Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/2OdhPZZ2rBcNbZJORD0Md1l0kJ0.roa
File: 2OdhPZZ2rBcNbZJORD0Md1l0kJ0.roa (raw, json)
Hash identifier: x16LGl9tSAnIdYULX5uuM4GVuw4G/u/nooD8QEjNIcs=
Subject key identifier: D8:E7:61:3D:96:76:AC:17:0D:6D:92:4E:44:3D:0C:77:59:74:90:9D
Certificate issuer: /CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Certificate serial: 019B7C12AFE601F79B8FF7CB8F9AA846C679
Authority key identifier: BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/2OdhPZZ2rBcNbZJORD0Md1l0kJ0.roa
Signing time: Fri 02 Jan 2026 00:19:17 +0000
ROA not before: Fri 02 Jan 2026 00:19:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44377
IP address blocks: 45.137.248.0/22 maxlen: 24
45.143.216.0/22 maxlen: 24
77.81.160.0/22 maxlen: 24
92.242.224.0/19 maxlen: 24
185.121.200.0/22 maxlen: 24
193.19.220.0/22 maxlen: 24
2a13:ca80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:12:af:e6:01:f7:9b:8f:f7:cb:8f:9a:a8:46:c6:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda1e55f744e1412bd753fd277b77408dcdf8cb4
Validity
Not Before: Jan 2 00:19:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d8e7613d9676ac170d6d924e443d0c775974909d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ab:2b:00:64:41:b0:a4:50:98:46:7a:91:e3:
28:77:c6:ce:36:36:b6:0d:a2:c2:17:29:11:77:ab:
20:0f:89:05:30:71:8a:95:67:8a:d5:e4:a6:42:1f:
16:77:08:4d:fb:16:7d:63:e0:7b:2f:b9:7f:ff:a4:
f0:e0:7b:dd:87:c4:05:4a:f2:96:f4:fb:cd:b0:c8:
8a:7a:9e:50:e1:fb:2d:55:8e:ae:98:b3:d4:aa:0a:
21:af:87:60:c1:a8:c2:ae:4f:4f:6d:e6:99:5f:59:
e8:f3:73:d1:1e:87:53:0f:52:fc:ca:26:33:57:34:
d8:84:96:30:5e:c5:05:95:74:1c:e7:16:d0:7b:ce:
01:ec:a2:04:91:8d:38:f9:ee:81:20:64:6f:f8:4d:
25:29:15:ae:f3:a6:dc:a2:bd:6e:0b:4b:1b:19:f0:
71:01:ef:18:0e:1a:f1:37:b6:6a:30:a1:c0:fb:13:
54:ac:a3:cc:a2:1b:1e:ef:1d:ff:59:f8:e3:cd:f0:
48:e4:89:84:28:2a:1b:d2:6b:23:8b:b0:1a:64:e7:
bb:7a:6a:a1:b1:b5:63:67:80:8f:56:12:37:d4:70:
53:d0:54:cb:b0:55:04:5c:c9:59:1c:1e:6d:b1:32:
ed:59:65:f6:32:2d:5e:28:65:82:fc:8d:b2:8e:aa:
21:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E7:61:3D:96:76:AC:17:0D:6D:92:4E:44:3D:0C:77:59:74:90:9D
X509v3 Authority Key Identifier:
keyid:BD:A1:E5:5F:74:4E:14:12:BD:75:3F:D2:77:B7:74:08:DC:DF:8C:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/2OdhPZZ2rBcNbZJORD0Md1l0kJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/3cd45f-0b79-43b7-a9e6-c0bcedb34274/1/vaHlX3ROFBK9dT_Sd7d0CNzfjLQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.248.0/22
45.143.216.0/22
77.81.160.0/22
92.242.224.0/19
