Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa
File: xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa (raw, json)
Hash identifier: u+3SjeAOl+6UrQqTlnssUl6vP9Yo7S40vvVos+ddEsc=
Subject key identifier: C4:46:69:CE:D2:3C:63:41:3A:73:27:A6:CD:5A:B9:67:EC:2E:84:EA
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019C23BE75C914AB0AA82FCEE7799B88C80A
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa
Signing time: Tue 03 Feb 2026 13:43:30 +0000
ROA not before: Tue 03 Feb 2026 13:43:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210714
IP address blocks: 185.148.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:23:be:75:c9:14:ab:0a:a8:2f:ce:e7:79:9b:88:c8:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Feb 3 13:43:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c44669ced23c63413a7327a6cd5ab967ec2e84ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8e:70:fc:1a:54:9c:7e:3e:9f:85:d7:ce:30:
72:6c:9a:b5:20:56:47:49:1a:b8:ea:ff:7b:47:e0:
07:16:06:07:55:ba:df:14:4c:de:35:ca:42:02:b5:
35:84:66:cd:62:c7:85:09:f7:3a:13:4c:1a:03:fe:
4c:09:f6:46:39:5b:da:01:6a:7f:79:7d:37:8b:3f:
7e:d0:27:82:26:81:2c:da:9c:2e:95:f7:44:92:91:
f5:35:51:78:ac:19:cc:e0:b6:fe:8f:07:e2:46:1e:
52:b1:05:e8:ce:c4:9f:16:9f:fb:5c:fe:5f:f2:03:
92:81:40:94:9e:3f:48:44:de:9e:b1:c6:f4:fd:46:
b7:5f:77:92:2b:d7:f6:87:37:78:a8:2b:dd:72:5a:
f0:d0:40:e8:23:e5:f5:94:50:26:d1:88:d6:02:3f:
64:2c:0d:04:9a:46:8a:2e:a6:9f:5e:89:8f:a5:c2:
58:55:c3:6c:9f:ef:a3:cb:73:84:d8:6d:0c:ae:4e:
06:91:f9:14:c2:f0:26:aa:ec:47:a4:51:48:c4:64:
17:fd:47:5d:9c:82:68:f9:88:f4:34:c7:c5:7d:e1:
c3:69:28:2b:93:e7:2c:9c:56:b5:6c:17:a9:19:bd:
38:77:0a:f9:9a:82:a1:0c:96:46:4c:4c:61:5b:88:
8b:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:46:69:CE:D2:3C:63:41:3A:73:27:A6:CD:5A:B9:67:EC:2E:84:EA
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/xEZpztI8Y0E6cyemzVq5Z-wuhOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.241.0/24
Signature Algorithm: sha256WithRSAEncryption
12:53:30:b6:ac:3d:9a:5b:0c:d5:8f:ae:4e:a6:c0:87:df:c2:
18:0e:89:be:d7:18:8f:2f:5d:a7:11:45:5f:bb:96:81:ec:e2:
b4:8c:a6:a0:3f:ed:f8:2f:6b:9e:41:a0:02:90:dc:c9:7b:2e:
ee:d3:60:39:bf:ba:8c:b8:4d:82:90:87:8e:06:df:a7:6c:77:
eb:e3:90:75:a8:ff:b8:fd:68:0a:3a:42:f3:84:13:1e:24:22:
6c:87:b7:97:18:74:d9:7e:20:6d:92:82:4b:49:c0:d8:a7:1e:
cc:29:8c:52:9c:08:62:22:88:e8:15:5e:08:7b:c7:3a:e2:7c:
0c:e2:57:15:a8:14:78:d0:69:f8:bd:42:d3:b3:91:b9:36:ab:
d3:db:2f:45:b4:2b:25:c8:79:3f:8e:b7:67:23:68:ee:6d:48:
54:12:5b:02:95:24:ec:af:77:a4:52:3b:60:5c:4f:60:13:11:
0e:d2:e9:a4:ae:30:50:bf:e5:2a:b9:c9:bc:2d:0e:18:86:f3:
e3:96:9c:e2:e7:df:be:7a:2d:1f:61:29:12:a7:91:e9:1f:8b:
53:c4:3b:85:fc:aa:aa:50:69:31:11:c6:c2:7e:ec:be:a3:12:
60:22:8d:f6:20:67:55:b1:13:04:ba:c3:13:18:7d:f0:43:0b:
4c:ff:fb:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwjvnXJFKsKqC/O53mbiMgKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjYwMjAzMTM0MzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDQ2NjljZWQyM2M2MzQxM2E3MzI3YTZjZDVhYjk2N2VjMmU4NGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY5w/BpUnH4+n4XXzjBybJq1IFZH
SRq46v97R+AHFgYHVbrfFEzeNcpCArU1hGbNYseFCfc6E0waA/5MCfZGOVvaAWp/
eX03iz9+0CeCJoEs2pwulfdEkpH1NVF4rBnM4Lb+jwfiRh5SsQXozsSfFp/7XP5f
8gOSgUCUnj9IRN6escb0/Ua3X3eSK9f2hzd4qCvdclrw0EDoI+X1lFAm0YjWAj9k
LA0EmkaKLqafXomPpcJYVcNsn++jy3OE2G0Mrk4GkfkUwvAmquxHpFFIxGQX/Udd
nIJo+Yj0NMfFfeHDaSgrk+csnFa1bBepGb04dwr5moKhDJZGTExhW4iL0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRGac7SPGNBOnMnps1auWfsLoTqMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEveEVacHp0SThZMEU2Y3llbXpWcTVaLXd1aE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZTxMA0G
CSqGSIb3DQEBCwUAA4IBAQASUzC2rD2aWwzVj65OpsCH38IYDom+1xiPL12nEUVf
u5aB7OK0jKagP+34L2ueQaACkNzJey7u02A5v7qMuE2CkIeOBt+nbHfr45B1qP+4
/WgKOkLzhBMeJCJsh7eXGHTZfiBtkoJLScDYpx7MKYxSnAhiIojoFV4Ie8c64nwM
4lcVqBR40Gn4vULTs5G5NqvT2y9FtCslyHk/jrdnI2jubUhUElsClSTsr3ekUjtg
XE9gExEO0umkrjBQv+Uqucm8LQ4YhvPjlpzi59++ei0fYSkSp5HpH4tTxDuF/Kqq
UGkxEcbCfuy+oxJgIo32IGdVsRMEusMTGH3wQwtM//ud
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:11:06 2026 by rpki-client