Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tXOl2ubuLkmi5Hms7cr2oOrONy4.roa
File: tXOl2ubuLkmi5Hms7cr2oOrONy4.roa (raw, json)
Hash identifier: /mpuqbpXTMSqEVxHEhqKLpXW3WVDEqBZMvkdGp9RQuk=
Subject key identifier: B5:73:A5:DA:E6:EE:2E:49:A2:E4:79:AC:ED:CA:F6:A0:EA:CE:37:2E
Certificate issuer: /CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Certificate serial: 019CE66E8F05FFD5BA52BFD08CFC00F0AE56
Authority key identifier: 6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tXOl2ubuLkmi5Hms7cr2oOrONy4.roa
Signing time: Fri 13 Mar 2026 09:02:10 +0000
ROA not before: Fri 13 Mar 2026 09:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213694
IP address blocks: 45.66.250.0/23 maxlen: 24
45.83.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:6e:8f:05:ff:d5:ba:52:bf:d0:8c:fc:00:f0:ae:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d20ddd398dac8f62cc12526325f1821fb724f75
Validity
Not Before: Mar 13 09:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b573a5dae6ee2e49a2e479acedcaf6a0eace372e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bc:36:a1:f0:d4:87:b7:50:a8:2b:13:2a:ec:
de:fa:73:c0:ee:41:2e:3f:56:52:d5:fd:a4:ec:c8:
74:3a:b6:8f:d7:c2:fd:14:e0:6d:30:14:12:2f:35:
39:66:58:c2:a8:38:f8:7a:b4:de:65:c2:f8:fe:98:
1a:5e:be:37:20:fe:fa:46:0f:c5:4a:25:39:2a:6e:
c0:66:1b:28:e6:a2:0a:7d:a8:2b:a9:e7:e1:5c:91:
66:62:ca:00:2e:88:fb:97:19:b7:65:74:08:ac:57:
8d:b1:bf:cb:c2:6c:65:2a:d4:7f:94:ac:bc:e6:d6:
d1:9b:41:27:6a:08:6e:b5:d1:76:78:6f:1c:d2:f2:
b0:76:4e:69:3c:89:cd:1b:c0:f7:a2:f3:5a:01:42:
be:11:49:18:78:e3:14:2c:9d:52:ed:fc:6c:89:74:
38:f2:73:46:50:1d:f7:7f:09:b8:80:3d:4c:1e:ff:
b5:c8:9a:9c:1f:d9:b4:70:8b:f2:10:e5:02:34:86:
8d:e7:32:d2:94:3f:d8:8f:2d:38:26:1c:cc:d1:f1:
32:8e:5e:21:1e:1a:7a:92:ad:41:18:30:99:6b:15:
d4:39:07:b5:2d:f9:fe:e7:9c:0e:57:2c:14:7e:60:
15:51:8c:2c:66:85:10:03:19:82:d7:f0:bf:71:02:
c3:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:73:A5:DA:E6:EE:2E:49:A2:E4:79:AC:ED:CA:F6:A0:EA:CE:37:2E
X509v3 Authority Key Identifier:
keyid:6D:20:DD:D3:98:DA:C8:F6:2C:C1:25:26:32:5F:18:21:FB:72:4F:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bSDd05jayPYswSUmMl8YIftyT3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/tXOl2ubuLkmi5Hms7cr2oOrONy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a1a88f-1dff-4eff-826b-36de657232be/1/bSDd05jayPYswSUmMl8YIftyT3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.250.0/23
45.83.183.0/24
