Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ALY9AfGtGBlh2ZtNjFQJwjREWc.roa
File: 0ALY9AfGtGBlh2ZtNjFQJwjREWc.roa (raw, json)
Hash identifier: bO30F2nbz7GrdNni2y6x5DfJFkL3QObYN7GpyuDnmZs=
Subject key identifier: D0:02:D8:F4:07:C6:B4:60:65:87:66:6D:36:31:50:27:08:D1:11:67
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D061BAD4B136D57C2B78849412055EB4D
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ALY9AfGtGBlh2ZtNjFQJwjREWc.roa
Signing time: Thu 19 Mar 2026 12:39:30 +0000
ROA not before: Thu 19 Mar 2026 12:39:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213999
IP address blocks: 45.12.63.0/24 maxlen: 24
45.147.31.0/24 maxlen: 24
45.152.196.0/24 maxlen: 24
45.154.247.0/24 maxlen: 24
45.158.197.0/24 maxlen: 24
45.158.198.0/24 maxlen: 24
193.5.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:1b:ad:4b:13:6d:57:c2:b7:88:49:41:20:55:eb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 19 12:39:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d002d8f407c6b4606587666d3631502708d11167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:b7:61:70:fb:40:af:eb:4b:f8:ce:cf:d4:7b:
d0:41:ba:e8:8e:2c:24:51:df:7f:9f:56:8a:cb:81:
03:ac:77:5f:08:b0:33:cd:06:2c:ea:fa:3c:f9:8f:
ab:6f:9c:c1:09:35:a6:83:6e:6e:f7:5e:28:25:24:
d5:7f:8b:e9:60:59:ca:dc:60:27:8b:03:35:1e:41:
0f:28:56:30:ac:c3:64:99:b0:61:4f:76:79:52:9f:
c7:b6:ea:71:1c:d1:75:5b:b6:e2:62:7d:34:8c:d1:
dc:77:67:77:31:9a:61:cd:b4:a3:14:b0:f5:aa:32:
8c:c1:06:9f:f0:bf:52:b3:8f:a8:e5:d4:1e:b4:53:
38:df:5f:0d:16:89:63:41:ed:30:d1:c2:48:bc:16:
e0:6a:8a:29:63:92:24:3d:76:d7:41:be:29:33:21:
ee:e6:66:69:09:34:9d:da:69:72:68:1e:5a:fa:3c:
24:34:5a:b9:05:c4:ed:16:fa:4b:66:84:f0:70:03:
c1:f6:a6:71:30:c9:a0:a1:d6:b4:13:74:3e:ee:0b:
cc:59:d5:72:76:a4:45:13:84:f0:1f:84:f2:10:19:
b6:ed:f0:34:de:fe:6e:00:fd:aa:fb:c3:f6:ae:54:
79:85:e1:4f:19:a8:2b:9f:84:8a:83:c3:f2:fe:86:
3a:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:02:D8:F4:07:C6:B4:60:65:87:66:6D:36:31:50:27:08:D1:11:67
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/0ALY9AfGtGBlh2ZtNjFQJwjREWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.63.0/24
45.147.31.0/24
45.152.196.0/24
45.154.247.0/24
45.158.197.0-45.158.198.255
193.5.250.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:57:60:5f:18:8e:9a:9c:46:01:75:a9:c5:ce:01:d2:a0:cc:
f2:04:aa:b3:cf:10:4a:d2:72:53:0b:df:ca:b1:c7:a3:07:23:
2a:ad:9e:62:5a:ae:04:90:dc:fd:bd:fe:a9:59:cb:75:57:ab:
b6:5a:7b:3c:46:f1:12:d7:5b:b4:61:8e:76:c0:ce:7a:dd:c8:
f6:e5:96:8d:59:e6:a1:0b:05:45:c6:81:4e:c0:9e:cd:6f:4e:
5d:ed:e5:e5:a4:38:23:d2:04:91:c5:ec:1c:cb:f8:b1:5f:a9:
d7:6d:93:c8:eb:7a:ab:56:9b:15:b5:f3:a3:bc:28:a4:db:79:
eb:4d:7f:03:ca:5b:17:47:47:47:2f:14:e0:44:75:94:f6:bc:
6c:64:3f:d1:f3:73:b1:1d:2a:41:bb:1a:65:ff:7e:c5:8b:29:
ff:bd:6c:25:d0:50:6d:45:36:65:a3:50:12:75:fe:8b:02:8a:
96:30:49:fb:d3:fe:fa:5d:b0:c9:1c:0c:08:cf:ec:09:41:f1:
22:c0:2e:de:ca:f6:7a:62:45:a9:d7:86:83:6c:41:23:a5:fc:
b3:c6:47:4e:89:b8:46:2d:1e:a3:31:97:d1:76:7c:8f:7d:52:
cd:d5:65:b4:88:82:bb:09:c0:39:b3:cd:49:c4:70:47:1f:5b:
8f:98:39:2c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ0GG61LE21XwreISUEgVetNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzE5MTIzOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDAyZDhmNDA3YzZiNDYwNjU4NzY2NmQzNjMxNTAyNzA4ZDExMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9bdhcPtAr+tL+M7P1HvQQbrojiwk
Ud9/n1aKy4EDrHdfCLAzzQYs6vo8+Y+rb5zBCTWmg25u914oJSTVf4vpYFnK3GAn
iwM1HkEPKFYwrMNkmbBhT3Z5Up/HtupxHNF1W7biYn00jNHcd2d3MZphzbSjFLD1
qjKMwQaf8L9Ss4+o5dQetFM4318NFoljQe0w0cJIvBbgaoopY5IkPXbXQb4pMyHu
5mZpCTSd2mlyaB5a+jwkNFq5BcTtFvpLZoTwcAPB9qZxMMmgoda0E3Q+7gvMWdVy
dqRFE4TwH4TyEBm27fA03v5uAP2q+8P2rlR5heFPGagrn4SKg8Py/oY6JwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNAC2PQHxrRgZYdmbTYxUCcI0RFnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMEFMWTlBZkd0R0JsaDJadE5qRlFKd2pSRVdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALQw/AwQA
LZMfAwQALZjEAwQALZr3MAwDBAAtnsUDBAAtnsYDBADBBfowDQYJKoZIhvcNAQEL
BQADggEBAMJXYF8YjpqcRgF1qcXOAdKgzPIEqrPPEErSclML38qxx6MHIyqtnmJa
rgSQ3P29/qlZy3VXq7ZaezxG8RLXW7RhjnbAznrdyPbllo1Z5qELBUXGgU7Ans1v
Tl3t5eWkOCPSBJHF7BzL+LFfqddtk8jreqtWmxW186O8KKTbeetNfwPKWxdHR0cv
FOBEdZT2vGxkP9Hzc7EdKkG7GmX/fsWLKf+9bCXQUG1FNmWjUBJ1/osCipYwSfvT
/vpdsMkcDAjP7AlB8SLALt7K9npiRanXhoNsQSOl/LPGR06JuEYtHqMxl9F2fI99
Us3VZbSIgrsJwDmzzUnEcEcfW4+YOSw=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:48:32 2026 by rpki-client