Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/agbok2JPfm2wPJSfiRPbCMUMxzo.roa
File: agbok2JPfm2wPJSfiRPbCMUMxzo.roa (raw, json)
Hash identifier: pl4nL9KwEZLrn6EgdAO73Uis+MOmdGGJTueljHyKCYk=
Subject key identifier: 6A:06:E8:93:62:4F:7E:6D:B0:3C:94:9F:89:13:DB:08:C5:0C:C7:3A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D24814CB580486913649E865F6CEB7F4A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/agbok2JPfm2wPJSfiRPbCMUMxzo.roa
Signing time: Wed 25 Mar 2026 10:19:06 +0000
ROA not before: Wed 25 Mar 2026 10:19:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205544
IP address blocks: 45.153.20.0/24 maxlen: 24
2a09:17c0:b19a::/48 maxlen: 48
2a0e:1a83:88::/48 maxlen: 48
2a0f:1206:77::/48 maxlen: 48
2a0f:1540::/29 maxlen: 29
2a0f:1640::/29 maxlen: 29
2a0f:1940::/29 maxlen: 29
2a0f:2840::/29 maxlen: 29
2a0f:2940::/29 maxlen: 29
2a0f:2a40::/29 maxlen: 29
2a0f:2dc0::/29 maxlen: 29
2a0f:2e40::/29 maxlen: 29
2a0f:30c0::/29 maxlen: 29
2a0f:3140::/29 maxlen: 29
2a0f:3540::/29 maxlen: 29
2a0f:3740::/29 maxlen: 29
2a0f:e1c0:3::/48 maxlen: 48
2a0f:e1c7:100::/48 maxlen: 48
2a0f:e202:97::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a0f:ea44:88::/48 maxlen: 48
2a11:3240::/29 maxlen: 29
2a11:4800::/29 maxlen: 29
2a11:8700::/29 maxlen: 29
2a11:e580::/29 maxlen: 29
2a12:3f00::/29 maxlen: 29
2a12:4b00::/29 maxlen: 29
2a12:5900::/29 maxlen: 29
2a12:cd00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:81:4c:b5:80:48:69:13:64:9e:86:5f:6c:eb:7f:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 25 10:19:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a06e893624f7e6db03c949f8913db08c50cc73a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ac:af:76:28:3d:85:ec:05:a7:55:59:de:fb:
41:30:70:2a:16:b6:01:6c:05:fc:df:ed:71:4b:e7:
fc:2d:fe:c9:d1:be:c2:dc:b1:45:47:5f:f3:71:d2:
0d:a1:4b:72:51:4e:7b:d7:42:a7:5c:be:cc:00:ee:
60:17:f9:fb:bf:a1:d2:8b:9e:78:93:34:a3:f3:69:
23:a1:d7:8d:1d:94:b1:64:9e:43:a4:f2:c2:ee:dd:
6f:9c:ea:54:77:94:e3:14:87:9c:19:55:e6:4e:52:
b0:d2:18:a0:a4:82:a4:61:96:18:77:98:9a:ff:d5:
b8:cc:68:06:65:d2:52:d9:f4:1e:23:e4:7e:c5:ed:
b2:35:8b:8b:26:d7:5c:91:21:83:b3:94:ef:08:f0:
d6:ef:6c:05:12:35:d9:61:90:92:aa:99:58:04:1d:
5c:08:ff:30:cb:4e:78:4c:5f:1b:51:1b:44:18:6c:
6e:b7:06:06:10:0d:f3:21:8d:0e:01:6c:f5:7a:ab:
0b:c0:cc:3b:6b:46:fa:61:c9:f0:91:3c:1b:0b:b3:
96:56:0b:a9:27:ac:ee:4a:6c:1d:03:ad:51:0e:8e:
9e:d7:a3:59:b7:c5:c9:eb:47:d2:3b:81:25:f7:52:
64:9c:67:db:e8:50:d7:98:e3:bb:eb:d7:3c:7b:80:
d4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:06:E8:93:62:4F:7E:6D:B0:3C:94:9F:89:13:DB:08:C5:0C:C7:3A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/agbok2JPfm2wPJSfiRPbCMUMxzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.20.0/24
IPv6:
2a09:17c0:b19a::/48
2a0e:1a83:88::/48
2a0f:1206:77::/48
2a0f:1540::/29
2a0f:1640::/29
