Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ReMMCAErUt1VBD8DVEIFL-Hpask.roa
File: ReMMCAErUt1VBD8DVEIFL-Hpask.roa (raw, json)
Hash identifier: wWfg4EEHh6Y+sLSB59zGm12sGRwnX3Xts8Wy3xO33k0=
Subject key identifier: 45:E3:0C:08:01:2B:52:DD:55:04:3F:03:54:42:05:2F:E1:E9:6A:C9
Certificate issuer: /CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Certificate serial: 019B7D5D0537B8D46043CDCFD23640E5B8B0
Authority key identifier: 93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ReMMCAErUt1VBD8DVEIFL-Hpask.roa
Signing time: Fri 02 Jan 2026 06:20:06 +0000
ROA not before: Fri 02 Jan 2026 06:20:06 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208206
IP address blocks: 45.154.20.0/22 maxlen: 24
185.181.12.0/22 maxlen: 24
2a0a:bb80::/29 maxlen: 48
2a0f:9f00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7d:5d:05:37:b8:d4:60:43:cd:cf:d2:36:40:e5:b8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=938ee951cdabc3ce805ec8df0bf3403bdfa9c657
Validity
Not Before: Jan 2 06:20:06 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45e30c08012b52dd55043f035442052fe1e96ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:80:44:5b:3b:21:3f:49:20:2b:e3:2a:0c:67:
a5:e6:40:71:3b:9a:1e:96:9f:ad:90:e6:d1:e5:a3:
3c:77:5b:82:ad:08:c9:9b:3c:8f:be:0f:80:a2:a8:
06:45:92:12:38:fb:2b:52:03:f3:92:f3:17:f1:23:
62:b9:5c:f8:23:43:5e:b5:9e:37:83:10:84:8c:50:
cc:9c:2c:7e:72:62:33:77:e3:bc:4d:58:dd:76:ed:
13:c0:a1:ec:9e:31:f9:41:3a:85:2a:ad:14:60:93:
5a:3d:62:8c:53:be:0b:a4:ef:d3:a9:f6:fc:3f:b5:
60:4e:d4:a9:f8:03:72:ba:8d:d1:67:c6:bc:2b:db:
90:b0:f6:54:07:cb:0f:18:9d:6a:5a:4d:af:4c:c7:
b6:0b:19:46:b5:5a:d0:d7:f6:78:87:f1:0b:57:f7:
f0:c3:17:26:e7:5c:60:df:12:bf:3f:d3:4e:38:47:
06:af:2d:e8:ad:de:3a:ef:96:a9:72:71:07:f6:d2:
e3:b0:45:4b:0c:64:41:7e:bb:fa:f2:a4:f0:da:d5:
23:59:73:b0:08:f5:09:ac:a1:7e:a6:bd:c4:88:d6:
9c:a2:59:e0:45:93:67:ca:fa:e6:21:1d:46:73:54:
78:06:f2:cf:8d:7a:6e:85:d7:f9:3f:71:23:49:ca:
2e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E3:0C:08:01:2B:52:DD:55:04:3F:03:54:42:05:2F:E1:E9:6A:C9
X509v3 Authority Key Identifier:
keyid:93:8E:E9:51:CD:AB:C3:CE:80:5E:C8:DF:0B:F3:40:3B:DF:A9:C6:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k47pUc2rw86AXsjfC_NAO9-pxlc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/ReMMCAErUt1VBD8DVEIFL-Hpask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/a8fe5b-6ace-4236-8a90-e0f5d86e37a3/1/k47pUc2rw86AXsjfC_NAO9-pxlc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.20.0/22
185.181.12.0/22