185.121.200.0/22
193.19.220.0/22
IPv6:
2a13:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
97:69:2e:7a:53:cb:00:2d:b2:6b:72:84:e9:36:8c:41:f3:00:
8d:c1:07:45:d1:a5:52:9d:99:19:78:69:b5:f0:a6:68:1b:0f:
8f:84:a8:33:7d:1f:45:69:b9:b1:d6:84:41:ff:3c:11:bd:60:
2f:87:a2:17:e5:ea:7a:04:ff:d7:2d:fc:7b:2f:d7:7d:bc:a1:
0c:10:1a:e2:f9:d3:50:8d:66:69:4f:cd:c8:dd:6c:12:0b:bf:
2c:02:db:1d:60:32:d0:24:8b:2f:71:d5:50:db:a3:fa:fa:c8:
67:be:a5:00:fd:51:8b:4e:17:c9:a4:99:31:57:31:e4:2e:56:
2f:21:5c:fe:dd:18:bc:4e:fe:8a:65:39:1c:c8:bd:dc:9b:96:
13:c6:b1:06:ca:c1:a3:9d:bf:58:c1:bb:fa:98:09:d7:7f:74:
92:f9:d6:98:c6:92:19:27:cf:87:7b:2e:ce:c6:11:84:f5:71:
7c:c1:81:ce:4c:91:cc:82:9e:68:a6:53:31:4a:7c:32:23:36:
e8:16:d5:71:51:0f:06:25:d5:39:bd:64:07:b8:24:6b:59:60:
3c:e3:bb:e6:74:fc:aa:93:7e:d0:c5:1c:61:58:a9:13:12:ad:
44:6a:51:0f:f1:0a:d4:79:f5:c2:7a:e2:08:2c:82:fe:5e:7b:
72:c9:df:c1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZt8Eq/mAfebj/fLj5qoRsZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTFlNTVmNzQ0ZTE0MTJiZDc1M2ZkMjc3Yjc3NDA4ZGNk
ZjhjYjQwHhcNMjYwMTAyMDAxOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU3NjEzZDk2NzZhYzE3MGQ2ZDkyNGU0NDNkMGM3NzU5NzQ5MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6KsrAGRBsKRQmEZ6keMod8bONja2
DaLCFykRd6sgD4kFMHGKlWeK1eSmQh8WdwhN+xZ9Y+B7L7l//6Tw4Hvdh8QFSvKW
9PvNsMiKep5Q4fstVY6umLPUqgohr4dgwajCrk9PbeaZX1no83PRHodTD1L8yiYz
VzTYhJYwXsUFlXQc5xbQe84B7KIEkY04+e6BIGRv+E0lKRWu86bcor1uC0sbGfBx
Ae8YDhrxN7ZqMKHA+xNUrKPMohse7x3/WfjjzfBI5ImEKCob0msji7AaZOe7emqh
sbVjZ4CPVhI31HBT0FTLsFUEXMlZHB5tsTLtWWX2Mi1eKGWC/I2yjqohTwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNjnYT2WdqwXDW2STkQ9DHdZdJCdMB8GA1UdIwQY
MBaAFL2h5V90ThQSvXU/0ne3dAjc34y0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYt
YzBiY2VkYjM0Mjc0LzEvMk9kaFBaWjJyQmNOYlpKT1JEME1kMWwwa0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi8zY2Q0NWYtMGI3OS00M2I3LWE5ZTYtYzBiY2VkYjM0Mjc0
LzEvdmFIbFgzUk9GQks5ZFRfU2Q3ZDBDTnpmakxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLYn4AwQC
LY/YAwQCTVGgAwQFXPLgAwQCuXnIAwQCwRPcMA0EAgACMAcDBQMqE8qAMA0GCSqG
SIb3DQEBCwUAA4IBAQCXaS56U8sALbJrcoTpNoxB8wCNwQdF0aVSnZkZeGm18KZo
Gw+PhKgzfR9Fabmx1oRB/zwRvWAvh6IX5ep6BP/XLfx7L9d9vKEMEBri+dNQjWZp
T83I3WwSC78sAtsdYDLQJIsvcdVQ26P6+shnvqUA/VGLThfJpJkxVzHkLlYvIVz+
3Ri8Tv6KZTkcyL3cm5YTxrEGysGjnb9Ywbv6mAnXf3SS+daYxpIZJ8+Hey7OxhGE
9XF8wYHOTJHMgp5oplMxSnwyIzboFtVxUQ8GJdU5vWQHuCRrWWA847vmdPyqk37Q
xRxhWKkTEq1EalEP8QrUefXCeuIILIL+Xntyyd/B
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:24:42 2026 by rpki-client