Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ROXrZox9qmRyvEk1U37LkhE8O1k.roa
File: ROXrZox9qmRyvEk1U37LkhE8O1k.roa (raw, json)
Hash identifier: O/Kmp71WYLzeqzuXJvcZSb52Tj33zZc/vYWStp0shFw=
Subject key identifier: 44:E5:EB:66:8C:7D:AA:64:72:BC:49:35:53:7E:CB:92:11:3C:3B:59
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019D1FA8559499CB2138FAE873EA89D2C3E9
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ROXrZox9qmRyvEk1U37LkhE8O1k.roa
Signing time: Tue 24 Mar 2026 11:43:38 +0000
ROA not before: Tue 24 Mar 2026 11:43:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 80.174.248.0/24 maxlen: 24
103.85.32.0/24 maxlen: 24
103.85.33.0/24 maxlen: 24
103.85.34.0/24 maxlen: 24
103.85.35.0/24 maxlen: 24
202.58.108.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:a8:55:94:99:cb:21:38:fa:e8:73:ea:89:d2:c3:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Mar 24 11:43:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=44e5eb668c7daa6472bc4935537ecb92113c3b59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:65:61:f0:d2:e0:8f:13:4f:d5:d7:83:a0:2e:
77:bb:fb:82:fa:47:82:18:af:58:1d:ea:4e:a6:3a:
02:12:26:1a:05:90:a7:40:d9:e8:df:e0:8a:b8:d8:
06:c4:73:15:58:b8:f9:49:d1:1d:73:32:d0:a2:51:
de:8c:23:37:72:41:d8:f1:fc:03:57:8b:ca:09:a6:
1b:c6:01:ff:c3:b5:93:b2:72:fb:a8:e3:4f:95:57:
3f:da:ad:39:01:04:7b:24:45:2b:ff:0b:c6:eb:78:
44:c3:91:4f:9b:dc:bc:71:e5:a4:e0:b6:19:3b:34:
37:a8:7b:34:7b:a4:57:af:f3:14:26:71:64:08:a7:
be:ac:af:9e:98:e3:9b:09:44:74:5a:6c:3a:3d:be:
8e:35:0f:74:e6:cc:32:8b:11:23:95:f2:71:d5:80:
df:a9:ad:f4:ea:75:96:e5:08:e4:14:b6:57:67:18:
8e:63:d6:97:02:25:d3:10:17:4c:f1:78:cb:3d:cf:
d3:87:b2:26:ab:65:22:74:fe:5f:b7:29:e2:23:3a:
48:1d:fe:0c:d4:d9:89:0d:1e:c7:e9:ef:7a:43:97:
b6:d7:b3:e1:d4:62:d0:49:77:24:ae:82:f4:5c:f3:
2c:cd:32:b7:6f:88:18:c8:37:75:3e:ee:c4:d5:af:
db:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E5:EB:66:8C:7D:AA:64:72:BC:49:35:53:7E:CB:92:11:3C:3B:59
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/ROXrZox9qmRyvEk1U37LkhE8O1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.248.0/24
103.85.32.0/22
202.58.108.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:9b:c2:1c:27:fa:d2:31:8d:fb:e2:a0:17:34:19:27:15:d4:
e0:47:07:da:39:16:fc:56:55:c4:3e:76:e8:29:35:31:0f:bb:
dd:a4:3e:c4:d9:60:e7:89:2f:c3:f1:bb:c6:ae:be:84:65:62:
76:05:66:02:06:8f:42:18:34:e8:3c:b3:62:1c:b2:91:3d:00:
31:d9:49:d2:48:65:25:8a:b7:53:03:03:7b:37:c3:ed:06:bd:
ed:d1:30:93:d6:7a:aa:63:39:8e:66:41:67:b8:76:0f:6e:5e:
92:46:85:6f:6d:29:f6:fe:a3:c1:af:57:67:92:00:dc:0c:b7:
13:38:be:d8:52:23:c8:5b:38:9a:7f:39:de:91:f3:82:e0:79:
24:0d:48:e8:aa:09:8c:54:4b:c5:8d:b8:06:82:05:d6:21:36:
27:d4:8b:45:8b:69:d7:6a:b4:3b:64:e9:87:a6:9d:6c:d3:81:
2f:b0:44:7f:c5:2f:34:4d:20:db:e3:06:c2:7f:bf:2f:b8:1e:
36:7e:f3:50:ac:cf:12:f6:6d:a9:8b:9c:76:b0:75:25:a4:42:
6c:a1:3c:c6:1c:14:9d:28:3b:32:74:9f:a6:76:8c:0e:86:3f:
07:61:3a:22:53:bc:af:ef:3d:96:46:3e:d9:12:54:af:a4:a1:
14:d0:6d:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0fqFWUmcshOProc+qJ0sPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwMzI0MTE0MzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGU1ZWI2NjhjN2RhYTY0NzJiYzQ5MzU1MzdlY2I5MjExM2MzYjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWVh8NLgjxNP1deDoC53u/uC+keC
GK9YHepOpjoCEiYaBZCnQNno3+CKuNgGxHMVWLj5SdEdczLQolHejCM3ckHY8fwD
V4vKCaYbxgH/w7WTsnL7qONPlVc/2q05AQR7JEUr/wvG63hEw5FPm9y8ceWk4LYZ
OzQ3qHs0e6RXr/MUJnFkCKe+rK+emOObCUR0Wmw6Pb6ONQ905swyixEjlfJx1YDf
qa306nWW5QjkFLZXZxiOY9aXAiXTEBdM8XjLPc/Th7Imq2UidP5ftyniIzpIHf4M
1NmJDR7H6e96Q5e217Ph1GLQSXckroL0XPMszTK3b4gYyDd1Pu7E1a/bIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFETl62aMfapkcrxJNVN+y5IRPDtZMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvUk9YclpveDlxbVJ5dkVrMVUzN0xraEU4TzFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUK74AwQC
Z1UgAwQByjpsMA0GCSqGSIb3DQEBCwUAA4IBAQBrm8IcJ/rSMY374qAXNBknFdTg
RwfaORb8VlXEPnboKTUxD7vdpD7E2WDniS/D8bvGrr6EZWJ2BWYCBo9CGDToPLNi
HLKRPQAx2UnSSGUlirdTAwN7N8PtBr3t0TCT1nqqYzmOZkFnuHYPbl6SRoVvbSn2
/qPBr1dnkgDcDLcTOL7YUiPIWziafznekfOC4HkkDUjoqgmMVEvFjbgGggXWITYn
1ItFi2nXarQ7ZOmHpp1s04EvsER/xS80TSDb4wbCf78vuB42fvNQrM8S9m2pi5x2
sHUlpEJsoTzGHBSdKDsydJ+mdowOhj8HYToiU7yv7z2WRj7ZElSvpKEU0G1D
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:49:53 2026 by rpki-client