Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/HNt1oRAUNNfiw3fq6YP84H081Vs.roa
File: HNt1oRAUNNfiw3fq6YP84H081Vs.roa (raw, json)
Hash identifier: SFlqX2xW+PYEtIISY3E5Wm45Lk5iXTiCKOtVtZqDOOo=
Subject key identifier: 1C:DB:75:A1:10:14:34:D7:E2:C3:77:EA:E9:83:FC:E0:7D:3C:D5:5B
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019EC0A667C3592ED0F49F23E9E8DB83F3C6
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/HNt1oRAUNNfiw3fq6YP84H081Vs.roa
Signing time: Sat 13 Jun 2026 11:03:11 +0000
ROA not before: Sat 13 Jun 2026 11:03:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208185
IP address blocks: 45.143.96.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 20:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c0:a6:67:c3:59:2e:d0:f4:9f:23:e9:e8:db:83:f3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jun 13 11:03:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1cdb75a1101434d7e2c377eae983fce07d3cd55b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1e:7b:13:60:f9:63:33:a2:4c:24:21:1b:24:
77:de:4b:ce:10:7e:4a:f2:44:e0:01:9e:f1:86:52:
95:ad:e0:82:e0:e9:53:b1:24:36:ff:31:f4:a9:12:
ed:ff:8c:7d:f3:00:ec:bc:96:7b:f3:8d:ed:d5:e5:
52:0b:6b:bf:db:8e:17:d4:31:a6:a2:91:10:8b:b6:
32:26:ea:1e:b9:80:ca:26:db:0e:32:11:63:af:e5:
2d:7c:0b:26:fa:ac:f6:59:e7:2d:09:14:6e:1e:71:
be:6c:44:22:c2:fa:f0:64:d1:27:a1:48:37:0b:c6:
6d:43:0d:72:bd:99:12:2c:c1:06:2c:ab:2e:3c:28:
43:1c:e5:5e:04:d4:38:31:b6:16:f3:78:d8:61:07:
7f:2a:f8:5f:06:47:96:40:1a:f4:4b:02:b7:5a:a3:
41:9f:83:84:4e:1e:db:ca:57:bf:d8:d6:df:84:1a:
24:35:8f:67:ed:f7:5a:09:b0:46:bc:c9:a2:41:cc:
3e:01:c2:a2:c9:52:6a:a5:4e:9f:79:a4:b2:9d:83:
98:56:68:c5:99:6a:29:e6:0e:7d:97:f4:17:55:da:
c5:bb:6e:46:64:1a:4b:ff:d0:60:1f:69:8f:a1:1e:
cc:c9:89:9d:c7:a9:96:1f:a9:5e:a2:a9:3b:92:82:
a0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DB:75:A1:10:14:34:D7:E2:C3:77:EA:E9:83:FC:E0:7D:3C:D5:5B
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/HNt1oRAUNNfiw3fq6YP84H081Vs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.96.0/24
185.148.243.0/24
185.169.183.0/24
185.174.23.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:4d:3d:36:f9:e5:4e:04:5b:b4:f2:e9:70:13:19:62:19:50:
29:7c:1b:8e:89:f1:49:e2:82:9f:47:96:04:08:74:97:10:06:
98:92:e2:36:32:5c:d3:59:01:d1:69:65:d7:45:11:32:c1:11:
30:d8:55:8d:34:b1:05:37:e2:b7:d3:fb:7a:86:84:25:cd:74:
12:aa:20:14:60:13:5f:da:88:8e:33:fe:7e:dd:92:04:24:96:
a0:4d:a0:24:c6:1d:84:a1:75:f0:d2:5c:41:10:c9:dd:26:d1:
9b:8c:64:1b:d7:7a:19:55:6d:04:4f:65:b2:d2:d0:8e:b2:1f:
0a:2d:eb:62:52:1d:c7:4d:14:08:e6:a3:9c:74:fe:ce:60:f6:
70:84:de:45:c6:f5:29:9d:7d:1a:6c:50:bc:ac:82:f0:34:ac:
da:10:8b:1b:05:1c:67:fa:f9:a2:30:2b:c9:ad:22:28:6e:ef:
48:72:14:be:fd:58:b8:80:7b:35:ea:b1:c2:3c:d0:22:4a:81:
dd:5e:e0:d7:dd:54:ea:bd:96:97:d9:44:c6:b1:d6:b9:a6:61:
a9:06:8d:c3:1c:53:86:af:64:5e:af:32:4f:88:f8:ec:31:36:
17:41:0c:10:40:9f:e4:94:89:c7:f9:c3:f5:6e:71:bb:96:40:
c1:66:78:54
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7ApmfDWS7Q9J8j6ejbg/PGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjYwNjEzMTEwMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RiNzVhMTEwMTQzNGQ3ZTJjMzc3ZWFlOTgzZmNlMDdkM2NkNTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh57E2D5YzOiTCQhGyR33kvOEH5K
8kTgAZ7xhlKVreCC4OlTsSQ2/zH0qRLt/4x98wDsvJZ7843t1eVSC2u/244X1DGm
opEQi7YyJuoeuYDKJtsOMhFjr+UtfAsm+qz2WectCRRuHnG+bEQiwvrwZNEnoUg3
C8ZtQw1yvZkSLMEGLKsuPChDHOVeBNQ4MbYW83jYYQd/KvhfBkeWQBr0SwK3WqNB
n4OETh7byle/2NbfhBokNY9n7fdaCbBGvMmiQcw+AcKiyVJqpU6feaSynYOYVmjF
mWop5g59l/QXVdrFu25GZBpL/9BgH2mPoR7MyYmdx6mWH6leoqk7koKgeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBzbdaEQFDTX4sN36umD/OB9PNVbMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvSE50MW9SQVVOTmZpdzNmcTZZUDg0SDA4MVZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY9gAwQA
uZTzAwQAuam3AwQAua4XMA0GCSqGSIb3DQEBCwUAA4IBAQC4TT02+eVOBFu08ulw
ExliGVApfBuOifFJ4oKfR5YECHSXEAaYkuI2MlzTWQHRaWXXRREywREw2FWNNLEF
N+K30/t6hoQlzXQSqiAUYBNf2oiOM/5+3ZIEJJagTaAkxh2EoXXw0lxBEMndJtGb
jGQb13oZVW0ET2Wy0tCOsh8KLetiUh3HTRQI5qOcdP7OYPZwhN5FxvUpnX0abFC8
rILwNKzaEIsbBRxn+vmiMCvJrSIobu9IchS+/Vi4gHs16rHCPNAiSoHdXuDX3VTq
vZaX2UTGsda5pmGpBo3DHFOGr2RerzJPiPjsMTYXQQwQQJ/klInH+cP1bnG7lkDB
ZnhU
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:11:20 2026 by rpki-client