Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/4RgBaK8YPgKkMdveuvow-2RHMMI.roa
File: 4RgBaK8YPgKkMdveuvow-2RHMMI.roa (raw, json)
Hash identifier: 9a6LE0xEyW//ahAMtQkB4FLm+3fX6uAlfJoQovqPyzg=
Subject key identifier: E1:18:01:68:AF:18:3E:02:A4:31:DB:DE:BA:FA:30:FB:64:47:30:C2
Certificate issuer: /CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Certificate serial: 019D1A255E01EAC65EC162E2EA7AD02FDD0E
Authority key identifier: 55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/4RgBaK8YPgKkMdveuvow-2RHMMI.roa
Signing time: Mon 23 Mar 2026 10:02:29 +0000
ROA not before: Mon 23 Mar 2026 10:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 83.147.194.0/24 maxlen: 24
83.147.222.0/24 maxlen: 24
83.147.232.0/22 maxlen: 22
83.147.240.0/23 maxlen: 24
83.147.242.0/23 maxlen: 24
91.186.208.0/23 maxlen: 24
91.186.210.0/23 maxlen: 24
178.253.16.0/24 maxlen: 24
178.253.38.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:25:5e:01:ea:c6:5e:c1:62:e2:ea:7a:d0:2f:dd:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55baf26967510b3c52e46d1dc593967cdf29f9c9
Validity
Not Before: Mar 23 10:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e1180168af183e02a431dbdebafa30fb644730c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:23:24:e5:e1:98:76:85:ea:ed:d7:85:09:b7:
45:42:c3:64:74:39:f0:4d:bd:b5:68:96:0b:29:e7:
7e:ae:d6:0b:b0:4b:13:47:85:92:f1:43:7b:a8:0d:
b3:7e:84:96:9a:e1:48:8e:9d:78:56:49:2a:04:98:
e3:59:f9:3c:0c:66:7d:f2:f8:dd:cc:23:84:4d:b2:
05:b6:de:12:ab:94:1e:4e:07:dd:6e:77:6e:87:0e:
78:6d:8b:2f:75:2d:8a:99:f7:27:a3:a7:38:6b:75:
f6:f9:99:ab:09:e8:ad:bc:92:a3:8e:90:6c:35:ba:
f7:ce:68:04:e1:d4:26:d4:1d:89:8c:c8:0d:e6:df:
1b:1b:74:50:dc:34:77:3a:c8:1a:77:85:81:f9:23:
00:a3:be:a4:48:2d:4d:de:e0:44:1f:e5:55:38:81:
95:f9:f4:3a:0f:8d:30:cf:df:13:eb:c4:ee:c8:e5:
5d:bd:42:d9:e1:af:97:5d:a3:2c:75:88:7e:0c:47:
e4:07:c7:aa:ba:19:48:5e:6f:10:23:41:35:22:26:
58:b3:68:37:95:9e:39:48:b8:b8:cd:52:8b:db:51:
61:a8:18:a1:d1:2a:4f:36:3b:72:82:9d:e5:18:1b:
00:68:4a:b3:5b:be:5c:ca:e2:7e:c8:1c:29:3a:dc:
25:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:18:01:68:AF:18:3E:02:A4:31:DB:DE:BA:FA:30:FB:64:47:30:C2
X509v3 Authority Key Identifier:
keyid:55:BA:F2:69:67:51:0B:3C:52:E4:6D:1D:C5:93:96:7C:DF:29:F9:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VbryaWdRCzxS5G0dxZOWfN8p-ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/4RgBaK8YPgKkMdveuvow-2RHMMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/5aa4dc-d184-4db4-9e10-49f981ee5981/1/VbryaWdRCzxS5G0dxZOWfN8p-ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.194.0/24
