Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/pADycQ-9xhjD7DWrrFk7pCQ_Ijo.roa
File: pADycQ-9xhjD7DWrrFk7pCQ_Ijo.roa (raw, json)
Hash identifier: K1+0R7I0/kdM14j+kEitEaAtqppeRpYjvV274U8LEQY=
Subject key identifier: A4:00:F2:71:0F:BD:C6:18:C3:EC:35:AB:AC:59:3B:A4:24:3F:22:3A
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019C715F8BB1BE7B51F0EAC3F06CE3307666
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/pADycQ-9xhjD7DWrrFk7pCQ_Ijo.roa
Signing time: Wed 18 Feb 2026 15:30:12 +0000
ROA not before: Wed 18 Feb 2026 15:30:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3949
IP address blocks: 80.174.216.0/22 maxlen: 24
80.174.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:71:5f:8b:b1:be:7b:51:f0:ea:c3:f0:6c:e3:30:76:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Feb 18 15:30:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a400f2710fbdc618c3ec35abac593ba4243f223a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d7:6a:b0:f8:d1:ae:83:53:d9:d0:90:cb:7c:
37:33:7b:6a:93:23:5c:a0:ea:2a:69:28:c2:35:47:
cb:09:60:bb:06:1e:c4:b4:60:87:25:b7:39:af:15:
b9:e2:f0:87:74:c5:10:55:c8:14:04:46:4a:9b:2f:
57:4e:fe:39:18:ab:f7:c9:1b:8d:d2:fd:ce:5f:d8:
5f:37:2f:83:d4:63:3f:55:a8:a0:fd:c4:fa:20:82:
34:70:7b:21:18:fd:4d:98:ea:92:bd:d9:78:32:b9:
3a:4d:0d:2c:a0:b3:e4:0b:e4:c8:37:ac:b4:69:46:
83:6e:23:c2:a3:83:3f:47:5d:41:14:a8:d5:2b:33:
98:f4:65:92:90:00:14:6f:e3:22:47:2f:e0:be:0e:
30:46:81:bf:bd:e1:3c:7e:d7:84:71:64:96:cf:db:
67:64:87:05:5e:29:8d:b2:20:2b:77:53:98:4e:5c:
b2:13:0f:a4:21:26:5c:aa:e1:6a:0c:7c:b7:7d:1e:
03:ff:9f:38:07:4a:01:03:95:f6:2b:3f:2b:d6:fc:
09:14:34:ee:8b:4a:8e:d9:ed:47:c6:b2:2d:90:16:
ec:4b:eb:1d:14:7a:9b:d3:b7:15:3b:c1:d9:67:83:
72:b1:e3:c4:14:71:88:fa:fd:f6:d4:ef:5a:8b:c1:
ae:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:00:F2:71:0F:BD:C6:18:C3:EC:35:AB:AC:59:3B:A4:24:3F:22:3A
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/pADycQ-9xhjD7DWrrFk7pCQ_Ijo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.174.216.0/21
Signature Algorithm: sha256WithRSAEncryption
30:d7:a2:d6:89:45:f6:2c:20:79:31:c3:93:91:64:43:3d:4d:
7c:16:1b:3a:01:61:a0:1d:76:b4:a4:32:9e:2f:0f:4f:d7:2b:
0f:09:40:03:6e:89:1c:51:43:42:d6:3c:ff:d2:45:11:b2:eb:
e3:6f:5f:50:e5:2f:ef:98:ab:98:aa:74:36:f8:83:a8:9c:1e:
3f:19:8e:ca:1d:82:2b:b3:54:cb:43:10:8a:a4:53:d9:68:0a:
b7:88:3f:48:c3:0a:a8:16:68:de:5d:bb:f7:4c:71:73:37:e3:
44:77:ad:d1:e0:ca:14:6b:40:46:a7:00:34:6d:39:68:7f:a4:
9e:c3:42:e2:ef:31:62:75:6e:43:59:2f:c2:07:a8:5e:50:2c:
70:ef:f4:be:63:dc:4f:79:ad:2a:d6:1c:e1:8a:d5:72:9c:8a:
7c:8e:ff:60:b4:40:aa:ba:66:b8:ba:18:bc:6f:28:78:17:ce:
03:71:bc:70:c8:d4:8b:30:76:0b:5a:6e:c9:88:7f:1e:f5:dc:
5a:8b:2c:aa:00:57:6a:c1:06:a7:32:f5:bf:51:92:9d:d1:b8:
36:3a:6a:bd:4b:df:d6:e3:24:d5:51:6e:81:b5:d0:bd:30:2a:
b6:2b:81:d4:21:85:6f:46:55:4e:34:af:c1:aa:74:c0:8d:54:
72:72:8f:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxxX4uxvntR8OrD8GzjMHZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwMjE4MTUzMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDAwZjI3MTBmYmRjNjE4YzNlYzM1YWJhYzU5M2JhNDI0M2YyMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtddqsPjRroNT2dCQy3w3M3tqkyNc
oOoqaSjCNUfLCWC7Bh7EtGCHJbc5rxW54vCHdMUQVcgUBEZKmy9XTv45GKv3yRuN
0v3OX9hfNy+D1GM/Vaig/cT6III0cHshGP1NmOqSvdl4Mrk6TQ0soLPkC+TIN6y0
aUaDbiPCo4M/R11BFKjVKzOY9GWSkAAUb+MiRy/gvg4wRoG/veE8fteEcWSWz9tn
ZIcFXimNsiArd1OYTlyyEw+kISZcquFqDHy3fR4D/584B0oBA5X2Kz8r1vwJFDTu
i0qO2e1HxrItkBbsS+sdFHqb07cVO8HZZ4NysePEFHGI+v321O9ai8GuawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKQA8nEPvcYYw+w1q6xZO6QkPyI6MB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvcEFEeWNRLTl4aGpEN0RXcnJGazdwQ1FfSWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUK7YMA0G
CSqGSIb3DQEBCwUAA4IBAQAw16LWiUX2LCB5McOTkWRDPU18Fhs6AWGgHXa0pDKe
Lw9P1ysPCUADbokcUUNC1jz/0kURsuvjb19Q5S/vmKuYqnQ2+IOonB4/GY7KHYIr
s1TLQxCKpFPZaAq3iD9IwwqoFmjeXbv3THFzN+NEd63R4MoUa0BGpwA0bTlof6Se
w0Li7zFidW5DWS/CB6heUCxw7/S+Y9xPea0q1hzhitVynIp8jv9gtECquma4uhi8
byh4F84DcbxwyNSLMHYLWm7JiH8e9dxaiyyqAFdqwQanMvW/UZKd0bg2Omq9S9/W
4yTVUW6BtdC9MCq2K4HUIYVvRlVONK/BqnTAjVRyco9D
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:27:41 2026 by rpki-client