Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/rg99EpazU4D1m6QBD3vvGpfAQYQ.roa
File: rg99EpazU4D1m6QBD3vvGpfAQYQ.roa (raw, json)
Hash identifier: 7byX0/FX0a8Z3hjUw0qBiljBM8UY5I19ub6hHiL96D8=
Subject key identifier: AE:0F:7D:12:96:B3:53:80:F5:9B:A4:01:0F:7B:EF:1A:97:C0:41:84
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019D914DADD34D1C59BD50C032A70AC167E3
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/rg99EpazU4D1m6QBD3vvGpfAQYQ.roa
Signing time: Wed 15 Apr 2026 13:21:20 +0000
ROA not before: Wed 15 Apr 2026 13:21:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 13886
IP address blocks: 45.43.165.0/24 maxlen: 24
64.137.51.0/24 maxlen: 24
104.238.29.0/24 maxlen: 24
104.239.15.0/24 maxlen: 24
104.249.18.0/24 maxlen: 24
204.52.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:91:4d:ad:d3:4d:1c:59:bd:50:c0:32:a7:0a:c1:67:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Apr 15 13:21:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ae0f7d1296b35380f59ba4010f7bef1a97c04184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:71:9d:30:15:83:c1:b4:7e:0e:a8:29:88:
16:88:a5:57:12:ce:1e:d9:12:1b:f2:e6:76:f6:30:
a2:d5:62:0a:f2:0f:e0:78:19:b8:67:15:a0:2e:94:
ba:c1:39:7d:96:08:aa:67:f3:fc:36:09:7c:d2:35:
d9:a1:81:2e:93:d2:e9:9d:23:03:f7:73:77:86:2d:
55:25:d8:0d:99:d9:63:78:b3:5c:24:54:3c:90:c2:
65:e3:11:a8:ea:2c:35:82:92:e6:ab:10:11:61:3f:
02:b3:55:2b:75:ee:6b:51:ba:4f:79:e7:1d:45:f9:
88:54:dc:19:bd:e2:d6:0c:53:87:21:21:70:ba:13:
f4:cb:e9:d7:43:50:14:6a:15:78:e2:19:9e:42:5c:
ed:08:63:10:a3:95:4a:bc:f0:ea:a2:49:64:2b:4d:
fd:b8:46:b3:11:14:1c:50:2c:5a:8a:4b:7f:4a:51:
75:9b:d4:1c:28:07:21:45:38:2e:68:76:b8:69:70:
ac:f6:c8:1e:54:8f:15:e2:38:9e:5e:57:a9:6c:34:
68:88:ba:be:c5:be:3c:d0:55:78:ce:79:09:16:13:
43:27:9a:bd:74:8a:fb:c9:b2:c3:f7:78:f3:b0:ec:
47:84:d1:b5:0b:18:a5:b2:c2:5b:18:9f:c6:e2:f0:
12:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0F:7D:12:96:B3:53:80:F5:9B:A4:01:0F:7B:EF:1A:97:C0:41:84
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/rg99EpazU4D1m6QBD3vvGpfAQYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.165.0/24
64.137.51.0/24
104.238.29.0/24
104.239.15.0/24
104.249.18.0/24
204.52.112.0/24
Signature Algorithm: sha256WithRSAEncryption
21:a7:d8:56:2e:d0:9d:c0:34:45:12:35:69:0a:9f:68:ca:08:
5f:16:88:8c:a3:6e:a6:93:7d:f8:37:6d:4f:c9:27:c9:ba:b8:
9a:35:d4:6b:db:43:1a:02:9d:75:55:c1:d0:f5:75:df:5f:3a:
45:8d:31:a5:1a:ba:85:43:4b:9b:e2:12:f8:06:60:5e:60:ee:
1d:74:a1:92:a0:76:6c:98:c4:19:7e:e9:66:99:16:4c:10:28:
12:a8:1f:0f:a1:83:57:f3:12:d6:e2:7c:4a:07:45:a6:85:54:
77:14:4a:e3:5e:a9:72:fd:0d:6c:88:7d:d4:81:87:21:d7:5c:
aa:3d:55:74:5b:07:78:fe:ad:03:98:97:8d:f7:3c:9d:5b:ed:
b0:8c:00:66:90:cf:88:03:42:84:69:e7:d3:30:a7:d8:58:97:
c4:88:9b:74:7f:68:2f:72:18:6d:57:8f:33:5c:19:a6:cf:8c:
22:c5:3e:5e:fd:51:39:78:0e:0d:3f:35:cb:c8:b8:19:ea:b6:
dd:47:84:67:f3:65:04:82:79:80:a4:a0:68:34:84:ef:41:d0:
12:50:1b:59:7a:35:c7:42:57:c0:fd:dc:83:9b:34:2c:06:28:
58:65:2a:25:4c:ef:ce:0d:74:76:73:7a:40:5c:13:d9:bf:bd:
17:49:5d:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ2RTa3TTRxZvVDAMqcKwWfjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjYwNDE1MTMyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBmN2QxMjk2YjM1MzgwZjU5YmE0MDEwZjdiZWYxYTk3YzA0MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVVxnTAVg8G0fg6oKYgWiKVXEs4e
2RIb8uZ29jCi1WIK8g/geBm4ZxWgLpS6wTl9lgiqZ/P8Ngl80jXZoYEuk9LpnSMD
93N3hi1VJdgNmdljeLNcJFQ8kMJl4xGo6iw1gpLmqxARYT8Cs1Urde5rUbpPeecd
RfmIVNwZveLWDFOHISFwuhP0y+nXQ1AUahV44hmeQlztCGMQo5VKvPDqoklkK039
uEazERQcUCxaikt/SlF1m9QcKAchRTguaHa4aXCs9sgeVI8V4jieXlepbDRoiLq+
xb480FV4znkJFhNDJ5q9dIr7ybLD93jzsOxHhNG1CxilssJbGJ/G4vAS9wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK4PfRKWs1OA9ZukAQ977xqXwEGEMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvcmc5OUVwYXpVNEQxbTZRQkQzdnZHcGZBUVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALSulAwQA
QIkzAwQAaO4dAwQAaO8PAwQAaPkSAwQAzDRwMA0GCSqGSIb3DQEBCwUAA4IBAQAh
p9hWLtCdwDRFEjVpCp9oyghfFoiMo26mk334N21PySfJuriaNdRr20MaAp11VcHQ
9XXfXzpFjTGlGrqFQ0ub4hL4BmBeYO4ddKGSoHZsmMQZfulmmRZMECgSqB8PoYNX
8xLW4nxKB0WmhVR3FErjXqly/Q1siH3UgYch11yqPVV0Wwd4/q0DmJeN9zydW+2w
jABmkM+IA0KEaefTMKfYWJfEiJt0f2gvchhtV48zXBmmz4wixT5e/VE5eA4NPzXL
yLgZ6rbdR4Rn82UEgnmApKBoNITvQdASUBtZejXHQlfA/dyDmzQsBihYZSolTO/O
DXR2c3pAXBPZv70XSV1n
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:30:23 2026 by rpki-client