Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AvXIT9Y8tXE4T9Bx-8dbpU_Jdrg.roa
File: AvXIT9Y8tXE4T9Bx-8dbpU_Jdrg.roa (raw, json)
Hash identifier: rXCIKo8I79s1nZzvipdYKWY9zLXBydnevsC22/yBkE0=
Subject key identifier: 02:F5:C8:4F:D6:3C:B5:71:38:4F:D0:71:FB:C7:5B:A5:4F:C9:76:B8
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019D11A35408ECEA2C16BF63EDFFEAFD90D3
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AvXIT9Y8tXE4T9Bx-8dbpU_Jdrg.roa
Signing time: Sat 21 Mar 2026 18:23:29 +0000
ROA not before: Sat 21 Mar 2026 18:23:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
2a05:9a40::/29 maxlen: 29
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3c81::/32 maxlen: 32
2a10:3f80::/29 maxlen: 29
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
2a14:62c0::/29 maxlen: 29
2a14:6a40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Mar 2026 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:11:a3:54:08:ec:ea:2c:16:bf:63:ed:ff:ea:fd:90:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 21 18:23:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=02f5c84fd63cb571384fd071fbc75ba54fc976b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:23:21:89:2d:75:7e:fe:16:f5:e5:df:88:
4a:e3:34:e3:9a:5d:f0:0d:36:da:21:0b:00:64:92:
26:d8:c6:e8:18:14:af:b6:b2:de:95:75:56:81:76:
e3:36:94:59:f5:68:48:8f:f2:92:0d:78:6e:4a:61:
3c:da:75:1c:dd:38:91:1d:89:0e:0c:5d:12:8c:1a:
48:2e:c4:3e:59:26:c3:b8:07:d6:18:f8:77:43:e3:
93:e6:a5:e9:c9:e9:21:01:73:4a:d2:0d:fd:05:42:
90:d3:ab:ae:3c:cc:d3:09:9f:e8:72:9a:14:a0:52:
65:c0:fc:3a:27:2a:1d:4f:13:c7:4b:13:d7:ac:22:
94:53:06:e4:b4:c6:6a:6a:b6:c8:1b:0d:68:c6:9b:
6c:17:e7:ba:9b:a5:ea:bd:3d:e6:73:bf:9b:ca:e5:
ff:57:0c:ab:00:6d:02:f3:30:98:39:31:b1:3d:9a:
fc:ed:1c:f1:28:8e:40:a3:79:fc:f8:0a:e0:87:bf:
ff:1d:f6:37:51:90:8d:1d:49:31:1d:a0:ac:1f:0c:
44:a5:26:73:5e:0d:30:37:d5:ff:d3:f5:6d:a9:ce:
5d:f0:2d:4c:17:73:5e:26:fa:8b:99:ed:a4:7f:e6:
80:ec:47:b7:79:2b:d2:0c:5a:57:f9:a0:31:19:5a:
28:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F5:C8:4F:D6:3C:B5:71:38:4F:D0:71:FB:C7:5B:A5:4F:C9:76:B8
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/AvXIT9Y8tXE4T9Bx-8dbpU_Jdrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
IPv6:
2a05:9a40::/29
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a10:3c81::/32
2a10:3f80::/29
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a14:42c0::/29
2a14:62c0::/29
2a14:6a40::/32
Signature Algorithm: sha256WithRSAEncryption
de:ce:f1:a7:1b:fc:64:4b:b7:22:80:7c:4b:b9:f9:cb:6a:fb:
c9:07:77:ef:01:a2:70:a0:ca:db:8d:17:94:2d:df:09:18:b3:
53:ce:a9:b1:41:11:62:8b:b5:9a:1c:c5:b4:a4:92:ec:19:e1:
98:4c:c3:3d:3a:9c:6e:f3:1f:82:fe:0c:f6:34:30:72:1a:48:
3c:16:00:38:2d:3a:d8:12:52:48:e5:47:0d:d2:ce:62:f9:ad:
72:c4:be:8f:56:a8:ab:1c:2c:65:48:07:32:99:3f:1f:64:53:
37:d0:ea:4a:e7:4c:46:32:17:f5:dd:7b:02:b8:18:7e:3e:2b:
0c:9c:96:1b:95:e2:0e:f4:25:be:fb:73:88:72:22:9b:e6:bf:
ac:88:9f:1a:6a:a7:e1:4d:1f:cf:c7:95:16:c7:ea:ac:b2:0a:
b0:5e:9e:99:05:61:23:5f:ab:f4:a7:69:4c:28:ff:b6:e6:d1:
57:cd:97:0d:33:23:56:29:24:ef:79:93:35:72:54:d8:78:d4:
1b:2c:e8:f6:fd:bf:85:4d:e5:02:8c:b6:6b:45:76:a1:46:4f:
55:48:d0:51:e5:ce:36:bc:b1:a9:5e:1b:0d:b3:a3:09:7e:87:
c2:0b:83:79:ae:5c:2c:99:ae:84:f5:f7:fd:74:4c:1d:f8:79:
3f:89:45:e8
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZ0Ro1QI7OosFr9j7f/q/ZDTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwMzIxMTgyMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmY1Yzg0ZmQ2M2NiNTcxMzg0ZmQwNzFmYmM3NWJhNTRmYzk3NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHwjIYktdX7+FvXl34hK4zTjml3w
DTbaIQsAZJIm2MboGBSvtrLelXVWgXbjNpRZ9WhIj/KSDXhuSmE82nUc3TiRHYkO
DF0SjBpILsQ+WSbDuAfWGPh3Q+OT5qXpyekhAXNK0g39BUKQ06uuPMzTCZ/ocpoU
oFJlwPw6JyodTxPHSxPXrCKUUwbktMZqarbIGw1oxptsF+e6m6XqvT3mc7+byuX/
VwyrAG0C8zCYOTGxPZr87RzxKI5Ao3n8+Argh7//HfY3UZCNHUkxHaCsHwxEpSZz
Xg0wN9X/0/Vtqc5d8C1MF3NeJvqLme2kf+aA7Ee3eSvSDFpX+aAxGVoo7QIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFAL1yE/WPLVxOE/QcfvHW6VPyXa4MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvQXZYSVQ5WTh0WEU0VDlCeC04ZGJwVV9KZHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwDAQCAAEwBgMEAC2bQTBo
BAIAAjBiAwUDKgWaQAMFAyoGX8ADBQMqC6wAAwUDKg+bQAMFACoQPIEDBQMqED+A
AwUDKhO5wAMFAyoTu0ADBQMqE8JAAwUDKhPDQAMFAyoTxEADBQMqFELAAwUDKhRi
wAMFACoUakAwDQYJKoZIhvcNAQELBQADggEBAN7O8acb/GRLtyKAfEu5+ctq+8kH
d+8BonCgytuNF5Qt3wkYs1POqbFBEWKLtZocxbSkkuwZ4ZhMwz06nG7zH4L+DPY0
MHIaSDwWADgtOtgSUkjlRw3SzmL5rXLEvo9WqKscLGVIBzKZPx9kUzfQ6krnTEYy
F/XdewK4GH4+KwyclhuV4g70Jb77c4hyIpvmv6yInxpqp+FNH8/HlRbH6qyyCrBe
npkFYSNfq/SnaUwo/7bm0VfNlw0zI1YpJO95kzVyVNh41Bss6Pb9v4VN5QKMtmtF
dqFGT1VI0FHlzja8saleGw2zowl+h8ILg3muXCyZroT19/10TB34eT+JReg=
-----END CERTIFICATE-----
Generated at Sun Mar 22 19:33:10 2026 by rpki-client