Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/k1VkrYj71KlGDFGzEpJl8AHMPWc.roa
File: k1VkrYj71KlGDFGzEpJl8AHMPWc.roa (raw, json)
Hash identifier: gZkPpwxEzzZxWfr1nD5cROcpx5OzOWqvEYOhVqPkcH8=
Subject key identifier: 93:55:64:AD:88:FB:D4:A9:46:0C:51:B3:12:92:65:F0:01:CC:3D:67
Certificate issuer: /CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Certificate serial: 019CFBF47C637EDFE1F98A85C0F23A76E329
Authority key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/k1VkrYj71KlGDFGzEpJl8AHMPWc.roa
Signing time: Tue 17 Mar 2026 13:20:29 +0000
ROA not before: Tue 17 Mar 2026 13:20:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212772
IP address blocks: 45.156.136.0/22 maxlen: 24
46.243.228.0/22 maxlen: 24
92.255.56.0/24 maxlen: 24
92.255.68.0/22 maxlen: 24
92.255.84.0/24 maxlen: 24
94.140.14.0/23 maxlen: 24
176.103.128.0/22 maxlen: 24
185.113.28.0/22 maxlen: 24
217.72.12.0/22 maxlen: 24
2a10:50c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:fb:f4:7c:63:7e:df:e1:f9:8a:85:c0:f2:3a:76:e3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Validity
Not Before: Mar 17 13:20:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=935564ad88fbd4a9460c51b3129265f001cc3d67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:76:9f:9e:61:49:21:38:b0:83:e8:99:13:15:
6e:5c:9d:dd:10:5d:77:82:e9:78:26:3f:c8:bc:12:
05:10:8f:f4:a2:77:33:e9:12:6a:66:bf:ec:41:60:
fd:ff:7b:6f:a3:13:86:c1:d3:81:38:81:85:d8:a2:
a9:77:ec:26:e2:ad:77:05:f1:b7:e7:03:8e:29:ca:
1a:1c:d2:7e:3b:18:71:41:e1:40:b7:4f:d4:2a:7c:
f1:40:5a:43:ba:6e:23:8d:fb:05:5c:2f:f4:a0:20:
a2:b7:8a:92:42:93:15:fc:70:35:ba:44:a4:d1:3b:
b1:70:75:c8:fe:87:62:e5:dd:ff:3e:48:93:b7:5d:
82:56:12:6b:59:bb:0d:ef:5b:91:f8:a5:23:47:6d:
5f:a4:27:8c:a4:79:5d:1d:2b:4f:e6:16:be:1e:08:
89:cd:e9:e0:10:f0:e4:f4:2f:d1:fe:7f:b1:a7:53:
7d:f6:2c:9d:06:e5:c6:d7:d2:e7:b9:97:1c:6d:75:
87:64:37:db:2e:8f:23:e4:ee:91:5d:a4:5c:20:e4:
1d:07:26:8d:e5:aa:06:39:f5:e7:a2:c3:54:8b:af:
e5:be:c8:2a:a1:ed:da:28:0d:1e:ba:7f:f2:7e:e2:
d8:80:12:a7:51:e4:f7:cf:79:4c:54:7e:85:a8:9e:
cc:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:55:64:AD:88:FB:D4:A9:46:0C:51:B3:12:92:65:F0:01:CC:3D:67
X509v3 Authority Key Identifier:
keyid:54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/k1VkrYj71KlGDFGzEpJl8AHMPWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.136.0/22
46.243.228.0/22
92.255.56.0/24
92.255.68.0/22
92.255.84.0/24
94.140.14.0/23
176.103.128.0/22
185.113.28.0/22
217.72.12.0/22
