Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Sa1EAbX-_eNM7HA6Eqhg-MQziL0.roa
File: Sa1EAbX-_eNM7HA6Eqhg-MQziL0.roa (raw, json)
Hash identifier: ugugyvAQhYaKxQWXy0XQ8z7zxKHBvTh8x2c7pFgoZhg=
Subject key identifier: 49:AD:44:01:B5:FE:FD:E3:4C:EC:70:3A:12:A8:60:F8:C4:33:88:BD
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019E59695BFA2D92E16A1ADE010C47F83131
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Sa1EAbX-_eNM7HA6Eqhg-MQziL0.roa
Signing time: Sun 24 May 2026 09:55:37 +0000
ROA not before: Sun 24 May 2026 09:55:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
193.200.78.0/24 maxlen: 24
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a13:e040::/29 maxlen: 29
2a14:1100::/32 maxlen: 32
2a14:1103::/32 maxlen: 32
2a14:42c0::/29 maxlen: 29
2a14:6a40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 May 2026 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:59:69:5b:fa:2d:92:e1:6a:1a:de:01:0c:47:f8:31:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: May 24 09:55:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=49ad4401b5fefde34cec703a12a860f8c43388bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9c:ea:42:b4:6d:76:1d:a8:ea:84:9e:13:90:
a1:46:8e:34:ca:6a:8a:de:f4:bd:c3:e2:81:0f:bd:
07:48:12:c1:e6:5e:92:42:af:f7:34:ce:65:0f:35:
fb:bd:43:50:b3:a9:e9:00:86:25:e2:e7:17:81:39:
e4:f1:75:e9:5c:89:1b:e7:5e:85:84:3c:0a:4d:c7:
6f:a6:ca:49:4b:d3:fd:fe:be:d4:3f:7b:23:9d:51:
4e:92:4f:68:a9:d8:7c:17:4f:ca:5d:6a:ae:4d:e2:
cc:a3:7c:ad:73:b5:b0:8f:46:cb:59:0f:e8:5c:a1:
86:24:e6:da:b7:fe:61:d8:53:7e:35:93:af:94:76:
89:cd:d3:1f:67:5c:9d:d7:0a:50:02:9c:67:a8:8f:
ce:3e:d9:d6:b3:1e:92:34:e1:a9:2c:ed:c4:5a:5f:
07:c4:89:5e:11:95:b5:bf:88:8d:fc:61:81:7f:b7:
29:6d:53:0e:1f:7c:7c:ed:32:34:66:73:97:81:8b:
2f:51:cf:1e:8c:8f:aa:7a:b1:65:63:ac:88:80:01:
cb:b0:45:2f:9d:95:1a:a6:80:e0:05:d8:6d:49:2f:
3d:68:4a:f3:dc:e3:26:9f:79:7d:2d:8d:e3:69:b9:
04:c1:d5:47:4a:12:23:8a:2d:49:31:ae:72:83:d8:
c4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:AD:44:01:B5:FE:FD:E3:4C:EC:70:3A:12:A8:60:F8:C4:33:88:BD
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/Sa1EAbX-_eNM7HA6Eqhg-MQziL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
193.200.78.0/24
IPv6:
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a13:e040::/29
2a14:1100::/32
2a14:1103::/32
2a14:42c0::/29
2a14:6a40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:9a:c4:6e:16:f0:7c:9f:e1:af:87:32:13:cf:e0:48:1e:26:
91:16:5a:14:ff:e3:b2:86:7f:e5:ed:e1:98:e6:e0:06:e2:9a:
14:7d:f8:20:93:6a:1a:4f:45:cb:42:31:ac:ba:40:d7:0e:3d:
7f:a2:1c:3f:50:6b:2a:68:58:22:dd:b4:f3:f6:86:c5:89:fc:
1d:42:64:5e:9c:a7:2d:43:fe:f7:ce:29:49:70:b5:3a:fa:ec:
0d:b9:cb:da:8b:28:fb:12:d4:dc:91:60:20:94:6c:68:84:7c:
d8:72:75:ed:e3:3f:87:f6:2c:0f:bd:98:1e:fb:a8:4c:5b:ee:
ab:94:7f:30:35:48:0f:19:b2:ff:c9:7b:f6:8d:83:63:d7:cd:
42:98:f4:70:a3:23:58:00:d6:25:6c:11:a9:24:a3:18:fc:8c:
f2:11:86:12:6d:e3:29:17:c2:7e:ab:3e:29:9b:9c:77:e3:5d:
4c:83:65:c1:66:4e:29:d6:0b:29:7d:97:d8:65:93:31:2d:6c:
8a:9e:d3:2a:79:6e:d4:37:38:94:6d:f2:45:ea:e6:73:d9:f1:
3c:45:17:c9:d8:74:05:93:1e:79:91:74:b7:a2:ca:cd:36:46:
41:f3:ba:18:c0:52:08:c2:ef:bb:42:6b:4f:57:83:37:9c:f5:
0e:5a:ff:6a
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZ5ZaVv6LZLhahreAQxH+DExMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNTI0MDk1NTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWFkNDQwMWI1ZmVmZGUzNGNlYzcwM2ExMmE4NjBmOGM0MzM4OGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZzqQrRtdh2o6oSeE5ChRo40ymqK
3vS9w+KBD70HSBLB5l6SQq/3NM5lDzX7vUNQs6npAIYl4ucXgTnk8XXpXIkb516F
hDwKTcdvpspJS9P9/r7UP3sjnVFOkk9oqdh8F0/KXWquTeLMo3ytc7Wwj0bLWQ/o
XKGGJObat/5h2FN+NZOvlHaJzdMfZ1yd1wpQApxnqI/OPtnWsx6SNOGpLO3EWl8H
xIleEZW1v4iN/GGBf7cpbVMOH3x87TI0ZnOXgYsvUc8ejI+qerFlY6yIgAHLsEUv
nZUapoDgBdhtSS89aErz3OMmn3l9LY3jabkEwdVHShIjii1JMa5yg9jE/wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFEmtRAG1/v3jTOxwOhKoYPjEM4i9MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvU2ExRUFiWC1fZU5NN0hBNkVxaGctTVF6aUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwEgQCAAEwDAMEAC2bQQME
AMHITjBhBAIAAjBbAwUDKgZfwAMFAyoLrAADBQMqD5tAAwUDKhO5wAMFAyoTu0AD
BQMqE8JAAwUDKhPDQAMFAyoTxEADBQMqE+BAAwUAKhQRAAMFACoUEQMDBQMqFELA
AwUDKhRqQDANBgkqhkiG9w0BAQsFAAOCAQEAbZrEbhbwfJ/hr4cyE8/gSB4mkRZa
FP/jsoZ/5e3hmObgBuKaFH34IJNqGk9Fy0IxrLpA1w49f6IcP1BrKmhYIt208/aG
xYn8HUJkXpynLUP+984pSXC1OvrsDbnL2oso+xLU3JFgIJRsaIR82HJ17eM/h/Ys
D72YHvuoTFvuq5R/MDVIDxmy/8l79o2DY9fNQpj0cKMjWADWJWwRqSSjGPyM8hGG
Em3jKRfCfqs+KZucd+NdTINlwWZOKdYLKX2X2GWTMS1sip7TKnlu1Dc4lG3yRerm
c9nxPEUXydh0BZMeeZF0t6LKzTZGQfO6GMBSCMLvu0JrT1eDN5z1Dlr/ag==
-----END CERTIFICATE-----
Generated at Tue May 26 02:56:52 2026 by rpki-client