Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dCfpsPGaI9EPpHHA1tpX3ncah84.roa
File: dCfpsPGaI9EPpHHA1tpX3ncah84.roa (raw, json)
Hash identifier: YD3gFKPk43fuccQT39vfRFDnBr8rg/N4oAVZTnznPYE=
Subject key identifier: 74:27:E9:B0:F1:9A:23:D1:0F:A4:71:C0:D6:DA:57:DE:77:1A:87:CE
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D110FEDF14F06B76D9724AA28F70EFCCD
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dCfpsPGaI9EPpHHA1tpX3ncah84.roa
Signing time: Sat 21 Mar 2026 15:42:29 +0000
ROA not before: Sat 21 Mar 2026 15:42:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211056
IP address blocks: 45.81.16.0/24 maxlen: 24
45.81.17.0/24 maxlen: 24
45.81.18.0/24 maxlen: 24
45.81.19.0/24 maxlen: 24
185.201.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 23:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:11:0f:ed:f1:4f:06:b7:6d:97:24:aa:28:f7:0e:fc:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Mar 21 15:42:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7427e9b0f19a23d10fa471c0d6da57de771a87ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d7:a5:94:12:1c:27:80:73:e4:9b:37:16:8b:
65:8c:5f:3d:85:4f:4a:3a:59:18:15:6f:fd:29:0a:
36:e9:4e:ca:06:c5:00:87:17:15:ec:7a:2f:7f:fb:
c2:9e:7c:3d:35:72:3c:11:5c:16:f1:df:e7:38:fc:
c5:50:a9:d4:29:6e:4c:81:5a:6a:27:48:3d:47:48:
fc:6c:6d:a2:54:7c:00:e0:f4:60:7c:b3:13:53:73:
a2:71:dd:cf:bc:82:be:dc:67:f5:52:37:c4:a7:71:
d0:bf:1c:91:e5:10:9b:80:ee:e0:b5:01:63:14:9c:
fd:2a:aa:50:58:24:35:61:80:fd:81:b3:25:26:7f:
a8:10:52:dc:44:ea:4f:f4:e6:e5:b3:4a:1b:67:81:
12:3b:e0:40:64:ed:2a:59:5b:ed:5f:fa:32:15:f8:
c9:ea:32:cd:35:ae:df:44:71:67:9f:50:21:ae:db:
28:1a:a7:b4:ec:0d:41:2f:7f:a2:08:d7:d2:cc:e5:
8d:ff:72:84:a0:12:1a:91:56:3a:93:33:ab:d3:31:
e1:21:58:a1:49:56:f3:e7:82:a6:93:30:57:3e:a3:
be:9a:c4:9f:60:f3:6e:b4:75:cd:2b:e3:a9:aa:7a:
2c:06:e7:0e:89:c3:7a:27:96:10:7f:79:05:b9:cc:
53:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:27:E9:B0:F1:9A:23:D1:0F:A4:71:C0:D6:DA:57:DE:77:1A:87:CE
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/dCfpsPGaI9EPpHHA1tpX3ncah84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.16.0/22
185.201.49.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:dc:b1:c3:2c:8b:c7:f5:e1:f2:c8:12:35:23:aa:12:d5:16:
4b:53:4b:ab:5b:94:7e:65:e4:3a:1b:c5:45:32:75:de:9d:50:
62:2f:d3:7f:24:0c:10:ff:6b:fd:aa:eb:64:d7:8c:18:ba:7e:
dd:8d:06:9f:9d:0e:7d:d4:96:c0:0f:e2:ab:33:52:7d:d7:c0:
35:3b:35:11:1a:b2:59:87:b4:3f:d1:b1:39:26:a7:40:df:8e:
1b:2a:a3:8f:24:5a:0d:0a:61:83:51:5b:99:c8:de:69:d0:bc:
00:35:80:c8:03:78:03:cb:9a:db:6c:a6:15:a4:34:e5:e3:35:
7b:c0:7a:23:f5:d3:71:0e:ab:04:e0:92:f1:8b:94:63:c6:64:
1a:df:6d:be:bd:47:c8:12:60:bc:0d:ba:4f:e5:45:9a:ce:27:
ab:56:17:18:bf:3a:8f:46:62:cd:96:4f:b4:6a:15:1e:23:e1:
2c:0e:ee:34:23:a9:39:5e:95:4e:2d:5a:93:d6:81:d6:1c:2e:
92:10:83:79:87:df:50:6d:94:7c:d4:57:ce:6e:65:2b:60:d7:
76:d1:b9:eb:bf:94:0f:f9:6f:62:6e:23:24:2f:31:c7:39:ee:
a2:43:1b:e2:bd:0b:6e:58:4c:4f:19:8b:fd:4d:1a:3d:2a:6f:
a1:ef:88:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0RD+3xTwa3bZckqij3DvzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwMzIxMTU0MjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDI3ZTliMGYxOWEyM2QxMGZhNDcxYzBkNmRhNTdkZTc3MWE4N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9ellBIcJ4Bz5Js3FotljF89hU9K
OlkYFW/9KQo26U7KBsUAhxcV7Hovf/vCnnw9NXI8EVwW8d/nOPzFUKnUKW5MgVpq
J0g9R0j8bG2iVHwA4PRgfLMTU3Oicd3PvIK+3Gf1UjfEp3HQvxyR5RCbgO7gtQFj
FJz9KqpQWCQ1YYD9gbMlJn+oEFLcROpP9Obls0obZ4ESO+BAZO0qWVvtX/oyFfjJ
6jLNNa7fRHFnn1AhrtsoGqe07A1BL3+iCNfSzOWN/3KEoBIakVY6kzOr0zHhIVih
SVbz54KmkzBXPqO+msSfYPNutHXNK+OpqnosBucOicN6J5YQf3kFucxTTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHQn6bDxmiPRD6RxwNbaV953GofOMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvZENmcHNQR2FJOUVQcEhIQTF0cFgzbmNhaDg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLVEQAwQA
uckxMA0GCSqGSIb3DQEBCwUAA4IBAQDD3LHDLIvH9eHyyBI1I6oS1RZLU0urW5R+
ZeQ6G8VFMnXenVBiL9N/JAwQ/2v9qutk14wYun7djQafnQ591JbAD+KrM1J918A1
OzURGrJZh7Q/0bE5JqdA344bKqOPJFoNCmGDUVuZyN5p0LwANYDIA3gDy5rbbKYV
pDTl4zV7wHoj9dNxDqsE4JLxi5RjxmQa322+vUfIEmC8DbpP5UWazierVhcYvzqP
RmLNlk+0ahUeI+EsDu40I6k5XpVOLVqT1oHWHC6SEIN5h99QbZR81FfObmUrYNd2
0bnrv5QP+W9ibiMkLzHHOe6iQxvivQtuWExPGYv9TRo9Km+h74iR
-----END CERTIFICATE-----
Generated at Sun Mar 22 06:29:15 2026 by rpki-client