Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/JhKTt4vHe2Da6Kx5S6KE0aGaD54.roa
File: JhKTt4vHe2Da6Kx5S6KE0aGaD54.roa (raw, json)
Hash identifier: nw0ozHE1LZlyAK+hkXXsJOHymcfFOhmuSyMz6eBbqyE=
Subject key identifier: 26:12:93:B7:8B:C7:7B:60:DA:E8:AC:79:4B:A2:84:D1:A1:9A:0F:9E
Certificate issuer: /CN=411a2a9405bda1671c10776f4426273c904e4ad0
Certificate serial: 019CF7B6AB7171187BDD6E7952BE4BAEF7A7
Authority key identifier: 41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/JhKTt4vHe2Da6Kx5S6KE0aGaD54.roa
Signing time: Mon 16 Mar 2026 17:34:29 +0000
ROA not before: Mon 16 Mar 2026 17:34:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208166
IP address blocks: 45.11.254.0/24 maxlen: 24
45.11.255.0/24 maxlen: 24
2a13:41c3::/32 maxlen: 32
2a13:41c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f7:b6:ab:71:71:18:7b:dd:6e:79:52:be:4b:ae:f7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411a2a9405bda1671c10776f4426273c904e4ad0
Validity
Not Before: Mar 16 17:34:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=261293b78bc77b60dae8ac794ba284d1a19a0f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:d2:64:72:8c:49:d3:c2:63:4b:34:ee:14:a2:
3a:cb:06:99:e6:a5:ac:3e:93:77:8e:f6:3d:70:5b:
80:e8:bd:29:4f:c9:c8:1f:f4:80:1f:b1:67:0b:b9:
50:98:d2:2a:32:80:78:65:94:b7:1a:53:1b:0b:2c:
be:c5:be:62:7c:a9:ee:de:c6:97:fc:77:e8:ab:e5:
15:86:f0:c3:3b:45:ca:9e:72:e7:6b:4a:b2:54:fd:
0f:31:26:13:47:5f:19:74:1e:a0:e1:f8:7a:3f:17:
f4:e7:2d:37:45:68:a7:06:21:5f:3c:e9:89:0f:9b:
38:86:a5:01:48:10:8e:4a:e8:db:ca:c3:75:40:b7:
08:db:d4:50:e8:07:d7:c8:2d:f9:53:80:c6:b4:13:
d2:c5:77:03:b7:97:10:7a:51:89:3b:aa:78:5f:72:
c3:ca:dc:75:0a:73:df:c7:42:21:ed:b2:e2:73:3c:
90:d3:bd:69:24:b3:22:2b:60:a3:67:5e:6c:b3:0e:
27:f1:75:45:64:63:c1:9e:0e:ed:2f:d8:49:82:73:
ee:64:46:fd:50:40:21:3c:c1:55:3f:25:10:ba:5c:
6c:5d:b5:1a:6f:c4:c2:d7:eb:ca:7f:44:2e:22:ce:
66:ae:d2:a5:df:3c:9a:e3:a5:4a:66:67:98:83:f1:
86:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:12:93:B7:8B:C7:7B:60:DA:E8:AC:79:4B:A2:84:D1:A1:9A:0F:9E
X509v3 Authority Key Identifier:
keyid:41:1A:2A:94:05:BD:A1:67:1C:10:77:6F:44:26:27:3C:90:4E:4A:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QRoqlAW9oWccEHdvRCYnPJBOStA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/JhKTt4vHe2Da6Kx5S6KE0aGaD54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/fe6870-0990-4c21-9e4d-8c52e666a8a2/1/QRoqlAW9oWccEHdvRCYnPJBOStA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.254.0/23
IPv6:
2a13:41c3::-2a13:41c4:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:2b:ae:a6:a5:89:12:7d:a4:ff:92:d6:47:de:23:42:ca:7f:
8a:39:78:09:d9:7a:f7:53:33:d3:56:21:e8:86:67:dd:21:43:
f2:86:f0:6e:52:ca:e3:fb:b3:d7:39:6d:8e:fe:e5:da:09:62:
75:91:17:d3:3a:b1:21:cd:ab:e8:40:86:2c:62:3d:19:06:fb:
16:ee:90:ca:33:53:02:11:c6:db:25:98:0e:f2:22:fc:8a:65:
cf:fa:9b:26:f6:44:ed:01:e0:f6:2a:e6:4c:f6:33:05:79:45:
b8:83:14:16:57:57:7e:8c:f5:0b:13:c2:17:55:82:28:6e:ee:
7d:63:b5:35:72:c6:21:e7:3f:d4:d9:57:bc:b0:74:62:d2:f3:
84:82:c2:d8:ed:99:6f:e9:29:dc:4f:61:03:17:7c:73:38:a8:
fa:bb:39:d6:8b:c9:b1:55:cf:48:cc:cf:17:ec:7f:1b:b0:7a:
7b:0d:e0:ac:7f:b7:d1:85:82:28:fb:4c:39:61:31:a4:ff:2b:
71:81:7a:64:8e:5f:89:b5:f4:bc:12:98:7d:41:e9:4b:e6:5c:
c0:a0:7c:ae:79:e0:d9:ff:42:f3:b4:25:4b:b8:bf:fe:a5:8b:
1b:5c:0a:67:9f:aa:98:f6:d6:46:93:6a:2b:c1:81:0c:40:52:
c4:58:c0:4e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZz3tqtxcRh73W55Ur5LrvenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWEyYTk0MDViZGExNjcxYzEwNzc2ZjQ0MjYyNzNjOTA0
ZTRhZDAwHhcNMjYwMzE2MTczNDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjEyOTNiNzhiYzc3YjYwZGFlOGFjNzk0YmEyODRkMWExOWEwZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5dJkcoxJ08JjSzTuFKI6ywaZ5qWs
PpN3jvY9cFuA6L0pT8nIH/SAH7FnC7lQmNIqMoB4ZZS3GlMbCyy+xb5ifKnu3saX
/Hfoq+UVhvDDO0XKnnLna0qyVP0PMSYTR18ZdB6g4fh6Pxf05y03RWinBiFfPOmJ
D5s4hqUBSBCOSujbysN1QLcI29RQ6AfXyC35U4DGtBPSxXcDt5cQelGJO6p4X3LD
ytx1CnPfx0Ih7bLiczyQ071pJLMiK2CjZ15ssw4n8XVFZGPBng7tL9hJgnPuZEb9
UEAhPMFVPyUQulxsXbUab8TC1+vKf0QuIs5mrtKl3zya46VKZmeYg/GG3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCYSk7eLx3tg2uiseUuihNGhmg+eMB8GA1UdIwQY
MBaAFEEaKpQFvaFnHBB3b0QmJzyQTkrQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQt
OGM1MmU2NjZhOGEyLzEvSmhLVHQ0dkhlMkRhNkt4NVM2S0UwYUdhRDU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9mZTY4NzAtMDk5MC00YzIxLTllNGQtOGM1MmU2NjZhOGEy
LzEvUVJvcWxBVzlvV2NjRUhkdlJDWW5QSkJPU3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQBLQv+MBYE
AgACMBAwDgMFACoTQcMDBQAqE0HEMA0GCSqGSIb3DQEBCwUAA4IBAQBEK66mpYkS
faT/ktZH3iNCyn+KOXgJ2Xr3UzPTViHohmfdIUPyhvBuUsrj+7PXOW2O/uXaCWJ1
kRfTOrEhzavoQIYsYj0ZBvsW7pDKM1MCEcbbJZgO8iL8imXP+psm9kTtAeD2KuZM
9jMFeUW4gxQWV1d+jPULE8IXVYIobu59Y7U1csYh5z/U2Ve8sHRi0vOEgsLY7Zlv
6SncT2EDF3xzOKj6uznWi8mxVc9IzM8X7H8bsHp7DeCsf7fRhYIo+0w5YTGk/ytx
gXpkjl+JtfS8Eph9QelL5lzAoHyueeDZ/0LztCVLuL/+pYsbXApnn6qY9tZGk2or
wYEMQFLEWMBO
-----END CERTIFICATE-----
Generated at Thu Mar 19 15:44:59 2026 by rpki-client