Signature Algorithm: sha256WithRSAEncryption
44:0c:42:53:1f:e2:47:7c:9b:c3:57:e0:3c:16:22:65:7b:59:
16:3a:fc:ce:44:14:a9:11:f8:a3:79:91:9d:1a:1b:11:b7:a4:
cb:17:01:e2:80:c4:b1:9f:f9:2d:d6:cd:04:7a:4b:9a:42:a9:
ba:ae:02:25:b9:e9:28:b4:5b:c9:10:2a:aa:d1:7e:02:f3:e7:
23:7f:ea:60:34:5f:09:2c:9d:f3:d4:72:20:df:d3:16:a2:43:
84:2e:14:9e:5f:a3:d0:3b:93:5f:01:dd:cd:a4:55:c0:c7:4c:
21:ae:cb:7c:bb:b1:d5:74:64:18:bb:b1:44:ff:ce:b2:27:fb:
7a:f0:5e:e6:6b:dc:29:0b:87:00:a8:a4:c7:e3:cd:04:90:aa:
71:ce:52:39:db:0f:01:f5:6e:b9:a6:c6:1c:17:d6:27:40:41:
c7:03:9a:cd:77:86:f9:fc:4d:00:ab:82:49:5b:f8:7d:03:89:
2e:64:bc:4d:c2:ea:11:5d:10:d6:f5:a5:89:9e:74:f3:5e:f5:
16:28:4a:62:80:1e:bb:45:6c:a4:82:98:3a:18:db:7b:94:66:
ee:c1:d4:15:4d:db:b3:2d:2e:1a:06:e7:7b:88:7e:13:8f:ec:
37:a4:e7:0b:a1:29:ee:2a:44:1c:39:b2:b9:ad:b0:1e:2c:62:
16:d8:6d:a0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZzmbo8F/9W6Ur/QjPwA8K5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMjBkZGQzOThkYWM4ZjYyY2MxMjUyNjMyNWYxODIxZmI3
MjRmNzUwHhcNMjYwMzEzMDkwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTczYTVkYWU2ZWUyZTQ5YTJlNDc5YWNlZGNhZjZhMGVhY2UzNzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibw2ofDUh7dQqCsTKuze+nPA7kEu
P1ZS1f2k7Mh0OraP18L9FOBtMBQSLzU5ZljCqDj4erTeZcL4/pgaXr43IP76Rg/F
SiU5Km7AZhso5qIKfagrqefhXJFmYsoALoj7lxm3ZXQIrFeNsb/LwmxlKtR/lKy8
5tbRm0EnaghutdF2eG8c0vKwdk5pPInNG8D3ovNaAUK+EUkYeOMULJ1S7fxsiXQ4
8nNGUB33fwm4gD1MHv+1yJqcH9m0cIvyEOUCNIaN5zLSlD/Yjy04JhzM0fEyjl4h
Hhp6kq1BGDCZaxXUOQe1Lfn+55wOVywUfmAVUYwsZoUQAxmC1/C/cQLDkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVzpdrm7i5JouR5rO3K9qDqzjcuMB8GA1UdIwQY
MBaAFG0g3dOY2sj2LMElJjJfGCH7ck91MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmIt
MzZkZTY1NzIzMmJlLzEvdFhPbDJ1YnVMa21pNUhtczdjcjJvT3JPTnk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hMWE4OGYtMWRmZi00ZWZmLTgyNmItMzZkZTY1NzIzMmJl
LzEvYlNEZDA1amF5UFlzd1NVbU1sOFlJZnR5VDNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUL6AwQA
LVO3MA0GCSqGSIb3DQEBCwUAA4IBAQBEDEJTH+JHfJvDV+A8FiJle1kWOvzORBSp
EfijeZGdGhsRt6TLFwHigMSxn/kt1s0EekuaQqm6rgIluekotFvJECqq0X4C8+cj
f+pgNF8JLJ3z1HIg39MWokOELhSeX6PQO5NfAd3NpFXAx0whrst8u7HVdGQYu7FE
/86yJ/t68F7ma9wpC4cAqKTH480EkKpxzlI52w8B9W65psYcF9YnQEHHA5rNd4b5
/E0Aq4JJW/h9A4kuZLxNwuoRXRDW9aWJnnTzXvUWKEpigB67RWykgpg6GNt7lGbu
wdQVTduzLS4aBud7iH4Tj+w3pOcLoSnuKkQcObK5rbAeLGIW2G2g
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:13:28 2026 by rpki-client