Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/KIPpQmRa69IdJOi-hDWsHY9YXw4.roa
File: KIPpQmRa69IdJOi-hDWsHY9YXw4.roa (raw, json)
Hash identifier: 2H/nX1w2BqSiIXvZ9fPfTMQGC4+u7EMjGpsxXM3oTqY=
Subject key identifier: 28:83:E9:42:64:5A:EB:D2:1D:24:E8:BE:84:35:AC:1D:8F:58:5F:0E
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E26FB7F4B7F35EC08C1AB464BDCC76502
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/KIPpQmRa69IdJOi-hDWsHY9YXw4.roa
Signing time: Thu 14 May 2026 14:54:36 +0000
ROA not before: Thu 14 May 2026 14:54:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 80.174.0.0/19 maxlen: 19
80.174.32.0/19 maxlen: 19
80.174.108.0/23 maxlen: 23
80.174.113.0/24 maxlen: 24
80.174.117.0/24 maxlen: 24
80.174.121.0/24 maxlen: 24
80.174.122.0/24 maxlen: 24
80.174.124.0/24 maxlen: 24
80.174.125.0/24 maxlen: 24
80.174.126.0/24 maxlen: 24
80.174.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 00:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:26:fb:7f:4b:7f:35:ec:08:c1:ab:46:4b:dc:c7:65:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 14 14:54:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2883e942645aebd21d24e8be8435ac1d8f585f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:b6:1f:0a:71:31:7e:72:49:c1:a3:47:f8:
9b:2f:0a:1f:95:96:25:99:4f:f9:82:08:c4:8b:64:
9f:18:64:c6:2d:4f:d9:a2:cb:57:f5:be:96:ac:30:
83:a6:62:8b:03:f1:ef:ee:53:0a:27:0c:fc:27:e9:
7b:aa:d0:75:ae:23:72:f1:11:24:46:e6:53:7e:62:
40:a5:f3:7e:43:51:0c:7b:bb:9e:05:cd:c4:73:35:
1f:da:13:07:93:86:37:f8:2e:42:da:38:a2:a5:4f:
13:44:ae:fa:25:f9:aa:41:06:fe:70:0b:47:ca:ed:
ad:67:a0:52:42:74:72:c2:72:f3:36:e8:ca:a5:2e:
1b:4b:ef:fe:94:58:5e:2c:f3:d8:86:c1:43:d7:5a:
73:fc:a8:96:fd:36:db:1e:ff:fd:7d:b1:cb:d6:b8:
c3:ae:2d:a2:97:1c:91:b1:87:74:b9:a2:4a:10:76:
d8:11:90:0f:6d:a9:a8:18:f4:a0:be:4a:44:15:b5:
15:14:0d:0f:f5:cd:fd:f5:4a:33:6b:98:6e:94:21:
f6:3b:55:7c:21:1b:2c:a8:95:e7:b5:22:69:47:75:
82:0f:44:38:6d:dc:6d:90:23:40:7d:56:98:20:ea:
da:a8:8e:a1:3d:a3:c1:69:e1:84:17:9e:d5:39:fb:
e1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:83:E9:42:64:5A:EB:D2:1D:24:E8:BE:84:35:AC:1D:8F:58:5F:0E
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/KIPpQmRa69IdJOi-hDWsHY9YXw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.0.0/18
80.174.108.0/23
80.174.113.0/24
80.174.117.0/24
80.174.121.0-80.174.122.255
80.174.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:c2:f1:34:d5:fa:9a:a6:63:7e:6f:28:04:33:19:81:77:12:
13:40:7e:4b:1f:6a:a7:82:91:d4:f1:85:3a:ad:74:02:4c:17:
5f:c7:9e:48:00:f5:ff:bf:95:47:3d:a2:f1:c0:5d:51:3d:d6:
02:4c:bd:4a:0a:0d:cd:ea:e6:3a:2f:95:45:cb:9b:d3:fc:b5:
7d:d4:58:52:70:1f:e0:1c:0f:60:d6:a8:46:b0:8d:cb:96:6b:
40:aa:a7:f5:8a:e5:23:56:6e:5e:dc:89:0e:23:83:bf:7a:e6:
4b:85:b6:8a:d4:64:6c:3c:88:b9:3f:62:bc:7f:22:41:43:36:
22:2d:84:49:45:2b:97:dd:33:8f:d7:07:12:ed:dc:c0:c6:9f:
b6:be:6d:20:59:69:0d:e0:6c:e2:7c:75:f4:d9:1f:d6:d2:8d:
ec:5e:fc:0d:0f:a9:98:63:7e:f0:71:d8:55:80:cc:f2:b2:95:
86:66:78:8b:bc:46:d4:0d:ac:f0:eb:f1:95:56:18:93:01:fe:
a1:c1:8f:4f:51:63:75:4e:65:df:56:a5:2c:f7:78:26:93:ee:
38:ea:61:b7:95:2b:5c:76:74:29:14:ad:e2:f2:dd:a5:ea:a1:
05:70:75:5b:18:f8:16:f5:51:02:54:9a:eb:be:c9:15:aa:f8:
e0:22:56:cf
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ4m+39LfzXsCMGrRkvcx2UCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTE0MTQ1NDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODgzZTk0MjY0NWFlYmQyMWQyNGU4YmU4NDM1YWMxZDhmNTg1ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPK2HwpxMX5yScGjR/ibLwoflZYl
mU/5ggjEi2SfGGTGLU/ZostX9b6WrDCDpmKLA/Hv7lMKJwz8J+l7qtB1riNy8REk
RuZTfmJApfN+Q1EMe7ueBc3EczUf2hMHk4Y3+C5C2jiipU8TRK76JfmqQQb+cAtH
yu2tZ6BSQnRywnLzNujKpS4bS+/+lFheLPPYhsFD11pz/KiW/TbbHv/9fbHL1rjD
ri2ilxyRsYd0uaJKEHbYEZAPbamoGPSgvkpEFbUVFA0P9c399Uoza5hulCH2O1V8
IRssqJXntSJpR3WCD0Q4bdxtkCNAfVaYIOraqI6hPaPBaeGEF57VOfvh+QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCiD6UJkWuvSHSTovoQ1rB2PWF8OMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvS0lQcFFtUmE2OUlkSk9pLWhEV3NIWTlZWHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQGUK4AAwQB
UK5sAwQAUK5xAwQAUK51MAwDBABQrnkDBABQrnoDBAJQrnwwDQYJKoZIhvcNAQEL
BQADggEBALLC8TTV+pqmY35vKAQzGYF3EhNAfksfaqeCkdTxhTqtdAJMF1/HnkgA
9f+/lUc9ovHAXVE91gJMvUoKDc3q5jovlUXLm9P8tX3UWFJwH+AcD2DWqEawjcuW
a0Cqp/WK5SNWbl7ciQ4jg7965kuFtorUZGw8iLk/Yrx/IkFDNiIthElFK5fdM4/X
BxLt3MDGn7a+bSBZaQ3gbOJ8dfTZH9bSjexe/A0PqZhjfvBx2FWAzPKylYZmeIu8
RtQNrPDr8ZVWGJMB/qHBj09RY3VOZd9WpSz3eCaT7jjqYbeVK1x2dCkUreLy3aXq
oQVwdVsY+Bb1UQJUmuu+yRWq+OAiVs8=
-----END CERTIFICATE-----
Generated at Fri May 15 08:18:05 2026 by rpki-client