Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TipCdyM6vDa-FYD-Pp6WXAUIAxY.roa
File: TipCdyM6vDa-FYD-Pp6WXAUIAxY.roa (raw, json)
Hash identifier: vQGOacqK+1sTvnPQXqtzEp6ei7Ob1otLpw7scHfYh5U=
Subject key identifier: 4E:2A:42:77:23:3A:BC:36:BE:15:80:FE:3E:9E:96:5C:05:08:03:16
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D42D57600DA199966C327F4580BC00331
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TipCdyM6vDa-FYD-Pp6WXAUIAxY.roa
Signing time: Tue 31 Mar 2026 07:39:38 +0000
ROA not before: Tue 31 Mar 2026 07:39:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.191.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Apr 2026 13:27:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:42:d5:76:00:da:19:99:66:c3:27:f4:58:0b:c0:03:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 31 07:39:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e2a4277233abc36be1580fe3e9e965c05080316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:6f:4f:05:1d:57:52:c5:53:e6:a7:89:64:46:
41:38:98:ff:44:af:3c:8d:0c:56:b7:28:31:19:a8:
c9:a2:ea:4d:79:05:87:62:34:3f:5a:45:ed:14:7c:
8e:d8:5d:e3:d9:34:ad:78:51:80:b6:ee:5d:49:b8:
75:41:06:c4:50:59:e4:91:c9:95:01:d6:98:b1:b2:
6f:a5:6c:68:22:99:ad:71:0d:c4:32:c3:4b:f1:47:
10:db:2b:32:37:b4:e0:c4:24:3e:b3:8f:2d:f4:a7:
ce:0e:ea:60:ce:49:43:9e:66:f4:20:4b:86:3e:ae:
72:20:23:3a:fd:dc:ff:03:1e:9a:ca:13:76:b8:68:
c1:c7:0e:27:20:79:bf:90:dc:8c:d3:d1:1f:36:4b:
c4:6e:13:f5:2b:7c:f5:a8:5c:5d:5c:a3:1b:af:f6:
20:d3:65:d2:e1:63:3a:f4:41:2c:ae:04:a3:2f:4a:
cb:a7:bb:88:75:11:b9:84:9b:86:2e:07:de:71:2d:
99:aa:4c:b3:88:eb:fe:26:5b:04:0c:c5:54:8a:1d:
3c:4c:d1:82:40:b6:bc:be:4b:e3:cf:61:ec:76:66:
60:a4:d0:b3:85:c5:e5:a8:2f:2f:f9:b0:66:20:2c:
bb:7f:c9:50:53:34:0c:52:4e:81:8e:60:bf:d2:46:
f3:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:2A:42:77:23:3A:BC:36:BE:15:80:FE:3E:9E:96:5C:05:08:03:16
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TipCdyM6vDa-FYD-Pp6WXAUIAxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.191.0/24
87.121.60.0/23
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
193.47.61.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
78:03:58:43:ac:7b:20:c4:e5:90:0a:37:0c:3f:9c:68:09:b4:
95:a3:3b:19:29:29:24:61:9e:90:14:cd:e1:db:ac:fa:13:44:
24:36:11:a6:64:d5:1f:2c:10:63:84:d2:a4:a0:43:5e:ab:14:
48:05:df:ad:29:34:82:75:e1:55:2d:ad:30:4b:5e:fc:de:8a:
3e:d3:8e:72:f2:27:73:71:0b:5e:32:ee:be:02:55:80:0e:48:
44:50:21:de:ee:2a:aa:09:d9:14:11:06:91:65:53:b3:f3:74:
60:a3:11:5c:4f:cf:1d:cb:e8:ff:94:ab:7b:d1:00:fe:53:5e:
d4:5e:77:8c:dc:d3:0b:a8:3c:95:2a:df:ba:73:eb:48:19:69:
df:ae:2c:98:61:e4:59:f7:aa:0a:8a:7c:9d:87:5f:8f:85:1f:
9d:d4:b0:99:6c:4d:20:48:6e:e8:0d:e7:29:c4:f7:fd:09:ea:
94:94:ec:f6:d4:73:cd:08:93:2f:5c:05:36:27:7b:68:51:02:
66:97:f5:7c:f4:d0:7a:23:fc:6b:06:d1:5f:5e:9b:70:d2:ee:
92:c2:c6:d9:10:cb:fb:87:7f:4a:2b:f7:06:a4:b2:a2:c7:6c:
4a:09:85:eb:4e:82:13:d8:aa:5f:5c:f3:50:99:79:7f:65:14:
78:22:13:d0
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ1C1XYA2hmZZsMn9FgLwAMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzMxMDczOTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTJhNDI3NzIzM2FiYzM2YmUxNTgwZmUzZTllOTY1YzA1MDgwMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg29PBR1XUsVT5qeJZEZBOJj/RK88
jQxWtygxGajJoupNeQWHYjQ/WkXtFHyO2F3j2TSteFGAtu5dSbh1QQbEUFnkkcmV
AdaYsbJvpWxoIpmtcQ3EMsNL8UcQ2ysyN7TgxCQ+s48t9KfODupgzklDnmb0IEuG
Pq5yICM6/dz/Ax6ayhN2uGjBxw4nIHm/kNyM09EfNkvEbhP1K3z1qFxdXKMbr/Yg
02XS4WM69EEsrgSjL0rLp7uIdRG5hJuGLgfecS2ZqkyziOv+JlsEDMVUih08TNGC
QLa8vkvjz2HsdmZgpNCzhcXlqC8v+bBmICy7f8lQUzQMUk6BjmC/0kbz6QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFE4qQncjOrw2vhWA/j6ellwFCAMWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVGlwQ2R5TTZ2RGEtRllELVBwNldYQVVJQXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC1C
5AMEAC1C5wMEAC1Z9wMEAC2NngMEAFGh7gMEAFOPcQMEAVXZggMEAFd4VwMEAFd4
fgMEAFd4pgMEAFd4vwMEAVd5PAMEAFz5MgMEAF17bQMEAJNOZQMEArnaVAMEALne
oAMEAMEZ2AMEAMEvPQMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEAeANY
Q6x7IMTlkAo3DD+caAm0laM7GSkpJGGekBTN4dus+hNEJDYRpmTVHywQY4TSpKBD
XqsUSAXfrSk0gnXhVS2tMEte/N6KPtOOcvInc3ELXjLuvgJVgA5IRFAh3u4qqgnZ
FBEGkWVTs/N0YKMRXE/PHcvo/5Sre9EA/lNe1F53jNzTC6g8lSrfunPrSBlp364s
mGHkWfeqCop8nYdfj4UfndSwmWxNIEhu6A3nKcT3/QnqlJTs9tRzzQiTL1wFNid7
aFECZpf1fPTQeiP8awbRX16bcNLuksLG2RDL+4d/Siv3BqSyosdsSgmF606CE9iq
X1zzUJl5f2UUeCIT0A==
-----END CERTIFICATE-----
Generated at Tue Mar 31 17:23:08 2026 by rpki-client