Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1-Dw7363-gcZT5BcZS3h3DULOLy8.roa
File: 1-Dw7363-gcZT5BcZS3h3DULOLy8.roa (raw, json)
Hash identifier: ycAjWS2LKG3rf+AnuA7L1QjlHbaxU1ClqDSIOlIjNCE=
Subject key identifier: F8:3C:3B:DF:AD:FE:81:C6:53:E4:17:19:4B:78:77:0D:42:CE:2F:2F
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019DFF4BFD954FBAD8247014703D138F6A5F
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1-Dw7363-gcZT5BcZS3h3DULOLy8.roa
Signing time: Wed 06 May 2026 21:57:43 +0000
ROA not before: Wed 06 May 2026 21:57:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210529
IP address blocks: 45.10.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ff:4b:fd:95:4f:ba:d8:24:70:14:70:3d:13:8f:6a:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: May 6 21:57:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f83c3bdfadfe81c653e417194b78770d42ce2f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6d:3a:bb:fb:63:5d:21:d4:2a:37:97:09:6b:
4d:1f:3e:0e:70:b1:f1:28:31:fe:ec:a5:ca:63:6d:
36:46:a1:bf:39:64:9b:0d:49:8b:8e:ed:99:5b:bf:
0b:79:93:11:9f:44:25:da:6d:3f:e4:c7:b5:ac:83:
4c:f5:8b:23:8b:ff:49:ee:be:1e:9c:8e:00:8e:5f:
e8:77:49:0a:46:e9:d2:30:6d:d7:b1:e2:68:aa:b9:
36:5e:7d:ea:13:b2:3f:e2:25:7e:22:b1:64:27:84:
7c:b0:44:75:57:47:2e:40:46:c1:94:5d:7e:46:7f:
83:4b:52:96:f6:3d:3e:d4:58:ea:06:75:da:65:c9:
5f:fd:c1:17:3d:8f:63:f1:00:fe:e0:58:12:dc:b5:
e3:05:cf:83:3b:a5:57:f3:bd:ca:4d:f3:9e:2e:54:
bf:03:fb:ac:11:f3:16:5d:eb:d7:78:23:97:74:8f:
46:bc:b3:29:09:d6:50:3e:f6:6e:1a:d7:4b:9b:f5:
1f:85:ae:fe:8b:b0:31:af:af:cb:9f:be:e9:53:7e:
97:b0:62:2a:fc:4e:41:18:23:aa:e4:8d:02:1f:e4:
0c:22:3e:04:5e:5f:b6:90:3c:6e:62:be:76:71:45:
c5:e5:fa:31:3c:17:44:79:e6:00:be:8a:1b:32:e3:
02:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3C:3B:DF:AD:FE:81:C6:53:E4:17:19:4B:78:77:0D:42:CE:2F:2F
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/1-Dw7363-gcZT5BcZS3h3DULOLy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:90:c5:d5:ac:c0:10:3b:97:d9:69:d9:94:a8:3a:d4:5f:d9:
51:cf:d4:98:bf:ff:cd:e2:bd:16:41:c4:e5:e3:22:aa:2d:5e:
0f:27:89:d6:36:e7:c8:d7:63:ef:09:2e:3b:e4:a3:c9:d7:31:
c3:5a:33:ef:33:59:0f:bc:a9:9a:13:f9:3f:38:38:a5:4e:d3:
ae:7d:ff:2b:c4:bb:cf:84:3b:8d:a0:47:28:e6:84:cd:04:15:
38:66:35:cc:eb:db:e9:17:8d:51:a6:99:72:10:ff:88:93:44:
98:53:11:3b:d8:5e:14:7e:d9:b2:e4:1e:e2:be:b2:cb:3c:f4:
e4:58:4f:d6:64:c1:3b:65:1b:f6:ae:27:02:f1:9a:46:28:ed:
cc:46:3c:98:6c:60:f2:f0:3c:3b:03:ff:a9:52:59:a8:ba:76:
1a:76:f8:43:81:15:cf:ff:5a:11:b4:22:0d:fa:c6:0a:de:53:
af:b0:57:55:2d:62:f1:2b:90:eb:c1:46:1b:d7:d2:61:8c:02:
1b:32:2d:18:36:39:40:1e:e6:35:1f:51:f3:5b:06:36:42:a2:
67:7e:3b:9d:8c:b6:51:e4:58:25:a9:56:e5:c2:74:d2:12:94:
4e:b1:3b:29:2f:f5:39:db:2e:99:42:b7:29:1b:ac:38:0d:2a:
71:a0:d6:52
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ3/S/2VT7rYJHAUcD0Tj2pfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjYwNTA2MjE1NzQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODNjM2JkZmFkZmU4MWM2NTNlNDE3MTk0Yjc4NzcwZDQyY2UyZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy206u/tjXSHUKjeXCWtNHz4OcLHx
KDH+7KXKY202RqG/OWSbDUmLju2ZW78LeZMRn0Ql2m0/5Me1rINM9Ysji/9J7r4e
nI4Ajl/od0kKRunSMG3XseJoqrk2Xn3qE7I/4iV+IrFkJ4R8sER1V0cuQEbBlF1+
Rn+DS1KW9j0+1FjqBnXaZclf/cEXPY9j8QD+4FgS3LXjBc+DO6VX873KTfOeLlS/
A/usEfMWXevXeCOXdI9GvLMpCdZQPvZuGtdLm/Ufha7+i7Axr6/Ln77pU36XsGIq
/E5BGCOq5I0CH+QMIj4EXl+2kDxuYr52cUXF5foxPBdEeeYAvoobMuMCrwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPg8O9+t/oHGU+QXGUt4dw1Czi8vMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvMS1EdzczNjMtZ2NaVDVCY1pTM2gzRFVMT0x5OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMGQvZGQ4MDk2LTE0Y2MtNDg4ZC05MjU3LWM1MTVmMzU0Y2M1
YS8xL3JRMmtPMHBkUGJlTG9fZDA1Yk1iZHdOeUF0VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0KlDAN
BgkqhkiG9w0BAQsFAAOCAQEAapDF1azAEDuX2WnZlKg61F/ZUc/UmL//zeK9FkHE
5eMiqi1eDyeJ1jbnyNdj7wkuO+Sjydcxw1oz7zNZD7ypmhP5Pzg4pU7Trn3/K8S7
z4Q7jaBHKOaEzQQVOGY1zOvb6ReNUaaZchD/iJNEmFMRO9heFH7ZsuQe4r6yyzz0
5FhP1mTBO2Ub9q4nAvGaRijtzEY8mGxg8vA8OwP/qVJZqLp2Gnb4Q4EVz/9aEbQi
DfrGCt5Tr7BXVS1i8SuQ68FGG9fSYYwCGzItGDY5QB7mNR9R81sGNkKiZ347nYy2
UeRYJalW5cJ00hKUTrE7KS/1OdsumUK3KRusOA0qcaDWUg==
-----END CERTIFICATE-----
Generated at Wed May 13 13:31:56 2026 by rpki-client