Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/odFrLcZzZa3lGHkplTYFOeTL_lk.roa
File: odFrLcZzZa3lGHkplTYFOeTL_lk.roa (raw, json)
Hash identifier: WkZkaCnol/FFO1wh5d5UvdfBIOI/M/3rlDA0bdxo8+s=
Subject key identifier: A1:D1:6B:2D:C6:73:65:AD:E5:18:79:29:95:36:05:39:E4:CB:FE:59
Certificate issuer: /CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Certificate serial: 019E96C263B8D76EDDC01F9D835C1741636E
Authority key identifier: 4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/odFrLcZzZa3lGHkplTYFOeTL_lk.roa
Signing time: Fri 05 Jun 2026 07:49:42 +0000
ROA not before: Fri 05 Jun 2026 07:49:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214503
IP address blocks: 45.84.104.0/22 maxlen: 24
45.84.106.0/24 maxlen: 24
45.84.107.0/24 maxlen: 24
81.27.77.0/24 maxlen: 24
213.177.169.0/24 maxlen: 24
2a0d:bbc0::/48 maxlen: 48
2a0d:bbc0:1::/48 maxlen: 48
2a0d:bbc0:2::/48 maxlen: 48
2a0d:bbc1::/48 maxlen: 48
2a0d:bbc7::/48 maxlen: 48
2a0d:bbc7:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.mft
rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 07:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:c2:63:b8:d7:6e:dd:c0:1f:9d:83:5c:17:41:63:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cf80802c6579a4d4a10608dcf92e9ace9905b16
Validity
Not Before: Jun 5 07:49:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1d16b2dc67365ade518792995360539e4cbfe59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:45:07:77:2c:a4:dd:bc:87:c3:eb:ec:65:f2:
06:38:20:17:f8:27:fe:12:f2:02:15:c8:f9:a1:d5:
d8:d7:4d:e3:4f:34:3d:df:32:13:3b:4a:16:54:70:
f4:fb:89:e8:de:be:fe:e2:01:bb:2f:2b:a3:ce:05:
37:e4:a6:13:34:13:83:9d:1a:4e:33:d4:a6:9e:46:
5f:4f:11:97:ad:72:32:38:bf:1b:ea:92:76:c1:32:
ff:ce:f8:6d:89:47:49:b2:f8:43:77:61:c2:ec:33:
2d:bc:bf:af:19:e3:cc:dc:6f:c9:63:f7:c2:ba:be:
c7:cf:06:1d:a0:47:7f:84:e3:91:76:f4:f9:04:a3:
c8:c6:f6:71:bb:6f:70:43:df:6f:bf:00:d4:83:de:
f6:5f:6d:ae:a4:75:0d:a3:61:68:61:23:89:45:cb:
5d:bf:dc:99:91:46:d5:75:42:28:45:1c:07:1b:83:
5b:5a:9e:45:15:88:95:23:e3:aa:ee:13:22:1b:21:
54:58:c6:6e:30:01:f0:fb:8b:fd:7a:e9:f0:7c:19:
87:34:1a:3c:14:81:5b:3c:f0:c2:ed:c0:e9:27:52:
3b:99:bf:e4:ed:ad:de:e8:8e:d5:8c:9e:f0:d3:dd:
c5:b7:e7:02:5d:47:39:b2:ea:b6:a7:58:b7:34:bf:
86:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:D1:6B:2D:C6:73:65:AD:E5:18:79:29:95:36:05:39:E4:CB:FE:59
X509v3 Authority Key Identifier:
keyid:4C:F8:08:02:C6:57:9A:4D:4A:10:60:8D:CF:92:E9:AC:E9:90:5B:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPgIAsZXmk1KEGCNz5LprOmQWxY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/odFrLcZzZa3lGHkplTYFOeTL_lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/398bbb-184f-4851-b2a0-91f49d8d115d/1/TPgIAsZXmk1KEGCNz5LprOmQWxY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.104.0/22
