Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4hte45akIRNL2vHKGJ9-NUNnqQ.roa
File: i4hte45akIRNL2vHKGJ9-NUNnqQ.roa (raw, json)
Hash identifier: 8LR1YPRoTVoRZsbGgXKnK5UISLltqPFobCnS2GQcoBU=
Subject key identifier: 8B:88:6D:7B:8E:5A:90:84:4D:2F:6B:C7:28:62:7D:F8:D5:0D:9E:A4
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019CED18799F2E5201C41A4A3009F743B44C
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4hte45akIRNL2vHKGJ9-NUNnqQ.roa
Signing time: Sat 14 Mar 2026 16:05:29 +0000
ROA not before: Sat 14 Mar 2026 16:05:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3216
IP address blocks: 130.49.217.0/24 maxlen: 24
2a09:3801::/32 maxlen: 32
2a10:d8c0::/32 maxlen: 32
2a11:b85::/32 maxlen: 32
2a12:7c07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ed:18:79:9f:2e:52:01:c4:1a:4a:30:09:f7:43:b4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Mar 14 16:05:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b886d7b8e5a90844d2f6bc728627df8d50d9ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:71:62:77:d6:71:68:b1:94:07:97:f3:23:76:
c4:a3:04:d0:6b:6b:72:e3:e0:7a:1a:2f:49:6d:c5:
f4:65:02:92:b7:81:3c:74:ea:c7:ca:18:12:a1:b3:
99:ca:29:51:42:0b:5d:82:41:0c:a9:9b:cf:b3:e8:
3a:b8:5c:2e:25:d0:1b:06:46:d0:48:0d:53:e9:94:
b2:33:c9:94:7e:b9:d5:62:bc:4b:a7:b8:d0:dd:c3:
7d:75:ef:c9:44:66:5e:5c:36:99:8f:fd:16:42:ec:
6f:d8:eb:56:f7:55:28:47:cf:68:88:1b:b7:e5:82:
79:ea:19:1d:98:6a:11:ff:3e:5a:a0:ff:3c:80:9a:
8f:00:58:bf:ba:0a:47:08:e3:81:77:ef:92:8c:e4:
ab:c8:a2:bd:37:4e:b6:13:6b:b4:90:8a:2a:a6:31:
98:ce:aa:33:c6:d8:6b:61:03:88:fc:b5:fe:4a:ae:
2d:9d:6f:13:32:38:23:2a:ce:1e:0c:be:9b:97:52:
13:2b:fb:91:c2:56:c8:d0:cc:45:65:a1:dd:83:72:
7f:6e:7c:78:32:3c:d5:86:d8:7b:eb:ca:c8:c4:d9:
c9:06:8c:b3:c3:4c:c9:62:e5:b8:a8:d5:86:94:b2:
a9:66:0f:83:8b:f8:06:cd:dc:8e:00:97:20:10:78:
73:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:88:6D:7B:8E:5A:90:84:4D:2F:6B:C7:28:62:7D:F8:D5:0D:9E:A4
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/i4hte45akIRNL2vHKGJ9-NUNnqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.49.217.0/24
IPv6:
2a09:3801::/32
2a10:d8c0::/32
2a11:b85::/32
2a12:7c07::/32
Signature Algorithm: sha256WithRSAEncryption
a9:5c:98:d5:25:11:fe:31:e2:d4:6d:4c:4b:f7:6b:90:f3:3d:
13:43:a5:77:80:53:47:bc:e3:74:30:f8:0b:5b:a8:50:18:60:
3b:52:ce:18:09:5e:96:76:3f:2d:5e:d3:e3:65:e5:61:b1:92:
5f:85:bb:f8:30:ad:87:83:1a:ba:23:b8:33:8e:10:82:03:1b:
f5:22:2c:81:03:04:0f:68:90:14:be:13:5d:48:b0:00:3b:0c:
6e:75:13:90:16:94:9a:fe:1c:60:f0:61:a8:4a:b2:ae:db:80:
c2:bb:37:fb:23:27:c2:e1:98:a7:a1:a5:99:f5:76:9a:95:d1:
81:f8:5c:d9:be:27:ff:88:10:bc:b6:9e:3d:38:08:bc:df:71:
d2:71:7b:e3:ab:30:3a:68:07:39:f9:d9:56:a8:9d:31:32:18:
19:48:d3:ab:ef:33:28:4b:70:5f:15:ab:24:75:b4:80:9e:3c:
4f:83:93:61:9d:6f:9e:bd:c4:77:ec:79:87:46:2e:53:12:e5:
08:dd:45:b2:44:34:d4:8c:fd:9a:b7:7b:fc:6a:55:9f:10:fb:
d6:22:c4:d5:42:a6:32:3f:8c:e8:2c:0b:14:0f:7a:28:13:90:
89:17:70:3f:da:bc:51:be:3c:e2:15:68:20:2f:0a:9a:d5:d1:
1b:8f:3f:f1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZztGHmfLlIBxBpKMAn3Q7RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjYwMzE0MTYwNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjg4NmQ3YjhlNWE5MDg0NGQyZjZiYzcyODYyN2RmOGQ1MGQ5ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXFid9ZxaLGUB5fzI3bEowTQa2ty
4+B6Gi9JbcX0ZQKSt4E8dOrHyhgSobOZyilRQgtdgkEMqZvPs+g6uFwuJdAbBkbQ
SA1T6ZSyM8mUfrnVYrxLp7jQ3cN9de/JRGZeXDaZj/0WQuxv2OtW91UoR89oiBu3
5YJ56hkdmGoR/z5aoP88gJqPAFi/ugpHCOOBd++SjOSryKK9N062E2u0kIoqpjGY
zqozxthrYQOI/LX+Sq4tnW8TMjgjKs4eDL6bl1ITK/uRwlbI0MxFZaHdg3J/bnx4
MjzVhth768rIxNnJBoyzw0zJYuW4qNWGlLKpZg+Di/gGzdyOAJcgEHhzXQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIuIbXuOWpCETS9rxyhiffjVDZ6kMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvaTRodGU0NWFrSVJOTDJ2SEtHSjktTlVObnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAgjHZMCIE
AgACMBwDBQAqCTgBAwUAKhDYwAMFACoRC4UDBQAqEnwHMA0GCSqGSIb3DQEBCwUA
A4IBAQCpXJjVJRH+MeLUbUxL92uQ8z0TQ6V3gFNHvON0MPgLW6hQGGA7Us4YCV6W
dj8tXtPjZeVhsZJfhbv4MK2Hgxq6I7gzjhCCAxv1IiyBAwQPaJAUvhNdSLAAOwxu
dROQFpSa/hxg8GGoSrKu24DCuzf7IyfC4ZinoaWZ9XaaldGB+FzZvif/iBC8tp49
OAi833HScXvjqzA6aAc5+dlWqJ0xMhgZSNOr7zMoS3BfFaskdbSAnjxPg5NhnW+e
vcR37HmHRi5TEuUI3UWyRDTUjP2at3v8alWfEPvWIsTVQqYyP4zoLAsUD3ooE5CJ
F3A/2rxRvjziFWggLwqa1dEbjz/x
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:35:17 2026 by rpki-client