Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/rjGv5lG0kkEaYASPQbTzwe4SXi8.roa
File: rjGv5lG0kkEaYASPQbTzwe4SXi8.roa (raw, json)
Hash identifier: eS2fVXjvxaYPnUSxb3eAB6QcM/dduJxl2WBrpYw17YM=
Subject key identifier: AE:31:AF:E6:51:B4:92:41:1A:60:04:8F:41:B4:F3:C1:EE:12:5E:2F
Certificate issuer: /CN=57130f799f8a8985502a2ea3356037674085cfca
Certificate serial: 019EFFAFDE1746BBDB419C168ED6B0ADFC7D
Authority key identifier: 57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/rjGv5lG0kkEaYASPQbTzwe4SXi8.roa
Signing time: Thu 25 Jun 2026 16:49:36 +0000
ROA not before: Thu 25 Jun 2026 16:49:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.149.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 01:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ff:af:de:17:46:bb:db:41:9c:16:8e:d6:b0:ad:fc:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57130f799f8a8985502a2ea3356037674085cfca
Validity
Not Before: Jun 25 16:49:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae31afe651b492411a60048f41b4f3c1ee125e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:8f:cb:dc:a1:5b:8b:28:4e:ca:89:fa:44:9f:
c5:66:cf:2c:6b:92:4d:ef:cf:59:e6:da:62:84:2d:
7b:e0:d2:19:1f:10:32:00:ed:a2:f0:ea:e0:e6:66:
64:49:4f:97:04:d1:0f:1e:ff:bd:f0:9e:fa:f8:07:
5e:3e:56:a0:f4:23:97:40:94:77:df:f8:dc:3c:e2:
38:3d:a1:c2:4c:71:e5:82:c5:fa:68:2a:10:4a:2f:
11:4e:b8:4c:ce:d9:91:a1:ea:ec:b5:de:24:0d:9e:
57:ad:50:a3:e6:ab:2e:fa:7a:1f:ee:c7:31:5d:6d:
d2:0e:2c:6c:39:0b:01:fb:6c:3a:01:e2:fc:35:95:
ff:25:6b:e9:c3:46:66:e8:03:46:f0:31:1c:e6:c4:
9f:a3:06:c3:a4:dd:a6:98:c2:82:f1:23:6a:d5:1d:
e0:fe:f0:55:ac:40:f5:69:8d:e6:90:02:24:d4:f7:
32:ca:19:9f:6b:34:a5:c8:5f:dd:fe:e2:c3:85:f1:
a5:3d:11:51:82:39:87:db:b4:f9:3b:1e:b0:75:ca:
9b:c4:5e:04:10:65:e8:e3:a2:41:44:23:18:1e:30:
97:87:94:03:bc:4a:7a:5b:57:9d:9a:f1:68:7e:a3:
58:20:de:55:c2:99:00:46:a6:b4:d8:c6:fa:a9:f9:
9a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:31:AF:E6:51:B4:92:41:1A:60:04:8F:41:B4:F3:C1:EE:12:5E:2F
X509v3 Authority Key Identifier:
keyid:57:13:0F:79:9F:8A:89:85:50:2A:2E:A3:35:60:37:67:40:85:CF:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/rjGv5lG0kkEaYASPQbTzwe4SXi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/5181de-44cd-4654-96fc-d3b90a9b9b41/1/VxMPeZ-KiYVQKi6jNWA3Z0CFz8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.37.0/24
Signature Algorithm: sha256WithRSAEncryption
