Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8SDGYefp7GniKyWbH3_Dd7ewFyY.roa
File: 8SDGYefp7GniKyWbH3_Dd7ewFyY.roa (raw, json)
Hash identifier: 73ktM8sehjAsg4zgPPp83SYk42prHUze6dOXhDcIJE4=
Subject key identifier: F1:20:C6:61:E7:E9:EC:69:E2:2B:25:9B:1F:7F:C3:77:B7:B0:17:26
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019CBEF1D8EB622B15390BFE2786D84DD5F1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8SDGYefp7GniKyWbH3_Dd7ewFyY.roa
Signing time: Thu 05 Mar 2026 17:00:46 +0000
ROA not before: Thu 05 Mar 2026 17:00:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28435
IP address blocks: 45.133.63.0/24 maxlen: 24
153.51.240.0/22 maxlen: 22
153.51.240.0/24 maxlen: 24
153.51.241.0/24 maxlen: 24
153.51.242.0/24 maxlen: 24
153.51.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 06:19:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:f1:d8:eb:62:2b:15:39:0b:fe:27:86:d8:4d:d5:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 5 17:00:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f120c661e7e9ec69e22b259b1f7fc377b7b01726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:95:08:9d:6c:26:b5:d5:e2:b1:84:7c:02:71:
92:8d:50:53:79:72:8c:9f:4d:42:d3:b2:47:fb:c4:
30:9d:a0:d9:76:30:18:4b:9b:e8:e5:99:f8:1e:07:
97:f5:1e:83:a3:13:3b:7d:f3:5b:b0:31:29:a8:eb:
e8:bc:5e:89:29:ed:8f:c0:17:3d:0b:ca:a0:d2:2f:
96:d4:25:16:3d:0b:a1:14:f4:61:61:7d:f5:5b:68:
4f:c8:7a:65:a7:e1:22:10:92:78:3f:79:a2:e3:69:
3c:c1:4f:cc:2b:6f:59:66:89:ee:5b:d6:95:34:cd:
97:f0:40:b0:8c:2c:30:5a:e9:69:64:02:d9:3a:39:
55:91:48:ac:c3:cf:6c:06:23:d2:15:5d:82:1c:f9:
8b:ba:4f:95:9c:79:a2:b5:c1:63:9d:6d:29:18:41:
2e:7c:b6:97:70:c7:4a:09:24:56:1f:63:31:4b:78:
57:e6:a2:8d:04:2c:8a:5d:bb:6b:0a:78:b5:d9:08:
c1:61:75:06:66:b9:d5:8e:b3:53:ea:cd:3e:fe:07:
db:13:b0:3f:94:a6:16:45:f3:ee:bd:53:41:42:cb:
b6:8b:70:8d:81:db:84:5f:8d:a4:ad:d0:33:ce:5d:
ef:f3:9d:d8:15:0a:7d:1d:7b:26:e7:a8:e4:e6:4d:
2c:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:20:C6:61:E7:E9:EC:69:E2:2B:25:9B:1F:7F:C3:77:B7:B0:17:26
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/8SDGYefp7GniKyWbH3_Dd7ewFyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.63.0/24
153.51.240.0/22
Signature Algorithm: sha256WithRSAEncryption
66:a6:b4:ad:19:f3:ca:eb:83:15:61:7d:d5:d8:7d:85:08:12:
a3:ea:e1:57:12:1d:63:7d:66:0a:1f:23:88:c6:d2:c6:6a:37:
2f:0c:3a:ec:3f:b0:35:34:e3:f8:44:08:37:b4:c1:7b:03:02:
ca:07:73:28:a9:54:7e:52:d0:16:21:80:24:0e:09:83:d9:05:
b5:99:7b:06:68:00:00:5c:08:39:13:24:24:e0:10:a7:33:d6:
92:e3:50:3c:52:c3:5b:9b:29:d4:8a:1c:ba:c0:4e:5f:87:3e:
34:f8:c8:75:34:ac:2a:b4:91:28:8f:69:81:7f:4e:fe:d1:fa:
48:ed:0e:af:f6:8e:fb:ab:85:56:64:ac:e2:29:54:53:21:38:
5c:b4:ff:b3:a1:52:de:fe:47:b9:77:45:a3:16:f9:6b:27:7c:
62:b3:76:dd:b1:62:e6:b9:9d:c6:a9:e6:ca:df:ae:4c:6d:f3:
3b:6f:e6:65:f4:e0:20:04:24:0b:38:9f:93:28:84:47:eb:9d:
d4:5d:47:3d:19:0e:66:00:22:0c:f4:f6:d2:e6:a1:c5:ce:bb:
51:4f:0d:40:2d:d5:1e:63:41:eb:94:39:93:29:c4:d5:5d:ea:
71:3b:37:d0:c3:ce:53:cf:4d:cd:01:0a:d6:d7:c8:aa:fd:bb:
31:97:dd:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZy+8djrYisVOQv+J4bYTdXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzA1MTcwMDQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTIwYzY2MWU3ZTllYzY5ZTIyYjI1OWIxZjdmYzM3N2I3YjAxNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZUInWwmtdXisYR8AnGSjVBTeXKM
n01C07JH+8QwnaDZdjAYS5vo5Zn4HgeX9R6DoxM7ffNbsDEpqOvovF6JKe2PwBc9
C8qg0i+W1CUWPQuhFPRhYX31W2hPyHplp+EiEJJ4P3mi42k8wU/MK29ZZonuW9aV
NM2X8ECwjCwwWulpZALZOjlVkUisw89sBiPSFV2CHPmLuk+VnHmitcFjnW0pGEEu
fLaXcMdKCSRWH2MxS3hX5qKNBCyKXbtrCni12QjBYXUGZrnVjrNT6s0+/gfbE7A/
lKYWRfPuvVNBQsu2i3CNgduEX42krdAzzl3v853YFQp9HXsm56jk5k0scwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPEgxmHn6exp4islmx9/w3e3sBcmMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvOFNER1llZnA3R25pS3lXYkgzX0RkN2V3RnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYU/AwQC
mTPwMA0GCSqGSIb3DQEBCwUAA4IBAQBmprStGfPK64MVYX3V2H2FCBKj6uFXEh1j
fWYKHyOIxtLGajcvDDrsP7A1NOP4RAg3tMF7AwLKB3MoqVR+UtAWIYAkDgmD2QW1
mXsGaAAAXAg5EyQk4BCnM9aS41A8UsNbmynUihy6wE5fhz40+Mh1NKwqtJEoj2mB
f07+0fpI7Q6v9o77q4VWZKziKVRTIThctP+zoVLe/ke5d0WjFvlrJ3xis3bdsWLm
uZ3GqebK365MbfM7b+Zl9OAgBCQLOJ+TKIRH653UXUc9GQ5mACIM9PbS5qHFzrtR
Tw1ALdUeY0HrlDmTKcTVXepxOzfQw85Tz03NAQrW18iq/bsxl93i
-----END CERTIFICATE-----
Generated at Tue Mar 10 13:57:53 2026 by rpki-client