Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IjZEx1eHpkQjZ-ES_Rg9N95_Zzg.roa
File: IjZEx1eHpkQjZ-ES_Rg9N95_Zzg.roa (raw, json)
Hash identifier: 5Sm4tdW+S9NYYEZ3KZhaD241AoDsBp/MjQHfJVYoRSk=
Subject key identifier: 22:36:44:C7:57:87:A6:44:23:67:E1:12:FD:18:3D:37:DE:7F:67:38
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019CF207E5DA58425F27A1E67CD36D2E9742
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IjZEx1eHpkQjZ-ES_Rg9N95_Zzg.roa
Signing time: Sun 15 Mar 2026 15:05:29 +0000
ROA not before: Sun 15 Mar 2026 15:05:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204104
IP address blocks: 45.11.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f2:07:e5:da:58:42:5f:27:a1:e6:7c:d3:6d:2e:97:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Mar 15 15:05:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=223644c75787a6442367e112fd183d37de7f6738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:4b:5c:d8:d8:4b:c9:7a:f6:28:8e:0d:4c:66:
50:8c:4f:d6:88:7e:2c:18:20:bd:5b:34:ca:fd:7f:
e9:be:a4:5d:8f:f2:3b:b7:df:fa:c2:e9:e8:f7:b8:
d8:38:a7:db:78:27:8a:87:d0:66:82:a2:d0:d0:11:
24:99:69:50:50:94:9d:94:2b:50:a3:04:ad:fa:df:
4e:82:8a:d0:ee:f4:9f:12:6f:e0:d6:2b:44:f0:b4:
cf:a0:ec:fb:af:46:ad:35:d2:40:79:cf:ca:b5:4c:
b7:b4:39:a8:11:58:d7:e2:6b:fd:e0:93:62:bf:8d:
8d:e4:c5:2f:0f:49:6d:4c:eb:a4:61:7b:42:2c:d2:
4c:c2:6c:6d:b3:fd:c7:3d:0f:99:29:e2:82:36:89:
9e:e7:c4:db:0c:09:04:5c:79:9f:2a:be:62:4e:3d:
cc:e8:54:ab:49:f2:3f:c7:d2:11:7d:aa:d2:e7:70:
19:97:d7:23:5e:80:02:db:5b:13:c9:24:c3:50:a0:
ea:68:5e:d7:fc:e0:21:f6:34:c0:ed:fe:68:d1:1c:
71:b1:d9:90:fe:ea:21:88:2b:ab:57:e5:5d:70:02:
a4:fc:2b:82:71:13:ab:65:33:3f:0c:b6:13:0a:09:
78:f3:4c:e8:8c:e9:2b:57:06:be:79:b2:ca:a5:2c:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:36:44:C7:57:87:A6:44:23:67:E1:12:FD:18:3D:37:DE:7F:67:38
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IjZEx1eHpkQjZ-ES_Rg9N95_Zzg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.184.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:92:28:4f:44:e7:4f:77:bb:9e:e4:e2:67:39:3d:82:1e:ae:
e1:cd:34:1b:59:68:de:d3:43:dc:bd:73:b7:50:9b:fa:6c:08:
65:3e:ec:64:e7:40:38:fa:79:b5:71:f9:ad:32:d4:50:04:a0:
d0:8c:d0:5e:8e:18:17:4a:be:c8:a8:7f:a3:da:7b:ab:d2:14:
90:cf:e9:d7:3e:a0:5f:f3:67:e4:0d:2d:6f:b1:0c:9d:af:73:
b8:71:5f:4e:84:6a:49:59:76:a9:31:67:11:fc:6a:58:47:d1:
c9:07:ef:4e:e7:d2:96:53:f0:15:a3:73:88:32:f6:5f:da:cb:
b5:61:04:29:c7:67:18:02:a9:e9:4c:a2:19:af:88:3e:22:ab:
30:04:b9:53:87:4e:2c:76:fc:c1:2e:22:6b:ce:40:db:65:01:
04:bc:25:e5:cf:44:4f:b0:38:d6:cb:55:ae:4a:65:62:10:b0:
ec:da:4f:b9:1b:f5:3d:c1:a7:3c:42:cc:23:db:38:91:ed:1c:
a6:af:05:b9:60:66:1a:2d:34:ed:db:4c:25:b0:56:a0:0a:d3:
de:66:00:6d:ca:5d:45:0c:65:47:c8:cc:49:d9:10:58:3f:87:
0f:d1:67:5a:0d:cd:aa:51:c4:d6:d1:36:18:7a:dd:4f:8a:9d:
33:f4:d9:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZzyB+XaWEJfJ6HmfNNtLpdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMzE1MTUwNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM2NDRjNzU3ODdhNjQ0MjM2N2UxMTJmZDE4M2QzN2RlN2Y2NzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30tc2NhLyXr2KI4NTGZQjE/WiH4s
GCC9WzTK/X/pvqRdj/I7t9/6wuno97jYOKfbeCeKh9BmgqLQ0BEkmWlQUJSdlCtQ
owSt+t9OgorQ7vSfEm/g1itE8LTPoOz7r0atNdJAec/KtUy3tDmoEVjX4mv94JNi
v42N5MUvD0ltTOukYXtCLNJMwmxts/3HPQ+ZKeKCNome58TbDAkEXHmfKr5iTj3M
6FSrSfI/x9IRfarS53AZl9cjXoAC21sTySTDUKDqaF7X/OAh9jTA7f5o0RxxsdmQ
/uohiCurV+VdcAKk/CuCcROrZTM/DLYTCgl480zojOkrVwa+ebLKpSyqiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCI2RMdXh6ZEI2fhEv0YPTfef2c4MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvSWpaRXgxZUhwa1FqWi1FU19SZzlOOTVfWnpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQu4MA0G
CSqGSIb3DQEBCwUAA4IBAQBOkihPROdPd7ue5OJnOT2CHq7hzTQbWWje00PcvXO3
UJv6bAhlPuxk50A4+nm1cfmtMtRQBKDQjNBejhgXSr7IqH+j2nur0hSQz+nXPqBf
82fkDS1vsQydr3O4cV9OhGpJWXapMWcR/GpYR9HJB+9O59KWU/AVo3OIMvZf2su1
YQQpx2cYAqnpTKIZr4g+IqswBLlTh04sdvzBLiJrzkDbZQEEvCXlz0RPsDjWy1Wu
SmViELDs2k+5G/U9wac8Qswj2ziR7RymrwW5YGYaLTTt20wlsFagCtPeZgBtyl1F
DGVHyMxJ2RBYP4cP0WdaDc2qUcTW0TYYet1Pip0z9Nnn
-----END CERTIFICATE-----
Generated at Sun Mar 22 06:29:32 2026 by rpki-client