2a0f:1940::/29
2a0f:2840::/29
2a0f:2940::/29
2a0f:2a40::/29
2a0f:2dc0::/29
2a0f:2e40::/29
2a0f:30c0::/29
2a0f:3140::/29
2a0f:3540::/29
2a0f:3740::/29
2a0f:e1c0:3::/48
2a0f:e1c7:100::/48
2a0f:e202:97::/48
2a0f:e440::/29
2a0f:ea44:88::/48
2a11:3240::/29
2a11:4800::/29
2a11:8700::/29
2a11:e580::/29
2a12:3f00::/29
2a12:4b00::/29
2a12:5900::/29
2a12:cd00::/29
Signature Algorithm: sha256WithRSAEncryption
64:56:d3:d1:4e:d6:12:d9:e9:e7:71:28:07:cd:3d:63:1b:f1:
ce:8b:5e:3c:a7:df:c1:19:37:0b:c7:3f:f2:ee:f7:4f:f3:2a:
33:89:af:4b:a8:c3:a5:6c:32:48:50:85:8c:a6:06:0b:04:77:
76:be:b0:da:ba:f1:b6:f2:ec:9e:09:e9:59:ee:33:8e:03:f4:
e2:fa:63:c4:97:dc:77:a1:ed:82:80:37:89:16:a1:b8:b8:99:
6d:29:48:4c:44:e6:4e:7f:df:31:05:2a:6a:e6:01:73:ea:5a:
4b:cd:24:6b:6d:72:db:40:bb:bf:11:4e:4a:89:bb:5b:d5:bf:
5e:67:79:13:d8:56:f7:a0:ef:fb:f1:e8:0b:98:c9:21:85:ad:
01:ec:51:37:bb:0b:0f:4d:cc:fd:3f:ff:3e:37:b2:2b:80:41:
cb:a9:02:c5:99:c7:5f:4f:9d:c9:70:af:75:f7:e9:93:38:99:
af:11:c5:b6:2d:34:b1:61:13:51:a8:fe:02:0d:da:1e:ad:82:
75:53:4d:99:3b:67:92:35:d9:2a:47:8e:41:2b:64:13:79:ed:
ef:35:3d:fa:15:7a:45:96:6e:1e:38:ab:4e:d8:ce:a8:aa:5b:
a7:d9:0a:28:ef:9a:7e:ab:55:95:79:3d:35:b7:3e:a8:ca:96:
14:38:c6:e5
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZ0kgUy1gEhpE2Sehl9s639KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzI1MTAxOTA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA2ZTg5MzYyNGY3ZTZkYjAzYzk0OWY4OTEzZGIwOGM1MGNjNzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16yvdig9hewFp1VZ3vtBMHAqFrYB
bAX83+1xS+f8Lf7J0b7C3LFFR1/zcdINoUtyUU5710KnXL7MAO5gF/n7v6HSi554
kzSj82kjodeNHZSxZJ5DpPLC7t1vnOpUd5TjFIecGVXmTlKw0higpIKkYZYYd5ia
/9W4zGgGZdJS2fQeI+R+xe2yNYuLJtdckSGDs5TvCPDW72wFEjXZYZCSqplYBB1c
CP8wy054TF8bURtEGGxutwYGEA3zIY0OAWz1eqsLwMw7a0b6YcnwkTwbC7OWVgup
J6zuSmwdA61RDo6e16NZt8XJ60fSO4El91JknGfb6FDXmOO769c8e4DUawIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFGoG6JNiT35tsDyUn4kT2wjFDMc6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYWdib2sySlBmbTJ3UEpTZmlSUGJDTVVNeHpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jAMBAIAATAGAwQALZkU
MIHZBAIAAjCB0gMHACoJF8CxmgMHACoOGoMAiAMHACoPEgYAdwMFAyoPFUADBQMq
DxZAAwUDKg8ZQAMFAyoPKEADBQMqDylAAwUDKg8qQAMFAyoPLcADBQMqDy5AAwUD
Kg8wwAMFAyoPMUADBQMqDzVAAwUDKg83QAMHACoP4cAAAwMHACoP4ccBAAMHACoP
4gIAlwMFAyoP5EADBwAqD+pEAIgDBQMqETJAAwUDKhFIAAMFAyoRhwADBQMqEeWA
AwUDKhI/AAMFAyoSSwADBQMqElkAAwUDKhLNADANBgkqhkiG9w0BAQsFAAOCAQEA
ZFbT0U7WEtnp53EoB809YxvxzotePKffwRk3C8c/8u73T/MqM4mvS6jDpWwySFCF
jKYGCwR3dr6w2rrxtvLsngnpWe4zjgP04vpjxJfcd6HtgoA3iRahuLiZbSlITETm
Tn/fMQUqauYBc+paS80ka21y20C7vxFOSom7W9W/Xmd5E9hW96Dv+/HoC5jJIYWt
AexRN7sLD03M/T//PjeyK4BBy6kCxZnHX0+dyXCvdffpkziZrxHFti00sWETUaj+
Ag3aHq2CdVNNmTtnkjXZKkeOQStkE3nt7zU9+hV6RZZuHjirTtjOqKpbp9kKKO+a
fqtVlXk9Nbc+qMqWFDjG5Q==
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:33:08 2026 by rpki-client