2YWzOo2SanAfB71k62oN391D
0WKpx1Wp961SkqGNJ9qLyI5U4Vy+r086UZxHuonmw8GeoyZe5azfqtN3aRbWEuVh
yWjHkvp4KBrc1q7gFsWeRzSvtLwU6mpwGrKuoxgeg/IGG04yMcy0Qw5ylTZtXPHG
XjleoEykYjiDYHdgwQH1p0d+fs9lHp04jwLxzSHFYBR4J8DWHIXzyytLNiu0mVgl
qYfEdxetFyn6FrEwm5r1HEmMHYOt
-----END CERTIFICATE-----
Generated at Sat Mar 7 19:39:24 2026 by rpki-client