Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/1-slrJI7IrkjucojDL3PSM-QhQn8.roa
File: 1-slrJI7IrkjucojDL3PSM-QhQn8.roa (raw, json)
Hash identifier: xzBm5rmTZ/YhoTedM66on08Pubr3LWJMwPe9XwQcqH8=
Subject key identifier: FA:C9:6B:24:8E:C8:AE:48:EE:72:88:C3:2F:73:D2:33:E4:21:42:7F
Certificate issuer: /CN=65ea93d88a202d51d34d2a903597e76b8f17f0ea
Certificate serial: 019DDA259454D997FED590A519A539F95400
Authority key identifier: 65:EA:93:D8:8A:20:2D:51:D3:4D:2A:90:35:97:E7:6B:8F:17:F0:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/1-slrJI7IrkjucojDL3PSM-QhQn8.roa
Signing time: Wed 29 Apr 2026 16:49:49 +0000
ROA not before: Wed 29 Apr 2026 16:49:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203273
IP address blocks: 213.165.45.0/24 maxlen: 24
213.165.47.0/24 maxlen: 24
213.165.50.0/24 maxlen: 24
213.165.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 13:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:da:25:94:54:d9:97:fe:d5:90:a5:19:a5:39:f9:54:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ea93d88a202d51d34d2a903597e76b8f17f0ea
Validity
Not Before: Apr 29 16:49:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fac96b248ec8ae48ee7288c32f73d233e421427f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:2b:d2:c5:77:f4:0b:1f:b4:59:08:97:e4:d1:
15:6c:bd:b4:29:07:04:39:85:da:79:ad:15:51:c7:
b3:8f:8b:19:58:12:73:8e:05:76:bb:91:2d:9c:e1:
ca:9a:c8:6d:5b:b3:03:74:24:8a:a6:f5:70:b6:6d:
68:d5:ce:4c:bc:bd:1a:35:e2:c6:0c:3e:ff:78:3c:
ec:0e:37:7a:03:1d:b6:ae:58:e7:00:2e:25:06:0d:
62:d3:40:17:a9:24:e6:ab:52:57:a8:29:79:9e:5c:
d5:38:67:3d:13:d5:d4:04:87:e3:86:25:51:62:e4:
e1:9f:ba:84:73:36:6c:be:97:f1:54:69:28:20:ac:
44:29:e3:36:b1:64:a1:8f:da:c6:0d:36:9e:12:ee:
cd:87:09:ee:fa:4c:8d:4a:c0:10:94:72:c3:f0:3b:
bc:94:82:7c:4e:0f:ae:fe:b6:d9:0e:fd:78:e6:d0:
2a:5f:f1:60:68:72:ef:72:9f:f6:6f:72:4f:0d:1c:
04:0e:8d:c4:25:c1:59:e2:c5:26:a6:da:a7:11:eb:
6e:65:68:8c:e8:c5:88:76:18:68:74:fd:9c:72:75:
e2:5c:c3:44:12:64:f6:f7:00:a6:22:6f:87:ad:f1:
65:48:81:fc:2b:b5:e3:4f:3a:ba:76:2c:20:ad:88:
5c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:C9:6B:24:8E:C8:AE:48:EE:72:88:C3:2F:73:D2:33:E4:21:42:7F
X509v3 Authority Key Identifier:
keyid:65:EA:93:D8:8A:20:2D:51:D3:4D:2A:90:35:97:E7:6B:8F:17:F0:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZeqT2IogLVHTTSqQNZfna48X8Oo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/1-slrJI7IrkjucojDL3PSM-QhQn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/54eac0-71fd-46e9-9e1b-ce1bba691b37/1/ZeqT2IogLVHTTSqQNZfna48X8Oo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.165.45.0/24
