Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ISet4r34Zvdeg8o6KPTxrp_MAKw.roa
File: ISet4r34Zvdeg8o6KPTxrp_MAKw.roa (raw, json)
Hash identifier: 1rE5iv+sDevzHBhzg//uxuAr3u+qtB6PujbWbDmu1d8=
Subject key identifier: 21:27:AD:E2:BD:F8:66:F7:5E:83:CA:3A:28:F4:F1:AE:9F:CC:00:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D0034259762E30E387C2783D51584B1FD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ISet4r34Zvdeg8o6KPTxrp_MAKw.roa
Signing time: Wed 18 Mar 2026 09:08:30 +0000
ROA not before: Wed 18 Mar 2026 09:08:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.165.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Mar 2026 09:09:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:34:25:97:62:e3:0e:38:7c:27:83:d5:15:84:b1:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 18 09:08:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2127ade2bdf866f75e83ca3a28f4f1ae9fcc00ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:31:c1:1a:57:0a:f2:5e:59:7d:3f:47:f9:5c:
1c:80:d7:60:c0:9f:03:92:0d:e1:83:89:12:07:0e:
27:d0:de:c7:cf:c2:68:1f:6a:7a:bc:5a:17:f8:58:
78:76:ea:aa:f1:7b:fa:77:86:55:1e:54:f4:62:7b:
02:55:2e:cb:da:02:c8:bd:b8:89:03:03:bf:d6:ea:
58:7d:75:03:47:03:0e:b3:6d:54:30:cd:03:27:5e:
39:6c:33:bd:40:87:ad:f1:ce:d1:fa:25:bc:5f:e2:
c6:83:a9:11:e3:30:e4:16:d4:e1:f6:fe:2b:2a:9a:
1a:74:15:dd:58:04:70:c7:8d:63:97:18:5e:de:55:
0b:d7:eb:78:10:c1:98:b3:32:bb:aa:62:d4:1b:cb:
00:93:24:e3:85:27:15:66:4e:a6:a2:68:45:1a:c6:
69:19:a4:25:db:ae:f2:b1:72:26:05:74:92:d2:a4:
aa:ce:05:61:74:be:d3:1e:f2:74:e3:84:c4:70:e6:
f8:36:14:19:be:27:8c:50:54:71:77:10:f4:e0:cc:
1b:50:a3:9f:fb:3a:41:c2:dd:62:f0:3e:da:ca:25:
33:7e:14:d1:9b:e7:83:c3:75:b7:5a:e7:67:01:6b:
62:4e:bd:e6:20:ba:bb:f7:b2:8b:8e:a2:d8:e5:f7:
31:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:27:AD:E2:BD:F8:66:F7:5E:83:CA:3A:28:F4:F1:AE:9F:CC:00:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ISet4r34Zvdeg8o6KPTxrp_MAKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.88.90.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.60.0/23
87.121.165.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
193.47.61.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:d2:67:39:7c:ad:b3:d2:d4:cb:19:8a:71:76:fb:20:c6:9b:
a7:a1:7e:c0:dc:20:90:1d:2f:3c:02:39:85:17:fb:01:9a:5d:
80:ed:f7:e9:7a:77:69:ed:b4:f9:c8:8a:4f:70:8e:ce:17:dc:
f1:1f:c5:64:b3:d3:52:6d:44:65:48:88:a6:65:af:b7:43:1a:
7b:1b:e9:06:51:73:b0:67:4b:6a:1e:de:46:4a:74:8f:02:d6:
da:bc:d6:d7:e9:52:70:6c:84:6d:89:9c:4d:e1:c3:d8:e7:2b:
2b:60:5c:5c:a9:d9:57:ca:86:c0:6b:c6:c6:0b:b1:c9:54:75:
7d:a2:ee:40:ae:c0:d9:8b:79:5f:c1:c6:1d:d3:20:08:df:72:
f1:b3:a6:43:d4:01:8d:1b:ab:21:c4:78:96:c7:4c:ff:75:7d:
5b:c1:b1:fe:1f:a9:d4:4e:f3:76:38:bb:e8:e4:68:0a:5b:5f:
46:c5:e9:77:c9:3b:9f:bb:ea:ba:20:43:e5:71:e0:57:f4:09:
e3:f8:d9:1e:d0:a3:c4:08:66:f9:27:a1:ea:aa:42:a3:c3:2a:
2f:12:ac:df:7d:bc:fe:b5:8d:f7:78:8c:20:0f:dc:b5:36:90:
24:b6:bd:b4:6a:ab:22:28:9d:ec:4e:31:e6:90:d8:54:ed:47:
57:a8:ff:16
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ0ANCWXYuMOOHwng9UVhLH9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzE4MDkwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTI3YWRlMmJkZjg2NmY3NWU4M2NhM2EyOGY0ZjFhZTlmY2MwMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDHBGlcK8l5ZfT9H+VwcgNdgwJ8D
kg3hg4kSBw4n0N7Hz8JoH2p6vFoX+Fh4duqq8Xv6d4ZVHlT0YnsCVS7L2gLIvbiJ
AwO/1upYfXUDRwMOs21UMM0DJ145bDO9QIet8c7R+iW8X+LGg6kR4zDkFtTh9v4r
KpoadBXdWARwx41jlxhe3lUL1+t4EMGYszK7qmLUG8sAkyTjhScVZk6momhFGsZp
GaQl267ysXImBXSS0qSqzgVhdL7THvJ044TEcOb4NhQZvieMUFRxdxD04MwbUKOf
+zpBwt1i8D7ayiUzfhTRm+eDw3W3WudnAWtiTr3mILq797KLjqLY5fcxJwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFCEnreK9+Gb3XoPKOij08a6fzACsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSVNldDRyMzRadmRlZzhvNktQVHhycF9NQUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC1C
5AMEAC1C5wMEAC1YWgMEAC1Z9wMEAC2NngMEAFGh7gMEAVXZggMEAFd4VwMEAFd4
fgMEAFd4pgMEAVd5PAMEAFd5pQMEAFz5MgMEAF17bQMEAJNOZQMEArnaVAMEALne
oAMEAMEZ2AMEAMEvPQMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEAW9Jn
OXyts9LUyxmKcXb7IMabp6F+wNwgkB0vPAI5hRf7AZpdgO336Xp3ae20+ciKT3CO
zhfc8R/FZLPTUm1EZUiIpmWvt0MaexvpBlFzsGdLah7eRkp0jwLW2rzW1+lScGyE
bYmcTeHD2OcrK2BcXKnZV8qGwGvGxguxyVR1faLuQK7A2Yt5X8HGHdMgCN9y8bOm
Q9QBjRurIcR4lsdM/3V9W8Gx/h+p1E7zdji76ORoCltfRsXpd8k7n7vquiBD5XHg
V/QJ4/jZHtCjxAhm+Seh6qpCo8MqLxKs3328/rWN93iMIA/ctTaQJLa9tGqrIiid
7E4x5pDYVO1HV6j/Fg==
-----END CERTIFICATE-----
Generated at Wed Mar 18 19:44:00 2026 by rpki-client