Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RfXizWPIOW3ETIPO5ed7NBmKmIE.roa
File: RfXizWPIOW3ETIPO5ed7NBmKmIE.roa (raw, json)
Hash identifier: AwxyKiONwPT/e6iP8BU4hJBYIuc9t3LZNNRhRAivDn4=
Subject key identifier: 45:F5:E2:CD:63:C8:39:6D:C4:4C:83:CE:E5:E7:7B:34:19:8A:98:81
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019D4B993980181D1CF8B5F7FDB4D8A44C18
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RfXizWPIOW3ETIPO5ed7NBmKmIE.roa
Signing time: Thu 02 Apr 2026 00:30:26 +0000
ROA not before: Thu 02 Apr 2026 00:30:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61317
IP address blocks: 77.81.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 Apr 2026 00:30:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4b:99:39:80:18:1d:1c:f8:b5:f7:fd:b4:d8:a4:4c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Apr 2 00:30:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45f5e2cd63c8396dc44c83cee5e77b34198a9881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f2:e3:e3:bd:ce:17:49:c6:1a:1a:76:63:21:
f2:36:58:32:66:24:29:3d:f4:c3:52:76:70:1b:d9:
3c:f6:4f:9b:0c:c3:01:3e:e2:e3:47:29:31:00:49:
62:50:4b:6f:6d:c3:67:4e:71:12:ca:32:d8:17:c8:
05:cf:65:1f:78:43:d7:91:20:53:9a:50:85:a5:1e:
8a:53:fb:8e:08:e5:ec:ac:db:1f:b4:fe:a8:e6:88:
1d:e2:5d:c5:18:23:27:88:26:34:5b:ff:6c:c9:a7:
f3:19:f2:49:6c:be:90:6f:4e:90:46:fc:73:c1:df:
eb:d1:3c:35:a0:ec:3e:d0:a8:ea:21:d8:fe:cc:85:
ac:be:2a:e4:e8:a5:51:5a:1d:5a:2d:63:96:f4:1f:
d2:5e:03:1c:18:92:b6:e9:98:84:7e:fb:20:73:2e:
40:38:95:06:54:fd:2c:28:a2:b2:25:92:54:52:46:
59:8f:5e:8f:45:a8:bd:18:86:27:71:66:cf:40:3e:
a3:f3:7c:36:92:42:3d:b4:44:46:41:73:d9:f6:42:
c1:14:a2:10:ec:d8:cc:e8:c0:3e:44:ba:f8:1d:05:
ff:a1:b6:00:38:62:db:40:ca:1b:bb:4a:c3:f2:4d:
7c:73:23:d8:3b:f6:26:1d:80:47:fa:f5:49:aa:be:
cd:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:F5:E2:CD:63:C8:39:6D:C4:4C:83:CE:E5:E7:7B:34:19:8A:98:81
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/RfXizWPIOW3ETIPO5ed7NBmKmIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.81.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d0:4d:74:93:0d:a9:7e:ed:af:9b:35:53:7e:93:4c:cd:ec:
3c:5b:56:bb:7a:ed:38:0d:0f:d3:3f:72:4e:fe:2e:1a:18:35:
0c:f6:b8:fb:31:81:83:cd:44:51:66:56:15:e7:05:2b:e8:82:
59:e3:fa:ac:28:e8:02:80:58:c6:84:29:bc:57:7f:60:8b:dc:
4b:73:41:8f:18:28:d2:0f:6b:42:f9:e2:88:bd:43:dc:ca:e4:
ce:65:fc:bd:e2:3f:09:55:ae:e1:a1:28:d6:9d:1b:a7:0a:77:
74:73:cf:e6:42:99:dd:ee:f2:d7:70:9b:ff:a2:7e:84:cc:74:
b9:25:fa:bd:03:9f:41:51:5e:0c:23:d1:37:0a:85:13:b3:9f:
cf:1d:34:06:c5:f1:ff:f3:0e:9d:f9:f9:33:4d:ac:d1:49:7e:
40:e1:13:1b:ee:53:3a:8e:8b:66:e5:10:12:c5:11:1e:10:54:
65:f1:b4:9c:f2:d1:78:a6:64:cf:18:09:d4:da:e2:9d:27:4a:
b2:37:93:1f:3d:5c:4b:66:b2:1c:c1:60:d5:a3:b5:99:e3:96:
63:a8:61:ec:6d:ab:ab:a1:9f:9c:c9:9f:62:f9:e5:86:94:87:
d4:3a:cc:95:66:9e:13:ee:5e:f0:13:27:97:34:1b:3e:fd:06:
c7:31:49:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1LmTmAGB0c+LX3/bTYpEwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjYwNDAyMDAzMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWY1ZTJjZDYzYzgzOTZkYzQ0YzgzY2VlNWU3N2IzNDE5OGE5ODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvLj473OF0nGGhp2YyHyNlgyZiQp
PfTDUnZwG9k89k+bDMMBPuLjRykxAEliUEtvbcNnTnESyjLYF8gFz2UfeEPXkSBT
mlCFpR6KU/uOCOXsrNsftP6o5ogd4l3FGCMniCY0W/9syafzGfJJbL6Qb06QRvxz
wd/r0Tw1oOw+0KjqIdj+zIWsvirk6KVRWh1aLWOW9B/SXgMcGJK26ZiEfvsgcy5A
OJUGVP0sKKKyJZJUUkZZj16PRai9GIYncWbPQD6j83w2kkI9tERGQXPZ9kLBFKIQ
7NjM6MA+RLr4HQX/obYAOGLbQMobu0rD8k18cyPYO/YmHYBH+vVJqr7NJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEX14s1jyDltxEyDzuXnezQZipiBMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvUmZYaXpXUElPVzNFVElQTzVlZDdOQm1LbUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATVEBMA0G
CSqGSIb3DQEBCwUAA4IBAQAd0E10kw2pfu2vmzVTfpNMzew8W1a7eu04DQ/TP3JO
/i4aGDUM9rj7MYGDzURRZlYV5wUr6IJZ4/qsKOgCgFjGhCm8V39gi9xLc0GPGCjS
D2tC+eKIvUPcyuTOZfy94j8JVa7hoSjWnRunCnd0c8/mQpnd7vLXcJv/on6EzHS5
Jfq9A59BUV4MI9E3CoUTs5/PHTQGxfH/8w6d+fkzTazRSX5A4RMb7lM6jotm5RAS
xREeEFRl8bSc8tF4pmTPGAnU2uKdJ0qyN5MfPVxLZrIcwWDVo7WZ45ZjqGHsbaur
oZ+cyZ9i+eWGlIfUOsyVZp4T7l7wEyeXNBs+/QbHMUkI
-----END CERTIFICATE-----
Generated at Thu Apr 2 09:01:22 2026 by rpki-client