Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/fhjiPT2anJIeG6_EcUfpiClL8vY.roa
File: fhjiPT2anJIeG6_EcUfpiClL8vY.roa (raw, json)
Hash identifier: Q/zM0rv6/hH9pojseIfbtnQXW7H51tDnv9UAHPk6c9g=
Subject key identifier: 7E:18:E2:3D:3D:9A:9C:92:1E:1B:AF:C4:71:47:E9:88:29:4B:F2:F6
Certificate issuer: /CN=1c2cf57271c2b8f04baa7e63a9b8103d5203d7f8
Certificate serial: 019D1F62C136C242C155434A8CC649529BB9
Authority key identifier: 1C:2C:F5:72:71:C2:B8:F0:4B:AA:7E:63:A9:B8:10:3D:52:03:D7:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCz1cnHCuPBLqn5jqbgQPVID1_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/fhjiPT2anJIeG6_EcUfpiClL8vY.roa
Signing time: Tue 24 Mar 2026 10:27:38 +0000
ROA not before: Tue 24 Mar 2026 10:27:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206496
IP address blocks: 45.15.32.0/24 maxlen: 24
45.15.33.0/24 maxlen: 24
45.15.34.0/24 maxlen: 24
185.185.66.0/24 maxlen: 24
185.185.67.0/24 maxlen: 24
185.198.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/HCz1cnHCuPBLqn5jqbgQPVID1_g.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/HCz1cnHCuPBLqn5jqbgQPVID1_g.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCz1cnHCuPBLqn5jqbgQPVID1_g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:62:c1:36:c2:42:c1:55:43:4a:8c:c6:49:52:9b:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c2cf57271c2b8f04baa7e63a9b8103d5203d7f8
Validity
Not Before: Mar 24 10:27:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7e18e23d3d9a9c921e1bafc47147e988294bf2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ba:30:94:f9:9b:04:91:34:2a:34:63:b4:34:
25:95:10:fd:a4:80:27:2e:72:1a:ba:89:64:7b:e5:
01:d1:60:1b:58:4d:1c:b7:9d:82:36:3d:21:8b:0d:
55:d7:fa:40:04:c8:fb:6d:0f:c4:7a:57:ae:35:70:
bc:de:99:06:f1:b2:96:50:d4:af:36:64:1b:6b:c3:
3f:61:0c:40:05:16:89:cc:7f:1a:07:d3:c4:9d:9b:
d8:f1:6a:ad:70:78:ad:7b:cb:27:14:13:71:6b:cf:
bd:ac:a3:dd:d9:00:95:22:86:33:10:69:c9:99:0d:
06:35:64:07:6b:cd:1f:f8:9f:22:8e:0e:1f:75:7c:
04:47:d7:58:3c:26:64:98:9f:7b:69:f4:74:f5:fa:
d5:a9:fc:80:ac:64:73:91:70:b6:8c:73:e1:27:83:
9c:dd:69:2b:24:20:43:27:42:0b:32:ad:75:85:d6:
fa:23:50:ec:b5:1d:d9:e0:45:05:3a:9c:29:95:b0:
db:21:7a:4a:ac:ac:49:26:72:90:71:16:7e:63:ac:
bf:9f:59:68:dc:12:ce:ef:4a:7d:42:4c:89:6d:2d:
d7:e6:b3:bd:a6:4c:95:c1:77:51:00:fc:f2:9c:4e:
15:7f:a3:9c:2d:b4:45:25:e7:fa:fe:97:f8:36:4e:
72:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:18:E2:3D:3D:9A:9C:92:1E:1B:AF:C4:71:47:E9:88:29:4B:F2:F6
X509v3 Authority Key Identifier:
keyid:1C:2C:F5:72:71:C2:B8:F0:4B:AA:7E:63:A9:B8:10:3D:52:03:D7:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCz1cnHCuPBLqn5jqbgQPVID1_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/fhjiPT2anJIeG6_EcUfpiClL8vY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/5abc92-f55a-4548-9a00-5b4536a79e82/1/HCz1cnHCuPBLqn5jqbgQPVID1_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.32.0-45.15.34.255
