Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/eQagxd9y-zyf15AwiGOUqcIDYX8.roa
File: eQagxd9y-zyf15AwiGOUqcIDYX8.roa (raw, json)
Hash identifier: 4Aq8ZIMpmBNLem9RkyeMnEc3h/5SZq5EDRDofy2Q8qw=
Subject key identifier: 79:06:A0:C5:DF:72:FB:3C:9F:D7:90:30:88:63:94:A9:C2:03:61:7F
Certificate issuer: /CN=239c45e43625522080aec53952989a13a28abd00
Certificate serial: 019D904DA85C87DA40195D9F36BB0D350C6F
Authority key identifier: 23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/eQagxd9y-zyf15AwiGOUqcIDYX8.roa
Signing time: Wed 15 Apr 2026 08:41:41 +0000
ROA not before: Wed 15 Apr 2026 08:41:41 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205845
IP address blocks: 45.154.168.0/22 maxlen: 24
185.204.120.0/22 maxlen: 24
185.204.120.0/24 maxlen: 24
185.204.121.0/24 maxlen: 24
2a0a:f740::/29 maxlen: 29
2a0a:f741::/32 maxlen: 48
2a0a:f741:22::/48 maxlen: 48
2a0a:f741:25::/48 maxlen: 48
2a0a:f741:27::/48 maxlen: 48
2a0a:f741:28::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:4d:a8:5c:87:da:40:19:5d:9f:36:bb:0d:35:0c:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=239c45e43625522080aec53952989a13a28abd00
Validity
Not Before: Apr 15 08:41:41 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7906a0c5df72fb3c9fd79030886394a9c203617f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:99:e5:d7:24:b3:95:eb:61:d6:a1:ac:50:
26:3a:10:3a:59:de:33:c1:68:18:55:e0:24:05:ed:
f2:38:d4:83:ed:7a:ad:ce:ea:95:b8:58:fe:bb:17:
45:10:4d:2e:9d:9a:36:67:aa:2a:72:58:cf:c3:c5:
c6:0a:b6:61:3c:d6:57:5e:9a:63:14:96:91:9b:84:
1b:69:59:15:35:6e:b9:33:37:c7:3a:d2:e9:64:4f:
5d:d7:d7:c4:5d:ef:3a:e2:bf:be:b3:c5:c8:85:af:
0b:1c:b6:66:79:fb:75:88:03:b2:d2:f4:41:8a:99:
48:30:d7:83:b0:48:48:6b:f4:73:c4:37:31:86:0f:
bc:0a:92:bb:9f:61:90:2a:77:68:a6:3f:ad:ab:eb:
75:22:b7:6c:45:d0:3b:ac:2e:b1:5b:62:15:60:59:
c6:3c:1b:7f:e6:59:8f:41:a4:5d:ce:eb:64:d2:d1:
bc:32:89:da:b1:00:bd:39:d1:3c:26:94:e4:db:a1:
77:20:3f:7d:89:25:5b:dd:60:cb:3e:6c:1a:24:67:
a6:33:a4:4b:38:9e:f4:e0:c6:45:32:e8:a7:b2:99:
30:14:5b:93:df:c2:3f:4a:7c:3c:1b:82:3c:cb:23:
30:fb:7b:38:c8:b0:3a:37:7b:f3:51:fb:90:bf:85:
96:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:06:A0:C5:DF:72:FB:3C:9F:D7:90:30:88:63:94:A9:C2:03:61:7F
X509v3 Authority Key Identifier:
keyid:23:9C:45:E4:36:25:52:20:80:AE:C5:39:52:98:9A:13:A2:8A:BD:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I5xF5DYlUiCArsU5UpiaE6KKvQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/eQagxd9y-zyf15AwiGOUqcIDYX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/4c4894-80fc-48ef-b668-975a237ecd06/1/I5xF5DYlUiCArsU5UpiaE6KKvQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.168.0/22