01:de:70:68:3b:8b:6b:e3:ec:df:a5:dc:ec:f3:fd:c0:2a:f5:
0d:43:8d:f2:2d:df:47:e7:1a:1c:14:61:5a:73:c6:82:05:35:
e8:5b:57:ef:1d:a3:11:a3:de:24:0d:6e:f1:dd:19:22:04:7b:
91:ed:43:47:a2:7d:db:44:14:28:13:27:4b:0a:25:6c:54:f2:
27:b4:76:c0:fc:df:4e:dc:0e:7e:c7:6c:32:21:f6:91:6c:5c:
d0:5c:f0:04:44:ad:77:fb:28:a9:c6:91:82:d2:c0:27:35:15:
09:12:3c:9a:b4:18:4a:45:58:29:fa:81:71:d9:38:4d:50:b8:
93:5d:ec:ef:fc:1d:15:00:c7:7b:6f:60:46:8f:1b:34:da:3c:
30:83:8f:7f:25:cc:cd:cc:91:43:0e:f4:50:5e:5e:8a:b6:30:
4f:b7:c9:af:f8:cd:05:bf:59:de:bf:cd:13:ad:53:e6:94:e7:
0f:2b:c7:4a:5b:00:33:a5:94:50:8a:39:38:2b:38:a8:5c:6c:
e4:ae:1a:d6:8c:4c:b0:56:1b:56:ee:5a:ce:f0:35:d2:fe:ca:
a5:76:1d:05:a0:dc:6b:d4:46:4f:4e:a2:11:06:45:5c:63:fc:
b3:a6:4c:1a:7a:b2:a2:21:57:94:31:13:98:3e:9a:31:03:ee:
e7:43:72:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ7/r94XRrvbQZwWjtawrfx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MTMwZjc5OWY4YTg5ODU1MDJhMmVhMzM1NjAzNzY3NDA4
NWNmY2EwHhcNMjYwNjI1MTY0OTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTMxYWZlNjUxYjQ5MjQxMWE2MDA0OGY0MWI0ZjNjMWVlMTI1ZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA94/L3KFbiyhOyon6RJ/FZs8sa5JN
789Z5tpihC174NIZHxAyAO2i8Org5mZkSU+XBNEPHv+98J76+AdePlag9COXQJR3
3/jcPOI4PaHCTHHlgsX6aCoQSi8RTrhMztmRoerstd4kDZ5XrVCj5qsu+nof7scx
XW3SDixsOQsB+2w6AeL8NZX/JWvpw0Zm6ANG8DEc5sSfowbDpN2mmMKC8SNq1R3g
/vBVrED1aY3mkAIk1PcyyhmfazSlyF/d/uLDhfGlPRFRgjmH27T5Ox6wdcqbxF4E
EGXo46JBRCMYHjCXh5QDvEp6W1edmvFofqNYIN5VwpkARqa02Mb6qfmabwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4xr+ZRtJJBGmAEj0G088HuEl4vMB8GA1UdIwQY
MBaAFFcTD3mfiomFUCouozVgN2dAhc/KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMt
ZDNiOTBhOWI5YjQxLzEvcmpHdjVsRzBra0VhWUFTUFFiVHp3ZTRTWGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MTgxZGUtNDRjZC00NjU0LTk2ZmMtZDNiOTBhOWI5YjQx
LzEvVnhNUGVaLUtpWVZRS2k2ak5XQTNaMENGejhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZUlMA0G
CSqGSIb3DQEBCwUAA4IBAQAB3nBoO4tr4+zfpdzs8/3AKvUNQ43yLd9H5xocFGFa
c8aCBTXoW1fvHaMRo94kDW7x3RkiBHuR7UNHon3bRBQoEydLCiVsVPIntHbA/N9O
3A5+x2wyIfaRbFzQXPAERK13+yipxpGC0sAnNRUJEjyatBhKRVgp+oFx2ThNULiT
Xezv/B0VAMd7b2BGjxs02jwwg49/JczNzJFDDvRQXl6KtjBPt8mv+M0Fv1nev80T
rVPmlOcPK8dKWwAzpZRQijk4KzioXGzkrhrWjEywVhtW7lrO8DXS/sqldh0FoNxr
1EZPTqIRBkVcY/yzpkwaerKiIVeUMROYPpoxA+7nQ3Kh
-----END CERTIFICATE-----
Generated at Mon Jun 29 09:59:59 2026 by rpki-client