Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/h2q9_rZm0PV8txh6TfHdCBkulAs.roa
File: h2q9_rZm0PV8txh6TfHdCBkulAs.roa (raw, json)
Hash identifier: q05w4TZAL571hpUjwgQIi8JE4zKvAGMsaI8J0PpFNXY=
Subject key identifier: 87:6A:BD:FE:B6:66:D0:F5:7C:B7:18:7A:4D:F1:DD:08:19:2E:94:0B
Certificate issuer: /CN=bc63a36d5c80651a89a76906c9e3402fb34568da
Certificate serial: 019DB51EC80C5C89F4AF3CA4F27BB121A8CE
Authority key identifier: BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/h2q9_rZm0PV8txh6TfHdCBkulAs.roa
Signing time: Wed 22 Apr 2026 12:16:26 +0000
ROA not before: Wed 22 Apr 2026 12:16:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1267
IP address blocks: 185.145.101.0/24 maxlen: 24
185.145.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.mft
rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:1e:c8:0c:5c:89:f4:af:3c:a4:f2:7b:b1:21:a8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc63a36d5c80651a89a76906c9e3402fb34568da
Validity
Not Before: Apr 22 12:16:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=876abdfeb666d0f57cb7187a4df1dd08192e940b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:63:11:5e:58:f2:86:66:04:67:92:90:92:9c:
3b:a4:a2:44:7a:d3:8b:af:ea:57:11:8e:74:05:ae:
df:cb:5a:c0:a4:27:cf:f2:ad:23:55:ca:d2:00:38:
a4:c8:3e:8a:97:4c:60:7b:bb:4e:72:b6:5f:fa:0b:
f7:84:82:a5:bb:c7:99:18:00:2f:9e:12:f9:f8:43:
28:21:4e:a8:e4:8e:7e:b3:d6:f4:d4:85:f1:f4:d5:
ad:84:6d:0e:9e:c3:3f:65:07:b0:ac:26:18:35:b5:
6d:7d:75:9a:a7:09:c6:47:14:0d:13:ab:e2:1c:26:
e2:64:4d:f2:c3:cd:2e:61:41:5d:22:9b:91:dd:dd:
6f:95:40:0f:a0:75:2b:7d:a6:e9:56:fc:36:7b:3f:
62:cc:0c:ed:01:d8:d1:0f:4b:c2:d2:92:f8:9c:9c:
ef:9a:63:20:98:3c:65:ab:ee:15:f6:3d:a6:ba:ab:
b5:b1:7d:13:7b:4c:f9:eb:9b:b9:dd:13:80:a8:3c:
a7:db:80:5a:d4:30:16:10:68:a2:f2:2e:1b:c2:fb:
e5:bc:07:a7:84:18:32:20:33:c1:c1:d8:73:e3:9e:
c3:f8:cc:6d:9b:4b:65:64:c0:45:0b:55:ec:dd:6a:
4f:bd:e2:23:cc:80:e9:cb:08:49:f0:c9:77:9c:4b:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:6A:BD:FE:B6:66:D0:F5:7C:B7:18:7A:4D:F1:DD:08:19:2E:94:0B
X509v3 Authority Key Identifier:
keyid:BC:63:A3:6D:5C:80:65:1A:89:A7:69:06:C9:E3:40:2F:B3:45:68:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vGOjbVyAZRqJp2kGyeNAL7NFaNo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/h2q9_rZm0PV8txh6TfHdCBkulAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c3ab69-7162-4222-aa20-4e3b20ec16a3/1/vGOjbVyAZRqJp2kGyeNAL7NFaNo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.145.101.0/24
