Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FSUpX5i4HXbROeyZ2Jd06xNOdOc.roa
File: FSUpX5i4HXbROeyZ2Jd06xNOdOc.roa (raw, json)
Hash identifier: 4rqLJDS+EigUJzTBYev4eS6QrLrOwVEL9/5HABE9cEs=
Subject key identifier: 15:25:29:5F:98:B8:1D:76:D1:39:EC:99:D8:97:74:EB:13:4E:74:E7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EF414FB7D19E2D425C2478384CECD437E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FSUpX5i4HXbROeyZ2Jd06xNOdOc.roa
Signing time: Tue 23 Jun 2026 10:44:36 +0000
ROA not before: Tue 23 Jun 2026 10:44:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16589
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 10:45:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f4:14:fb:7d:19:e2:d4:25:c2:47:83:84:ce:cd:43:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 23 10:44:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1525295f98b81d76d139ec99d89774eb134e74e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c1:40:dc:85:ca:ed:ba:4c:55:d5:8f:9e:92:
d6:3f:e0:83:b2:8a:a4:4a:f6:6e:7d:41:4e:07:20:
80:9c:80:4f:84:5e:61:e5:b3:61:62:da:36:e3:0f:
42:ea:3d:09:e9:b6:99:e0:de:c4:ef:42:1f:c8:14:
12:9d:a6:67:54:72:47:61:63:80:02:8c:e1:62:8e:
0a:64:b0:75:e8:d9:7a:02:6e:25:fe:74:2c:7e:ff:
f3:97:a3:2a:77:23:b1:13:cc:37:ce:42:68:33:84:
18:bc:0a:e7:73:d8:7e:cb:f8:f9:12:09:cc:66:df:
ea:b5:1a:79:75:a7:80:e2:bb:d2:a1:d8:02:dd:d5:
c5:3f:bc:5b:a6:3b:18:22:1b:78:c4:1b:b5:8a:82:
ff:21:1a:4c:38:fe:c2:09:a5:42:07:c7:9f:e2:f4:
db:f9:f6:02:ec:5d:07:1b:db:09:a0:7d:f2:75:4d:
97:a7:fe:40:c3:ac:0a:6b:5a:70:9f:ca:24:96:9f:
5f:57:be:80:66:1a:a3:ac:1e:62:e3:a7:d4:a4:4e:
01:b3:aa:52:3a:6d:7d:d9:b4:a5:26:32:da:7c:cc:
90:d9:d2:53:e9:38:de:a9:1c:90:75:34:6e:04:43:
8a:4f:d0:6e:8c:da:85:4c:79:8e:1c:87:37:a0:32:
c4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:25:29:5F:98:B8:1D:76:D1:39:EC:99:D8:97:74:EB:13:4E:74:E7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FSUpX5i4HXbROeyZ2Jd06xNOdOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.149.235.0/24
109.206.242.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:d5:fe:e8:8d:02:40:c0:e1:d0:cb:c3:4f:8a:10:45:22:f9:
f2:25:6c:94:f5:b1:27:32:c2:1b:05:98:54:3b:bf:68:b0:ac:
3d:d8:b1:60:46:37:ca:c5:c3:0d:a9:6d:61:e0:ef:ac:11:c6:
c5:e8:60:21:7b:49:5b:06:aa:91:e3:66:11:49:8a:c9:c7:04:
20:8a:ee:fa:38:26:35:a2:fb:da:f8:0c:7b:5b:9e:bb:6a:28:
60:36:a0:c0:16:83:f8:ad:8a:d8:c1:fc:e6:09:81:b8:bd:39:
18:7d:2a:9d:0e:40:36:be:9a:5e:b0:a1:4a:c6:85:3c:6d:fc:
b6:49:0a:ba:3b:a6:8d:7a:3c:c7:20:3b:12:c2:fb:64:c3:b9:
11:06:c0:76:2e:7d:76:2b:76:51:85:ee:36:4d:d3:11:f2:6c:
91:58:7d:04:62:bd:35:74:3c:da:82:f2:54:26:c3:46:fe:9b:
0d:83:74:5c:71:80:43:04:9e:77:36:47:54:7f:79:58:33:2b:
a4:27:5b:24:5a:c9:a3:88:14:dc:c5:7d:ff:1d:c5:57:42:e5:
75:15:5a:ad:ea:cb:f6:5c:ee:21:a9:db:9f:67:95:79:fc:c7:
f9:da:4f:84:fd:4c:c1:d1:89:fd:1f:e5:63:fd:0b:23:f0:b6:
cc:a0:cf:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ70FPt9GeLUJcJHg4TOzUN+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjIzMTA0NDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI1Mjk1Zjk4YjgxZDc2ZDEzOWVjOTlkODk3NzRlYjEzNGU3NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8FA3IXK7bpMVdWPnpLWP+CDsoqk
SvZufUFOByCAnIBPhF5h5bNhYto24w9C6j0J6baZ4N7E70IfyBQSnaZnVHJHYWOA
AozhYo4KZLB16Nl6Am4l/nQsfv/zl6MqdyOxE8w3zkJoM4QYvArnc9h+y/j5EgnM
Zt/qtRp5daeA4rvSodgC3dXFP7xbpjsYIht4xBu1ioL/IRpMOP7CCaVCB8ef4vTb
+fYC7F0HG9sJoH3ydU2Xp/5Aw6wKa1pwn8oklp9fV76AZhqjrB5i46fUpE4Bs6pS
Om192bSlJjLafMyQ2dJT6TjeqRyQdTRuBEOKT9BujNqFTHmOHIc3oDLEbwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBUlKV+YuB120TnsmdiXdOsTTnTnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRlNVcFg1aTRIWGJST2V5WjJKZDA2eE5PZE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVRYAwQA
LVn0AwQALZXrAwQAbc7yMA0GCSqGSIb3DQEBCwUAA4IBAQCe1f7ojQJAwOHQy8NP
ihBFIvnyJWyU9bEnMsIbBZhUO79osKw92LFgRjfKxcMNqW1h4O+sEcbF6GAhe0lb
BqqR42YRSYrJxwQgiu76OCY1ovva+Ax7W567aihgNqDAFoP4rYrYwfzmCYG4vTkY
fSqdDkA2vppesKFKxoU8bfy2SQq6O6aNejzHIDsSwvtkw7kRBsB2Ln12K3ZRhe42
TdMR8myRWH0EYr01dDzagvJUJsNG/psNg3RccYBDBJ53NkdUf3lYMyukJ1skWsmj
iBTcxX3/HcVXQuV1FVqt6sv2XO4hqdufZ5V5/Mf52k+E/UzB0Yn9H+Vj/Qsj8LbM
oM/J
-----END CERTIFICATE-----
Generated at Tue Jun 23 18:36:58 2026 by rpki-client