Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/1-VHrB2ftFgG1R7rW9e965VrbOgs.roa
File: 1-VHrB2ftFgG1R7rW9e965VrbOgs.roa (raw, json)
Hash identifier: e22B3XhTvj7ENfOUB059RvQemhyhAgeNVsH6G1GtXTY=
Subject key identifier: F9:51:EB:07:67:ED:16:01:B5:47:BA:D6:F5:EF:7A:E5:5A:DB:3A:0B
Certificate issuer: /CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Certificate serial: 019D0BA13EF6D95572427B52806DE0F4E935
Authority key identifier: 8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/1-VHrB2ftFgG1R7rW9e965VrbOgs.roa
Signing time: Fri 20 Mar 2026 14:23:29 +0000
ROA not before: Fri 20 Mar 2026 14:23:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53107
IP address blocks: 45.139.208.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:a1:3e:f6:d9:55:72:42:7b:52:80:6d:e0:f4:e9:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e3f1663996be1707611fdce1ddea8920dd398a3
Validity
Not Before: Mar 20 14:23:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f951eb0767ed1601b547bad6f5ef7ae55adb3a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:68:31:d4:70:1c:a8:e1:48:a7:8f:16:98:
06:39:bd:6c:1e:da:4e:42:6a:59:18:28:95:2e:64:
65:c6:8f:c0:78:83:00:f6:80:7e:0a:7a:a4:88:f4:
72:f3:ea:6e:a8:ba:bf:af:3b:c6:da:e0:5e:81:a7:
e6:68:fd:70:c4:c1:5e:b7:52:66:3f:4b:d8:94:00:
fc:b6:49:9b:53:45:74:82:bd:25:ed:02:68:6f:e5:
11:12:47:4b:6a:3b:d3:a9:c0:c8:68:52:9c:5d:02:
a5:5b:45:4a:ae:da:aa:85:d4:81:16:9d:27:fb:3b:
77:6f:64:61:ee:bb:23:e7:04:28:f0:ed:69:e7:b2:
50:16:28:d7:e2:10:3b:dd:de:59:36:f5:7a:43:1e:
49:2a:e7:67:b4:65:36:a3:de:f0:3a:3e:3f:8d:da:
4d:6e:db:b6:40:ff:f2:77:ca:bb:a5:5a:34:aa:80:
65:b3:e7:c4:cd:d3:3e:f4:7d:9d:fa:5c:15:ef:b8:
f8:d6:bc:91:6b:e7:15:65:0e:31:61:54:9b:f4:e8:
74:f0:72:90:27:ea:f0:fb:6d:d3:05:e6:56:db:63:
7d:93:8e:07:9a:79:46:98:bc:02:c5:e4:6a:39:0d:
15:8d:b7:e5:56:f8:54:21:b2:31:d4:51:4d:2f:a0:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:51:EB:07:67:ED:16:01:B5:47:BA:D6:F5:EF:7A:E5:5A:DB:3A:0B
X509v3 Authority Key Identifier:
keyid:8E:3F:16:63:99:6B:E1:70:76:11:FD:CE:1D:DE:A8:92:0D:D3:98:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jj8WY5lr4XB2Ef3OHd6okg3TmKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/1-VHrB2ftFgG1R7rW9e965VrbOgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/cd97cc-ce2b-4264-9e79-c8f9be7d19df/1/jj8WY5lr4XB2Ef3OHd6okg3TmKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.208.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:c0:c0:27:b2:f8:88:c3:62:db:6f:74:1d:1d:b6:dd:f7:47:
