Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/4VwJdoFC3PwR_Sdn4ycYHAn4p5E.roa
File: 4VwJdoFC3PwR_Sdn4ycYHAn4p5E.roa (raw, json)
Hash identifier: y7pqmEtnVn2xHKb97Tp8IWQb6s7nlIbkBWk3fCeoPW4=
Subject key identifier: E1:5C:09:76:81:42:DC:FC:11:FD:27:67:E3:27:18:1C:09:F8:A7:91
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 019CDCE5C38EEFA11D35EABF6F2A3F08F5A5
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/4VwJdoFC3PwR_Sdn4ycYHAn4p5E.roa
Signing time: Wed 11 Mar 2026 12:36:11 +0000
ROA not before: Wed 11 Mar 2026 12:36:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216192
IP address blocks: 85.159.89.0/24 maxlen: 24
188.125.161.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
194.177.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft
rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:e5:c3:8e:ef:a1:1d:35:ea:bf:6f:2a:3f:08:f5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Mar 11 12:36:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e15c09768142dcfc11fd2767e327181c09f8a791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f6:b7:6e:60:83:ee:fb:3b:cd:8c:53:47:94:
c1:1f:b7:4b:41:57:83:97:05:4d:d2:d0:82:e1:c9:
5a:69:0a:ab:e4:50:46:8a:25:0d:25:ad:e0:13:cb:
05:32:dc:8f:b2:ed:bd:6c:08:57:63:3d:20:bb:87:
d3:69:b8:b5:42:3e:28:c5:6f:63:cb:74:91:37:c6:
0e:0b:84:b8:c5:6e:58:db:09:0a:bd:dc:5c:c4:42:
e6:db:04:aa:e5:22:46:d4:77:db:96:83:5c:1f:51:
0d:86:4b:31:23:1e:52:ec:e5:4f:c1:a6:f2:94:ab:
74:e3:fa:fd:7c:cf:06:50:d8:2b:61:01:f2:75:c6:
85:fd:f0:73:fd:e3:db:a0:9a:e8:4e:d9:d9:78:33:
ea:1d:47:a8:71:19:33:e7:ef:56:6c:a7:0d:5a:3c:
25:a9:77:ca:ba:bc:29:1c:e0:5d:a8:46:8f:01:b1:
93:c0:dd:bf:c1:d5:e4:2d:e4:f4:9c:a7:be:7b:e5:
32:29:c9:78:38:38:ac:e2:ab:9e:fa:f8:fd:cd:a3:
8c:22:7f:c2:58:f6:02:67:ab:34:bd:55:27:7b:8d:
fc:49:9b:5b:f4:72:9f:fa:0f:94:b1:10:f8:aa:f5:
1c:a0:58:08:f5:23:5c:c5:ad:5f:d3:27:66:06:76:
b1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:5C:09:76:81:42:DC:FC:11:FD:27:67:E3:27:18:1C:09:F8:A7:91
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/4VwJdoFC3PwR_Sdn4ycYHAn4p5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.159.89.0/24
188.125.161.0/24
188.125.165.0/24
188.125.167.0/24
188.125.174.0/24
194.177.14.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a0:d1:ee:fa:83:c2:3d:d9:a5:f6:26:c2:ab:8c:ab:72:78:
58:da:02:36:75:e1:20:1f:d4:80:95:cf:e2:65:14:27:db:9c:
62:55:8d:ab:4a:7f:c8:15:d8:05:bc:00:87:6d:ca:b4:c0:b8:
ec:76:a9:14:57:99:5f:d3:87:dc:a6:e7:02:3d:cb:05:27:84:
1f:04:37:15:f3:cf:db:2b:52:8e:92:6b:1e:91:1f:91:4c:50:
0e:a2:3d:68:44:a1:44:47:84:db:3f:86:58:0e:22:89:d2:1c:
67:93:82:ce:06:6a:fe:a7:1a:e7:3d:44:1e:55:3d:de:d3:8f:
d8:7a:46:a2:a6:bf:a0:23:b8:1f:fc:17:d2:1f:a8:92:5c:95:
6f:68:68:02:9f:05:a8:89:38:cf:4b:ec:32:70:bb:32:5b:bb:
be:99:cc:eb:74:92:db:94:8a:b9:74:bf:cb:64:6d:0d:3e:0d:
0d:e6:14:7c:04:2d:2c:39:c4:68:38:6f:69:c0:a5:b3:7f:5c:
fa:40:31:47:6f:c8:9a:d0:26:57:c2:1e:b5:fc:1b:4f:a0:a5:
8d:88:3e:3a:4d:c7:f2:d5:c5:13:04:3b:73:55:06:c3:b1:24:
8c:58:1b:18:62:32:79:00:ec:39:98:d1:1a:c0:1b:74:d8:e9:
28:cf:af:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZzc5cOO76EdNeq/byo/CPWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjYwMzExMTIzNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTVjMDk3NjgxNDJkY2ZjMTFmZDI3NjdlMzI3MTgxYzA5ZjhhNzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2va3bmCD7vs7zYxTR5TBH7dLQVeD
lwVN0tCC4claaQqr5FBGiiUNJa3gE8sFMtyPsu29bAhXYz0gu4fTabi1Qj4oxW9j
y3SRN8YOC4S4xW5Y2wkKvdxcxELm2wSq5SJG1HfbloNcH1ENhksxIx5S7OVPwaby
lKt04/r9fM8GUNgrYQHydcaF/fBz/ePboJroTtnZeDPqHUeocRkz5+9WbKcNWjwl
qXfKurwpHOBdqEaPAbGTwN2/wdXkLeT0nKe+e+UyKcl4ODis4que+vj9zaOMIn/C
WPYCZ6s0vVUne438SZtb9HKf+g+UsRD4qvUcoFgI9SNcxa1f0ydmBnax/QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOFcCXaBQtz8Ef0nZ+MnGBwJ+KeRMB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvNFZ3SmRvRkMzUHdSX1NkbjR5Y1lIQW40cDVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVZ9ZAwQA
vH2hAwQAvH2lAwQAvH2nAwQAvH2uAwQAwrEOMA0GCSqGSIb3DQEBCwUAA4IBAQBV
oNHu+oPCPdml9ibCq4yrcnhY2gI2deEgH9SAlc/iZRQn25xiVY2rSn/IFdgFvACH
bcq0wLjsdqkUV5lf04fcpucCPcsFJ4QfBDcV88/bK1KOkmsekR+RTFAOoj1oRKFE
R4TbP4ZYDiKJ0hxnk4LOBmr+pxrnPUQeVT3e04/Yekaipr+gI7gf/BfSH6iSXJVv
aGgCnwWoiTjPS+wycLsyW7u+mczrdJLblIq5dL/LZG0NPg0N5hR8BC0sOcRoOG9p
wKWzf1z6QDFHb8ia0CZXwh61/BtPoKWNiD46Tcfy1cUTBDtzVQbDsSSMWBsYYjJ5
AOw5mNEawBt02Okoz69M
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:11:38 2026 by rpki-client