81.27.77.0/24
213.177.169.0/24
IPv6:
2a0d:bbc0::-2a0d:bbc0:2:ffff:ffff:ffff:ffff:ffff
2a0d:bbc1::/48
2a0d:bbc7::/47
Signature Algorithm: sha256WithRSAEncryption
4b:fb:c4:3c:27:6e:58:19:2f:b7:13:9b:74:f6:e0:fa:78:4d:
ef:42:7f:77:a5:de:58:45:cc:58:49:fc:b3:52:5c:9b:f5:b3:
97:ac:d6:89:82:11:4a:ec:af:83:41:6c:5b:05:8d:5f:5c:6e:
d2:cf:89:01:b9:69:9c:a5:7c:64:93:b3:46:d6:2e:d3:30:76:
48:00:a4:a7:81:91:f1:c3:16:8e:5b:ab:ea:68:e7:41:8f:72:
e8:6d:a0:8f:99:12:8b:6e:a5:8f:f2:f9:90:49:54:0d:16:45:
bd:d8:16:dd:3d:86:fd:05:7f:76:04:0b:f2:63:56:ef:07:95:
dd:61:3f:f1:2e:98:6b:2d:72:85:6c:20:28:07:a5:13:61:4d:
58:90:fb:21:e7:62:67:86:d8:40:c8:f2:d9:8d:f7:4a:70:f2:
fd:d6:f5:5c:5d:89:8c:36:13:2a:96:5a:34:e9:db:4b:17:89:
c5:cb:ef:b0:85:7c:43:20:66:7b:c2:64:7e:ec:62:b3:66:e5:
17:e2:39:93:a4:99:19:40:08:7e:59:b6:77:b7:e2:60:fc:a5:
49:f8:c0:37:ac:21:d0:14:b4:51:bb:3f:da:43:db:28:37:2f:
d0:1a:a9:e9:bc:a7:65:de:52:e3:f5:e3:d4:bd:72:b7:cc:8b:
0c:0b:9e:4f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ6WwmO4127dwB+dg1wXQWNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZjgwODAyYzY1NzlhNGQ0YTEwNjA4ZGNmOTJlOWFjZTk5
MDViMTYwHhcNMjYwNjA1MDc0OTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWQxNmIyZGM2NzM2NWFkZTUxODc5Mjk5NTM2MDUzOWU0Y2JmZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0UHdyyk3byHw+vsZfIGOCAX+Cf+
EvICFcj5odXY103jTzQ93zITO0oWVHD0+4no3r7+4gG7LyujzgU35KYTNBODnRpO
M9SmnkZfTxGXrXIyOL8b6pJ2wTL/zvhtiUdJsvhDd2HC7DMtvL+vGePM3G/JY/fC
ur7HzwYdoEd/hOORdvT5BKPIxvZxu29wQ99vvwDUg972X22upHUNo2FoYSOJRctd
v9yZkUbVdUIoRRwHG4NbWp5FFYiVI+Oq7hMiGyFUWMZuMAHw+4v9eunwfBmHNBo8
FIFbPPDC7cDpJ1I7mb/k7a3e6I7VjJ7w093Ft+cCXUc5suq2p1i3NL+GVwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFKHRay3Gc2Wt5Rh5KZU2BTnky/5ZMB8GA1UdIwQY
MBaAFEz4CALGV5pNShBgjc+S6azpkFsWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAt
OTFmNDlkOGQxMTVkLzEvb2RGckxjWnpaYTNsR0hrcGxUWUZPZVRMX2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8zOThiYmItMTg0Zi00ODUxLWIyYTAtOTFmNDlkOGQxMTVk
LzEvVFBnSUFzWlhtazFLRUdDTno1THByT21RV3hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAYBAIAATASAwQCLVRoAwQA
URtNAwQA1bGpMCoEAgACMCQwEAMFBioNu8ADBwAqDbvAAAIDBwAqDbvBAAADBwEq
DbvHAAAwDQYJKoZIhvcNAQELBQADggEBAEv7xDwnblgZL7cTm3T24Pp4Te9Cf3el
3lhFzFhJ/LNSXJv1s5es1omCEUrsr4NBbFsFjV9cbtLPiQG5aZylfGSTs0bWLtMw
dkgApKeBkfHDFo5bq+po50GPcuhtoI+ZEotupY/y+ZBJVA0WRb3YFt09hv0Ff3YE
C/JjVu8Hld1hP/EumGstcoVsICgHpRNhTViQ+yHnYmeG2EDI8tmN90pw8v3W9Vxd
iYw2EyqWWjTp20sXicXL77CFfEMgZnvCZH7sYrNm5RfiOZOkmRlACH5Ztne34mD8
pUn4wDesIdAUtFG7P9pD2yg3L9Aaqem8p2XeUuP149S9crfMiwwLnk8=
-----END CERTIFICATE-----
Generated at Thu Jun 11 16:26:07 2026 by rpki-client