Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2aiK0KT06HN8ST4N4pm2sYFZz84.roa
File: 2aiK0KT06HN8ST4N4pm2sYFZz84.roa (raw, json)
Hash identifier: bgGVNlIO/HJYzU5UcBJH74krRCGyzfO78X/+1TzKDqc=
Subject key identifier: D9:A8:8A:D0:A4:F4:E8:73:7C:49:3E:0D:E2:99:B6:B1:81:59:CF:CE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E06CF6EEBF6F4A5DBB50CE4C35534D115
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2aiK0KT06HN8ST4N4pm2sYFZz84.roa
Signing time: Fri 08 May 2026 08:58:37 +0000
ROA not before: Fri 08 May 2026 08:58:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.37.44.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 04:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:cf:6e:eb:f6:f4:a5:db:b5:0c:e4:c3:55:34:d1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 8 08:58:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9a88ad0a4f4e8737c493e0de299b6b18159cfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:ae:1f:ed:f4:60:4e:1b:11:ba:a7:67:d0:
66:63:c5:56:ef:3b:d2:11:40:1a:5e:a8:a9:69:20:
8e:f3:13:a1:9c:c0:fa:fc:25:53:64:3a:95:20:3b:
03:6a:fe:cb:74:bf:57:6d:48:da:51:77:64:4e:7d:
4e:d9:1b:3e:fa:e1:19:9e:4c:26:43:f7:96:c8:c0:
19:18:fb:52:63:b1:28:91:2c:08:66:ed:9c:75:33:
2c:40:50:c0:d2:a5:f1:40:b0:0f:82:e2:4f:c8:14:
a2:8c:bb:49:22:16:5b:05:81:0a:3a:b4:ab:cf:50:
57:db:a0:03:cb:08:c5:7b:12:36:84:40:91:03:e0:
b5:22:46:9b:da:2c:2c:f5:7d:d4:49:0d:97:f1:fd:
51:86:2a:04:a6:30:34:de:08:ee:9f:db:22:93:8e:
a9:16:d4:b3:1d:76:20:2f:da:c9:7f:9e:e0:80:a5:
da:86:3b:e7:4f:88:d5:46:4d:98:87:91:12:0d:bd:
56:33:07:62:8e:96:d7:65:33:1c:52:1a:f6:5b:e7:
c3:2d:de:fe:4a:2f:0f:5f:47:9d:af:2a:77:6d:8e:
06:77:8c:37:c3:9c:88:fb:90:6a:a0:e4:b8:0f:0d:
9d:42:74:f6:cb:59:6a:0c:35:99:61:22:7b:b5:9c:
8d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:A8:8A:D0:A4:F4:E8:73:7C:49:3E:0D:E2:99:B6:B1:81:59:CF:CE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2aiK0KT06HN8ST4N4pm2sYFZz84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
84.54.51.0/24
85.31.47.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.37.44.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
09:22:56:06:e8:24:7b:f0:2a:6c:d6:8f:57:cd:b8:5b:28:c8:
e6:05:73:42:89:20:ca:04:43:42:e6:68:eb:64:b9:be:c6:69:
78:f1:72:f4:d1:0f:fd:3b:68:f2:e7:fa:36:34:c3:b3:c8:63:
4b:c5:0c:dc:a4:2e:75:cc:19:ce:e0:56:72:8e:2a:84:4c:23:
5c:31:3e:a5:08:60:a7:99:a6:0f:10:e5:45:32:98:27:c1:02:
ff:f6:c7:23:56:80:01:24:3d:de:95:18:24:7d:37:40:0a:2a:
be:13:24:8b:a4:1c:a9:53:1f:3b:53:e9:2a:f3:50:c3:21:f7:
ec:f4:94:84:f4:9a:ec:43:f9:e3:11:f4:d6:78:cf:2f:54:5e:
29:c1:bc:1d:33:d4:83:d0:cf:c5:46:a0:18:78:9d:9f:0a:f3:
2f:2d:c3:2e:78:9e:95:de:51:66:45:dd:2f:00:27:89:cc:1f:
01:08:39:c5:62:7b:51:77:91:81:fb:44:86:e9:18:e1:20:87:
42:49:e3:1d:57:16:3b:11:3f:e4:ec:53:17:50:1a:81:b0:e1:
95:51:49:43:3e:5c:8b:d9:9c:69:d8:9c:6b:76:3f:88:ee:9e:
c6:aa:fe:41:0c:8c:da:4a:4b:63:67:ed:9d:e6:a1:e8:f4:85:
33:a5:02:b3
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ4Gz27r9vSl27UM5MNVNNEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTA4MDg1ODM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWE4OGFkMGE0ZjRlODczN2M0OTNlMGRlMjk5YjZiMTgxNTljZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5GuH+30YE4bEbqnZ9BmY8VW7zvS
EUAaXqipaSCO8xOhnMD6/CVTZDqVIDsDav7LdL9XbUjaUXdkTn1O2Rs++uEZnkwm
Q/eWyMAZGPtSY7EokSwIZu2cdTMsQFDA0qXxQLAPguJPyBSijLtJIhZbBYEKOrSr
z1BX26ADywjFexI2hECRA+C1Ikab2iws9X3USQ2X8f1RhioEpjA03gjun9sik46p
FtSzHXYgL9rJf57ggKXahjvnT4jVRk2Yh5ESDb1WMwdijpbXZTMcUhr2W+fDLd7+
Si8PX0edryp3bY4Gd4w3w5yI+5BqoOS4Dw2dQnT2y1lqDDWZYSJ7tZyN/wIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFNmoitCk9OhzfEk+DeKZtrGBWc/OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMmFpSzBLVDA2SE44U1Q0TjRwbTJzWUZaejg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC1C
5AMEAC1C5wMEAC1Z9wMEAC2NngMEAFGh7gMEAFOPcQMEAFQ2MwMEAFUfLwMEAVXZ
ggMEAFd4VwMEAFd4fgMEAFd4pgMEAFd4vwMEAFz5MgMEAF17bQMEAJNOZQMEArna
VAMEALneoAMEAMElLAMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEACSJW
Bugke/AqbNaPV824WyjI5gVzQokgygRDQuZo62S5vsZpePFy9NEP/Tto8uf6NjTD
s8hjS8UM3KQudcwZzuBWco4qhEwjXDE+pQhgp5mmDxDlRTKYJ8EC//bHI1aAASQ9
3pUYJH03QAoqvhMki6QcqVMfO1PpKvNQwyH37PSUhPSa7EP54xH01njPL1ReKcG8
HTPUg9DPxUagGHidnwrzLy3DLnield5RZkXdLwAnicwfAQg5xWJ7UXeRgftEhukY
4SCHQknjHVcWOxE/5OxTF1AagbDhlVFJQz5ci9mcadica3Y/iO6exqr+QQyM2kpL
Y2ftneah6PSFM6UCsw==
-----END CERTIFICATE-----
Generated at Sat May 9 14:10:39 2026 by rpki-client