Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/sToIQnAaao5tX5xyT-pBoVvqNq8.roa
File: sToIQnAaao5tX5xyT-pBoVvqNq8.roa (raw, json)
Hash identifier: eUal8QI07YfimPVkfYVOJtp6atmpxxAg9zeCVlCvaKY=
Subject key identifier: B1:3A:08:42:70:1A:6A:8E:6D:5F:9C:72:4F:EA:41:A1:5B:EA:36:AF
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 019E6E256EF487DBB26684335648CE485507
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/sToIQnAaao5tX5xyT-pBoVvqNq8.roa
Signing time: Thu 28 May 2026 10:33:27 +0000
ROA not before: Thu 28 May 2026 10:33:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16321
IP address blocks: 45.156.212.0/22 maxlen: 22
146.185.200.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:25:6e:f4:87:db:b2:66:84:33:56:48:ce:48:55:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: May 28 10:33:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b13a0842701a6a8e6d5f9c724fea41a15bea36af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c4:dc:8d:a5:45:ef:70:90:0a:80:95:aa:51:
db:36:2c:be:51:4b:67:dd:15:41:9f:29:49:d9:86:
ab:36:fd:87:d3:6a:2b:df:55:fc:33:6c:cd:9b:03:
a4:41:b8:10:cd:19:ed:c4:aa:ff:b5:91:4d:8a:2b:
e8:c7:bf:5e:4b:c6:ae:fd:d8:1f:07:1f:0d:dd:6d:
73:87:99:18:d1:7f:03:75:13:b4:0e:e1:be:c6:82:
6e:d0:06:f3:21:c3:d0:4a:39:6a:4e:0a:ba:a4:ab:
96:de:b1:ee:49:a8:2f:62:43:7c:d6:56:15:8b:4a:
22:7d:be:64:41:7c:47:c4:24:2c:13:ce:f6:18:a4:
be:a8:59:f7:a9:3a:cf:ee:99:6b:0f:aa:9d:14:cc:
f6:2a:ec:6e:fa:10:dd:ab:13:32:fa:79:fe:d6:78:
21:ba:ca:15:db:e7:2e:c0:17:5f:30:d6:b9:9a:37:
6b:94:42:e3:bf:ae:12:90:60:47:75:69:7c:09:5d:
d2:1d:2a:f9:a5:72:cd:26:4d:b5:2c:06:de:85:ee:
48:4e:1e:d5:cb:7b:a3:5b:3a:db:94:a5:01:89:b1:
18:dc:15:4c:48:2e:41:f0:08:33:a0:dd:63:42:f5:
c7:df:08:34:b5:b1:5b:8a:0c:85:1e:2c:46:d9:21:
00:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:3A:08:42:70:1A:6A:8E:6D:5F:9C:72:4F:EA:41:A1:5B:EA:36:AF
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/sToIQnAaao5tX5xyT-pBoVvqNq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.212.0/22
146.185.200.0/22
Signature Algorithm: sha256WithRSAEncryption
29:35:02:5e:d4:f7:0f:fe:16:bf:ba:c7:0b:3c:d1:af:95:12:
f4:8b:5e:03:5c:ca:dd:64:f0:cf:87:d1:2c:f6:d3:81:42:20:
bc:df:58:2e:6c:81:d7:64:26:5f:07:41:2b:47:de:84:9b:a5:
58:de:63:c8:19:55:31:b2:7f:b6:91:28:32:f8:27:be:59:4d:
7e:e7:2c:5b:b1:0b:bd:3b:4e:f6:cc:43:a6:35:8f:cb:e0:ce:
7c:51:97:36:be:ac:b9:19:99:41:bb:7f:da:25:53:39:f7:6e:
bb:4e:d4:bd:a8:8b:aa:33:21:d2:47:31:82:d4:41:d0:cd:cf:
ac:e8:82:14:18:87:f9:1a:98:e5:44:c6:97:53:12:7e:d6:4a:
85:e7:52:a1:1a:31:12:c4:33:d9:1e:1c:02:2e:2e:3c:7f:ae:
30:9a:a9:9e:08:4a:0c:b1:dd:2b:87:f1:61:68:6e:0d:6b:1c:
68:b3:a6:ad:ea:b2:0c:0d:3c:96:b8:11:31:35:83:81:8b:c5:
a3:fb:ec:8e:dd:97:29:f7:e1:98:74:91:c9:6e:1c:d1:e7:7a:
e2:12:58:61:84:cb:6c:71:94:2f:0f:ce:9d:58:f5:58:a4:66:
1f:4b:cb:2e:dc:f5:40:cf:97:1d:53:59:e4:b3:38:f1:2c:e1:
58:d0:c9:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ5uJW70h9uyZoQzVkjOSFUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjYwNTI4MTAzMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTNhMDg0MjcwMWE2YThlNmQ1ZjljNzI0ZmVhNDFhMTViZWEzNmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMTcjaVF73CQCoCVqlHbNiy+UUtn
3RVBnylJ2YarNv2H02or31X8M2zNmwOkQbgQzRntxKr/tZFNiivox79eS8au/dgf
Bx8N3W1zh5kY0X8DdRO0DuG+xoJu0AbzIcPQSjlqTgq6pKuW3rHuSagvYkN81lYV
i0oifb5kQXxHxCQsE872GKS+qFn3qTrP7plrD6qdFMz2Kuxu+hDdqxMy+nn+1ngh
usoV2+cuwBdfMNa5mjdrlELjv64SkGBHdWl8CV3SHSr5pXLNJk21LAbehe5ITh7V
y3ujWzrblKUBibEY3BVMSC5B8AgzoN1jQvXH3wg0tbFbigyFHixG2SEAOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLE6CEJwGmqObV+cck/qQaFb6javMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvc1RvSVFuQWFhbzV0WDV4eVQtcEJvVnZxTnE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZzUAwQC
krnIMA0GCSqGSIb3DQEBCwUAA4IBAQApNQJe1PcP/ha/uscLPNGvlRL0i14DXMrd
ZPDPh9Es9tOBQiC831gubIHXZCZfB0ErR96Em6VY3mPIGVUxsn+2kSgy+Ce+WU1+
5yxbsQu9O072zEOmNY/L4M58UZc2vqy5GZlBu3/aJVM59267TtS9qIuqMyHSRzGC
1EHQzc+s6IIUGIf5GpjlRMaXUxJ+1kqF51KhGjESxDPZHhwCLi48f64wmqmeCEoM
sd0rh/FhaG4Naxxos6at6rIMDTyWuBExNYOBi8Wj++yO3Zcp9+GYdJHJbhzR53ri
ElhhhMtscZQvD86dWPVYpGYfS8su3PVAz5cdU1nkszjxLOFY0Mlq
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:39:49 2026 by rpki-client