185.185.66.0/23
185.198.14.0/24
Signature Algorithm: sha256WithRSAEncryption
80:a0:aa:57:bb:3e:94:bf:3e:d7:08:b9:9d:c9:b8:04:ba:20:
b9:92:55:9c:2c:d0:93:9c:d3:25:18:16:db:7f:3d:7e:58:7c:
4d:b8:e2:50:ed:2b:d6:95:e5:c9:d3:fd:79:c6:7d:26:68:7b:
11:55:6c:86:37:05:e4:20:ae:4a:6a:a8:25:cc:be:9b:71:e5:
7c:45:23:26:b8:9a:77:28:04:2e:8a:7a:6e:d2:9b:c7:fb:55:
40:17:7b:45:f8:a6:f3:57:ad:c6:5c:44:42:0b:91:cc:3d:d4:
a8:02:17:c8:6e:c0:53:ca:fe:94:ea:24:20:b2:62:e7:75:7c:
fc:79:25:9f:f3:51:66:c4:cb:7f:48:c3:7f:34:03:ac:e4:b2:
bc:53:fd:56:f8:cc:6c:3c:25:3e:d6:5d:7c:0f:ec:1d:db:4a:
5b:97:4f:08:23:4c:aa:f4:62:ab:68:c9:a2:52:0f:f4:20:f0:
fe:f7:3a:0c:bc:22:57:cf:b9:eb:12:e4:64:9a:99:32:e7:b9:
2d:a7:6e:87:87:6e:92:0d:c8:2d:d8:99:ff:c1:14:1a:1d:f1:
24:e8:e3:5a:42:98:fa:71:1b:c1:1b:78:06:c8:5f:84:33:39:
17:29:53:11:cd:3c:0c:67:98:2a:c7:84:66:dc:69:e2:c1:ab:
d0:db:7e:8a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ0fYsE2wkLBVUNKjMZJUpu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMmNmNTcyNzFjMmI4ZjA0YmFhN2U2M2E5YjgxMDNkNTIw
M2Q3ZjgwHhcNMjYwMzI0MTAyNzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTE4ZTIzZDNkOWE5YzkyMWUxYmFmYzQ3MTQ3ZTk4ODI5NGJmMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLowlPmbBJE0KjRjtDQllRD9pIAn
LnIauolke+UB0WAbWE0ct52CNj0hiw1V1/pABMj7bQ/EeleuNXC83pkG8bKWUNSv
NmQba8M/YQxABRaJzH8aB9PEnZvY8WqtcHite8snFBNxa8+9rKPd2QCVIoYzEGnJ
mQ0GNWQHa80f+J8ijg4fdXwER9dYPCZkmJ97afR09frVqfyArGRzkXC2jHPhJ4Oc
3WkrJCBDJ0ILMq11hdb6I1DstR3Z4EUFOpwplbDbIXpKrKxJJnKQcRZ+Y6y/n1lo
3BLO70p9QkyJbS3X5rO9pkyVwXdRAPzynE4Vf6OcLbRFJef6/pf4Nk5yeQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFH4Y4j09mpySHhuvxHFH6YgpS/L2MB8GA1UdIwQY
MBaAFBws9XJxwrjwS6p+Y6m4ED1SA9f4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEN6MWNuSEN1UEJMcW41anFiZ1FQVklEMV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81YWJjOTItZjU1YS00NTQ4LTlhMDAt
NWI0NTM2YTc5ZTgyLzEvZmhqaVBUMmFuSkllRzZfRWNVZnBpQ2xMOHZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81YWJjOTItZjU1YS00NTQ4LTlhMDAtNWI0NTM2YTc5ZTgy
LzEvSEN6MWNuSEN1UEJMcW41anFiZ1FQVklEMV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAUtDyAD
BAAtDyIDBAG5uUIDBAC5xg4wDQYJKoZIhvcNAQELBQADggEBAICgqle7PpS/PtcI
uZ3JuAS6ILmSVZws0JOc0yUYFtt/PX5YfE244lDtK9aV5cnT/XnGfSZoexFVbIY3
BeQgrkpqqCXMvptx5XxFIya4mncoBC6Kem7Sm8f7VUAXe0X4pvNXrcZcREILkcw9
1KgCF8huwFPK/pTqJCCyYud1fPx5JZ/zUWbEy39Iw380A6zksrxT/Vb4zGw8JT7W
XXwP7B3bSluXTwgjTKr0YqtoyaJSD/Qg8P73Ogy8IlfPuesS5GSamTLnuS2nboeH
bpINyC3Ymf/BFBod8STo41pCmPpxG8EbeAbIX4QzORcpUxHNPAxnmCrHhGbcaeLB
q9Dbfoo=
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:11:36 2026 by rpki-client