Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HA4YIcUU63TFts8i_e7tvMIeX6A.roa
File: HA4YIcUU63TFts8i_e7tvMIeX6A.roa (raw, json)
Hash identifier: vl5at1zrSxqDAUdgFkGBuGbi2tXRaOOdZ7qA+I4aR8w=
Subject key identifier: 1C:0E:18:21:C5:14:EB:74:C5:B6:CF:22:FD:EE:ED:BC:C2:1E:5F:A0
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019DF3594F64041A1AC197890E220919E0F9
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HA4YIcUU63TFts8i_e7tvMIeX6A.roa
Signing time: Mon 04 May 2026 14:16:49 +0000
ROA not before: Mon 04 May 2026 14:16:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
64.137.51.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.239.15.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:59:4f:64:04:1a:1a:c1:97:89:0e:22:09:19:e0:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: May 4 14:16:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1c0e1821c514eb74c5b6cf22fdeeedbcc21e5fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1f:da:39:f4:a9:2e:ad:9a:ce:d8:fa:82:91:
13:54:ba:28:07:9e:c9:93:28:5d:0c:56:cb:ed:f9:
91:23:7b:bc:b3:3f:73:2f:a3:cb:1f:68:52:1a:52:
1c:20:f7:71:bb:ff:04:ba:e3:a0:ac:a4:bf:50:53:
6c:34:d5:74:ea:17:56:c0:26:cd:3a:09:0d:56:80:
20:1d:d1:32:e7:9c:0b:94:d0:5e:76:99:1b:4f:4c:
a3:1c:52:d0:94:35:84:3a:15:40:40:1b:bc:72:0c:
5d:79:29:8d:e0:8d:87:5c:40:39:d7:82:a8:63:44:
03:f5:b8:da:79:6d:14:06:6d:8d:00:4f:4b:b3:f1:
74:27:bb:84:79:1b:13:23:fe:cf:17:e7:1b:0d:7e:
46:44:26:e5:e3:01:32:cd:e1:f8:07:d2:aa:05:d6:
f1:3b:e1:d7:4d:5f:83:fc:63:16:6c:cf:0f:9b:82:
61:3e:1c:16:4c:35:7c:da:8a:58:7f:61:4a:51:20:
a1:d4:15:b0:3d:df:e6:a1:3b:b9:80:75:44:72:ea:
47:d5:c8:88:c8:3b:1a:9a:b3:2b:9d:20:5f:db:8b:
25:4f:d6:96:dd:c8:e7:dc:66:96:9c:a6:b1:53:a4:
30:98:4c:0b:60:a8:6b:3b:c5:69:57:00:fb:bf:61:
d8:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:0E:18:21:C5:14:EB:74:C5:B6:CF:22:FD:EE:ED:BC:C2:1E:5F:A0
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/HA4YIcUU63TFts8i_e7tvMIeX6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
64.137.51.0/24
104.238.29.0/24
104.239.15.0/24
204.52.112.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:18:79:6e:2e:c4:09:2f:9e:7d:a2:5c:6f:80:95:2a:84:d6:
c6:f5:dc:51:a9:c0:0e:4f:bf:4c:ee:af:b1:d5:4f:61:54:97:
ce:85:b7:47:09:b8:06:49:d7:9e:dc:fb:56:b4:2e:a9:33:e9:
82:71:7c:27:95:12:d1:ac:86:40:97:d1:42:04:6b:70:c1:b3:
8b:54:dd:68:ad:47:f2:2e:11:c6:40:79:24:ab:15:a6:29:a9:
cc:74:ef:dd:60:fa:6d:67:7e:4f:df:0d:58:17:65:20:cd:0f:
a9:b1:65:93:ce:b0:67:88:d2:2d:36:46:dc:1a:e0:68:84:4a:
64:17:a6:98:59:6f:c8:b5:1c:b7:76:b2:40:66:e7:bc:12:f4:
1c:08:3d:71:e0:a1:18:4a:9c:87:1e:90:ae:32:b1:25:c9:51:
b7:0b:1e:b4:b4:b6:f2:28:9b:c6:23:9e:45:95:02:65:60:b1:
a9:f6:4b:08:e5:c6:ea:ad:69:0f:1e:0b:61:15:7c:4e:e7:a5:
23:e7:c3:69:7f:80:40:43:19:63:ea:d8:de:a9:6e:3e:b4:ff:
6b:5b:f7:e4:e2:13:94:52:5e:f1:31:fe:45:81:0e:47:de:f5:
a4:5f:b9:34:38:c7:7e:f8:21:ce:2c:21:75:05:5a:9f:12:07:
27:33:51:00
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3zWU9kBBoawZeJDiIJGeD5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjYwNTA0MTQxNjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzBlMTgyMWM1MTRlYjc0YzViNmNmMjJmZGVlZWRiY2MyMWU1ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwh/aOfSpLq2aztj6gpETVLooB57J
kyhdDFbL7fmRI3u8sz9zL6PLH2hSGlIcIPdxu/8EuuOgrKS/UFNsNNV06hdWwCbN
OgkNVoAgHdEy55wLlNBedpkbT0yjHFLQlDWEOhVAQBu8cgxdeSmN4I2HXEA514Ko
Y0QD9bjaeW0UBm2NAE9Ls/F0J7uEeRsTI/7PF+cbDX5GRCbl4wEyzeH4B9KqBdbx
O+HXTV+D/GMWbM8Pm4JhPhwWTDV82opYf2FKUSCh1BWwPd/moTu5gHVEcupH1ciI
yDsamrMrnSBf24slT9aW3cjn3GaWnKaxU6QwmEwLYKhrO8VpVwD7v2HYewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBwOGCHFFOt0xbbPIv3u7bzCHl+gMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvSEE0WUljVVU2M1RGdHM4aV9lN3R2TUllWDZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALSulAwQA
QIkzAwQAaO4dAwQAaO8PAwQAzDRwMA0GCSqGSIb3DQEBCwUAA4IBAQAcGHluLsQJ
L559olxvgJUqhNbG9dxRqcAOT79M7q+x1U9hVJfOhbdHCbgGSdee3PtWtC6pM+mC
cXwnlRLRrIZAl9FCBGtwwbOLVN1orUfyLhHGQHkkqxWmKanMdO/dYPptZ35P3w1Y
F2UgzQ+psWWTzrBniNItNkbcGuBohEpkF6aYWW/ItRy3drJAZue8EvQcCD1x4KEY
SpyHHpCuMrElyVG3Cx60tLbyKJvGI55FlQJlYLGp9ksI5cbqrWkPHgthFXxO56Uj
58Npf4BAQxlj6tjeqW4+tP9rW/fk4hOUUl7xMf5FgQ5H3vWkX7k0OMd++CHOLCF1
BVqfEgcnM1EA
-----END CERTIFICATE-----
Generated at Wed May 13 03:48:59 2026 by rpki-client