Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/rlYbXk0l-u5wDMIPld_Hf9Uw904.roa
File: rlYbXk0l-u5wDMIPld_Hf9Uw904.roa (raw, json)
Hash identifier: I+TrFAAS1TYsFTjE/AcxzzG+51DRpaOOwnGxLdeRA90=
Subject key identifier: AE:56:1B:5E:4D:25:FA:EE:70:0C:C2:0F:95:DF:C7:7F:D5:30:F7:4E
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E687EBFB39F1A896D15A5EADD3255BDD9
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/rlYbXk0l-u5wDMIPld_Hf9Uw904.roa
Signing time: Wed 27 May 2026 08:13:17 +0000
ROA not before: Wed 27 May 2026 08:13:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 80.174.114.0/24 maxlen: 24
80.174.120.0/24 maxlen: 24
80.174.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:68:7e:bf:b3:9f:1a:89:6d:15:a5:ea:dd:32:55:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: May 27 08:13:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae561b5e4d25faee700cc20f95dfc77fd530f74e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:45:a6:0b:ea:df:8f:cd:b4:f2:66:d3:3e:56:
81:20:e2:b1:60:23:88:64:83:e5:7f:92:80:42:7e:
39:95:1e:5e:7c:48:cc:b6:38:fd:bb:e1:84:f9:3a:
5c:a5:a8:5f:2d:52:00:56:7a:d1:04:73:e0:bc:20:
9c:cd:cb:70:64:77:e3:9b:71:7e:68:09:98:87:0d:
c1:e5:a2:b7:05:b9:54:fa:3b:c8:19:e4:0c:82:39:
af:74:47:1c:13:32:2d:d0:14:b3:34:a6:03:4b:9b:
3c:00:61:dd:bc:dd:77:15:75:0c:ad:16:66:9e:4d:
da:a8:92:d5:bf:01:51:e1:f1:7b:15:ef:75:d6:23:
ac:0f:8b:e9:7a:ce:61:6f:65:3e:72:4d:10:48:e9:
c3:cb:fb:23:63:0c:c4:b6:6f:af:36:83:3c:7b:fd:
8f:30:df:68:20:cd:06:6a:ee:88:ec:84:f3:1f:ab:
7b:83:70:29:fa:56:1a:81:4d:51:e1:e6:e5:c9:f9:
1d:c1:c0:dc:82:97:d6:8a:ee:83:b3:2c:73:81:cd:
13:62:7e:c6:ac:c6:10:9b:fc:79:60:42:5e:bc:2a:
10:e5:cf:27:e1:90:50:32:5b:c1:8d:2d:eb:9d:a7:
5c:b0:3b:d6:35:e5:c9:4a:44:f9:4d:88:25:5d:f4:
13:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:56:1B:5E:4D:25:FA:EE:70:0C:C2:0F:95:DF:C7:7F:D5:30:F7:4E
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/rlYbXk0l-u5wDMIPld_Hf9Uw904.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.114.0/24
80.174.120.0/24
80.174.123.0/24
Signature Algorithm: sha256WithRSAEncryption
87:2c:9f:53:66:71:b6:dd:dd:31:10:70:f7:1d:1d:3e:07:71:
59:88:66:87:a2:32:3a:b2:92:b1:a6:26:d2:b7:ae:7a:3e:d1:
91:92:0c:91:d9:94:d3:26:a0:73:20:ec:96:ab:d9:9b:bc:ea:
4c:22:a6:f2:12:95:1d:30:b1:5a:4d:a6:12:f6:d7:2c:00:6b:
ef:5f:4b:2d:8b:fd:ca:5a:ce:a5:78:d4:fc:f0:1f:2f:e4:8e:
b7:b5:87:75:5f:b2:44:d8:24:31:33:6d:df:15:ff:26:72:d4:
68:f6:e7:59:e8:3e:21:2f:4d:c1:26:78:ac:6c:c9:af:29:95:
36:10:7c:e9:5c:e7:9b:bb:25:95:6f:72:cd:4d:7e:23:a1:37:
b2:f6:80:ad:51:ab:ba:85:52:4b:5a:1c:34:1e:5e:65:50:4b:
8f:c1:83:a8:b8:f7:0e:61:66:09:db:dc:c9:83:35:33:12:d2:
ba:a1:05:2f:4f:e4:6b:17:c4:ff:36:8d:d1:d3:d4:f9:0c:38:
21:ee:a9:b3:3d:5c:68:24:9d:50:df:04:c5:35:dc:3e:7d:bc:
01:32:26:d6:7b:69:97:c1:03:b6:5a:98:fd:2e:51:c6:31:00:
9c:fe:f4:cb:9c:e7:ec:83:d2:18:dc:03:11:1d:63:28:81:93:
8c:59:9b:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5ofr+znxqJbRWl6t0yVb3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNTI3MDgxMzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTU2MWI1ZTRkMjVmYWVlNzAwY2MyMGY5NWRmYzc3ZmQ1MzBmNzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0WmC+rfj8208mbTPlaBIOKxYCOI
ZIPlf5KAQn45lR5efEjMtjj9u+GE+TpcpahfLVIAVnrRBHPgvCCczctwZHfjm3F+
aAmYhw3B5aK3BblU+jvIGeQMgjmvdEccEzIt0BSzNKYDS5s8AGHdvN13FXUMrRZm
nk3aqJLVvwFR4fF7Fe911iOsD4vpes5hb2U+ck0QSOnDy/sjYwzEtm+vNoM8e/2P
MN9oIM0Gau6I7ITzH6t7g3Ap+lYagU1R4eblyfkdwcDcgpfWiu6Dsyxzgc0TYn7G
rMYQm/x5YEJevCoQ5c8n4ZBQMlvBjS3rnadcsDvWNeXJSkT5TYglXfQTHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK5WG15NJfrucAzCD5Xfx3/VMPdOMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvcmxZYlhrMGwtdTV3RE1JUGxkX0hmOVV3OTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUK5yAwQA
UK54AwQAUK57MA0GCSqGSIb3DQEBCwUAA4IBAQCHLJ9TZnG23d0xEHD3HR0+B3FZ
iGaHojI6spKxpibSt656PtGRkgyR2ZTTJqBzIOyWq9mbvOpMIqbyEpUdMLFaTaYS
9tcsAGvvX0sti/3KWs6leNT88B8v5I63tYd1X7JE2CQxM23fFf8mctRo9udZ6D4h
L03BJnisbMmvKZU2EHzpXOebuyWVb3LNTX4joTey9oCtUau6hVJLWhw0Hl5lUEuP
wYOouPcOYWYJ29zJgzUzEtK6oQUvT+RrF8T/No3R09T5DDgh7qmzPVxoJJ1Q3wTF
Ndw+fbwBMibWe2mXwQO2Wpj9LlHGMQCc/vTLnOfsg9IY3AMRHWMogZOMWZuP
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:17:38 2026 by rpki-client