Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2QcDfD7E1au242JnJKtHrOIJKSM.roa
File: 2QcDfD7E1au242JnJKtHrOIJKSM.roa (raw, json)
Hash identifier: DVhaMTHXQ3YintRIRUkpsKzq0x/IWYHPB26a6/JDY5I=
Subject key identifier: D9:07:03:7C:3E:C4:D5:AB:B6:E3:62:67:24:AB:47:AC:E2:09:29:23
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D1B388CDD52F7BECA6151F4BD42F6E8B0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2QcDfD7E1au242JnJKtHrOIJKSM.roa
Signing time: Mon 23 Mar 2026 15:03:04 +0000
ROA not before: Mon 23 Mar 2026 15:03:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9028
IP address blocks: 45.144.155.0/24 maxlen: 24
87.121.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 11:10:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1b:38:8c:dd:52:f7:be:ca:61:51:f4:bd:42:f6:e8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 23 15:03:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d907037c3ec4d5abb6e3626724ab47ace2092923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c5:4f:f4:d7:58:b6:3c:53:8f:11:41:98:c4:
df:b5:a1:f8:48:7d:96:61:cb:38:f9:28:6b:4c:dc:
a6:40:e8:7d:14:f9:97:a4:c2:c6:ad:77:18:6e:a0:
e8:bd:1b:d4:3c:94:c1:8d:eb:0d:27:bd:9e:50:57:
54:b2:b0:d7:51:0e:3e:ab:cd:93:be:e8:1c:77:da:
8b:20:b5:3c:c9:af:9b:f2:c1:42:65:bb:41:ec:fa:
46:ce:90:f7:13:b8:4e:a2:e5:c7:6d:7a:ca:22:ff:
ea:0f:80:f9:17:ae:e4:7b:9e:d9:f3:a7:f1:1d:24:
56:f5:cb:60:0b:09:ed:6f:60:2c:54:45:ad:a1:64:
c8:14:d1:40:a3:8a:25:19:7b:a1:23:10:e1:aa:37:
95:87:b6:dc:56:a2:0c:5b:0c:45:ca:04:15:fa:bc:
52:4d:36:bd:82:84:6b:c2:d0:c5:0a:0f:f9:2e:9c:
4c:4a:96:d2:57:24:bb:2a:27:00:89:2e:d0:20:ef:
51:a5:06:03:a1:f3:e7:72:55:a8:20:d2:4d:5f:0e:
c2:bd:79:80:c7:9c:ca:38:84:1f:18:59:c2:f1:f8:
d8:0f:cd:ac:ba:e9:b8:93:86:a2:54:fa:23:79:59:
cb:ac:18:17:78:b0:f0:d1:9e:6c:f9:e0:4c:1f:63:
95:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:07:03:7C:3E:C4:D5:AB:B6:E3:62:67:24:AB:47:AC:E2:09:29:23
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2QcDfD7E1au242JnJKtHrOIJKSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.155.0/24
87.121.54.0/24
Signature Algorithm: sha256WithRSAEncryption
39:79:a9:d7:c2:ab:05:57:af:36:93:7e:b5:52:6c:04:ce:aa:
29:66:ed:e5:d4:c2:fc:f8:c3:08:47:8e:a8:bc:b7:cc:69:17:
ae:54:e9:65:27:db:1d:93:52:54:c6:ca:c3:a0:2f:c6:29:cf:
da:1a:b4:94:11:8d:2e:65:05:91:50:2a:cf:05:13:c9:99:f4:
9b:a0:7c:0c:69:d2:a5:66:a8:9e:c0:0d:3b:cb:2b:dc:c2:77:
56:fc:47:9a:70:53:ff:0d:84:dc:26:98:84:44:41:20:ba:56:
e2:69:a1:cd:93:71:b0:b8:eb:22:7e:26:7f:4e:fd:3d:31:73:
b8:73:c4:2e:35:0b:ec:86:ce:5d:93:bd:8b:91:7e:0f:97:ee:
a2:f4:47:4b:57:b8:e1:ae:65:2d:ee:b1:65:f9:2b:62:f0:94:
08:0a:c8:c0:44:53:f6:2b:76:46:3d:55:74:6c:0c:0d:16:c9:
8f:b8:75:e0:6d:65:26:1b:93:eb:91:75:ad:63:db:20:6f:be:
52:40:52:d5:c8:e0:10:c3:46:8a:42:f1:45:5f:24:0c:31:7b:
89:5a:b6:4f:a6:aa:7f:4a:be:85:90:ca:0d:a4:5a:5d:74:a1:
d4:13:26:78:dd:95:f7:5c:b9:f1:d6:54:b9:33:05:76:77:5a:
a1:20:08:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0bOIzdUve+ymFR9L1C9uiwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzIzMTUwMzA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTA3MDM3YzNlYzRkNWFiYjZlMzYyNjcyNGFiNDdhY2UyMDkyOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMVP9NdYtjxTjxFBmMTftaH4SH2W
Ycs4+ShrTNymQOh9FPmXpMLGrXcYbqDovRvUPJTBjesNJ72eUFdUsrDXUQ4+q82T
vugcd9qLILU8ya+b8sFCZbtB7PpGzpD3E7hOouXHbXrKIv/qD4D5F67ke57Z86fx
HSRW9ctgCwntb2AsVEWtoWTIFNFAo4olGXuhIxDhqjeVh7bcVqIMWwxFygQV+rxS
TTa9goRrwtDFCg/5LpxMSpbSVyS7KicAiS7QIO9RpQYDofPnclWoINJNXw7CvXmA
x5zKOIQfGFnC8fjYD82suum4k4aiVPojeVnLrBgXeLDw0Z5s+eBMH2OV6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNkHA3w+xNWrtuNiZySrR6ziCSkjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMlFjRGZEN0UxYXUyNDJKbkpLdEhyT0lKS1NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZCbAwQA
V3k2MA0GCSqGSIb3DQEBCwUAA4IBAQA5eanXwqsFV682k361UmwEzqopZu3l1ML8
+MMIR46ovLfMaReuVOllJ9sdk1JUxsrDoC/GKc/aGrSUEY0uZQWRUCrPBRPJmfSb
oHwMadKlZqiewA07yyvcwndW/EeacFP/DYTcJpiEREEgulbiaaHNk3GwuOsifiZ/
Tv09MXO4c8QuNQvshs5dk72LkX4Pl+6i9EdLV7jhrmUt7rFl+Sti8JQICsjARFP2
K3ZGPVV0bAwNFsmPuHXgbWUmG5PrkXWtY9sgb75SQFLVyOAQw0aKQvFFXyQMMXuJ
WrZPpqp/Sr6FkMoNpFpddKHUEyZ43ZX3XLnx1lS5MwV2d1qhIAiq
-----END CERTIFICATE-----
Generated at Thu Mar 26 23:20:18 2026 by rpki-client