Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/0ssRz7qJIJEKvl8gIutsVyvVtlo.roa
File: 0ssRz7qJIJEKvl8gIutsVyvVtlo.roa (raw, json)
Hash identifier: ehVnLAyXalS5oo9Mzcyv1dTDSjmiGPw0E4UobcaTRMM=
Subject key identifier: D2:CB:11:CF:BA:89:20:91:0A:BE:5F:20:22:EB:6C:57:2B:D5:B6:5A
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 019CAF8E08EC524164EE2D051B12E14F72CB
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/0ssRz7qJIJEKvl8gIutsVyvVtlo.roa
Signing time: Mon 02 Mar 2026 17:17:27 +0000
ROA not before: Mon 02 Mar 2026 17:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1199
IP address blocks: 145.102.136.0/22 maxlen: 22
145.111.0.0/16 maxlen: 16
145.152.0.0/13 maxlen: 13
2001:610:5ea::/48 maxlen: 48
2001:610:5ea:6600::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 20:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:8e:08:ec:52:41:64:ee:2d:05:1b:12:e1:4f:72:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Mar 2 17:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d2cb11cfba8920910abe5f2022eb6c572bd5b65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:16:34:53:d6:a0:3b:7d:ef:e1:a9:d4:93:9e:
61:06:a8:76:0e:47:5f:0e:2a:da:9b:6e:d1:7a:20:
c7:15:7a:d6:5d:21:ef:bc:13:26:7a:41:0c:74:50:
9b:1e:db:b8:21:02:6b:ab:53:af:18:6f:d6:1d:81:
7e:cf:32:28:83:2f:45:30:81:3c:76:22:66:b4:cf:
ca:75:56:19:e7:f5:f1:b6:27:d1:1e:5c:87:8d:09:
6e:a6:31:2d:8b:bd:61:6f:54:98:78:10:a9:6a:d4:
a5:af:dc:4e:0e:28:a2:45:51:71:3f:ba:f5:6e:a5:
3b:01:dc:58:73:73:eb:5a:af:b2:8d:42:f5:73:92:
0c:83:23:42:33:16:2a:8d:29:d5:5f:78:2d:08:1a:
27:59:15:79:e0:ce:d1:9c:fe:8e:29:90:28:3b:50:
52:36:83:c6:35:02:8b:76:8c:e1:e9:61:15:a2:41:
a1:22:9c:09:9c:f4:91:9e:07:6a:d3:8c:d5:3f:b8:
26:b8:d2:98:91:b9:14:bf:7d:24:61:3c:49:f5:57:
eb:95:96:f1:36:b4:9f:11:47:66:f0:ee:03:b9:cc:
1e:57:e3:3a:04:84:39:31:00:e3:f6:15:61:80:38:
20:96:ce:ab:9a:4a:37:c7:80:65:6f:dc:5c:35:b4:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CB:11:CF:BA:89:20:91:0A:BE:5F:20:22:EB:6C:57:2B:D5:B6:5A
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/0ssRz7qJIJEKvl8gIutsVyvVtlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.136.0/22
145.111.0.0/16
145.152.0.0/13
IPv6:
2001:610:5ea::/48
Signature Algorithm: sha256WithRSAEncryption
13:c4:fc:b9:25:f6:1f:5e:a5:07:91:18:a2:16:96:74:cb:58:
af:0f:99:ed:87:54:8d:fb:69:cb:bc:63:15:09:b2:21:50:76:
76:76:60:57:ef:b2:64:21:df:0c:40:48:dc:08:bb:97:93:6f:
4e:61:9a:58:0e:52:09:8a:14:58:f9:6c:6e:88:2a:c0:ef:13:
1f:3c:f7:f0:d2:83:ad:a5:88:55:e7:7e:a6:20:0a:06:15:9a:
31:7b:cf:96:25:11:7e:06:d6:04:a3:3f:71:6f:40:7b:15:31:
57:b2:6a:03:7a:0d:55:60:42:87:f9:27:99:30:6e:16:51:55:
f6:7d:40:a9:3f:62:a4:93:19:46:7a:ba:b5:d8:57:0c:00:6c:
0b:64:1b:b4:5a:99:40:4d:73:9d:68:1b:cd:9a:34:b8:9f:99:
51:48:e0:f4:dc:20:2b:c1:0e:51:bd:23:a1:cb:24:4a:73:03:
11:14:25:53:bb:e4:08:c3:84:a0:67:75:7a:64:7c:11:9e:a9:
6d:cc:02:9b:f4:1c:08:7f:b2:c6:ad:ad:66:a3:49:80:0a:64:
1f:f1:92:41:8e:b1:c4:09:a8:e5:9a:ad:02:2c:b0:5b:69:54:
9d:e0:e3:8a:fb:c0:b8:8c:eb:c3:16:b1:12:b5:cf:54:f3:67:
51:69:73:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZyvjgjsUkFk7i0FGxLhT3LLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjYwMzAyMTcxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNiMTFjZmJhODkyMDkxMGFiZTVmMjAyMmViNmM1NzJiZDViNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohY0U9agO33v4anUk55hBqh2Dkdf
Diram27ReiDHFXrWXSHvvBMmekEMdFCbHtu4IQJrq1OvGG/WHYF+zzIogy9FMIE8
diJmtM/KdVYZ5/XxtifRHlyHjQlupjEti71hb1SYeBCpatSlr9xODiiiRVFxP7r1
bqU7AdxYc3PrWq+yjUL1c5IMgyNCMxYqjSnVX3gtCBonWRV54M7RnP6OKZAoO1BS
NoPGNQKLdozh6WEVokGhIpwJnPSRngdq04zVP7gmuNKYkbkUv30kYTxJ9VfrlZbx
NrSfEUdm8O4DucweV+M6BIQ5MQDj9hVhgDggls6rmko3x4Blb9xcNbTmywIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNLLEc+6iSCRCr5fICLrbFcr1bZaMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvMHNzUno3cUpJSkVLdmw4Z0l1dHNWeXZWdGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAWBAIAATAQAwQCkWaIAwMA
kW8DAwORmDAPBAIAAjAJAwcAIAEGEAXqMA0GCSqGSIb3DQEBCwUAA4IBAQATxPy5
JfYfXqUHkRiiFpZ0y1ivD5nth1SN+2nLvGMVCbIhUHZ2dmBX77JkId8MQEjcCLuX
k29OYZpYDlIJihRY+WxuiCrA7xMfPPfw0oOtpYhV536mIAoGFZoxe8+WJRF+BtYE
oz9xb0B7FTFXsmoDeg1VYEKH+SeZMG4WUVX2fUCpP2KkkxlGerq12FcMAGwLZBu0
WplATXOdaBvNmjS4n5lRSOD03CArwQ5RvSOhyyRKcwMRFCVTu+QIw4SgZ3V6ZHwR
nqltzAKb9BwIf7LGra1mo0mACmQf8ZJBjrHECajlmq0CLLBbaVSd4OOK+8C4jOvD
FrEStc9U82dRaXMK
-----END CERTIFICATE-----
Generated at Sat Mar 7 06:21:39 2026 by rpki-client