Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1qFlaCaeaIbvGmNWhErEdwce_fs.roa
File: 1qFlaCaeaIbvGmNWhErEdwce_fs.roa (raw, json)
Hash identifier: e+wEhZW0TH0mh0TT/y4m9TE8lD2rq+7BEWMuNgwP38A=
Subject key identifier: D6:A1:65:68:26:9E:68:86:EF:1A:63:56:84:4A:C4:77:07:1E:FD:FB
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019DF34C7CF865FF3892E4F99EDC127D3EE6
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1qFlaCaeaIbvGmNWhErEdwce_fs.roa
Signing time: Mon 04 May 2026 14:02:49 +0000
ROA not before: Mon 04 May 2026 14:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57242
IP address blocks: 45.155.89.0/24 maxlen: 24
45.156.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:4c:7c:f8:65:ff:38:92:e4:f9:9e:dc:12:7d:3e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 4 14:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6a16568269e6886ef1a6356844ac477071efdfb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3a:23:ea:14:04:65:37:42:64:6d:8f:a7:3e:
ac:87:73:d0:51:2b:7f:8f:7c:65:b6:99:d3:a9:6f:
1f:cd:5f:67:f2:37:cc:43:74:01:f9:e3:5e:e3:9b:
f3:2e:93:f6:5f:a9:ef:1a:1b:92:0f:62:45:0d:89:
34:40:23:fd:71:7f:ab:df:28:18:55:f9:6c:fa:8f:
ef:09:92:1a:ba:ae:74:62:92:3b:6e:60:e9:29:ab:
b5:ca:d7:08:93:1d:3b:7b:01:b5:fd:b4:07:52:8f:
f1:09:96:28:10:d2:d8:22:b8:2f:d8:53:be:ba:8a:
30:97:03:4b:f5:a0:6c:a9:63:29:55:b2:d4:1e:02:
de:75:47:59:c8:9d:7f:f2:06:8e:6b:d6:07:78:bd:
14:57:9c:74:0e:41:ad:08:00:6e:69:f1:6c:da:96:
b3:d3:5a:95:f7:b4:e9:26:67:31:d0:bb:cd:29:f8:
8a:91:4a:ef:7c:8a:db:55:f4:20:9d:ba:dd:b6:d2:
ea:a5:8b:a2:fc:21:29:a4:b6:85:93:3f:d6:67:d1:
1e:e8:98:72:59:8c:e4:0d:a7:6e:c4:2a:1c:0b:4d:
95:d8:8c:80:cb:78:91:97:06:8c:d9:54:41:07:a5:
58:97:43:0e:64:3f:34:db:cc:83:99:fa:29:fc:a2:
c9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A1:65:68:26:9E:68:86:EF:1A:63:56:84:4A:C4:77:07:1E:FD:FB
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/1qFlaCaeaIbvGmNWhErEdwce_fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.89.0/24
45.156.220.0/24
Signature Algorithm: sha256WithRSAEncryption
89:be:dd:e6:66:0e:e9:19:a7:79:e7:59:d4:04:a2:51:65:b3:
6f:d3:2a:1a:3c:b2:73:52:6e:b0:72:0d:a1:0d:54:4e:66:5c:
34:57:cd:b0:17:cc:4a:98:b7:9f:18:1a:1f:23:32:b2:79:48:
2b:a6:77:b8:ef:e7:42:10:05:03:ce:ee:0b:5a:f2:b3:65:ef:
59:bf:0e:2a:cd:b2:b7:67:75:b9:c6:94:31:4d:19:3d:4e:38:
03:30:28:08:e6:a5:11:73:74:73:11:75:95:23:26:95:6e:71:
b0:9c:8d:22:a2:f3:1f:10:75:52:90:9b:d9:39:17:96:fd:2a:
2c:c8:c7:c9:5a:65:2a:96:b5:bd:18:65:65:50:40:71:ae:4e:
9c:b3:f4:4a:ab:a2:56:4e:46:a3:29:6b:f2:01:25:08:95:d3:
c2:da:24:70:dc:b3:b0:16:b9:07:fd:ba:8a:29:7e:22:77:50:
c0:71:5f:11:9a:57:6b:bb:25:4a:c2:c2:84:6e:74:75:98:7d:
a2:a7:ac:ed:04:a9:d0:a6:e9:d7:be:99:96:7b:df:77:5b:fb:
cf:fb:6e:90:4c:60:ff:b9:e7:2d:78:4e:fb:23:24:1c:f8:1d:
67:6c:0b:05:23:fb:c8:f0:b1:d8:17:09:10:69:3b:2e:aa:a0:
48:db:6e:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3zTHz4Zf84kuT5ntwSfT7mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjYwNTA0MTQwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmExNjU2ODI2OWU2ODg2ZWYxYTYzNTY4NDRhYzQ3NzA3MWVmZGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzoj6hQEZTdCZG2Ppz6sh3PQUSt/
j3xltpnTqW8fzV9n8jfMQ3QB+eNe45vzLpP2X6nvGhuSD2JFDYk0QCP9cX+r3ygY
Vfls+o/vCZIauq50YpI7bmDpKau1ytcIkx07ewG1/bQHUo/xCZYoENLYIrgv2FO+
uoowlwNL9aBsqWMpVbLUHgLedUdZyJ1/8gaOa9YHeL0UV5x0DkGtCABuafFs2paz
01qV97TpJmcx0LvNKfiKkUrvfIrbVfQgnbrdttLqpYui/CEppLaFkz/WZ9Ee6Jhy
WYzkDaduxCocC02V2IyAy3iRlwaM2VRBB6VYl0MOZD8028yDmfop/KLJHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNahZWgmnmiG7xpjVoRKxHcHHv37MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvMXFGbGFDYWVhSWJ2R21OV2hFckVkd2NlX2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZtZAwQA
LZzcMA0GCSqGSIb3DQEBCwUAA4IBAQCJvt3mZg7pGad551nUBKJRZbNv0yoaPLJz
Um6wcg2hDVROZlw0V82wF8xKmLefGBofIzKyeUgrpne47+dCEAUDzu4LWvKzZe9Z
vw4qzbK3Z3W5xpQxTRk9TjgDMCgI5qURc3RzEXWVIyaVbnGwnI0iovMfEHVSkJvZ
OReW/SosyMfJWmUqlrW9GGVlUEBxrk6cs/RKq6JWTkajKWvyASUIldPC2iRw3LOw
FrkH/bqKKX4id1DAcV8RmldruyVKwsKEbnR1mH2ip6ztBKnQpunXvpmWe993W/vP
+26QTGD/uecteE77IyQc+B1nbAsFI/vI8LHYFwkQaTsuqqBI224I
-----END CERTIFICATE-----
Generated at Wed May 13 06:38:17 2026 by rpki-client