Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/tDAqXBUYW7jgxQHGVe_g9V8EOlw.roa
File: tDAqXBUYW7jgxQHGVe_g9V8EOlw.roa (raw, json)
Hash identifier: msiRHKuPw5Yshov9xw8j5VM8pLi6/GZVtNJZ2si3Kf0=
Subject key identifier: B4:30:2A:5C:15:18:5B:B8:E0:C5:01:C6:55:EF:E0:F5:5F:04:3A:5C
Certificate issuer: /CN=127af6c693573a2270c9237875456c2df0b503c2
Certificate serial: 019B77C7468F6F2355FA9678988ADD6FADDC
Authority key identifier: 12:7A:F6:C6:93:57:3A:22:70:C9:23:78:75:45:6C:2D:F0:B5:03:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Enr2xpNXOiJwySN4dUVsLfC1A8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/tDAqXBUYW7jgxQHGVe_g9V8EOlw.roa
Signing time: Thu 01 Jan 2026 04:18:26 +0000
ROA not before: Thu 01 Jan 2026 04:18:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208296
IP address blocks: 45.141.40.0/22 maxlen: 24
2a13:5b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/Enr2xpNXOiJwySN4dUVsLfC1A8I.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/Enr2xpNXOiJwySN4dUVsLfC1A8I.mft
rsync://rpki.ripe.net/repository/DEFAULT/Enr2xpNXOiJwySN4dUVsLfC1A8I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:c7:46:8f:6f:23:55:fa:96:78:98:8a:dd:6f:ad:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=127af6c693573a2270c9237875456c2df0b503c2
Validity
Not Before: Jan 1 04:18:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b4302a5c15185bb8e0c501c655efe0f55f043a5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0c:76:b6:5f:49:4d:91:ce:20:1c:9b:14:34:
bc:4a:af:a9:e4:ec:cf:eb:50:f6:68:c9:11:a3:69:
60:d3:b9:75:dc:b2:7a:99:7e:df:9a:a1:ca:df:a0:
7a:f7:e2:58:b6:1b:4a:dc:a3:cc:17:ce:dd:17:eb:
43:2e:ca:76:1e:92:ac:32:8b:ca:f2:84:a2:72:30:
f7:13:34:f7:06:3d:64:99:a6:37:16:ad:e0:cb:0c:
9a:96:7f:61:aa:1e:5f:47:e0:e6:f4:5e:cd:d4:f7:
6d:76:bb:01:73:e0:42:35:90:eb:61:92:07:4a:47:
b2:e7:6e:ff:9a:a7:8d:29:b2:ab:e2:7c:9b:6f:1d:
8c:e8:63:ff:81:7b:e9:d6:d5:50:3a:d1:06:64:9b:
48:5f:82:e4:15:8c:06:9b:26:72:82:a3:b5:62:85:
c9:5a:0d:c4:72:2f:14:43:54:59:68:7d:a3:ea:2c:
10:eb:2e:f6:b1:d6:26:63:a7:91:76:6a:d4:99:13:
83:6f:02:1e:b1:88:ea:25:75:bc:47:24:7d:37:53:
10:17:34:19:bc:67:62:43:3d:96:a6:bf:61:a0:a4:
52:7b:84:72:29:e5:66:3e:b6:9e:38:7d:62:46:1e:
1b:0e:20:b2:52:d8:a2:4d:ed:7f:18:bf:2e:ae:7a:
2f:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:30:2A:5C:15:18:5B:B8:E0:C5:01:C6:55:EF:E0:F5:5F:04:3A:5C
X509v3 Authority Key Identifier:
keyid:12:7A:F6:C6:93:57:3A:22:70:C9:23:78:75:45:6C:2D:F0:B5:03:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Enr2xpNXOiJwySN4dUVsLfC1A8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/tDAqXBUYW7jgxQHGVe_g9V8EOlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/0d362c-f863-4d40-80bd-85fc5fd90fd8/1/Enr2xpNXOiJwySN4dUVsLfC1A8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.40.0/22
