Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/T3bly-tZ9XID-SOloXwH3hTsc_E.roa
File: T3bly-tZ9XID-SOloXwH3hTsc_E.roa (raw, json)
Hash identifier: aeV/m0RLRp31h+Weu05/IHsjHV2WSBXJFEz0Mww+iyc=
Subject key identifier: 4F:76:E5:CB:EB:59:F5:72:03:F9:23:A5:A1:7C:07:DE:14:EC:73:F1
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 019C76832837FC8EDE89E699C76D03A128CE
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/T3bly-tZ9XID-SOloXwH3hTsc_E.roa
Signing time: Thu 19 Feb 2026 15:27:12 +0000
ROA not before: Thu 19 Feb 2026 15:27:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201744
IP address blocks: 45.95.171.0/24 maxlen: 24
150.40.97.0/24 maxlen: 24
150.40.109.0/24 maxlen: 24
150.40.110.0/24 maxlen: 24
150.40.111.0/24 maxlen: 24
150.40.112.0/24 maxlen: 24
150.40.116.0/24 maxlen: 24
203.31.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:76:83:28:37:fc:8e:de:89:e6:99:c7:6d:03:a1:28:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: Feb 19 15:27:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f76e5cbeb59f57203f923a5a17c07de14ec73f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f5:d0:e8:40:f5:5d:c0:e8:17:47:67:4f:2d:
b9:cd:a2:c3:95:1d:e6:31:9b:08:ed:78:62:b3:e0:
91:d2:19:85:fb:d7:e4:d1:74:42:bd:80:d1:e1:bd:
21:7f:8c:df:9d:70:c8:1c:16:45:b0:93:01:ca:88:
95:57:cf:7d:fe:b0:1c:08:1a:0d:e5:4c:25:d6:a2:
c9:18:32:15:aa:c9:e0:d9:6f:4e:be:4f:94:af:e5:
b9:8a:44:b8:35:cf:ed:73:92:1e:43:31:e9:7c:f0:
95:73:0f:ac:38:d0:62:7d:73:64:38:91:da:9d:11:
e1:08:19:b2:8a:36:58:d4:be:70:6c:2f:41:d5:b0:
b0:36:29:83:c3:b2:f4:30:f5:da:40:be:17:fa:8a:
ce:ab:e0:93:21:3a:c8:65:fb:30:32:ab:4a:70:e2:
71:6e:38:ca:15:2d:84:48:76:46:6e:bf:36:62:01:
e6:56:55:3c:86:72:8f:bb:37:7d:3b:1d:e0:c8:43:
19:bd:b8:85:78:b9:8f:ff:4b:56:ed:80:1a:45:fb:
4d:0f:cc:af:c5:12:bb:00:e1:33:69:f6:b7:9b:f1:
36:98:49:94:42:a8:d4:14:04:33:50:87:e1:bf:3b:
95:00:3c:c2:de:a8:10:84:91:f7:54:26:aa:bc:8e:
6c:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:76:E5:CB:EB:59:F5:72:03:F9:23:A5:A1:7C:07:DE:14:EC:73:F1
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/T3bly-tZ9XID-SOloXwH3hTsc_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.171.0/24
150.40.97.0/24
150.40.109.0-150.40.112.255
150.40.116.0/24
203.31.217.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:14:d2:e8:b0:c1:0c:49:e4:31:fd:48:53:4f:25:3e:0f:4f:
94:a8:56:77:c3:d4:f4:e3:28:c0:38:3f:12:52:60:d5:f0:76:
06:27:a4:90:43:72:61:00:67:09:b1:1d:99:db:a2:c7:65:60:
06:a4:4c:46:c2:3a:dc:8c:24:f9:a6:ba:ff:25:b6:f9:87:05:
43:1f:65:18:a0:f1:e1:11:d4:61:ff:77:be:0d:5a:19:06:f3:
bb:03:43:30:c2:20:4e:f9:4d:37:68:bf:36:bd:7a:1e:6a:0c:
38:92:ef:3b:ae:a0:90:89:84:7e:a5:68:b9:ce:57:97:06:d8:
0d:e4:dc:0a:40:51:76:f6:b7:91:40:ff:b1:59:26:83:f2:1a:
82:9e:52:50:7b:57:6c:05:26:77:ac:a0:3a:9f:9b:9d:28:3a:
f9:eb:3b:72:7b:0f:84:b9:f7:e5:98:19:c4:71:c2:24:0a:b1:
79:5c:6e:e2:ca:89:cb:2c:f6:3c:90:4a:4b:7c:5d:54:a7:92:
eb:a2:ab:8d:8a:d6:be:8d:fd:48:49:78:81:5f:d3:5a:7c:9c:
50:78:95:d8:f1:7c:23:ea:01:d7:fe:a1:87:42:e6:18:89:ca:
3d:85:64:e9:2c:73:74:64:70:03:cc:9f:77:82:93:64:0d:0f:
46:91:2c:0d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZx2gyg3/I7eieaZx20DoSjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjYwMjE5MTUyNzEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjc2ZTVjYmViNTlmNTcyMDNmOTIzYTVhMTdjMDdkZTE0ZWM3M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvXQ6ED1XcDoF0dnTy25zaLDlR3m
MZsI7Xhis+CR0hmF+9fk0XRCvYDR4b0hf4zfnXDIHBZFsJMByoiVV899/rAcCBoN
5Uwl1qLJGDIVqsng2W9Ovk+Ur+W5ikS4Nc/tc5IeQzHpfPCVcw+sONBifXNkOJHa
nRHhCBmyijZY1L5wbC9B1bCwNimDw7L0MPXaQL4X+orOq+CTITrIZfswMqtKcOJx
bjjKFS2ESHZGbr82YgHmVlU8hnKPuzd9Ox3gyEMZvbiFeLmP/0tW7YAaRftND8yv
xRK7AOEzafa3m/E2mEmUQqjUFAQzUIfhvzuVADzC3qgQhJH3VCaqvI5s5QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE925cvrWfVyA/kjpaF8B94U7HPxMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvVDNibHktdFo5WElELVNPbG9Yd0gzaFRzY19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALV+rAwQA
lihhMAwDBACWKG0DBACWKHADBACWKHQDBADLH9kwDQYJKoZIhvcNAQELBQADggEB
AGoU0uiwwQxJ5DH9SFNPJT4PT5SoVnfD1PTjKMA4PxJSYNXwdgYnpJBDcmEAZwmx
HZnbosdlYAakTEbCOtyMJPmmuv8ltvmHBUMfZRig8eER1GH/d74NWhkG87sDQzDC
IE75TTdovza9eh5qDDiS7zuuoJCJhH6laLnOV5cG2A3k3ApAUXb2t5FA/7FZJoPy
GoKeUlB7V2wFJnesoDqfm50oOvnrO3J7D4S59+WYGcRxwiQKsXlcbuLKicss9jyQ
Skt8XVSnkuuiq42K1r6N/UhJeIFf01p8nFB4ldjxfCPqAdf+oYdC5hiJyj2FZOks
c3RkcAPMn3eCk2QND0aRLA0=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:36:42 2026 by rpki-client