Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dhEjbuqnF3oK_Uyrjm5SusditjM.roa
File: dhEjbuqnF3oK_Uyrjm5SusditjM.roa (raw, json)
Hash identifier: x3bj6iM7QVtRKeMbV8NjLAvVC7UUtjVFOsvTJmxF6ms=
Subject key identifier: 76:11:23:6E:EA:A7:17:7A:0A:FD:4C:AB:8E:6E:52:BA:C7:62:B6:33
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019CE264072D192636A4D1E29A7EA784015B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dhEjbuqnF3oK_Uyrjm5SusditjM.roa
Signing time: Thu 12 Mar 2026 14:12:12 +0000
ROA not before: Thu 12 Mar 2026 14:12:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.165.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 14:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:64:07:2d:19:26:36:a4:d1:e2:9a:7e:a7:84:01:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 14:12:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7611236eeaa7177a0afd4cab8e6e52bac762b633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ee:89:f1:88:45:70:40:7b:ef:89:4f:e8:1d:
c6:0c:4f:13:3f:60:a2:b9:6c:0e:17:5f:e3:72:41:
a9:3a:29:fd:f8:b3:57:43:57:4c:28:82:4f:d5:87:
9d:aa:d5:b3:3e:2d:af:7d:fb:52:52:e0:9b:f9:53:
b3:9b:6a:cb:9c:6a:87:76:e7:cb:af:a9:25:08:47:
8c:48:43:06:14:7e:12:a8:ca:7f:33:41:a6:1a:23:
59:82:66:1a:a9:ab:8b:7b:42:47:bf:02:86:2b:23:
78:89:32:0b:8b:0d:a1:43:22:1f:92:74:6a:9c:87:
5e:94:69:9a:bb:9a:d0:e9:6e:a0:87:9c:69:b2:b4:
3b:a2:4e:dc:f4:05:f5:c5:78:cb:5b:4a:6f:e9:ec:
d2:0a:8b:4a:a5:d7:22:7d:28:20:a9:4c:ef:92:09:
a5:04:20:f7:62:b9:2a:ae:f1:42:d9:0c:f4:44:d9:
d1:7c:db:d0:cb:14:a5:8d:69:78:44:d4:6d:9f:46:
d1:8c:72:08:dc:e3:22:6d:31:2d:04:aa:dd:40:b3:
28:3f:c4:00:c2:bf:4f:30:bf:16:e7:00:72:e5:b0:
4c:5a:91:38:7c:86:15:76:fd:75:e1:28:3e:df:4b:
d4:bb:3e:b8:e2:49:89:65:e9:04:69:a9:93:fb:e8:
db:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:11:23:6E:EA:A7:17:7A:0A:FD:4C:AB:8E:6E:52:BA:C7:62:B6:33
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dhEjbuqnF3oK_Uyrjm5SusditjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.60.0/23
87.121.165.0/24
92.119.196.0/23
92.249.50.0/24
93.123.109.0/24
147.78.100.0/23
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
193.47.61.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
04:86:1a:90:dd:2f:cd:1f:a6:65:ff:ee:3e:c9:11:00:1a:83:
a5:6d:74:8c:97:f7:f4:e2:74:74:71:d8:5e:d6:8d:1a:66:31:
27:6a:f6:8e:28:57:b1:53:f7:8f:79:17:ff:f7:f9:8d:14:61:
cf:47:ba:19:5d:a5:cd:f9:af:63:67:57:67:42:37:b1:46:4b:
f2:37:b1:bb:bf:54:b0:ce:90:41:72:e9:70:62:50:28:6e:cf:
36:d7:cd:73:25:d3:32:85:59:ee:3c:7d:10:80:53:47:91:58:
25:1a:bd:6a:c0:ae:ac:4f:b6:3c:fd:2d:b4:4b:db:25:f3:a3:
e6:18:a1:52:e0:8f:4f:fc:26:f3:23:94:3e:b0:a6:1e:de:69:
66:6c:10:ac:68:d7:0a:c6:65:43:4e:f0:1a:36:c3:0f:4c:3d:
0f:18:1f:00:33:a6:59:07:5a:74:3c:a9:28:ed:4c:b3:6e:bc:
1e:7a:4d:5c:ac:26:ba:c1:3b:b9:f1:7b:20:77:92:db:6d:21:
d2:2b:55:34:9d:bb:92:ba:39:34:ca:0b:7e:00:95:d1:8b:b8:
72:33:ca:7b:8f:e1:06:bf:93:3d:8e:a0:3b:6b:2f:cd:a3:ea:
42:50:bf:6a:ab:de:44:b0:8a:3d:ab:e4:29:fb:c7:89:76:e0:
2d:3f:3a:8d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZziZActGSY2pNHimn6nhAFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzEyMTQxMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjExMjM2ZWVhYTcxNzdhMGFmZDRjYWI4ZTZlNTJiYWM3NjJiNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO6J8YhFcEB774lP6B3GDE8TP2Ci
uWwOF1/jckGpOin9+LNXQ1dMKIJP1YedqtWzPi2vfftSUuCb+VOzm2rLnGqHdufL
r6klCEeMSEMGFH4SqMp/M0GmGiNZgmYaqauLe0JHvwKGKyN4iTILiw2hQyIfknRq
nIdelGmau5rQ6W6gh5xpsrQ7ok7c9AX1xXjLW0pv6ezSCotKpdcifSggqUzvkgml
BCD3YrkqrvFC2Qz0RNnRfNvQyxSljWl4RNRtn0bRjHII3OMibTEtBKrdQLMoP8QA
wr9PML8W5wBy5bBMWpE4fIYVdv114Sg+30vUuz644kmJZekEaamT++jbfQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHYRI27qpxd6Cv1Mq45uUrrHYrYzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZGhFamJ1cW5GM29LX1V5cmptNVN1c2RpdGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAC1C
5AMEAC1C5wMEAC1Z9wMEAC2NngMEAFGh7gMEAVXZggMEAFd4VwMEAFd4fgMEAFd4
pgMEAVd5PAMEAFd5pQMEAVx3xAMEAFz5MgMEAF17bQMEAZNOZAMEArnaVAMEALne
oAMEAMEZ2AMEAMEvPQMEAMI3ugMEAMKprzANBgkqhkiG9w0BAQsFAAOCAQEABIYa
kN0vzR+mZf/uPskRABqDpW10jJf39OJ0dHHYXtaNGmYxJ2r2jihXsVP3j3kX//f5
jRRhz0e6GV2lzfmvY2dXZ0I3sUZL8jexu79UsM6QQXLpcGJQKG7PNtfNcyXTMoVZ
7jx9EIBTR5FYJRq9asCurE+2PP0ttEvbJfOj5hihUuCPT/wm8yOUPrCmHt5pZmwQ
rGjXCsZlQ07wGjbDD0w9DxgfADOmWQdadDypKO1Ms268HnpNXKwmusE7ufF7IHeS
220h0itVNJ27kro5NMoLfgCV0Yu4cjPKe4/hBr+TPY6gO2svzaPqQlC/aqveRLCK
PavkKfvHiXbgLT86jQ==
-----END CERTIFICATE-----
Generated at Thu Mar 12 20:50:48 2026 by rpki-client