IPv6:
2a0a:bb80::/29
2a0f:9f00::/29
Signature Algorithm: sha256WithRSAEncryption
50:6d:44:6b:db:07:02:49:0e:7a:d4:e9:f8:1f:29:78:c7:39:
f5:b1:6d:59:6e:d7:0e:66:c8:28:3b:10:7c:27:a0:f5:0e:22:
ac:a0:56:c6:7b:dd:53:40:5f:db:11:be:6d:54:68:df:e9:27:
88:44:15:f5:38:56:7e:1c:02:49:f3:c4:b3:f7:b1:c4:8d:ae:
39:98:0b:e5:f9:f8:25:82:f5:81:fc:50:08:cf:4e:1e:93:f7:
92:16:69:dd:84:9b:db:e9:61:48:e3:b3:f1:00:b8:02:b3:82:
a2:f9:2a:27:8e:f1:4e:39:44:1e:d6:6b:ee:26:f1:ee:a3:d5:
29:70:c7:1b:67:9c:d3:a8:59:cf:96:69:22:27:f5:67:b3:98:
ed:a9:84:95:03:fe:4a:b3:7c:04:66:65:d7:03:5d:11:03:ee:
56:57:87:9c:a2:3a:8f:39:67:01:38:0a:29:32:4b:6d:09:df:
8e:12:3f:6b:38:be:82:07:03:65:86:6b:b9:26:f5:26:81:84:
40:be:75:6e:a1:4d:05:83:ed:ab:e6:f1:22:1b:80:3e:e8:06:
aa:8c:a5:d9:fc:3c:96:d1:49:7a:76:6c:e7:dc:d7:8f:68:12:
8f:cf:bd:05:ae:94:0b:1e:13:90:02:0b:dc:2e:21:71:d0:60:
fc:a3:4b:6a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt9XQU3uNRgQ83P0jZA5biwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzOGVlOTUxY2RhYmMzY2U4MDVlYzhkZjBiZjM0MDNiZGZh
OWM2NTcwHhcNMjYwMTAyMDYyMDA2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWUzMGMwODAxMmI1MmRkNTUwNDNmMDM1NDQyMDUyZmUxZTk2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYBEWzshP0kgK+MqDGel5kBxO5oe
lp+tkObR5aM8d1uCrQjJmzyPvg+AoqgGRZISOPsrUgPzkvMX8SNiuVz4I0NetZ43
gxCEjFDMnCx+cmIzd+O8TVjddu0TwKHsnjH5QTqFKq0UYJNaPWKMU74LpO/Tqfb8
P7VgTtSp+ANyuo3RZ8a8K9uQsPZUB8sPGJ1qWk2vTMe2CxlGtVrQ1/Z4h/ELV/fw
wxcm51xg3xK/P9NOOEcGry3ord4675apcnEH9tLjsEVLDGRBfrv68qTw2tUjWXOw
CPUJrKF+pr3EiNacolngRZNnyvrmIR1Gc1R4BvLPjXpuhdf5P3EjScouYwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEXjDAgBK1LdVQQ/A1RCBS/h6WrJMB8GA1UdIwQY
MBaAFJOO6VHNq8POgF7I3wvzQDvfqcZXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAt
ZTBmNWQ4NmUzN2EzLzEvUmVNTUNBRXJVdDFWQkQ4RFZFSUZMLUhwYXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hOGZlNWItNmFjZS00MjM2LThhOTAtZTBmNWQ4NmUzN2Ez
LzEvazQ3cFVjMnJ3ODZBWHNqZkNfTkFPOS1weGxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLZoUAwQC
ubUMMBQEAgACMA4DBQMqCruAAwUDKg+fADANBgkqhkiG9w0BAQsFAAOCAQEAUG1E
a9sHAkkOetTp+B8peMc59bFtWW7XDmbIKDsQfCeg9Q4irKBWxnvdU0Bf2xG+bVRo
3+kniEQV9ThWfhwCSfPEs/exxI2uOZgL5fn4JYL1gfxQCM9OHpP3khZp3YSb2+lh
SOOz8QC4ArOCovkqJ47xTjlEHtZr7ibx7qPVKXDHG2ec06hZz5ZpIif1Z7OY7amE
lQP+SrN8BGZl1wNdEQPuVleHnKI6jzlnATgKKTJLbQnfjhI/azi+ggcDZYZruSb1
JoGEQL51bqFNBYPtq+bxIhuAPugGqoyl2fw8ltFJenZs59zXj2gSj8+9Ba6UCx4T
kAIL3C4hcdBg/KNLag==
-----END CERTIFICATE-----
Generated at Thu Feb 26 07:47:43 2026 by rpki-client