185.204.120.0/22
IPv6:
2a0a:f740::/29
Signature Algorithm: sha256WithRSAEncryption
b7:cf:c2:13:dd:d3:15:37:98:2f:b5:ae:d3:dc:a9:c5:d6:5b:
e8:bb:dc:b0:b0:3f:6d:4a:33:46:17:0a:03:51:61:f6:b2:06:
06:3a:07:15:9a:97:13:a5:a5:a6:9c:79:72:17:c2:4a:51:92:
36:dd:76:2e:39:34:22:35:17:f0:ed:15:e6:63:0f:00:87:87:
f0:25:fa:df:63:05:a7:a6:ea:28:b0:f8:32:b0:94:2c:9b:19:
8a:45:f1:c8:51:78:64:08:8a:dc:59:53:9c:17:60:33:89:4a:
1d:d9:25:8d:94:91:21:c9:29:e3:d1:d2:d2:32:96:78:0b:f3:
de:4b:16:68:0f:d6:00:97:09:f8:83:d8:ee:62:76:d0:c8:ba:
a3:82:91:92:3e:fb:22:5c:10:8c:74:73:54:6a:48:6e:f6:d8:
55:e0:3f:13:01:d3:6f:75:26:1d:4a:76:55:e0:8a:d5:36:88:
51:9b:22:89:50:9e:e0:36:87:18:42:2c:27:60:7c:12:99:44:
3b:38:a3:bd:72:db:50:af:66:63:15:5f:48:31:bb:45:e3:da:
5d:51:d2:28:4d:cc:cf:2d:b0:71:c7:f5:66:7d:be:ca:61:92:
7f:07:ca:f9:c7:67:37:b6:8e:d1:3f:68:37:5f:52:eb:5e:24:
d4:f7:34:a6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ2QTahch9pAGV2fNrsNNQxvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzOWM0NWU0MzYyNTUyMjA4MGFlYzUzOTUyOTg5YTEzYTI4
YWJkMDAwHhcNMjYwNDE1MDg0MTQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTA2YTBjNWRmNzJmYjNjOWZkNzkwMzA4ODYzOTRhOWMyMDM2MTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7KZ5dcks5XrYdahrFAmOhA6Wd4z
wWgYVeAkBe3yONSD7XqtzuqVuFj+uxdFEE0unZo2Z6oqcljPw8XGCrZhPNZXXppj
FJaRm4QbaVkVNW65MzfHOtLpZE9d19fEXe864r++s8XIha8LHLZmeft1iAOy0vRB
iplIMNeDsEhIa/RzxDcxhg+8CpK7n2GQKndopj+tq+t1IrdsRdA7rC6xW2IVYFnG
PBt/5lmPQaRdzutk0tG8MonasQC9OdE8JpTk26F3ID99iSVb3WDLPmwaJGemM6RL
OJ704MZFMuinspkwFFuT38I/Snw8G4I8yyMw+3s4yLA6N3vzUfuQv4WW1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHkGoMXfcvs8n9eQMIhjlKnCA2F/MB8GA1UdIwQY
MBaAFCOcReQ2JVIggK7FOVKYmhOiir0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2Njgt
OTc1YTIzN2VjZDA2LzEvZVFhZ3hkOXktenlmMTVBd2lHT1VxY0lEWVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi80YzQ4OTQtODBmYy00OGVmLWI2NjgtOTc1YTIzN2VjZDA2
LzEvSTV4RjVEWWxVaUNBcnNVNVVwaWFFNktLdlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZqoAwQC
ucx4MA0EAgACMAcDBQMqCvdAMA0GCSqGSIb3DQEBCwUAA4IBAQC3z8IT3dMVN5gv
ta7T3KnF1lvou9ywsD9tSjNGFwoDUWH2sgYGOgcVmpcTpaWmnHlyF8JKUZI23XYu
OTQiNRfw7RXmYw8Ah4fwJfrfYwWnpuoosPgysJQsmxmKRfHIUXhkCIrcWVOcF2Az
iUod2SWNlJEhySnj0dLSMpZ4C/PeSxZoD9YAlwn4g9juYnbQyLqjgpGSPvsiXBCM
dHNUakhu9thV4D8TAdNvdSYdSnZV4IrVNohRmyKJUJ7gNocYQiwnYHwSmUQ7OKO9
cttQr2ZjFV9IMbtF49pdUdIoTczPLbBxx/Vmfb7KYZJ/B8r5x2c3to7RP2g3X1Lr
XiTU9zSm
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:24 2026 by rpki-client