213.165.47.0/24
213.165.50.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:60:52:78:a0:ef:42:b1:52:e8:5e:0e:3b:ba:33:7d:56:ca:
2d:fa:0f:da:53:af:14:ae:09:b0:c8:e0:25:93:5a:8a:9f:cd:
32:6f:6e:ba:44:6a:c5:c8:a1:ae:2c:f6:78:26:26:96:11:36:
73:09:5f:e5:35:57:dd:94:1f:d2:a6:be:56:4e:07:96:ba:d9:
59:ca:a7:53:23:c1:4c:29:4d:b6:53:e6:20:1a:41:8b:f7:19:
3d:2c:8d:8a:9c:12:b0:c6:21:a2:bb:a3:3c:ef:0d:21:73:5c:
35:c1:92:40:58:00:20:c0:f0:04:07:ae:be:ec:e2:56:4e:2c:
a4:8c:15:69:c6:2a:8d:60:a6:21:d4:2c:05:1c:db:c6:fb:2a:
a6:91:04:2b:7c:08:b5:3a:54:b5:37:77:e9:2d:bf:24:e2:ed:
43:39:c9:be:31:27:61:f7:c2:86:17:bb:f5:03:9e:27:95:44:
2b:8b:3c:8c:41:41:b8:4b:ec:9b:e7:0d:1c:9b:bb:dd:5e:e0:
eb:b1:b7:1e:54:4e:64:76:d3:72:d2:bc:b6:eb:2e:d1:31:f2:
26:7f:8c:cf:d6:2f:fd:35:8a:35:10:7a:9f:8b:d7:8e:fb:39:
85:e8:a3:d3:6b:1a:00:e8:28:88:0c:63:70:5e:a4:eb:50:82:
ba:d6:53:b0
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZ3aJZRU2Zf+1ZClGaU5+VQAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZWE5M2Q4OGEyMDJkNTFkMzRkMmE5MDM1OTdlNzZiOGYx
N2YwZWEwHhcNMjYwNDI5MTY0OTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWM5NmIyNDhlYzhhZTQ4ZWU3Mjg4YzMyZjczZDIzM2U0MjE0MjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyvSxXf0Cx+0WQiX5NEVbL20KQcE
OYXaea0VUcezj4sZWBJzjgV2u5EtnOHKmshtW7MDdCSKpvVwtm1o1c5MvL0aNeLG
DD7/eDzsDjd6Ax22rljnAC4lBg1i00AXqSTmq1JXqCl5nlzVOGc9E9XUBIfjhiVR
YuThn7qEczZsvpfxVGkoIKxEKeM2sWShj9rGDTaeEu7Nhwnu+kyNSsAQlHLD8Du8
lIJ8Tg+u/rbZDv145tAqX/FgaHLvcp/2b3JPDRwEDo3EJcFZ4sUmptqnEetuZWiM
6MWIdhhodP2ccnXiXMNEEmT29wCmIm+HrfFlSIH8K7XjTzq6diwgrYhcpwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPrJaySOyK5I7nKIwy9z0jPkIUJ/MB8GA1UdIwQY
MBaAFGXqk9iKIC1R000qkDWX52uPF/DqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmVxVDJJb2dMVkhUVFNxUU5aZm5hNDhYOE9vLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC81NGVhYzAtNzFmZC00NmU5LTllMWIt
Y2UxYmJhNjkxYjM3LzEvMS1zbHJKSTdJcmtqdWNvakRMM1BTTS1RaFFuOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvNTRlYWMwLTcxZmQtNDZlOS05ZTFiLWNlMWJiYTY5MWIz
Ny8xL1plcVQySW9nTFZIVFRTcVFOWmZuYTQ4WDhPby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEANWlLQME
ANWlLwMEAdWlMjANBgkqhkiG9w0BAQsFAAOCAQEADWBSeKDvQrFS6F4OO7ozfVbK
LfoP2lOvFK4JsMjgJZNaip/NMm9uukRqxcihriz2eCYmlhE2cwlf5TVX3ZQf0qa+
Vk4HlrrZWcqnUyPBTClNtlPmIBpBi/cZPSyNipwSsMYhorujPO8NIXNcNcGSQFgA
IMDwBAeuvuziVk4spIwVacYqjWCmIdQsBRzbxvsqppEEK3wItTpUtTd36S2/JOLt
QznJvjEnYffChhe79QOeJ5VEK4s8jEFBuEvsm+cNHJu73V7g67G3HlROZHbTctK8
tusu0THyJn+Mz9Yv/TWKNRB6n4vXjvs5heij02saAOgoiAxjcF6k61CCutZTsA==
-----END CERTIFICATE-----
Generated at Tue May 5 21:21:09 2026 by rpki-client