Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1vioh8WBBr0buk8B9XgCVmy0V3o.roa
File: 1vioh8WBBr0buk8B9XgCVmy0V3o.roa (raw, json)
Hash identifier: lVxYMENWKDi2+Xm9/q5pj8wEEX5duZBJRp4Rcletd04=
Subject key identifier: D6:F8:A8:87:C5:81:06:BD:1B:BA:4F:01:F5:78:02:56:6C:B4:57:7A
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 019D1992E2E9B7D2CD016EBAD95EE3BEA460
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1vioh8WBBr0buk8B9XgCVmy0V3o.roa
Signing time: Mon 23 Mar 2026 07:22:29 +0000
ROA not before: Mon 23 Mar 2026 07:22:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204860
IP address blocks: 45.156.44.0/22 maxlen: 22
45.158.88.0/22 maxlen: 22
194.180.110.0/24 maxlen: 24
194.180.115.0/24 maxlen: 24
194.180.150.0/24 maxlen: 24
194.180.154.0/24 maxlen: 24
2a0f:2a80::/29 maxlen: 48
2a0f:5880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 10:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:19:92:e2:e9:b7:d2:cd:01:6e:ba:d9:5e:e3:be:a4:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Mar 23 07:22:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d6f8a887c58106bd1bba4f01f57802566cb4577a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:42:72:a3:7c:e8:89:e5:c1:f4:7f:ba:01:
f2:41:d9:1b:48:53:af:1a:c1:9b:df:e6:e1:48:eb:
d9:d8:53:b5:56:98:b1:e6:05:4a:9b:f8:d1:b1:4f:
ea:de:8a:ee:0c:85:f6:67:40:99:fe:0d:ea:94:c7:
0b:b0:72:e0:f2:78:1b:bb:c2:6b:a8:2e:85:99:44:
eb:3d:29:4b:02:42:c5:bd:22:63:b2:5e:60:77:85:
84:96:dd:ef:58:43:d6:66:6a:85:cd:7d:b8:68:5d:
23:31:87:27:c5:a6:93:7c:c7:0c:e7:30:b8:3c:52:
74:2b:29:0a:b8:24:49:de:aa:83:1e:20:22:7b:90:
fe:79:29:67:1a:eb:bf:6c:32:21:ab:d5:ca:b0:9b:
39:d2:60:c9:3c:e5:da:13:d1:47:68:64:26:41:13:
5b:ca:ac:71:ad:08:aa:2e:68:0f:6e:c7:d6:fc:87:
cd:21:e6:e3:21:46:33:f6:e4:f8:01:ba:73:be:e3:
ce:cb:ac:a4:e8:6c:ee:ba:cb:03:19:f6:36:ac:69:
14:db:19:13:b4:40:33:a5:67:55:09:32:11:3e:02:
ba:a7:ff:23:7c:7f:a7:50:90:e4:e4:1e:c2:60:80:
b1:90:ba:c0:44:0f:ce:e9:c3:d5:ef:13:90:dc:7a:
8d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:F8:A8:87:C5:81:06:BD:1B:BA:4F:01:F5:78:02:56:6C:B4:57:7A
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/1vioh8WBBr0buk8B9XgCVmy0V3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.44.0/22
45.158.88.0/22
194.180.110.0/24
194.180.115.0/24
194.180.150.0/24
194.180.154.0/24
IPv6:
2a0f:2a80::/29
2a0f:5880::/29
Signature Algorithm: sha256WithRSAEncryption
7d:33:4a:02:2a:e5:3b:54:be:cb:5d:3a:00:7d:90:2a:a2:3f:
6d:4d:f2:02:88:9f:26:08:99:fa:78:d7:7d:dc:29:38:81:49:
9a:89:10:70:37:cc:31:be:0b:a0:49:8c:7b:56:ba:d0:f4:be:
4e:9b:ff:00:f2:a6:28:53:b2:a8:39:cf:97:6f:9a:d7:7a:4e:
5f:69:35:62:c6:73:80:f9:37:02:93:a5:2d:6a:8b:e0:3d:8c:
94:d4:53:97:92:0c:8b:9e:f7:50:4d:e2:bd:60:b6:68:18:3d:
cf:6d:69:b4:a9:78:e6:75:3c:79:26:a9:dd:be:65:cf:d1:e9:
e1:5a:f5:14:ed:68:37:59:81:e5:20:18:96:08:37:1b:c6:78:
4c:35:95:2b:0b:48:09:c1:74:99:31:fd:2d:d6:22:8a:2e:61:
c7:ea:98:ce:6b:e5:3b:29:7f:89:6d:3e:51:8c:23:2c:5e:2e:
b5:7c:68:9c:ae:32:32:42:27:23:ff:d8:47:28:d8:29:bd:c2:
4a:e9:0a:6e:20:86:b7:6d:7f:45:16:c3:cd:1e:eb:cb:98:69:
1d:42:9d:8b:31:81:76:e8:cc:de:74:d9:bc:7b:4d:61:af:60:
da:04:42:aa:cf:b8:40:37:a6:2e:a7:50:25:40:c9:c5:70:59:
da:a1:ef:d5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ0ZkuLpt9LNAW662V7jvqRgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjYwMzIzMDcyMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmY4YTg4N2M1ODEwNmJkMWJiYTRmMDFmNTc4MDI1NjZjYjQ1NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSFCcqN86InlwfR/ugHyQdkbSFOv
GsGb3+bhSOvZ2FO1Vpix5gVKm/jRsU/q3oruDIX2Z0CZ/g3qlMcLsHLg8ngbu8Jr
qC6FmUTrPSlLAkLFvSJjsl5gd4WElt3vWEPWZmqFzX24aF0jMYcnxaaTfMcM5zC4
PFJ0KykKuCRJ3qqDHiAie5D+eSlnGuu/bDIhq9XKsJs50mDJPOXaE9FHaGQmQRNb
yqxxrQiqLmgPbsfW/IfNIebjIUYz9uT4AbpzvuPOy6yk6GzuussDGfY2rGkU2xkT
tEAzpWdVCTIRPgK6p/8jfH+nUJDk5B7CYICxkLrARA/O6cPV7xOQ3HqNZwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNb4qIfFgQa9G7pPAfV4AlZstFd6MB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvMXZpb2g4V0JCcjBidWs4QjlYZ0NWbXkwVjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLZwsAwQC
LZ5YAwQAwrRuAwQAwrRzAwQAwrSWAwQAwrSaMBQEAgACMA4DBQMqDyqAAwUDKg9Y
gDANBgkqhkiG9w0BAQsFAAOCAQEAfTNKAirlO1S+y106AH2QKqI/bU3yAoifJgiZ
+njXfdwpOIFJmokQcDfMMb4LoEmMe1a60PS+Tpv/APKmKFOyqDnPl2+a13pOX2k1
YsZzgPk3ApOlLWqL4D2MlNRTl5IMi573UE3ivWC2aBg9z21ptKl45nU8eSap3b5l
z9Hp4Vr1FO1oN1mB5SAYlgg3G8Z4TDWVKwtICcF0mTH9LdYiii5hx+qYzmvlOyl/
iW0+UYwjLF4utXxonK4yMkInI//YRyjYKb3CSukKbiCGt21/RRbDzR7ry5hpHUKd
izGBdujM3nTZvHtNYa9g2gRCqs+4QDemLqdQJUDJxXBZ2qHv1Q==
-----END CERTIFICATE-----
Generated at Tue Mar 24 16:59:35 2026 by rpki-client