Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/g2idL-D8suQFsQoE5OmsRPApfGw.roa
File: g2idL-D8suQFsQoE5OmsRPApfGw.roa (raw, json)
Hash identifier: czmirE4/eGdQOoSaanjSLhXcburfB40hJBvEhvVcnZ8=
Subject key identifier: 83:68:9D:2F:E0:FC:B2:E4:05:B1:0A:04:E4:E9:AC:44:F0:29:7C:6C
Certificate issuer: /CN=b1cdc26d44eaf85654481e9581043e14887765b4
Certificate serial: 019EB036A3CAE29D3A7D9CA8CE7358AE7ED5
Authority key identifier: B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/g2idL-D8suQFsQoE5OmsRPApfGw.roa
Signing time: Wed 10 Jun 2026 06:27:11 +0000
ROA not before: Wed 10 Jun 2026 06:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208854
IP address blocks: 45.140.180.0/22 maxlen: 22
45.140.180.0/24 maxlen: 24
45.140.181.0/24 maxlen: 24
45.140.182.0/24 maxlen: 24
2a0e:c5c0::/29 maxlen: 29
2a0e:c5c0::/32 maxlen: 32
2a0e:c5c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 21:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:36:a3:ca:e2:9d:3a:7d:9c:a8:ce:73:58:ae:7e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1cdc26d44eaf85654481e9581043e14887765b4
Validity
Not Before: Jun 10 06:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=83689d2fe0fcb2e405b10a04e4e9ac44f0297c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:68:a1:a1:5a:28:8b:74:62:c7:aa:76:d6:
7d:ca:1b:ff:68:e5:91:19:1a:d0:7c:96:cb:16:32:
60:1d:fa:21:cc:4a:87:b9:6a:72:e1:f5:1f:ef:9b:
5b:16:55:63:06:7b:bd:c9:d1:b5:8e:0e:3c:40:5a:
c9:a5:93:6b:ee:ff:96:33:0a:ee:b4:04:26:28:19:
4c:ae:46:bc:6a:45:03:c1:a7:e7:42:4a:33:49:1c:
c7:2d:ec:06:bd:56:c8:65:72:c8:aa:3f:1d:ff:fd:
04:6c:66:f5:78:c2:78:e9:a4:e2:1e:b5:0e:c2:ab:
06:4b:34:7f:0c:47:5b:0d:17:a8:fb:a6:cd:c8:3a:
12:97:4f:c0:5a:6d:d5:94:15:49:3c:ec:05:d8:01:
9e:56:25:29:a0:da:f5:02:f2:a7:12:2d:b6:3d:e9:
60:40:1e:b4:e5:2c:0d:70:4b:d3:53:8a:ac:45:32:
33:19:5a:28:78:e0:64:e7:59:89:c9:63:fe:38:92:
da:a3:c1:28:c9:aa:01:2c:96:35:e7:e9:1d:db:51:
fe:b1:1e:1a:02:fa:f2:5a:63:d5:4e:73:d0:12:b5:
6e:38:be:dd:83:74:fd:ec:a0:1e:ea:c5:97:66:50:
65:30:e8:c1:b9:54:fa:d2:df:c2:ef:d3:f7:a5:59:
f9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:68:9D:2F:E0:FC:B2:E4:05:B1:0A:04:E4:E9:AC:44:F0:29:7C:6C
X509v3 Authority Key Identifier:
keyid:B1:CD:C2:6D:44:EA:F8:56:54:48:1E:95:81:04:3E:14:88:77:65:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/g2idL-D8suQFsQoE5OmsRPApfGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/aaadac-4809-4955-ac62-8f9ca0ebccab/1/sc3CbUTq-FZUSB6VgQQ-FIh3ZbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.180.0/22
