Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AfT-LYQjAGc7Lg62DwxZ2SD3s9Q.roa
File: AfT-LYQjAGc7Lg62DwxZ2SD3s9Q.roa (raw, json)
Hash identifier: RGYFP3zLv89tZxZiIUuj5CYkTmAb1qTZots7DmeE8b0=
Subject key identifier: 01:F4:FE:2D:84:23:00:67:3B:2E:0E:B6:0F:0C:59:D9:20:F7:B3:D4
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019D532A7BC9FEC72160259FDCCB5FABB9B1
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AfT-LYQjAGc7Lg62DwxZ2SD3s9Q.roa
Signing time: Fri 03 Apr 2026 11:46:26 +0000
ROA not before: Fri 03 Apr 2026 11:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3c81::/32 maxlen: 32
2a13:b9c0::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Apr 2026 19:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:53:2a:7b:c9:fe:c7:21:60:25:9f:dc:cb:5f:ab:b9:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 3 11:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01f4fe2d842300673b2e0eb60f0c59d920f7b3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:19:41:de:c8:37:d1:65:92:12:c8:d4:35:2f:
3c:d4:1c:54:52:7e:22:55:c5:45:88:f0:32:63:4f:
85:6a:35:91:49:54:a4:80:99:b4:85:ac:9c:d6:66:
75:1c:57:9a:b0:e8:2d:2d:49:85:2d:66:d2:0b:ff:
e6:6c:70:ef:20:d9:11:a0:44:33:bb:00:cf:e4:31:
c9:3e:5d:3b:d0:c5:8a:bd:5a:57:be:93:98:ee:98:
d6:de:20:cd:07:f6:98:35:70:e8:da:76:fb:0b:98:
0f:81:89:0e:1a:a1:29:87:6d:c7:4a:8a:83:24:e8:
8f:4d:d9:38:b6:b0:3b:81:fe:29:9d:4e:df:18:50:
91:14:c8:84:ce:87:8a:da:85:2d:a6:e1:ea:25:3e:
d7:6e:56:b9:09:6e:43:aa:33:9b:9f:92:e2:d7:09:
01:3b:93:d4:47:66:1e:72:5c:7b:7f:cf:f1:fb:e0:
e0:00:1c:72:43:87:5c:6b:d5:c2:44:02:6a:76:67:
6a:6d:88:41:b6:17:f7:36:2b:61:8f:94:09:ef:b1:
14:a3:5f:cc:c5:e7:15:2a:69:b6:45:f7:e2:be:0b:
95:39:06:d1:15:c1:48:12:8c:d7:6a:48:81:85:eb:
9e:69:21:44:50:b9:aa:5d:01:a6:3b:e0:6e:03:f2:
a5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F4:FE:2D:84:23:00:67:3B:2E:0E:B6:0F:0C:59:D9:20:F7:B3:D4
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AfT-LYQjAGc7Lg62DwxZ2SD3s9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
IPv6:
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a10:3c81::/32
2a13:b9c0::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
46:37:6d:80:83:e0:0d:48:38:09:16:77:fa:7f:ad:d8:47:88:
5e:d9:b2:ae:74:bc:93:6e:57:b9:83:c7:c9:53:16:05:29:50:
77:e8:fd:af:a6:7f:3d:d3:cb:5c:a8:cc:44:74:b2:87:43:46:
f5:df:a3:3f:79:de:16:84:af:ce:b6:7a:75:04:3a:7d:29:85:
42:66:f1:07:22:40:d5:23:59:61:4d:22:63:6e:64:58:12:49:
bb:3c:96:54:b6:4e:b8:73:1f:b5:21:4f:ed:5e:66:fc:ff:84:
09:e9:4c:5d:73:75:e7:ac:93:ec:74:b4:e8:22:e3:a4:77:1e:
a4:ee:e9:3f:80:66:ca:c4:15:74:40:93:c3:c6:c1:1b:b9:dd:
5a:6e:73:d7:29:ed:a8:0f:02:e4:c5:6b:65:47:83:5f:a6:79:
23:d1:14:f1:83:b5:66:f4:37:c3:48:14:37:08:2a:44:2d:0d:
8d:2a:43:b7:0a:0d:ea:05:42:91:18:08:df:80:74:b9:8c:c5:
3b:0a:cc:58:b3:18:bc:dc:40:61:82:74:0d:a4:d2:a1:b8:07:
06:67:16:3f:4d:1c:6a:07:99:0b:c6:52:41:9f:e1:f7:69:9c:
bb:86:d8:35:82:c9:4a:ff:17:b3:6e:a8:56:e9:f9:2e:b0:f1:
d2:99:af:3f
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZ1TKnvJ/schYCWf3Mtfq7mxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDAzMTE0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY0ZmUyZDg0MjMwMDY3M2IyZTBlYjYwZjBjNTlkOTIwZjdiM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxlB3sg30WWSEsjUNS881BxUUn4i
VcVFiPAyY0+FajWRSVSkgJm0hayc1mZ1HFeasOgtLUmFLWbSC//mbHDvINkRoEQz
uwDP5DHJPl070MWKvVpXvpOY7pjW3iDNB/aYNXDo2nb7C5gPgYkOGqEph23HSoqD
JOiPTdk4trA7gf4pnU7fGFCRFMiEzoeK2oUtpuHqJT7Xbla5CW5DqjObn5Li1wkB
O5PUR2Yeclx7f8/x++DgABxyQ4dca9XCRAJqdmdqbYhBthf3Nithj5QJ77EUo1/M
xecVKmm2RffivguVOQbRFcFIEozXakiBheueaSFEULmqXQGmO+BuA/KlNQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFAH0/i2EIwBnOy4Otg8MWdkg97PUMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQWZULUxZUWpBR2M3TGc2MkR3eFoyU0QzczlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAMBAIAATAGAwQALZtBMEUE
AgACMD8DBQMqBl/AAwUDKgusAAMFAyoPm0ADBQAqEDyBAwUDKhO5wAMFAyoTwkAD
BQMqE8NAAwUDKhPEQAMFAyoUQsAwDQYJKoZIhvcNAQELBQADggEBAEY3bYCD4A1I
OAkWd/p/rdhHiF7Zsq50vJNuV7mDx8lTFgUpUHfo/a+mfz3Ty1yozER0sodDRvXf
oz953haEr862enUEOn0phUJm8QciQNUjWWFNImNuZFgSSbs8llS2TrhzH7UhT+1e
Zvz/hAnpTF1zdeesk+x0tOgi46R3HqTu6T+AZsrEFXRAk8PGwRu53Vpuc9cp7agP
AuTFa2VHg1+meSPRFPGDtWb0N8NIFDcIKkQtDY0qQ7cKDeoFQpEYCN+AdLmMxTsK
zFizGLzcQGGCdA2k0qG4BwZnFj9NHGoHmQvGUkGf4fdpnLuG2DWCyUr/F7NuqFbp
+S6w8dKZrz8=
-----END CERTIFICATE-----
Generated at Sat Apr 4 02:13:47 2026 by rpki-client