Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xoiKigD4GpSk2oDpZ-UZQb95lgw.roa
File: xoiKigD4GpSk2oDpZ-UZQb95lgw.roa (raw, json)
Hash identifier: GkEe8DoCNTSXv7SNMDVQw9edA6CndXNdC6Jqem9Q90o=
Subject key identifier: C6:88:8A:8A:00:F8:1A:94:A4:DA:80:E9:67:E5:19:41:BF:79:96:0C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CE84483E18DCF010492DE55B716243857
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xoiKigD4GpSk2oDpZ-UZQb95lgw.roa
Signing time: Fri 13 Mar 2026 17:35:30 +0000
ROA not before: Fri 13 Mar 2026 17:35:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 45.87.243.0/24 maxlen: 24
45.146.128.0/24 maxlen: 24
2a06:1180:100::/48 maxlen: 48
2a06:1180:36af::/48 maxlen: 48
2a09:17c0:1000::/48 maxlen: 48
2a0e:c785:1::/48 maxlen: 48
2a0f:e6c7::/32 maxlen: 32
2a12:ac43:baca::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 08:03:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e8:44:83:e1:8d:cf:01:04:92:de:55:b7:16:24:38:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 13 17:35:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c6888a8a00f81a94a4da80e967e51941bf79960c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6e:0a:68:c4:69:7c:0b:1a:96:17:5f:f4:af:
26:31:fa:58:c1:6d:d8:84:06:d9:a8:3f:75:4f:24:
54:b6:7c:92:ba:4e:09:2f:8b:6f:3a:cd:39:98:0f:
e3:88:27:3f:e6:75:cd:43:15:f2:21:c1:75:b4:58:
d9:bb:4c:a9:42:06:68:34:35:81:8c:7e:84:de:04:
2b:f2:e0:3f:e8:f8:e8:f6:cb:9c:e7:93:1c:62:7e:
8b:83:81:02:85:02:30:5b:5c:f6:02:92:1f:28:d7:
c5:ed:08:5b:d7:5a:af:a3:3c:f5:2f:e3:55:08:7a:
c4:48:47:cf:ca:54:7b:e1:e2:11:b6:b6:f1:f7:92:
51:bc:e0:d7:5e:df:f3:02:5a:d8:fe:85:31:8b:44:
bb:a0:d6:c2:b1:ed:e9:0b:23:20:4d:13:9f:ef:3d:
18:9b:ed:45:d5:07:88:25:f1:21:21:e9:3a:82:04:
12:5e:1c:32:b8:29:86:eb:0f:10:63:ba:3d:a9:22:
f3:c6:c8:e4:c5:12:2f:bc:be:e3:43:b0:5b:0d:e2:
fe:d7:2f:99:5c:31:cb:8e:80:a1:d7:eb:3a:11:2e:
97:96:9c:43:08:26:f4:30:1b:32:73:82:ad:35:de:
ae:c4:05:30:57:54:c8:13:50:32:65:bd:cf:b7:8c:
db:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:88:8A:8A:00:F8:1A:94:A4:DA:80:E9:67:E5:19:41:BF:79:96:0C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/xoiKigD4GpSk2oDpZ-UZQb95lgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.243.0/24
45.146.128.0/24
IPv6:
2a06:1180:100::/48
2a06:1180:36af::/48
2a09:17c0:1000::/48
2a0e:c785:1::/48
2a0f:e6c7::/32
2a12:ac43:baca::/48
Signature Algorithm: sha256WithRSAEncryption
c8:7b:92:32:07:98:2c:c5:f3:fe:6f:8c:8d:9c:4e:21:dc:b0:
06:19:74:0e:20:45:fe:4b:f7:04:84:72:4c:66:b4:f5:fa:52:
8f:5f:4c:f4:81:1b:e9:a4:55:b5:0b:20:4d:53:2b:96:32:4f:
d7:a0:3b:3c:b7:bd:23:8a:6b:c9:e4:e0:63:33:b9:0f:b5:67:
5f:84:74:7c:4c:dd:14:41:e7:6d:f4:ca:0f:1b:36:de:f4:5e:
bb:b3:d6:a7:08:cb:06:88:a8:a3:6e:85:3f:ba:b8:c9:be:26:
67:1a:1f:ed:d1:81:bb:ee:6b:a9:9d:fe:30:a4:4d:ca:dd:0f:
57:76:13:e8:0a:e7:75:cc:6a:e4:44:21:be:cb:9e:7f:ae:af:
9b:99:8e:50:6a:c8:27:b1:50:6f:cd:ea:3c:df:43:55:79:bf:
21:92:e4:c1:39:bc:25:5b:da:9b:64:a9:db:d0:ff:9e:e8:7d:
70:d4:50:ee:7a:c1:9c:79:bf:86:c6:61:81:a9:9f:0b:a2:13:
62:cd:0b:60:0b:70:14:ff:b9:0f:42:1d:7d:6a:2c:cd:46:04:
e1:1f:c7:45:3f:e3:6d:22:82:ae:c9:c2:dd:aa:b6:cf:d7:eb:
0c:24:b2:6a:02:33:80:d3:25:c3:fb:3e:ce:bf:90:02:e6:ba:
90:b2:bd:f6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZzoRIPhjc8BBJLeVbcWJDhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzEzMTczNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg4OGE4YTAwZjgxYTk0YTRkYTgwZTk2N2U1MTk0MWJmNzk5NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm24KaMRpfAsalhdf9K8mMfpYwW3Y
hAbZqD91TyRUtnySuk4JL4tvOs05mA/jiCc/5nXNQxXyIcF1tFjZu0ypQgZoNDWB
jH6E3gQr8uA/6Pjo9suc55McYn6Lg4EChQIwW1z2ApIfKNfF7Qhb11qvozz1L+NV
CHrESEfPylR74eIRtrbx95JRvODXXt/zAlrY/oUxi0S7oNbCse3pCyMgTROf7z0Y
m+1F1QeIJfEhIek6ggQSXhwyuCmG6w8QY7o9qSLzxsjkxRIvvL7jQ7BbDeL+1y+Z
XDHLjoCh1+s6ES6XlpxDCCb0MBsyc4KtNd6uxAUwV1TIE1AyZb3Pt4zbQQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMaIiooA+BqUpNqA6WflGUG/eZYMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEveG9pS2lnRDRHcFNrMm9EcFotVVpRYjk1bGd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDASBAIAATAMAwQALVfzAwQA
LZKAMDoEAgACMDQDBwAqBhGAAQADBwAqBhGANq8DBwAqCRfAEAADBwAqDseFAAED
BQAqD+bHAwcAKhKsQ7rKMA0GCSqGSIb3DQEBCwUAA4IBAQDIe5IyB5gsxfP+b4yN
nE4h3LAGGXQOIEX+S/cEhHJMZrT1+lKPX0z0gRvppFW1CyBNUyuWMk/XoDs8t70j
imvJ5OBjM7kPtWdfhHR8TN0UQedt9MoPGzbe9F67s9anCMsGiKijboU/urjJviZn
Gh/t0YG77mupnf4wpE3K3Q9XdhPoCud1zGrkRCG+y55/rq+bmY5QasgnsVBvzeo8
30NVeb8hkuTBObwlW9qbZKnb0P+e6H1w1FDuesGceb+GxmGBqZ8LohNizQtgC3AU
/7kPQh19aizNRgThH8dFP+NtIoKuycLdqrbP1+sMJLJqAjOA0yXD+z7Ov5AC5rqQ
sr32
-----END CERTIFICATE-----
Generated at Thu Mar 19 12:31:10 2026 by rpki-client