Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NF6dgdKT516mcA0uHO-7TRO5NRM.roa
File: NF6dgdKT516mcA0uHO-7TRO5NRM.roa (raw, json)
Hash identifier: 8PstsDOpeupTuDkpawazPqKvOe2Q3pkVyjTgNBc0Cdg=
Subject key identifier: 34:5E:9D:81:D2:93:E7:5E:A6:70:0D:2E:1C:EF:BB:4D:13:B9:35:13
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019D75F0FB4172D740C58BA397E4A631D6C9
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NF6dgdKT516mcA0uHO-7TRO5NRM.roa
Signing time: Fri 10 Apr 2026 05:50:20 +0000
ROA not before: Fri 10 Apr 2026 05:50:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3c81::/32 maxlen: 32
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 05:50:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:75:f0:fb:41:72:d7:40:c5:8b:a3:97:e4:a6:31:d6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 10 05:50:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=345e9d81d293e75ea6700d2e1cefbb4d13b93513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:03:78:51:c1:90:68:46:36:8f:6f:c2:e6:c6:
6d:e5:3b:ce:fb:9c:2c:4a:d1:29:db:e6:7c:7d:69:
d0:99:2f:35:9a:47:33:5f:33:56:66:ac:6f:94:ef:
ae:5c:b8:6c:27:a6:80:01:de:78:48:90:27:cb:1b:
10:4f:66:ad:a8:2e:23:db:e9:e7:b7:ca:0e:ee:d2:
71:d2:7f:52:30:72:0c:f1:0d:41:82:9c:2a:6e:b8:
01:2b:e7:41:47:32:25:23:63:e1:bc:f0:d5:47:d8:
fc:6a:63:09:b4:b0:1f:2b:74:09:8e:ef:9f:08:c1:
aa:9e:a1:fc:3c:57:8b:36:56:68:4c:d8:01:cb:d9:
f4:e8:3b:6d:82:60:b1:e4:48:22:70:9c:0e:e9:82:
e0:01:1d:57:4f:3c:6f:17:06:25:c9:4c:ef:05:f5:
b9:59:67:a9:14:b3:58:6f:53:00:e3:1e:ef:f7:3c:
c9:cb:7a:98:fb:af:d1:56:04:22:f4:a7:58:9c:22:
c2:42:b5:56:49:be:18:a8:80:8b:7a:79:0c:45:00:
52:7b:88:ed:11:bc:64:fc:19:ce:0d:8f:63:a1:09:
5a:17:f5:c4:f1:13:b9:60:f9:cc:89:bb:96:88:34:
3d:04:37:e1:7e:7f:23:e2:f8:5e:a8:07:1b:7b:c1:
c2:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:5E:9D:81:D2:93:E7:5E:A6:70:0D:2E:1C:EF:BB:4D:13:B9:35:13
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/NF6dgdKT516mcA0uHO-7TRO5NRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
IPv6:
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a10:3c81::/32
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:8d:d7:8c:e0:ec:d3:a0:31:fc:4e:08:68:c1:b8:fa:fa:76:
a3:87:74:37:ba:8c:d5:73:db:0d:74:fa:11:10:79:1e:fb:b8:
1d:c8:d8:7c:03:4b:f1:fc:bd:4c:f2:4a:16:06:69:17:69:7b:
99:80:37:46:fb:7f:5d:dc:03:91:9e:00:ad:c5:bf:5d:1a:b8:
b6:bd:58:d1:24:71:32:53:61:a1:a8:5a:ac:af:8a:b2:ff:15:
0f:9d:bb:a0:02:66:d9:21:b9:b4:41:2d:f9:87:fe:61:50:a5:
30:24:d6:0b:79:f3:87:0a:83:8e:ff:30:62:27:72:7c:eb:88:
87:e9:e7:c4:bf:b3:48:57:05:5c:ae:10:2b:43:52:52:0a:97:
03:d8:53:2d:fe:71:ed:7f:c1:ed:50:4e:15:4c:ba:a7:e7:8f:
9b:66:ae:da:59:ce:37:ba:22:b2:c2:8a:55:a6:08:0a:d4:27:
a1:44:b1:ea:5c:eb:f6:c3:7a:19:83:45:73:7a:9e:0a:b9:05:
fa:90:0b:71:e3:21:07:25:d8:a9:ec:08:ee:33:89:bf:c1:c0:
f6:7f:38:30:81:f3:77:e1:74:da:ed:3f:03:6e:54:59:ea:09:
6e:c6:8f:af:65:89:5f:42:2e:ab:8c:4c:d6:9a:ed:02:4d:4d:
2d:1b:62:3c
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZ118PtBctdAxYujl+SmMdbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDEwMDU1MDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDVlOWQ4MWQyOTNlNzVlYTY3MDBkMmUxY2VmYmI0ZDEzYjkzNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgN4UcGQaEY2j2/C5sZt5TvO+5ws
StEp2+Z8fWnQmS81mkczXzNWZqxvlO+uXLhsJ6aAAd54SJAnyxsQT2atqC4j2+nn
t8oO7tJx0n9SMHIM8Q1BgpwqbrgBK+dBRzIlI2PhvPDVR9j8amMJtLAfK3QJju+f
CMGqnqH8PFeLNlZoTNgBy9n06DttgmCx5EgicJwO6YLgAR1XTzxvFwYlyUzvBfW5
WWepFLNYb1MA4x7v9zzJy3qY+6/RVgQi9KdYnCLCQrVWSb4YqICLenkMRQBSe4jt
Ebxk/BnODY9joQlaF/XE8RO5YPnMibuWiDQ9BDfhfn8j4vheqAcbe8HChwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFDRenYHSk+depnANLhzvu00TuTUTMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvTkY2ZGdkS1Q1MTZtY0EwdUhPLTdUUk81TlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDAMBAIAATAGAwQALZtBMEwE
AgACMEYDBQMqBl/AAwUDKgusAAMFAyoPm0ADBQAqEDyBAwUDKhO5wAMFAyoTu0AD
BQMqE8JAAwUDKhPDQAMFAyoTxEADBQMqFELAMA0GCSqGSIb3DQEBCwUAA4IBAQAq
jdeM4OzToDH8Tghowbj6+najh3Q3uozVc9sNdPoREHke+7gdyNh8A0vx/L1M8koW
BmkXaXuZgDdG+39d3AORngCtxb9dGri2vVjRJHEyU2GhqFqsr4qy/xUPnbugAmbZ
Ibm0QS35h/5hUKUwJNYLefOHCoOO/zBiJ3J864iH6efEv7NIVwVcrhArQ1JSCpcD
2FMt/nHtf8HtUE4VTLqn54+bZq7aWc43uiKywopVpggK1CehRLHqXOv2w3oZg0Vz
ep4KuQX6kAtx4yEHJdip7AjuM4m/wcD2fzgwgfN34XTa7T8DblRZ6gluxo+vZYlf
Qi6rjEzWmu0CTU0tG2I8
-----END CERTIFICATE-----
Generated at Fri Apr 10 14:35:54 2026 by rpki-client