Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IsBBsngSbH8D8ll-zq-eILoo78k.roa
File: IsBBsngSbH8D8ll-zq-eILoo78k.roa (raw, json)
Hash identifier: IhxGipNDNaViG3gc042e0dM0fgWzrITGBsZ2jJSSTNs=
Subject key identifier: 22:C0:41:B2:78:12:6C:7F:03:F2:59:7E:CE:AF:9E:20:BA:28:EF:C9
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019C948BF93F79EF6653DE375240432F18E2
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IsBBsngSbH8D8ll-zq-eILoo78k.roa
Signing time: Wed 25 Feb 2026 11:25:27 +0000
ROA not before: Wed 25 Feb 2026 11:25:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.16.0/23 maxlen: 24
45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Mar 2026 16:58:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:8b:f9:3f:79:ef:66:53:de:37:52:40:43:2f:18:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Feb 25 11:25:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=22c041b278126c7f03f2597eceaf9e20ba28efc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2f:cb:38:f8:5f:25:76:fc:26:42:6f:21:b0:
b6:a1:59:a1:5c:0c:59:f3:71:f6:ae:05:d0:2f:03:
45:56:57:94:89:97:ee:71:4c:64:14:0b:31:2b:d0:
c2:cb:64:3d:7c:ea:03:e2:52:a3:7c:8a:30:09:41:
8d:93:69:b8:38:6b:ad:da:ef:83:10:50:b3:33:58:
fe:90:49:3a:34:d5:a3:cb:5b:70:65:55:14:8a:e0:
77:a5:e1:b6:6a:57:c0:0f:74:b8:3f:20:ae:82:92:
3a:69:9f:8c:66:21:39:b1:b5:03:70:ef:aa:4b:5b:
b0:fa:48:f6:8f:4e:83:16:41:b4:6a:47:67:e7:10:
4d:19:c7:9d:bd:ef:fd:36:4f:14:90:e1:a7:43:96:
ac:29:c0:47:0f:22:22:27:0b:3f:75:be:4d:8f:34:
50:f7:94:2a:39:ba:c5:f5:fd:72:61:7a:45:98:31:
6d:02:1e:3b:ba:cd:83:59:48:25:6d:da:9d:50:dd:
21:af:8b:e1:ad:4a:ed:d9:0b:f6:b9:3c:00:af:e6:
3f:80:06:11:ce:3e:c8:55:d5:ff:4f:4b:7e:81:5e:
ed:91:bd:42:3d:d4:b0:6d:6a:08:58:3f:38:c2:3a:
80:45:94:5f:c7:59:1f:6e:5c:ef:03:af:d2:57:ad:
0f:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C0:41:B2:78:12:6C:7F:03:F2:59:7E:CE:AF:9E:20:BA:28:EF:C9
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/IsBBsngSbH8D8ll-zq-eILoo78k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:1f:fb:e3:00:cb:cf:a1:d6:f5:82:02:24:2c:d9:de:93:c2:
f6:79:2b:60:e3:28:46:c2:cd:55:07:bc:f7:ce:e0:16:9d:4a:
70:5e:80:27:a0:c7:f4:32:5b:a2:9b:1b:cc:90:10:85:da:8e:
d8:ee:08:04:d7:d3:9c:1c:39:d9:72:9c:22:0c:68:7a:09:af:
64:12:c2:68:90:06:07:21:42:99:51:f1:e4:de:19:7c:62:9f:
b6:b9:80:f0:48:4c:45:49:b2:2d:b6:30:b8:29:c7:cb:fa:d3:
8c:bf:5a:53:7e:e0:ef:e5:78:e2:85:10:67:09:89:64:73:b2:
d8:8c:ff:e0:bd:1e:4c:3d:f7:8e:ec:b4:d4:e8:e7:b3:cf:2f:
ff:aa:c5:43:a2:b9:e2:9b:2a:c6:6e:b9:8d:e9:16:01:df:3d:
c1:44:d6:df:d9:84:67:a9:3f:03:d5:e0:35:75:9e:fc:8c:57:
e6:c6:74:ea:87:fb:30:ec:09:11:71:ee:58:64:d4:7e:93:c7:
1e:bd:8e:8f:79:93:00:d9:af:43:76:4b:ce:57:f8:34:5f:78:
71:eb:c2:f4:86:5e:5f:09:55:f3:d5:42:30:1a:81:e8:4e:15:
c8:bb:7a:00:29:85:8e:7b:97:8c:69:92:d2:ec:95:98:e4:ae:
fe:d1:d3:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyUi/k/ee9mU943UkBDLxjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMjI1MTEyNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmMwNDFiMjc4MTI2YzdmMDNmMjU5N2VjZWFmOWUyMGJhMjhlZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0S/LOPhfJXb8JkJvIbC2oVmhXAxZ
83H2rgXQLwNFVleUiZfucUxkFAsxK9DCy2Q9fOoD4lKjfIowCUGNk2m4OGut2u+D
EFCzM1j+kEk6NNWjy1twZVUUiuB3peG2alfAD3S4PyCugpI6aZ+MZiE5sbUDcO+q
S1uw+kj2j06DFkG0akdn5xBNGcedve/9Nk8UkOGnQ5asKcBHDyIiJws/db5NjzRQ
95QqObrF9f1yYXpFmDFtAh47us2DWUglbdqdUN0hr4vhrUrt2Qv2uTwAr+Y/gAYR
zj7IVdX/T0t+gV7tkb1CPdSwbWoIWD84wjqARZRfx1kfblzvA6/SV60PjwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLAQbJ4Emx/A/JZfs6vniC6KO/JMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvSXNCQnNuZ1NiSDhEOGxsLXpxLWVJTG9vNzhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQB9H/vjAMvPodb1ggIkLNnek8L2eStg4yhG
ws1VB7z3zuAWnUpwXoAnoMf0MluimxvMkBCF2o7Y7ggE19OcHDnZcpwiDGh6Ca9k
EsJokAYHIUKZUfHk3hl8Yp+2uYDwSExFSbIttjC4KcfL+tOMv1pTfuDv5XjihRBn
CYlkc7LYjP/gvR5MPfeO7LTU6Oezzy//qsVDornimyrGbrmN6RYB3z3BRNbf2YRn
qT8D1eA1dZ78jFfmxnTqh/sw7AkRce5YZNR+k8cevY6PeZMA2a9DdkvOV/g0X3hx
68L0hl5fCVXz1UIwGoHoThXIu3oAKYWOe5eMaZLS7JWY5K7+0dO6
-----END CERTIFICATE-----
Generated at Sat Feb 28 23:11:29 2026 by rpki-client