Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/iemdBsLuR9lYtZkxhY9k7e-1S-c.roa
File: iemdBsLuR9lYtZkxhY9k7e-1S-c.roa (raw, json)
Hash identifier: fBD3fgwfueYiH5h8baY5Ssk5j3jt2Zr7dLkY47/FOwc=
Subject key identifier: 89:E9:9D:06:C2:EE:47:D9:58:B5:99:31:85:8F:64:ED:EF:B5:4B:E7
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019D73994FCEE7659E97DB693281713F2231
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/iemdBsLuR9lYtZkxhY9k7e-1S-c.roa
Signing time: Thu 09 Apr 2026 18:55:20 +0000
ROA not before: Thu 09 Apr 2026 18:55:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.155.65.0/24 maxlen: 24
195.182.25.0/24 maxlen: 24
2a06:5fc0::/29 maxlen: 29
2a0b:ac00::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3c81::/32 maxlen: 32
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a13:c440::/29 maxlen: 29
2a14:42c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 Apr 2026 16:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:99:4f:ce:e7:65:9e:97:db:69:32:81:71:3f:22:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 9 18:55:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89e99d06c2ee47d958b59931858f64edefb54be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:35:a5:1d:a8:49:4a:4b:f3:2c:44:7a:3d:f4:
62:b0:f9:99:04:43:c9:f3:58:0d:c4:0f:24:0d:68:
fa:8e:fa:d2:09:77:c9:6c:72:6f:aa:83:88:86:b3:
2d:45:7d:ab:33:79:c5:7c:38:f6:5a:92:4c:8c:fa:
6b:22:73:22:57:30:87:2c:d3:47:0c:2b:e0:2b:ca:
8b:61:4b:f2:97:7e:42:7c:39:fb:8d:39:9a:51:30:
66:dc:52:ae:a6:a3:02:2c:98:d5:32:ff:d5:06:d6:
f5:68:9c:1b:90:6a:c5:a6:53:a1:25:11:49:96:d9:
0d:df:d3:c9:d6:ab:9e:76:51:57:c3:de:a2:45:d3:
2c:57:2d:dd:00:68:69:5e:45:37:1b:dc:eb:04:36:
75:cb:93:37:62:90:07:0f:b0:e7:3d:02:9c:2c:a6:
4d:6f:78:08:19:2d:83:be:59:e0:30:eb:60:6c:19:
8c:1b:7e:4c:86:ba:98:7f:18:23:e5:64:1d:d8:b7:
e0:6f:53:b5:6f:6c:42:53:e0:a1:84:51:b7:d5:96:
91:28:86:e2:ab:04:ce:5f:92:18:75:e6:8b:30:82:
b1:0f:db:2a:bb:fc:77:6d:e0:7f:6b:a5:d4:34:b5:
67:68:ec:e3:63:38:d3:10:e2:35:8b:3d:90:f5:51:
6a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E9:9D:06:C2:EE:47:D9:58:B5:99:31:85:8F:64:ED:EF:B5:4B:E7
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/iemdBsLuR9lYtZkxhY9k7e-1S-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.65.0/24
195.182.25.0/24
IPv6:
2a06:5fc0::/29
2a0b:ac00::/29
2a0f:9b40::/29
2a10:3c81::/32
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a13:c440::/29
2a14:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:2d:3f:36:3c:7f:7b:7d:ec:4f:15:15:11:a9:7d:2f:e6:63:
80:5b:7d:4a:d7:bc:de:ff:f9:0c:09:68:f9:3e:83:d9:b3:a9:
62:cc:4a:68:4a:57:2c:02:64:b4:e0:8f:a4:8b:5d:3e:08:ac:
6e:34:15:f7:b7:d1:2c:bc:34:94:e4:8e:7a:4c:ba:25:b4:c6:
39:3f:12:1c:bd:7a:57:f1:a3:53:41:11:09:62:0b:42:95:92:
53:46:33:5e:0c:fb:91:c4:ec:54:43:9d:c4:ac:9e:75:88:db:
bb:63:4e:ab:56:ad:e5:35:05:98:57:ff:9c:b5:61:9d:75:a5:
2a:3e:72:0e:43:a6:14:8d:90:2f:dc:44:81:bd:3b:96:78:82:
a2:f9:4d:17:c9:20:8b:7c:0c:00:d7:16:cb:d8:8e:17:8c:4f:
35:fd:01:2a:37:21:d9:89:9d:c9:44:62:2c:06:4b:00:e0:72:
21:97:8d:03:a8:aa:83:07:7b:10:1f:a8:a8:41:ac:51:e8:ca:
e9:5b:82:e6:0c:5b:50:ca:0a:d5:55:5f:ee:d8:ec:03:16:7b:
10:49:d8:10:82:11:df:4c:b6:2c:0b:5d:0f:c5:12:31:a1:ea:
58:51:a4:db:20:c3:13:04:31:bb:17:6d:3b:00:55:b6:61:f2:
ed:75:8b:78
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1zmU/O52Wel9tpMoFxPyIxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNDA5MTg1NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU5OWQwNmMyZWU0N2Q5NThiNTk5MzE4NThmNjRlZGVmYjU0YmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijWlHahJSkvzLER6PfRisPmZBEPJ
81gNxA8kDWj6jvrSCXfJbHJvqoOIhrMtRX2rM3nFfDj2WpJMjPprInMiVzCHLNNH
DCvgK8qLYUvyl35CfDn7jTmaUTBm3FKupqMCLJjVMv/VBtb1aJwbkGrFplOhJRFJ
ltkN39PJ1quedlFXw96iRdMsVy3dAGhpXkU3G9zrBDZ1y5M3YpAHD7DnPQKcLKZN
b3gIGS2DvlngMOtgbBmMG35MhrqYfxgj5WQd2Lfgb1O1b2xCU+ChhFG31ZaRKIbi
qwTOX5IYdeaLMIKxD9squ/x3beB/a6XUNLVnaOzjYzjTEOI1iz2Q9VFqUQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFInpnQbC7kfZWLWZMYWPZO3vtUvnMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvaWVtZEJzTHVSOWxZdFpreGhZOWs3ZS0xUy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjASBAIAATAMAwQALZtBAwQA
w7YZMEwEAgACMEYDBQMqBl/AAwUDKgusAAMFAyoPm0ADBQAqEDyBAwUDKhO5wAMF
AyoTu0ADBQMqE8JAAwUDKhPDQAMFAyoTxEADBQMqFELAMA0GCSqGSIb3DQEBCwUA
A4IBAQApLT82PH97fexPFRURqX0v5mOAW31K17ze//kMCWj5PoPZs6lizEpoSlcs
AmS04I+ki10+CKxuNBX3t9EsvDSU5I56TLoltMY5PxIcvXpX8aNTQREJYgtClZJT
RjNeDPuRxOxUQ53ErJ51iNu7Y06rVq3lNQWYV/+ctWGddaUqPnIOQ6YUjZAv3ESB
vTuWeIKi+U0XySCLfAwA1xbL2I4XjE81/QEqNyHZiZ3JRGIsBksA4HIhl40DqKqD
B3sQH6ioQaxR6MrpW4LmDFtQygrVVV/u2OwDFnsQSdgQghHfTLYsC10PxRIxoepY
UaTbIMMTBDG7F207AFW2YfLtdYt4
-----END CERTIFICATE-----
Generated at Fri Apr 10 00:46:36 2026 by rpki-client