IPv6:
2a0e:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:49:f2:ba:8c:4c:f7:57:de:cb:1c:60:6f:7a:f2:bd:91:99:
2f:f3:19:e4:1b:2c:63:29:6a:05:e4:b4:92:5c:04:d8:6b:54:
8b:40:c4:b0:c1:26:b4:85:9b:09:04:5e:4f:e7:78:f4:dc:a8:
35:84:fb:dc:2a:b8:d5:74:3c:22:9b:c2:96:2c:cf:4c:70:18:
c6:47:6b:48:63:6f:fd:f5:db:01:4e:32:c9:67:55:06:d3:6e:
0c:88:63:41:db:88:42:82:6c:99:bd:f5:51:dc:a1:7a:9a:49:
e7:de:f2:46:88:8b:84:09:96:80:c1:ac:14:aa:93:ff:99:cd:
72:89:86:dc:c3:fa:c8:9a:67:71:84:9d:60:52:69:13:eb:5f:
ce:2f:5c:87:8f:b1:b5:f3:0e:7f:33:d1:25:74:7d:8c:f8:55:
c3:7b:b3:85:1d:36:58:b1:51:1f:35:dc:59:19:73:f0:63:1e:
da:42:e4:a1:2d:17:4b:43:26:cf:11:aa:49:74:08:63:f8:68:
b1:5c:2b:9e:1c:ce:ce:1c:87:fa:e1:73:07:2e:be:72:52:f4:
2d:70:21:f2:ca:fe:a1:86:ca:50:59:cf:6f:ad:5e:b0:cd:a1:
70:fd:05:25:3c:be:ab:4b:5e:42:fb:c2:6d:05:37:35:ea:46:
51:38:0f:d8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6wNqPK4p06fZyoznNYrn7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxY2RjMjZkNDRlYWY4NTY1NDQ4MWU5NTgxMDQzZTE0ODg3
NzY1YjQwHhcNMjYwNjEwMDYyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY4OWQyZmUwZmNiMmU0MDViMTBhMDRlNGU5YWM0NGYwMjk3YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVBooaFaKIt0YseqdtZ9yhv/aOWR
GRrQfJbLFjJgHfohzEqHuWpy4fUf75tbFlVjBnu9ydG1jg48QFrJpZNr7v+WMwru
tAQmKBlMrka8akUDwafnQkozSRzHLewGvVbIZXLIqj8d//0EbGb1eMJ46aTiHrUO
wqsGSzR/DEdbDReo+6bNyDoSl0/AWm3VlBVJPOwF2AGeViUpoNr1AvKnEi22Pelg
QB605SwNcEvTU4qsRTIzGVooeOBk51mJyWP+OJLao8EoyaoBLJY15+kd21H+sR4a
AvryWmPVTnPQErVuOL7dg3T97KAe6sWXZlBlMOjBuVT60t/C79P3pVn5HQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFINonS/g/LLkBbEKBOTprETwKXxsMB8GA1UdIwQY
MBaAFLHNwm1E6vhWVEgelYEEPhSId2W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjIt
OGY5Y2EwZWJjY2FiLzEvZzJpZEwtRDhzdVFGc1FvRTVPbXNSUEFwZkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9hYWFkYWMtNDgwOS00OTU1LWFjNjItOGY5Y2EwZWJjY2Fi
LzEvc2MzQ2JVVHEtRlpVU0I2VmdRUS1GSWgzWmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLYy0MA0E
AgACMAcDBQMqDsXAMA0GCSqGSIb3DQEBCwUAA4IBAQCFSfK6jEz3V97LHGBvevK9
kZkv8xnkGyxjKWoF5LSSXATYa1SLQMSwwSa0hZsJBF5P53j03Kg1hPvcKrjVdDwi
m8KWLM9McBjGR2tIY2/99dsBTjLJZ1UG024MiGNB24hCgmyZvfVR3KF6mknn3vJG
iIuECZaAwawUqpP/mc1yiYbcw/rImmdxhJ1gUmkT61/OL1yHj7G18w5/M9EldH2M
+FXDe7OFHTZYsVEfNdxZGXPwYx7aQuShLRdLQybPEapJdAhj+GixXCueHM7OHIf6
4XMHLr5yUvQtcCHyyv6hhspQWc9vrV6wzaFw/QUlPL6rS15C+8JtBTc16kZROA/Y
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:40:17 2026 by rpki-client