IPv6:
2a13:5b40::/29
Signature Algorithm: sha256WithRSAEncryption
48:23:3b:35:4b:27:a9:3a:24:89:41:1f:14:e8:40:a5:dc:c2:
c8:4b:f7:dd:c6:21:57:16:55:f3:3d:bc:69:92:f0:e8:81:c8:
3f:88:7b:88:b5:0d:fa:07:86:c1:67:64:43:00:0a:37:fa:33:
53:05:bf:1d:43:7d:2d:bb:9c:1b:6f:e9:4b:8b:db:80:3e:a2:
f1:f6:89:91:12:1a:8c:38:11:e5:a0:5f:51:5b:e5:71:07:5a:
04:0e:60:76:ae:80:cb:cf:93:71:2d:63:46:1e:83:01:87:ad:
7f:b3:7a:9e:e0:d2:2b:d6:28:45:d1:7d:22:11:b7:16:20:4f:
f8:23:b5:2f:91:68:42:66:37:3c:b9:cd:ca:81:68:ce:09:58:
38:9e:1e:84:57:ed:4f:88:04:1f:bf:64:d0:62:10:eb:20:85:
ee:d9:0f:e4:a8:07:cb:e4:ad:1b:40:d8:7c:4a:a5:6e:d6:e4:
e4:f5:86:fd:e5:c2:4b:a9:e7:4c:64:71:f3:20:49:30:08:db:
b5:08:c6:e7:29:0b:f0:88:3d:e3:93:69:7b:ab:5c:c9:2b:24:
6c:fd:71:f8:20:81:61:42:8d:db:8a:b8:bc:fe:b1:7b:e4:c1:
c4:88:4a:7a:95:c3:3d:b8:37:af:82:e1:ec:d2:24:fa:60:8e:
07:af:f6:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt3x0aPbyNV+pZ4mIrdb63cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyN2FmNmM2OTM1NzNhMjI3MGM5MjM3ODc1NDU2YzJkZjBi
NTAzYzIwHhcNMjYwMTAxMDQxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDMwMmE1YzE1MTg1YmI4ZTBjNTAxYzY1NWVmZTBmNTVmMDQzYTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgx2tl9JTZHOIBybFDS8Sq+p5OzP
61D2aMkRo2lg07l13LJ6mX7fmqHK36B69+JYthtK3KPMF87dF+tDLsp2HpKsMovK
8oSicjD3EzT3Bj1kmaY3Fq3gywyaln9hqh5fR+Dm9F7N1PdtdrsBc+BCNZDrYZIH
Skey527/mqeNKbKr4nybbx2M6GP/gXvp1tVQOtEGZJtIX4LkFYwGmyZygqO1YoXJ
Wg3Eci8UQ1RZaH2j6iwQ6y72sdYmY6eRdmrUmRODbwIesYjqJXW8RyR9N1MQFzQZ
vGdiQz2Wpr9hoKRSe4RyKeVmPraeOH1iRh4bDiCyUtiiTe1/GL8urnov3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLQwKlwVGFu44MUBxlXv4PVfBDpcMB8GA1UdIwQY
MBaAFBJ69saTVzoicMkjeHVFbC3wtQPCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW5yMnhwTlhPaUp3eVNONGRVVnNMZkMxQThJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8wZDM2MmMtZjg2My00ZDQwLTgwYmQt
ODVmYzVmZDkwZmQ4LzEvdERBcVhCVVlXN2pneFFIR1ZlX2c5VjhFT2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8wZDM2MmMtZjg2My00ZDQwLTgwYmQtODVmYzVmZDkwZmQ4
LzEvRW5yMnhwTlhPaUp3eVNONGRVVnNMZkMxQThJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLY0oMA0E
AgACMAcDBQMqE1tAMA0GCSqGSIb3DQEBCwUAA4IBAQBIIzs1SyepOiSJQR8U6ECl
3MLIS/fdxiFXFlXzPbxpkvDogcg/iHuItQ36B4bBZ2RDAAo3+jNTBb8dQ30tu5wb
b+lLi9uAPqLx9omREhqMOBHloF9RW+VxB1oEDmB2roDLz5NxLWNGHoMBh61/s3qe
4NIr1ihF0X0iEbcWIE/4I7UvkWhCZjc8uc3KgWjOCVg4nh6EV+1PiAQfv2TQYhDr
IIXu2Q/kqAfL5K0bQNh8SqVu1uTk9Yb95cJLqedMZHHzIEkwCNu1CMbnKQvwiD3j
k2l7q1zJKyRs/XH4IIFhQo3biri8/rF75MHEiEp6lcM9uDevguHs0iT6YI4Hr/ZD
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:11:03 2026 by rpki-client