Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AFWjKdPkNfezgdvZsAwWqwtwoG0.roa
File: AFWjKdPkNfezgdvZsAwWqwtwoG0.roa (raw, json)
Hash identifier: 97vWcSD8ddShmKH7OucvGiB+RXsLa0whBx/atGIFFwc=
Subject key identifier: 00:55:A3:29:D3:E4:35:F7:B3:81:DB:D9:B0:0C:16:AB:0B:70:A0:6D
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019DAED375B2C73308C76AC7D5E3775BF986
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AFWjKdPkNfezgdvZsAwWqwtwoG0.roa
Signing time: Tue 21 Apr 2026 06:56:26 +0000
ROA not before: Tue 21 Apr 2026 06:56:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
193.200.78.0/24 maxlen: 24
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3c81::/32 maxlen: 32
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Apr 2026 23:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ae:d3:75:b2:c7:33:08:c7:6a:c7:d5:e3:77:5b:f9:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 21 06:56:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0055a329d3e435f7b381dbd9b00c16ab0b70a06d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:15:dc:df:fd:1e:d5:19:a0:ab:3d:04:38:3e:
6b:13:5a:2c:f8:90:22:56:a6:ab:12:a1:f4:5a:ae:
fd:5e:02:12:d6:9b:4f:18:67:35:c1:33:f4:4a:75:
43:a9:25:6c:0a:45:be:1f:d2:5e:02:aa:c8:16:7e:
36:46:18:76:f3:42:79:ae:57:de:9f:a0:06:12:b9:
a9:06:43:aa:f7:bd:16:6b:be:23:da:97:38:de:da:
80:35:f5:77:cb:7d:ed:24:4e:d8:fa:92:d7:74:1d:
44:44:f6:db:0d:04:59:ad:af:c6:b9:34:0c:dd:50:
5e:42:a3:d2:28:b4:df:2a:3e:c4:9f:e5:c0:70:57:
35:9e:2b:98:a5:7b:71:c3:25:0d:75:87:29:4e:ee:
2d:ce:b7:e7:fc:6c:97:69:b9:1e:fd:c8:29:b0:db:
3c:ac:c0:d0:fa:aa:ef:49:3f:47:af:07:b6:14:9f:
8a:a7:a2:0b:93:e6:c7:7c:e9:d8:28:46:55:b6:25:
14:92:67:94:1f:88:4c:1c:2f:7b:11:18:f1:1c:b5:
15:26:36:ad:01:29:02:82:bc:d2:d0:e0:47:53:1b:
9b:e3:79:60:66:19:d1:7e:48:a1:16:ba:d3:3e:2a:
ed:f8:4a:8d:ef:ac:92:c8:1d:35:fb:2e:d8:c4:97:
79:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:55:A3:29:D3:E4:35:F7:B3:81:DB:D9:B0:0C:16:AB:0B:70:A0:6D
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AFWjKdPkNfezgdvZsAwWqwtwoG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
193.200.78.0/24
IPv6:
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a10:3c81::/32
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:6d:94:81:c4:76:f0:c3:23:5b:2b:80:d9:75:40:4b:b8:aa:
28:44:2b:52:04:8d:ba:3c:8f:3b:d9:bf:67:9e:b5:67:ed:b9:
87:d3:79:5c:9d:cb:22:c0:7d:d6:11:bd:3c:33:9b:ee:49:67:
7f:b8:ca:64:4f:a8:eb:fd:af:f7:4c:23:85:e5:e6:d2:97:0e:
23:0e:c5:8e:6d:cc:21:e3:f2:aa:dd:7c:4f:aa:ee:f6:42:17:
fc:ec:a5:4a:13:2f:0e:f9:26:6c:d5:2d:e5:07:04:b4:c4:05:
0a:8a:70:9f:07:b9:4e:0f:70:29:42:e7:38:e6:8d:36:24:a2:
ad:8a:14:e9:a7:b8:a8:37:2d:33:c3:02:0a:d1:b4:0a:5f:04:
29:76:d1:08:89:7b:fd:1a:a5:d5:72:c1:91:21:c0:ba:b5:a5:
9f:d8:51:49:86:fb:73:a6:19:76:13:db:67:17:ab:77:cc:0e:
e2:4a:5c:af:76:24:de:44:8c:f5:61:e5:5c:cd:14:82:26:ba:
6b:c0:d2:83:26:a7:69:d4:05:2e:6f:7d:cb:74:19:fd:f9:d3:
33:55:79:60:ae:c5:a8:28:7e:bc:60:16:1b:d3:85:31:e5:77:
f9:2a:50:b1:53:f0:ae:51:bc:f8:4b:2b:33:4a:86:40:5e:3a:
97:4c:5e:ff
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ2u03WyxzMIx2rH1eN3W/mGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDIxMDY1NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU1YTMyOWQzZTQzNWY3YjM4MWRiZDliMDBjMTZhYjBiNzBhMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RXc3/0e1Rmgqz0EOD5rE1os+JAi
VqarEqH0Wq79XgIS1ptPGGc1wTP0SnVDqSVsCkW+H9JeAqrIFn42Rhh280J5rlfe
n6AGErmpBkOq970Wa74j2pc43tqANfV3y33tJE7Y+pLXdB1ERPbbDQRZra/GuTQM
3VBeQqPSKLTfKj7En+XAcFc1niuYpXtxwyUNdYcpTu4tzrfn/GyXabke/cgpsNs8
rMDQ+qrvST9Hrwe2FJ+Kp6ILk+bHfOnYKEZVtiUUkmeUH4hMHC97ERjxHLUVJjat
ASkCgrzS0OBHUxub43lgZhnRfkihFrrTPirt+EqN76ySyB01+y7YxJd5FwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFABVoynT5DX3s4Hb2bAMFqsLcKBtMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQUZXaktkUGtOZmV6Z2R2WnNBd1dxd3R3b0cwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjASBAIAATAMAwQALZtBAwQA
wchOMEwEAgACMEYDBQMqBl/AAwUDKgusAAMFAyoPm0ADBQAqEDyBAwUDKhO5wAMF
AyoTu0ADBQMqE8JAAwUDKhPDQAMFAyoTxEADBQMqFELAMA0GCSqGSIb3DQEBCwUA
A4IBAQCgbZSBxHbwwyNbK4DZdUBLuKooRCtSBI26PI872b9nnrVn7bmH03lcncsi
wH3WEb08M5vuSWd/uMpkT6jr/a/3TCOF5ebSlw4jDsWObcwh4/Kq3XxPqu72Qhf8
7KVKEy8O+SZs1S3lBwS0xAUKinCfB7lOD3ApQuc45o02JKKtihTpp7ioNy0zwwIK
0bQKXwQpdtEIiXv9GqXVcsGRIcC6taWf2FFJhvtzphl2E9tnF6t3zA7iSlyvdiTe
RIz1YeVczRSCJrprwNKDJqdp1AUub33LdBn9+dMzVXlgrsWoKH68YBYb04Ux5Xf5
KlCxU/CuUbz4SyszSoZAXjqXTF7/
-----END CERTIFICATE-----
Generated at Thu Apr 23 09:24:22 2026 by rpki-client