185.145.103.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:87:04:61:83:a4:db:89:f1:99:60:9f:5b:24:cc:1b:f6:19:
87:9a:f4:14:fa:f7:b0:5c:28:46:9a:fd:a0:95:1c:8e:25:62:
04:fc:f1:7b:60:72:0d:55:7c:af:0b:b5:4a:6b:4a:44:0a:c2:
ca:8b:e1:45:2e:ee:61:57:78:9b:5e:8e:5b:97:11:e0:d1:4e:
27:8d:83:09:8a:dc:86:0c:11:68:b9:d4:ca:8c:e0:8f:a9:17:
cc:3c:d6:32:f9:b3:ed:46:f1:05:29:4c:b2:63:65:5b:fa:40:
af:d4:74:45:e6:6f:eb:1e:13:3d:69:c0:f2:58:d8:0f:bf:c3:
52:20:67:f6:89:d8:fe:4a:b4:a7:dc:51:54:53:2e:35:db:bb:
7f:40:3a:3b:f8:cc:1e:03:38:c7:c9:3d:4c:e3:38:4c:79:30:
d6:97:e9:6a:0f:82:0e:53:f3:09:59:fb:cd:fc:e0:61:b1:46:
26:9d:be:20:24:d5:73:bd:09:f8:5c:ce:67:b3:a3:0f:92:19:
3c:df:dd:5b:36:c5:45:ff:3b:12:e7:2e:51:29:0e:99:76:d3:
d3:cc:47:cd:22:4f:30:ef:4e:82:88:41:1a:35:3a:4d:04:d0:
47:41:df:b0:ae:97:2e:6e:6f:75:18:24:2e:66:ab:3c:71:aa:
fd:8a:ba:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ21HsgMXIn0rzyk8nuxIajOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNjNhMzZkNWM4MDY1MWE4OWE3NjkwNmM5ZTM0MDJmYjM0
NTY4ZGEwHhcNMjYwNDIyMTIxNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzZhYmRmZWI2NjZkMGY1N2NiNzE4N2E0ZGYxZGQwODE5MmU5NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWMRXljyhmYEZ5KQkpw7pKJEetOL
r+pXEY50Ba7fy1rApCfP8q0jVcrSADikyD6Kl0xge7tOcrZf+gv3hIKlu8eZGAAv
nhL5+EMoIU6o5I5+s9b01IXx9NWthG0OnsM/ZQewrCYYNbVtfXWapwnGRxQNE6vi
HCbiZE3yw80uYUFdIpuR3d1vlUAPoHUrfabpVvw2ez9izAztAdjRD0vC0pL4nJzv
mmMgmDxlq+4V9j2muqu1sX0Te0z565u53ROAqDyn24Ba1DAWEGii8i4bwvvlvAen
hBgyIDPBwdhz457D+Mxtm0tlZMBFC1Xs3WpPveIjzIDpywhJ8Ml3nEszyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIdqvf62ZtD1fLcYek3x3QgZLpQLMB8GA1UdIwQY
MBaAFLxjo21cgGUaiadpBsnjQC+zRWjaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAt
NGUzYjIwZWMxNmEzLzEvaDJxOV9yWm0wUFY4dHhoNlRmSGRDQmt1bEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9jM2FiNjktNzE2Mi00MjIyLWFhMjAtNGUzYjIwZWMxNmEz
LzEvdkdPamJWeUFaUnFKcDJrR3llTkFMN05GYU5vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZFlAwQA
uZFnMA0GCSqGSIb3DQEBCwUAA4IBAQA6hwRhg6TbifGZYJ9bJMwb9hmHmvQU+vew
XChGmv2glRyOJWIE/PF7YHINVXyvC7VKa0pECsLKi+FFLu5hV3ibXo5blxHg0U4n
jYMJityGDBFoudTKjOCPqRfMPNYy+bPtRvEFKUyyY2Vb+kCv1HRF5m/rHhM9acDy
WNgPv8NSIGf2idj+SrSn3FFUUy4127t/QDo7+MweAzjHyT1M4zhMeTDWl+lqD4IO
U/MJWfvN/OBhsUYmnb4gJNVzvQn4XM5ns6MPkhk8391bNsVF/zsS5y5RKQ6ZdtPT
zEfNIk8w706CiEEaNTpNBNBHQd+wrpcubm91GCQuZqs8car9irqT
-----END CERTIFICATE-----
Generated at Mon Apr 27 17:57:44 2026 by rpki-client