83.147.222.0/24
83.147.232.0/22
83.147.240.0/22
91.186.208.0/22
178.253.16.0/24
178.253.38.0/23
Signature Algorithm: sha256WithRSAEncryption
ba:88:c9:96:8a:93:d3:fd:45:d8:07:93:20:bd:37:9e:cc:78:
89:a1:1e:33:44:bc:47:06:cf:6f:1a:07:ba:bf:00:fc:09:2c:
b1:ec:2d:7e:5f:e2:e6:da:66:79:21:a9:14:db:51:78:87:ad:
97:a9:37:28:db:95:fa:a2:cc:6a:72:aa:09:84:11:02:f6:ac:
df:54:78:49:ac:a0:fa:e0:1c:d0:8f:6b:92:87:d9:4c:97:3a:
8b:d6:3a:9b:ff:40:4e:cd:54:e1:f9:5f:0f:8e:c5:14:5d:aa:
13:2d:e8:3d:b3:3b:c8:3f:6c:fc:62:b6:d4:21:7a:f3:51:2a:
f9:ac:af:ee:05:9c:a4:d7:de:d4:18:a5:7d:64:5f:60:d7:f1:
d3:2b:c5:45:bd:66:95:f2:40:15:c8:f4:c7:f2:3b:12:6a:c6:
8c:52:98:40:cd:c0:1e:c9:c1:f7:61:fe:8d:61:21:35:4b:46:
68:c3:c6:92:bd:22:3e:54:db:2f:d3:d1:d0:fd:25:ec:0e:fb:
0a:36:52:c5:a5:91:90:99:07:f1:08:9a:bc:3f:e2:2d:2a:c5:
0a:19:9d:2c:7c:da:1e:89:cf:b8:3e:a7:35:96:93:b9:97:e3:
11:07:e5:69:07:95:f9:2e:c5:7b:16:62:1f:2c:fa:e0:03:a4:
5d:9a:63:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ0aJV4B6sZewWLi6nrQL90OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1YmFmMjY5Njc1MTBiM2M1MmU0NmQxZGM1OTM5NjdjZGYy
OWY5YzkwHhcNMjYwMzIzMTAwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTE4MDE2OGFmMTgzZTAyYTQzMWRiZGViYWZhMzBmYjY0NDczMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkiMk5eGYdoXq7deFCbdFQsNkdDnw
Tb21aJYLKed+rtYLsEsTR4WS8UN7qA2zfoSWmuFIjp14VkkqBJjjWfk8DGZ98vjd
zCOETbIFtt4Sq5QeTgfdbnduhw54bYsvdS2Kmfcno6c4a3X2+ZmrCeitvJKjjpBs
Nbr3zmgE4dQm1B2JjMgN5t8bG3RQ3DR3Osgad4WB+SMAo76kSC1N3uBEH+VVOIGV
+fQ6D40wz98T68TuyOVdvULZ4a+XXaMsdYh+DEfkB8equhlIXm8QI0E1IiZYs2g3
lZ45SLi4zVKL21FhqBih0SpPNjtygp3lGBsAaEqzW75cyuJ+yBwpOtwlzwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOEYAWivGD4CpDHb3rr6MPtkRzDCMB8GA1UdIwQY
MBaAFFW68mlnUQs8UuRtHcWTlnzfKfnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAt
NDlmOTgxZWU1OTgxLzEvNFJnQmFLOFlQZ0trTWR2ZXV2b3ctMlJITU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS81YWE0ZGMtZDE4NC00ZGI0LTllMTAtNDlmOTgxZWU1OTgx
LzEvVmJyeWFXZFJDenhTNUcwZHhaT1dmTjhwLWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAU5PCAwQA
U5PeAwQCU5PoAwQCU5PwAwQCW7rQAwQAsv0QAwQBsv0mMA0GCSqGSIb3DQEBCwUA
A4IBAQC6iMmWipPT/UXYB5MgvTeezHiJoR4zRLxHBs9vGge6vwD8CSyx7C1+X+Lm
2mZ5IakU21F4h62XqTco25X6osxqcqoJhBEC9qzfVHhJrKD64BzQj2uSh9lMlzqL
1jqb/0BOzVTh+V8PjsUUXaoTLeg9szvIP2z8YrbUIXrzUSr5rK/uBZyk197UGKV9
ZF9g1/HTK8VFvWaV8kAVyPTH8jsSasaMUphAzcAeycH3Yf6NYSE1S0Zow8aSvSI+
VNsv09HQ/SXsDvsKNlLFpZGQmQfxCJq8P+ItKsUKGZ0sfNoeic+4Pqc1lpO5l+MR
B+VpB5X5LsV7FmIfLPrgA6RdmmN3
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:46:53 2026 by rpki-client