Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kORGoCDSZ_paEwq2Y_45oU6ICH4.roa
File: kORGoCDSZ_paEwq2Y_45oU6ICH4.roa (raw, json)
Hash identifier: IlMhsSdBDecqb89glyDv40NsXp/JITQswQYTf4ktQEk=
Subject key identifier: 90:E4:46:A0:20:D2:67:FA:5A:13:0A:B6:63:FE:39:A1:4E:88:08:7E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CE2D75F4A72B022D623D4EED16C0D46AC
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kORGoCDSZ_paEwq2Y_45oU6ICH4.roa
Signing time: Thu 12 Mar 2026 16:18:11 +0000
ROA not before: Thu 12 Mar 2026 16:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213887
IP address blocks: 45.145.56.0/24 maxlen: 24
45.149.147.0/24 maxlen: 24
185.126.67.0/24 maxlen: 24
195.66.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 14:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:d7:5f:4a:72:b0:22:d6:23:d4:ee:d1:6c:0d:46:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 12 16:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90e446a020d267fa5a130ab663fe39a14e88087e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:84:a4:dd:b2:0a:05:a4:01:01:f3:c3:0f:bd:
c9:4a:8b:f6:7a:52:fb:9c:73:e0:fb:51:33:94:c1:
21:19:36:76:e9:ab:b5:be:e9:39:eb:48:2d:ce:6e:
b0:48:25:92:66:70:85:22:27:87:8c:10:3d:88:1f:
69:20:22:a2:6f:55:23:eb:5e:72:00:91:dd:c8:6a:
78:53:01:4a:ae:2b:c2:47:b4:81:b5:dc:26:b8:79:
a5:8d:91:ae:7e:c5:0e:97:26:48:d5:b1:b3:6a:29:
64:93:b9:f1:d8:7c:64:2a:59:9e:e8:fc:2c:3f:52:
c2:78:75:1b:20:4c:bd:c8:6f:06:f0:f7:e9:5d:66:
9b:8c:d8:52:80:1c:f0:6f:f3:d9:45:da:06:c3:ff:
e6:16:21:da:a1:1b:b5:f6:5e:7f:ed:ff:ec:42:8b:
b9:08:55:1d:da:6d:3d:e4:12:58:1b:48:3d:bd:68:
4f:02:a1:d0:1a:00:f9:b9:94:dd:9c:e5:31:03:e0:
79:66:78:37:a8:e5:b0:0a:63:bb:6a:15:62:3f:98:
68:2c:09:98:0b:8a:52:af:d9:d1:e4:3b:c7:50:a3:
6a:35:75:b8:c7:32:a6:ea:cf:b2:f7:48:1d:c5:3e:
0b:e0:41:be:e0:f7:98:94:b9:aa:35:61:68:34:1e:
39:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:E4:46:A0:20:D2:67:FA:5A:13:0A:B6:63:FE:39:A1:4E:88:08:7E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/kORGoCDSZ_paEwq2Y_45oU6ICH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.56.0/24
45.149.147.0/24
185.126.67.0/24
195.66.24.0/24
Signature Algorithm: sha256WithRSAEncryption
85:94:14:23:62:fe:15:b3:5e:bf:66:8c:5a:90:f5:ad:65:e2:
eb:36:77:a5:71:c9:f2:42:b4:50:5e:6a:af:bd:e4:69:5e:ac:
20:94:a3:d9:c2:45:10:21:6b:bb:bc:5a:e7:d8:34:8c:be:55:
74:e2:eb:bf:93:f3:ae:c8:e0:4a:76:18:4c:0f:5a:ed:16:23:
97:c9:b2:81:8e:8e:46:ca:db:ad:96:55:35:4a:91:9f:16:c2:
a4:25:98:13:4d:f8:e0:bf:a7:98:02:9c:40:33:27:82:a8:21:
b7:a4:13:99:fe:6f:b3:50:77:15:b6:82:38:3b:71:fb:1d:79:
a6:1c:39:27:d9:78:a6:d2:a1:15:3f:92:b3:b5:79:a9:9b:2b:
32:1a:22:93:8c:50:6d:0d:1a:59:7b:fe:2e:5b:34:4e:c0:48:
5e:28:6f:0c:99:99:77:fd:4c:20:f9:f5:b1:26:16:b5:f0:83:
a3:d4:08:56:99:91:07:45:56:0e:77:36:d5:92:27:c8:32:ba:
b9:33:82:b2:cc:c0:80:c2:a8:8a:ab:e2:ee:83:43:77:76:5b:
57:78:37:47:b3:a8:1f:36:11:d4:06:e3:30:e5:f6:44:7c:da:
81:f6:db:ef:ca:97:3a:d1:65:bc:23:30:d5:01:0a:cd:c6:fb:
c4:9f:e8:cc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzi119KcrAi1iPU7tFsDUasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzEyMTYxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGU0NDZhMDIwZDI2N2ZhNWExMzBhYjY2M2ZlMzlhMTRlODgwODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YSk3bIKBaQBAfPDD73JSov2elL7
nHPg+1EzlMEhGTZ26au1vuk560gtzm6wSCWSZnCFIieHjBA9iB9pICKib1Uj615y
AJHdyGp4UwFKrivCR7SBtdwmuHmljZGufsUOlyZI1bGzailkk7nx2HxkKlme6Pws
P1LCeHUbIEy9yG8G8PfpXWabjNhSgBzwb/PZRdoGw//mFiHaoRu19l5/7f/sQou5
CFUd2m095BJYG0g9vWhPAqHQGgD5uZTdnOUxA+B5Zng3qOWwCmO7ahViP5hoLAmY
C4pSr9nR5DvHUKNqNXW4xzKm6s+y90gdxT4L4EG+4PeYlLmqNWFoNB45xwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJDkRqAg0mf6WhMKtmP+OaFOiAh+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEva09SR29DRFNaX3BhRXdxMllfNDVvVTZJQ0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZE4AwQA
LZWTAwQAuX5DAwQAw0IYMA0GCSqGSIb3DQEBCwUAA4IBAQCFlBQjYv4Vs16/Zoxa
kPWtZeLrNnelccnyQrRQXmqvveRpXqwglKPZwkUQIWu7vFrn2DSMvlV04uu/k/Ou
yOBKdhhMD1rtFiOXybKBjo5GytutllU1SpGfFsKkJZgTTfjgv6eYApxAMyeCqCG3
pBOZ/m+zUHcVtoI4O3H7HXmmHDkn2Xim0qEVP5KztXmpmysyGiKTjFBtDRpZe/4u
WzROwEheKG8MmZl3/Uwg+fWxJha18IOj1AhWmZEHRVYOdzbVkifIMrq5M4KyzMCA
wqiKq+Lug0N3dltXeDdHs6gfNhHUBuMw5fZEfNqB9tvvypc60WW8IzDVAQrNxvvE
n+jM
-----END CERTIFICATE-----
Generated at Sat Mar 21 22:42:59 2026 by rpki-client