Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/18C92uICZncyR3WtUHavRvVvR94.roa
File: 18C92uICZncyR3WtUHavRvVvR94.roa (raw, json)
Hash identifier: O2INjb2jmrIKNRsZgbwrpQ5cQnRq7rwlSL2+f+H7+OI=
Subject key identifier: D7:C0:BD:DA:E2:02:66:77:32:47:75:AD:50:76:AF:46:F5:6F:47:DE
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019D01F5A860169A4E04CE5E7B0F6776CC2A
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/18C92uICZncyR3WtUHavRvVvR94.roa
Signing time: Wed 18 Mar 2026 17:19:29 +0000
ROA not before: Wed 18 Mar 2026 17:19:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25818
IP address blocks: 45.150.116.0/22 maxlen: 22
158.173.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 12:10:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:f5:a8:60:16:9a:4e:04:ce:5e:7b:0f:67:76:cc:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Mar 18 17:19:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7c0bddae2026677324775ad5076af46f56f47de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:99:d2:9a:31:1d:3d:2d:f2:c0:d7:31:db:a4:
fb:fc:f3:1e:fe:67:92:4b:40:9d:70:06:5e:e8:82:
4b:27:f3:55:47:58:9a:f3:0e:52:f3:31:6d:1f:d0:
83:6e:04:a0:58:0f:54:d9:99:87:88:8a:b6:f8:2e:
87:c0:e6:99:59:0a:22:11:14:4e:a0:c3:58:45:35:
a5:e1:86:89:a3:77:3d:fe:14:2c:1e:e7:7d:61:96:
a0:3f:61:a9:65:d3:8d:08:91:31:93:8e:ab:06:e5:
b5:89:01:55:d8:dd:d2:49:27:66:65:0a:3c:19:d7:
ee:33:bc:e6:02:65:19:6f:75:07:1d:82:2e:d2:e4:
3c:a6:7e:be:02:8d:07:a0:74:2d:39:b6:e9:a1:48:
17:ff:e3:cb:13:33:4c:72:27:dd:ea:74:05:67:aa:
52:56:61:a0:98:fe:7c:fe:96:09:92:25:00:bf:a7:
56:8a:f6:43:5e:a5:d0:9b:33:d1:ac:f8:7f:e5:5e:
e8:13:69:60:ee:d0:ff:20:e7:d4:75:4a:b3:37:ab:
2b:9f:24:f3:b4:dc:e8:2b:a6:bd:ac:40:1a:9a:9a:
e8:59:1e:f3:9a:e3:9b:7b:20:e0:ae:b5:af:22:a0:
1c:bf:55:2a:67:c0:25:1f:b8:63:a7:da:d4:20:1e:
3d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C0:BD:DA:E2:02:66:77:32:47:75:AD:50:76:AF:46:F5:6F:47:DE
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/18C92uICZncyR3WtUHavRvVvR94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.116.0/22
158.173.172.0/22
Signature Algorithm: sha256WithRSAEncryption
ce:7b:32:d8:ab:99:83:02:e0:55:21:30:1a:0e:9f:f3:67:82:
52:6a:dc:25:57:c3:78:cf:11:92:00:7a:ad:d1:bc:ee:d4:ff:
31:d1:e7:3c:c5:5e:44:01:9f:b4:29:22:a3:5e:b7:1f:4e:9a:
86:87:c5:cc:6e:42:27:a2:e7:ad:ca:d1:d6:c2:9c:f5:bd:4e:
2a:ab:06:10:ac:37:73:7d:9a:a1:e9:a2:f3:ad:74:4f:41:68:
ea:23:ee:2a:92:cd:14:90:b8:a8:54:e8:c6:67:b4:01:84:cc:
9e:86:96:ec:e2:9b:b7:61:14:0e:c8:f7:d4:7f:82:4f:aa:37:
f5:9e:8b:27:39:e1:ae:8c:5c:30:19:fc:7c:91:cd:1d:ae:cc:
cf:af:c6:c1:56:6e:8c:7b:70:a8:fd:ab:94:49:6b:5a:0f:aa:
db:d5:a2:33:35:b1:35:a9:10:f0:33:e7:87:88:f2:38:40:d9:
b5:c1:22:6a:3e:e4:64:1f:1e:79:de:39:ad:d7:6d:aa:a0:ba:
e5:6c:bb:b4:dc:70:be:f4:e2:da:08:b9:e7:68:19:9f:04:0b:
5e:4b:7a:b9:80:23:7d:da:f5:c7:43:57:d2:21:34:5d:ba:f8:
3c:bc:bf:3b:44:09:04:75:d0:b9:2f:a6:03:39:e7:5b:55:76:
9a:51:6d:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0B9ahgFppOBM5eew9ndswqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjYwMzE4MTcxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MwYmRkYWUyMDI2Njc3MzI0Nzc1YWQ1MDc2YWY0NmY1NmY0N2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJnSmjEdPS3ywNcx26T7/PMe/meS
S0CdcAZe6IJLJ/NVR1ia8w5S8zFtH9CDbgSgWA9U2ZmHiIq2+C6HwOaZWQoiERRO
oMNYRTWl4YaJo3c9/hQsHud9YZagP2GpZdONCJExk46rBuW1iQFV2N3SSSdmZQo8
GdfuM7zmAmUZb3UHHYIu0uQ8pn6+Ao0HoHQtObbpoUgX/+PLEzNMcifd6nQFZ6pS
VmGgmP58/pYJkiUAv6dWivZDXqXQmzPRrPh/5V7oE2lg7tD/IOfUdUqzN6srnyTz
tNzoK6a9rEAamproWR7zmuObeyDgrrWvIqAcv1UqZ8AlH7hjp9rUIB49WwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNfAvdriAmZ3Mkd1rVB2r0b1b0feMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvMThDOTJ1SUNabmN5UjNXdFVIYXZSdlZ2Ujk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLZZ0AwQC
nq2sMA0GCSqGSIb3DQEBCwUAA4IBAQDOezLYq5mDAuBVITAaDp/zZ4JSatwlV8N4
zxGSAHqt0bzu1P8x0ec8xV5EAZ+0KSKjXrcfTpqGh8XMbkInouetytHWwpz1vU4q
qwYQrDdzfZqh6aLzrXRPQWjqI+4qks0UkLioVOjGZ7QBhMyehpbs4pu3YRQOyPfU
f4JPqjf1nosnOeGujFwwGfx8kc0drszPr8bBVm6Me3Co/auUSWtaD6rb1aIzNbE1
qRDwM+eHiPI4QNm1wSJqPuRkHx553jmt122qoLrlbLu03HC+9OLaCLnnaBmfBAte
S3q5gCN92vXHQ1fSITRduvg8vL87RAkEddC5L6YDOedbVXaaUW2u
-----END CERTIFICATE-----
Generated at Tue Mar 24 18:53:09 2026 by rpki-client