3a:e7:c2:f4:24:cf:87:a6:8e:0e:d2:ea:37:d5:98:77:fa:9c:
cf:1d:b3:b2:0c:da:e5:c2:59:03:94:56:1f:a3:26:05:2d:8c:
94:72:2a:df:14:37:d4:4f:da:95:1f:3d:28:6f:f8:01:0c:7d:
47:c2:e7:20:b0:fb:f3:19:b6:d4:95:23:17:2f:93:f5:c0:12:
26:35:9c:22:91:b5:2d:e0:f8:4f:33:ab:01:9e:b1:76:a2:b8:
31:c9:ac:2a:55:a5:fd:63:ff:2b:bb:8b:60:07:07:75:2e:18:
96:a2:55:6b:36:ce:23:67:13:11:ec:36:81:6c:23:17:df:2f:
cd:9d:97:ba:43:8c:71:98:b2:72:3f:70:bd:25:96:99:8d:c5:
23:44:07:eb:a8:e5:50:b1:0b:47:e7:9d:d0:f0:6a:fc:2a:80:
73:bb:08:68:a1:3e:14:a9:8b:bf:ec:1e:af:39:5c:42:0c:6e:
f2:b2:50:bd:3b:27:19:5b:31:52:f5:e0:c9:2b:25:b9:58:58:
14:a4:e3:e6:0b:c2:33:7b:fb:5e:6b:89:78:9e:cc:dd:31:05:
b2:c3:5a:51:f2:d4:5f:6f:3c:b0:0e:57:fa:88:dc:e6:e0:31:
3e:d0:ce:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ0LoT722VVyQntSgG3g9Ok1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlM2YxNjYzOTk2YmUxNzA3NjExZmRjZTFkZGVhODkyMGRk
Mzk4YTMwHhcNMjYwMzIwMTQyMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTUxZWIwNzY3ZWQxNjAxYjU0N2JhZDZmNWVmN2FlNTVhZGIzYTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8VoMdRwHKjhSKePFpgGOb1sHtpO
QmpZGCiVLmRlxo/AeIMA9oB+CnqkiPRy8+puqLq/rzvG2uBegafmaP1wxMFet1Jm
P0vYlAD8tkmbU0V0gr0l7QJob+UREkdLajvTqcDIaFKcXQKlW0VKrtqqhdSBFp0n
+zt3b2Rh7rsj5wQo8O1p57JQFijX4hA73d5ZNvV6Qx5JKudntGU2o97wOj4/jdpN
btu2QP/yd8q7pVo0qoBls+fEzdM+9H2d+lwV77j41ryRa+cVZQ4xYVSb9Oh08HKQ
J+rw+23TBeZW22N9k44HmnlGmLwCxeRqOQ0VjbflVvhUIbIx1FFNL6D4AQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPlR6wdn7RYBtUe61vXveuVa2zoLMB8GA1UdIwQY
MBaAFI4/FmOZa+FwdhH9zh3eqJIN05ijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamo4V1k1bHI0WEIyRWYzT0hkNm9rZzNUbUtNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jZDk3Y2MtY2UyYi00MjY0LTllNzkt
YzhmOWJlN2QxOWRmLzEvMS1WSHJCMmZ0RmdHMVI3clc5ZTk2NVZyYk9ncy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNmUvY2Q5N2NjLWNlMmItNDI2NC05ZTc5LWM4ZjliZTdkMTlk
Zi8xL2pqOFdZNWxyNFhCMkVmM09IZDZva2czVG1LTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2L0DAN
BgkqhkiG9w0BAQsFAAOCAQEATMDAJ7L4iMNi2290HR223fdHOufC9CTPh6aODtLq
N9WYd/qczx2zsgza5cJZA5RWH6MmBS2MlHIq3xQ31E/alR89KG/4AQx9R8LnILD7
8xm21JUjFy+T9cASJjWcIpG1LeD4TzOrAZ6xdqK4McmsKlWl/WP/K7uLYAcHdS4Y
lqJVazbOI2cTEew2gWwjF98vzZ2XukOMcZiycj9wvSWWmY3FI0QH66jlULELR+ed
0PBq/CqAc7sIaKE+FKmLv+werzlcQgxu8rJQvTsnGVsxUvXgySsluVhYFKTj5gvC
M3v7XmuJeJ7M3TEFssNaUfLUX288sA5X+ojc5uAxPtDOEg==
-----END CERTIFICATE-----
Generated at Sat Mar 21 15:05:38 2026 by rpki-client