Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TeEVNqtxl99IM3MR5d7drpnlR-Q.roa
File: TeEVNqtxl99IM3MR5d7drpnlR-Q.roa (raw, json)
Hash identifier: qwyHwzSmRQvhLf/CLiYlYqa+x0uJANo/zHDNhtasq3A=
Subject key identifier: 4D:E1:15:36:AB:71:97:DF:48:33:73:11:E5:DE:DD:AE:99:E5:47:E4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CADCC8674349AFB31FB7D01F7E2BF29EB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TeEVNqtxl99IM3MR5d7drpnlR-Q.roa
Signing time: Mon 02 Mar 2026 09:06:27 +0000
ROA not before: Mon 02 Mar 2026 09:06:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209693
IP address blocks: 45.88.88.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
87.121.86.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
176.125.254.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:cc:86:74:34:9a:fb:31:fb:7d:01:f7:e2:bf:29:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 2 09:06:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4de11536ab7197df48337311e5deddae99e547e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:da:66:76:b1:62:41:7d:f5:e9:0f:db:87:d3:
27:1c:f2:8d:ad:a3:5b:ef:6b:09:0e:35:cc:62:3b:
21:8e:ea:1a:97:2b:af:ba:85:0c:21:58:4f:5f:34:
b3:5b:7d:8e:3b:90:56:f4:97:cb:61:ef:37:cd:39:
d9:1c:f4:64:78:09:a4:4c:16:9a:bd:ed:7f:55:99:
ff:15:0e:08:e0:57:4b:25:22:84:20:12:30:73:57:
57:06:26:28:0a:52:3d:2e:51:f5:a0:c6:bc:f0:48:
be:7a:46:1d:cf:ea:d5:e3:9b:8d:76:8b:1b:25:b4:
36:1d:68:ea:bc:a5:a6:1f:77:53:9b:b3:02:6c:8f:
06:e8:ae:d2:48:29:fe:3d:d1:df:fe:9e:a3:26:c3:
d2:33:5d:01:bb:a8:00:b9:f7:9c:d6:77:b3:bb:b6:
62:31:95:9d:e4:f4:64:66:76:44:cc:5e:60:f5:4d:
85:66:6d:23:3e:5f:ef:13:18:38:40:40:79:d7:8f:
a4:b8:cb:71:71:5f:6c:88:90:1a:a7:0a:ae:6d:ad:
b4:f0:74:ae:f0:4d:28:8b:cd:22:4d:b2:8a:c1:96:
00:b1:d4:b0:ce:29:f1:7c:13:57:05:4e:b1:a1:ce:
48:c7:ff:6b:25:4c:90:91:9c:2b:af:01:d4:2d:12:
6e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E1:15:36:AB:71:97:DF:48:33:73:11:E5:DE:DD:AE:99:E5:47:E4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TeEVNqtxl99IM3MR5d7drpnlR-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
83.219.97.0/24
87.121.86.0/24
87.121.221.0/24
176.125.254.0/24
185.252.177.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
93:1b:85:31:87:fa:b9:e2:f3:58:78:e7:18:ac:dc:35:d9:6d:
c8:b2:2a:34:38:ce:09:2a:7b:9d:a8:fa:7f:03:63:05:bb:98:
0f:66:15:c1:c7:af:9f:83:6b:02:ae:10:49:d2:65:a2:c9:cb:
29:d5:53:6c:b8:f6:8d:1f:5c:bc:f7:63:ce:6b:a6:2c:22:1a:
d1:eb:a6:fb:10:cb:5b:58:a6:12:ff:2c:da:a8:c2:b8:b8:7e:
33:ee:ec:54:32:36:52:57:27:d2:b1:ff:d5:26:27:ce:71:b1:
65:5b:81:4a:61:cb:33:e2:91:0e:15:2f:42:8a:cd:a4:ea:2e:
ad:eb:4e:60:39:c3:15:1c:a8:69:9d:e5:b2:f1:f3:b7:43:d2:
a1:bd:6e:37:17:51:cf:10:c3:40:59:49:b0:58:dd:b3:81:29:
4b:2a:7e:23:3e:da:3f:e4:1d:d1:92:ca:07:91:29:5d:f7:e8:
6e:5e:91:a5:f0:d4:c3:19:04:aa:8d:d4:59:41:b7:a1:a2:1f:
bc:92:e3:e6:5e:6c:40:9c:b4:77:ae:0b:61:c6:17:21:50:8a:
31:cf:16:4a:e2:a9:ca:96:45:1a:c0:8c:e7:e2:20:fd:b6:13:
8f:d1:8e:6b:e0:bf:08:fc:65:25:c3:2f:ba:44:fc:8f:29:a8:
c2:95:d5:46
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZytzIZ0NJr7Mft9AffivynrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzAyMDkwNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGUxMTUzNmFiNzE5N2RmNDgzMzczMTFlNWRlZGRhZTk5ZTU0N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tpmdrFiQX316Q/bh9MnHPKNraNb
72sJDjXMYjshjuoalyuvuoUMIVhPXzSzW32OO5BW9JfLYe83zTnZHPRkeAmkTBaa
ve1/VZn/FQ4I4FdLJSKEIBIwc1dXBiYoClI9LlH1oMa88Ei+ekYdz+rV45uNdosb
JbQ2HWjqvKWmH3dTm7MCbI8G6K7SSCn+PdHf/p6jJsPSM10Bu6gAufec1nezu7Zi
MZWd5PRkZnZEzF5g9U2FZm0jPl/vExg4QEB514+kuMtxcV9siJAapwquba208HSu
8E0oi80iTbKKwZYAsdSwzinxfBNXBU6xoc5Ix/9rJUyQkZwrrwHULRJuDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFE3hFTarcZffSDNzEeXe3a6Z5UfkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGVFVk5xdHhsOTlJTTNNUjVkN2RycG5sUi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVhYAwQA
U9thAwQAV3lWAwQAV3ndAwQAsH3+AwQAufyxAwQAwjD6MA0GCSqGSIb3DQEBCwUA
A4IBAQCTG4Uxh/q54vNYeOcYrNw12W3Isio0OM4JKnudqPp/A2MFu5gPZhXBx6+f
g2sCrhBJ0mWiycsp1VNsuPaNH1y892POa6YsIhrR66b7EMtbWKYS/yzaqMK4uH4z
7uxUMjZSVyfSsf/VJifOcbFlW4FKYcsz4pEOFS9Cis2k6i6t605gOcMVHKhpneWy
8fO3Q9KhvW43F1HPEMNAWUmwWN2zgSlLKn4jPto/5B3RksoHkSld9+huXpGl8NTD
GQSqjdRZQbehoh+8kuPmXmxAnLR3rgthxhchUIoxzxZK4qnKlkUawIzn4iD9thOP
0Y5r4L8I/GUlwy+6RPyPKajCldVG
-----END CERTIFICATE-----
Generated at Wed Mar 4 17:06:46 2026 by rpki-client