Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/17br9XZ9xnmxnUIW7RS9RNYXUx8.roa
File: 17br9XZ9xnmxnUIW7RS9RNYXUx8.roa (raw, json)
Hash identifier: ji5yJKx3YfXXQf/Z9AvzU3ITxu8fLBMTdnNA3VVV228=
Subject key identifier: D7:B6:EB:F5:76:7D:C6:79:B1:9D:42:16:ED:14:BD:44:D6:17:53:1F
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D2E0A42C357B631CD57E18C21A4813096
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/17br9XZ9xnmxnUIW7RS9RNYXUx8.roa
Signing time: Fri 27 Mar 2026 06:45:17 +0000
ROA not before: Fri 27 Mar 2026 06:45:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 06:45:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:0a:42:c3:57:b6:31:cd:57:e1:8c:21:a4:81:30:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Mar 27 06:45:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7b6ebf5767dc679b19d4216ed14bd44d617531f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1d:26:1b:95:d1:eb:9b:b4:f5:03:75:74:3a:
33:38:45:de:34:a3:6a:2e:74:7e:89:20:14:7c:b1:
b5:de:fc:fe:55:7d:ad:9f:40:d6:f7:c0:f1:38:13:
7a:6d:a7:92:dd:e8:d2:d8:f4:bd:c6:d3:2d:1f:92:
2e:b1:8c:c3:2e:aa:07:64:2f:6b:e6:fe:58:8b:9f:
6d:f9:6b:de:73:e0:07:62:59:31:7a:4f:bd:6f:40:
6c:16:6d:b0:78:51:77:9f:1d:87:f4:3b:68:65:28:
24:83:8f:27:22:07:67:34:79:21:52:8b:75:53:ac:
8b:d2:37:42:62:be:24:06:f6:af:88:89:d7:8e:82:
34:92:63:08:e9:cb:c9:d7:a4:bb:7b:cd:c1:5f:bb:
52:99:33:03:ff:fe:3d:12:f4:fa:33:c9:79:94:75:
32:f2:aa:ec:15:a4:04:86:d7:a7:d2:0d:27:bb:28:
82:79:f9:bb:7b:b0:e7:ee:a2:82:d3:fb:28:bb:16:
1c:0c:e1:ca:e0:9f:a0:f7:d6:69:99:68:60:a7:64:
d1:85:9a:13:e7:65:8a:31:65:f1:56:fe:8b:70:43:
f8:5e:99:c6:cd:d4:e7:11:97:b6:d8:cb:25:36:0b:
48:c7:da:e8:07:4d:89:13:ea:38:43:94:6f:84:68:
a8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B6:EB:F5:76:7D:C6:79:B1:9D:42:16:ED:14:BD:44:D6:17:53:1F
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/17br9XZ9xnmxnUIW7RS9RNYXUx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
Signature Algorithm: sha256WithRSAEncryption
26:fa:ea:9b:ab:6b:d7:68:ca:3e:e6:92:a6:f7:e0:82:6b:c4:
c4:54:6a:df:13:a9:23:61:c8:01:d7:af:92:96:b9:9c:df:4b:
ac:00:a1:4c:e8:20:ed:ac:d0:24:5a:9e:b5:67:66:ef:69:9e:
61:da:16:4b:72:40:41:a2:f5:52:86:24:76:42:12:78:05:97:
12:02:68:cf:9a:b1:c3:cc:a2:42:f6:df:29:24:cc:17:8f:55:
f2:87:6a:93:1b:28:b8:40:b3:95:fc:c1:20:5a:6c:15:c5:39:
7b:0d:4d:fc:e2:a7:9a:2b:c8:bd:b0:c2:e3:97:f6:85:0f:1e:
c1:c6:c6:b6:23:de:0e:03:12:ce:75:ff:d8:5a:1e:5e:3d:3e:
be:00:7c:d3:7a:52:29:49:21:e9:cf:a0:9b:39:76:67:22:fc:
52:e0:d3:2e:0b:a4:6a:fd:14:bf:5b:18:8b:f4:06:b6:d7:67:
6d:90:c6:6e:8a:3c:3f:01:01:3a:44:81:b2:17:8d:ff:d7:75:
dd:19:1f:69:8e:f6:fb:bb:e7:9c:a9:76:82:91:2e:2c:3a:65:
39:eb:1d:43:d9:7a:6e:e7:ba:53:27:4a:30:45:6f:d0:dd:46:
16:bc:7f:04:16:cf:f6:a2:22:82:5b:aa:d4:4c:6b:6e:c4:6f:
ab:35:5f:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0uCkLDV7YxzVfhjCGkgTCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMzI3MDY0NTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2I2ZWJmNTc2N2RjNjc5YjE5ZDQyMTZlZDE0YmQ0NGQ2MTc1MzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxh0mG5XR65u09QN1dDozOEXeNKNq
LnR+iSAUfLG13vz+VX2tn0DW98DxOBN6baeS3ejS2PS9xtMtH5IusYzDLqoHZC9r
5v5Yi59t+Wvec+AHYlkxek+9b0BsFm2weFF3nx2H9DtoZSgkg48nIgdnNHkhUot1
U6yL0jdCYr4kBvaviInXjoI0kmMI6cvJ16S7e83BX7tSmTMD//49EvT6M8l5lHUy
8qrsFaQEhten0g0nuyiCefm7e7Dn7qKC0/souxYcDOHK4J+g99ZpmWhgp2TRhZoT
52WKMWXxVv6LcEP4XpnGzdTnEZe22MslNgtIx9roB02JE+o4Q5RvhGiooQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNe26/V2fcZ5sZ1CFu0UvUTWF1MfMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvMTdicjlYWjl4bm14blVJVzdSUzlSTllYVXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVEQMA0G
CSqGSIb3DQEBCwUAA4IBAQAm+uqbq2vXaMo+5pKm9+CCa8TEVGrfE6kjYcgB16+S
lrmc30usAKFM6CDtrNAkWp61Z2bvaZ5h2hZLckBBovVShiR2QhJ4BZcSAmjPmrHD
zKJC9t8pJMwXj1Xyh2qTGyi4QLOV/MEgWmwVxTl7DU384qeaK8i9sMLjl/aFDx7B
xsa2I94OAxLOdf/YWh5ePT6+AHzTelIpSSHpz6CbOXZnIvxS4NMuC6Rq/RS/WxiL
9Aa212dtkMZuijw/AQE6RIGyF43/13XdGR9pjvb7u+ecqXaCkS4sOmU56x1D2Xpu
57pTJ0owRW/Q3UYWvH8EFs/2oiKCW6rUTGtuxG+rNV96
-----END CERTIFICATE-----
Generated at Fri Mar 27 16:33:56 2026 by rpki-client