IPv6:
2a10:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
58:70:28:f0:06:69:5e:98:3e:1b:82:41:b7:55:cd:e6:bd:83:
39:1a:09:aa:81:d5:70:84:9f:02:4c:90:35:31:af:32:c2:b1:
12:12:ec:d4:b7:29:88:02:15:f9:35:31:55:e7:2e:9c:31:61:
f0:08:de:78:e0:63:ab:59:97:89:6b:df:d0:4f:d8:b5:54:41:
d4:13:e5:a5:43:be:05:23:d3:ec:e0:b7:c1:90:d9:2a:07:95:
c5:23:f2:8a:0f:75:35:5f:cd:d6:e5:11:26:0c:c9:59:cd:89:
b6:73:8f:ce:fb:57:99:d2:cb:f5:dc:a2:d9:f4:d2:c1:db:db:
47:9f:45:9e:b4:d5:17:f0:fc:cc:80:8c:44:d9:59:f0:f7:5a:
be:fa:15:7a:13:6d:20:ce:e1:2a:e1:ed:53:a5:00:45:6e:87:
62:6a:c3:bf:02:66:11:be:77:af:dd:30:3a:30:57:fb:4e:27:
db:d3:69:f4:bd:6f:74:63:51:b5:4d:60:49:04:9d:3b:1d:a6:
ea:20:ec:ee:3f:ad:ee:5d:1b:f2:56:96:a1:07:a8:48:04:c3:
69:95:df:97:3c:45:f3:34:cb:ff:48:14:9a:90:39:8e:91:42:
7e:e6:a3:64:49:8e:0c:a5:f1:c7:52:9b:2d:83:84:e9:9f:ef:
a4:46:7b:18
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZz79Hxjft/h+YqFwPI6duMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzkxZGRlMmM5YmRlYTM2NmNlN2VjNmM1YTgwMGM1ZGE2
MzM0NTQwHhcNMjYwMzE3MTMyMDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzU1NjRhZDg4ZmJkNGE5NDYwYzUxYjMxMjkyNjVmMDAxY2MzZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXafnmFJITiwg+iZExVuXJ3dEF13
gul4Jj/IvBIFEI/0oncz6RJqZr/sQWD9/3tvoxOGwdOBOIGF2KKpd+wm4q13BfG3
5wOOKcoaHNJ+OxhxQeFAt0/UKnzxQFpDum4jjfsFXC/0oCCit4qSQpMV/HA1ukSk
0TuxcHXI/odi5d3/PkiTt12CVhJrWbsN71uR+KUjR21fpCeMpHldHStP5ha+HgiJ
zengEPDk9C/R/n+xp1N99iydBuXG19LnuZccbXWHZDfbLo8j5O6RXaRcIOQdByaN
5aoGOfXnosNUi6/lvsgqoe3aKA0eun/yfuLYgBKnUeT3z3lMVH6FqJ7M9wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJNVZK2I+9SpRgxRsxKSZfABzD1nMB8GA1UdIwQY
MBaAFFR5Hd4sm96jZs5+xsWoAMXaYzRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQt
MThiMzRiZWE5YjA2LzEvazFWa3JZajcxS2xHREZHekVwSmw4QUhNUFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQtMThiMzRiZWE5YjA2
LzEvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLZyIAwQC
LvPkAwQAXP84AwQCXP9EAwQAXP9UAwQBXowOAwQCsGeAAwQCuXEcAwQC2UgMMA0E
AgACMAcDBQAqEFDAMA0GCSqGSIb3DQEBCwUAA4IBAQBYcCjwBmlemD4bgkG3Vc3m
vYM5GgmqgdVwhJ8CTJA1Ma8ywrESEuzUtymIAhX5NTFV5y6cMWHwCN544GOrWZeJ
a9/QT9i1VEHUE+WlQ74FI9Ps4LfBkNkqB5XFI/KKD3U1X83W5REmDMlZzYm2c4/O
+1eZ0sv13KLZ9NLB29tHn0WetNUX8PzMgIxE2Vnw91q++hV6E20gzuEq4e1TpQBF
bodiasO/AmYRvnev3TA6MFf7Tifb02n0vW90Y1G1TWBJBJ07HabqIOzuP63uXRvy
VpahB6hIBMNpld+XPEXzNMv/SBSakDmOkUJ+5qNkSY4MpfHHUpstg4Tpn++kRnsY
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:15:32 2026 by rpki-client