Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dR1FwcJNtOENeWduGS1W4IRoKdw.roa
File: dR1FwcJNtOENeWduGS1W4IRoKdw.roa (raw, json)
Hash identifier: +9CjJthEGbnvthzXzxC8O9FIZmQ7n15CGApTOCLI5Nc=
Subject key identifier: 75:1D:45:C1:C2:4D:B4:E1:0D:79:67:6E:19:2D:56:E0:84:68:29:DC
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019D0A0D7EB166EACF646DBC8F7EE6919184
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dR1FwcJNtOENeWduGS1W4IRoKdw.roa
Signing time: Fri 20 Mar 2026 07:02:29 +0000
ROA not before: Fri 20 Mar 2026 07:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.241.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.203.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.0.0/24 maxlen: 24
213.220.6.0/24 maxlen: 24
213.220.11.0/24 maxlen: 24
213.220.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0a:0d:7e:b1:66:ea:cf:64:6d:bc:8f:7e:e6:91:91:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Mar 20 07:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=751d45c1c24db4e10d79676e192d56e0846829dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:6f:90:41:9f:6d:e7:79:fa:86:44:34:87:f6:
7a:fc:85:6d:ac:ce:82:df:3d:44:93:f7:a2:64:8d:
ab:be:6e:7c:5b:31:0f:57:35:ef:98:5b:20:ed:bd:
7c:de:52:a3:e7:c6:9a:6a:b4:af:de:cd:b6:4c:8c:
5f:a8:61:70:f2:01:fe:b8:d2:fc:fe:f5:84:86:1f:
ce:24:a8:56:be:a1:4d:20:6c:9f:cf:df:d4:89:67:
80:88:f9:dc:ba:6b:d6:5b:f9:c1:84:48:ca:ed:23:
81:01:a4:05:b5:6e:27:75:17:78:ff:3b:01:a9:88:
b1:49:32:56:55:71:45:ee:cc:0d:7e:9b:67:57:d0:
17:ac:08:1f:c1:bc:f1:77:e2:15:42:88:83:d0:43:
44:79:0f:64:75:c4:b7:29:0e:27:f7:a6:5e:ff:aa:
3c:ab:f3:2c:18:c7:01:ea:12:1e:3f:2c:03:1b:40:
f5:ec:c5:8b:d2:ee:4d:9c:35:ab:f1:a3:ba:85:7c:
02:c9:1b:55:b3:86:70:2d:e4:3b:31:74:74:70:7b:
b0:9d:52:88:27:32:0d:08:00:bd:20:af:7f:0d:18:
24:0b:8c:2e:06:cb:96:6f:2a:6a:8f:39:53:d4:b6:
31:cd:dd:d0:c9:c8:35:6d:91:f1:41:cc:12:0e:64:
fc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1D:45:C1:C2:4D:B4:E1:0D:79:67:6E:19:2D:56:E0:84:68:29:DC
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/dR1FwcJNtOENeWduGS1W4IRoKdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0-45.155.242.255
194.143.205.0-194.143.207.255
194.143.217.0-194.143.218.255
194.143.221.0-194.143.223.255
195.114.196.0-195.114.198.255
195.114.203.0/24
195.114.205.0/24
213.220.0.0/24
213.220.6.0/24
213.220.11.0/24
213.220.14.0/24
Signature Algorithm: sha256WithRSAEncryption
19:fb:36:e0:af:13:c7:29:2c:36:b9:46:ec:64:73:9c:0a:4b:
08:87:5b:84:a7:25:52:4d:ee:df:9a:8f:0f:78:58:1f:9e:0c:
63:f7:d5:59:d3:bf:16:95:78:1c:ed:a5:b4:5d:27:a4:76:67:
cf:1d:1d:9f:a8:07:59:b3:e2:ee:2d:70:d0:ef:5a:35:c4:32:
86:bb:f2:32:12:5e:e7:b5:56:bc:8b:ee:21:42:13:53:d4:c3:
59:25:9b:55:f2:ce:5b:96:88:5a:59:6e:21:51:f2:cf:d8:ab:
80:31:9f:bb:60:0e:46:ad:d8:df:bc:8a:ab:fa:56:6a:d7:c6:
84:ad:07:25:ae:7d:d5:d8:46:1f:f7:8e:c3:74:22:00:7d:2d:
df:5b:e9:8e:25:44:16:9a:75:fd:05:60:60:86:f1:4c:ac:41:
21:7f:53:fa:8c:3f:b9:82:02:95:94:e2:cb:3e:f6:bc:ac:cd:
c9:44:38:e3:e9:04:cb:5d:14:80:5a:3b:5d:ea:a8:4c:df:78:
c8:3e:35:e7:cc:b0:18:5e:19:75:77:9c:7b:a0:28:11:dc:69:
53:05:22:3a:71:ef:c0:10:27:68:5f:e5:0c:4a:97:e7:2a:bd:
1d:0d:27:dc:1b:d3:e2:21:04:ab:9b:03:2d:dc:47:75:00:9a:
d7:42:01:95
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZ0KDX6xZurPZG28j37mkZGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjYwMzIwMDcwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFkNDVjMWMyNGRiNGUxMGQ3OTY3NmUxOTJkNTZlMDg0NjgyOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2W+QQZ9t53n6hkQ0h/Z6/IVtrM6C
3z1Ek/eiZI2rvm58WzEPVzXvmFsg7b183lKj58aaarSv3s22TIxfqGFw8gH+uNL8
/vWEhh/OJKhWvqFNIGyfz9/UiWeAiPncumvWW/nBhEjK7SOBAaQFtW4ndRd4/zsB
qYixSTJWVXFF7swNfptnV9AXrAgfwbzxd+IVQoiD0ENEeQ9kdcS3KQ4n96Ze/6o8
q/MsGMcB6hIePywDG0D17MWL0u5NnDWr8aO6hXwCyRtVs4ZwLeQ7MXR0cHuwnVKI
JzINCAC9IK9/DRgkC4wuBsuWbypqjzlT1LYxzd3Qycg1bZHxQcwSDmT88QIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHUdRcHCTbThDXlnbhktVuCEaCncMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZFIxRndjSk50T0VOZVdkdUdTMVc0SVJvS2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQELZvw
AwQALZvyMAwDBADCj80DBATCj8AwDAMEAMKP2QMEAMKP2jAMAwQAwo/dAwQFwo/A
MAwDBALDcsQDBADDcsYDBADDcssDBADDcs0DBADV3AADBADV3AYDBADV3AsDBADV
3A4wDQYJKoZIhvcNAQELBQADggEBABn7NuCvE8cpLDa5Ruxkc5wKSwiHW4SnJVJN
7t+ajw94WB+eDGP31VnTvxaVeBztpbRdJ6R2Z88dHZ+oB1mz4u4tcNDvWjXEMoa7
8jISXue1VryL7iFCE1PUw1klm1XyzluWiFpZbiFR8s/Yq4Axn7tgDkat2N+8iqv6
VmrXxoStByWufdXYRh/3jsN0IgB9Ld9b6Y4lRBaadf0FYGCG8UysQSF/U/qMP7mC
ApWU4ss+9ryszclEOOPpBMtdFIBaO13qqEzfeMg+NefMsBheGXV3nHugKBHcaVMF
Ijpx78AQJ2hf5QxKl+cqvR0NJ9wb0+IhBKubAy3cR3UAmtdCAZU=
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:56:24 2026 by rpki-client