Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/tGVxaOXkW7EuQqW9cKlE7ec1aac.roa
File: tGVxaOXkW7EuQqW9cKlE7ec1aac.roa (raw, json)
Hash identifier: muPN8zI+Nf3MgaQWzHsyyy2GZnIQWau/zxiVhyiqVlc=
Subject key identifier: B4:65:71:68:E5:E4:5B:B1:2E:42:A5:BD:70:A9:44:ED:E7:35:69:A7
Certificate issuer: /CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Certificate serial: 019C9EB23CD0C99DB7030E16A6FBBE32A9E2
Authority key identifier: 41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/tGVxaOXkW7EuQqW9cKlE7ec1aac.roa
Signing time: Fri 27 Feb 2026 10:43:26 +0000
ROA not before: Fri 27 Feb 2026 10:43:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 852
IP address blocks: 45.132.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:b2:3c:d0:c9:9d:b7:03:0e:16:a6:fb:be:32:a9:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4196230e58decc0cbcfb15f56aa64dedd1f389f5
Validity
Not Before: Feb 27 10:43:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b4657168e5e45bb12e42a5bd70a944ede73569a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a8:43:50:03:9f:5d:c1:e3:78:72:74:60:ec:
54:26:ae:50:03:db:03:39:81:93:f2:6b:fa:2d:5c:
d6:5c:7e:9d:1a:3b:94:b2:45:03:e1:b7:74:66:2a:
ed:58:c2:19:28:25:0b:f6:8b:9b:a8:53:30:01:fa:
5e:b8:27:77:e9:df:e0:5d:ed:44:da:ca:69:8a:a6:
17:b7:4c:0b:27:90:f6:48:84:31:ae:1c:4b:89:55:
e6:9b:75:43:d6:62:76:9b:0c:14:cb:2f:ba:23:8c:
c1:be:a9:2d:e0:90:98:71:fc:20:48:98:73:25:db:
a3:59:1f:ac:b0:aa:e2:d1:60:26:c4:d6:81:06:79:
63:e6:f4:21:2c:b9:38:e5:e8:27:df:47:dc:dc:aa:
2e:c9:b2:16:7d:90:c2:ce:61:69:97:ef:4d:f0:af:
7c:6b:b7:ad:48:75:28:bd:88:d2:ce:69:ab:5a:d1:
0e:67:6b:87:cc:a4:06:bb:42:a4:f5:41:22:73:1c:
35:6e:26:0a:0a:2c:d5:2f:32:dd:82:c9:e8:f6:23:
06:30:64:7b:f1:24:e4:7f:a3:0d:55:2d:51:c6:00:
c2:46:47:9d:81:41:10:5a:6a:89:a5:3d:6c:80:d6:
41:77:9c:8e:d3:cd:ef:4a:a7:29:6b:5c:45:9b:b5:
9b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:65:71:68:E5:E4:5B:B1:2E:42:A5:BD:70:A9:44:ED:E7:35:69:A7
X509v3 Authority Key Identifier:
keyid:41:96:23:0E:58:DE:CC:0C:BC:FB:15:F5:6A:A6:4D:ED:D1:F3:89:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QZYjDljezAy8-xX1aqZN7dHzifU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/tGVxaOXkW7EuQqW9cKlE7ec1aac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/da96f5-3f33-46f9-a514-2befffd57fb7/1/QZYjDljezAy8-xX1aqZN7dHzifU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:70:8a:87:08:1f:ce:fb:d3:3f:ac:17:fb:37:44:37:e7:f3:
30:36:c5:46:6f:a8:2e:ed:c7:51:16:83:83:3e:c8:ef:03:ed:
0b:a0:72:c1:49:5a:c6:e1:85:37:01:09:97:a7:c2:34:d3:ff:
18:40:25:66:e8:86:14:91:3e:b6:5d:1b:42:83:e0:50:94:85:
1a:d2:ee:6a:b5:87:0a:c8:00:35:c2:4c:88:2c:aa:06:63:af:
60:56:a5:65:6e:2f:c7:04:92:fa:38:a0:de:4b:e5:04:4b:90:
24:f4:3a:e8:27:12:8a:8d:f6:70:00:82:88:86:ed:8c:e2:5e:
92:f3:7e:9c:07:f4:a2:e3:87:9d:ec:9f:f3:55:4c:bd:27:43:
68:c9:96:38:c5:6b:e1:2b:aa:b4:8e:33:5d:3b:73:a3:52:75:
b8:59:28:47:2d:b1:8f:82:64:cf:25:83:d9:9c:32:c1:a0:95:
15:94:b8:28:89:e1:3e:72:5c:c8:0f:14:ab:81:71:3c:8d:a7:
f6:96:c7:d6:32:b2:4d:17:68:87:44:2a:a0:94:32:7a:27:5e:
91:f3:bf:7c:0b:c7:21:50:b3:23:59:43:dd:90:ac:36:2f:2d:
34:5b:0a:33:49:e9:a9:77:ee:2a:21:2a:4b:a6:d9:d1:8f:a2:
cb:b8:1b:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyesjzQyZ23Aw4Wpvu+MqniMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxOTYyMzBlNThkZWNjMGNiY2ZiMTVmNTZhYTY0ZGVkZDFm
Mzg5ZjUwHhcNMjYwMjI3MTA0MzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY1NzE2OGU1ZTQ1YmIxMmU0MmE1YmQ3MGE5NDRlZGU3MzU2OWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqhDUAOfXcHjeHJ0YOxUJq5QA9sD
OYGT8mv6LVzWXH6dGjuUskUD4bd0ZirtWMIZKCUL9oubqFMwAfpeuCd36d/gXe1E
2sppiqYXt0wLJ5D2SIQxrhxLiVXmm3VD1mJ2mwwUyy+6I4zBvqkt4JCYcfwgSJhz
JdujWR+ssKri0WAmxNaBBnlj5vQhLLk45egn30fc3KouybIWfZDCzmFpl+9N8K98
a7etSHUovYjSzmmrWtEOZ2uHzKQGu0Kk9UEicxw1biYKCizVLzLdgsno9iMGMGR7
8STkf6MNVS1RxgDCRkedgUEQWmqJpT1sgNZBd5yO083vSqcpa1xFm7WbdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRlcWjl5FuxLkKlvXCpRO3nNWmnMB8GA1UdIwQY
MBaAFEGWIw5Y3swMvPsV9WqmTe3R84n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQt
MmJlZmZmZDU3ZmI3LzEvdEdWeGFPWGtXN0V1UXFXOWNLbEU3ZWMxYWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kYTk2ZjUtM2YzMy00NmY5LWE1MTQtMmJlZmZmZDU3ZmI3
LzEvUVpZakRsamV6QXk4LXhYMWFxWk43ZEh6aWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYQDMA0G
CSqGSIb3DQEBCwUAA4IBAQC4cIqHCB/O+9M/rBf7N0Q35/MwNsVGb6gu7cdRFoOD
PsjvA+0LoHLBSVrG4YU3AQmXp8I00/8YQCVm6IYUkT62XRtCg+BQlIUa0u5qtYcK
yAA1wkyILKoGY69gVqVlbi/HBJL6OKDeS+UES5Ak9DroJxKKjfZwAIKIhu2M4l6S
836cB/Si44ed7J/zVUy9J0NoyZY4xWvhK6q0jjNdO3OjUnW4WShHLbGPgmTPJYPZ
nDLBoJUVlLgoieE+clzIDxSrgXE8jaf2lsfWMrJNF2iHRCqglDJ6J16R8798C8ch
ULMjWUPdkKw2Ly00WwozSempd+4qISpLptnRj6LLuBtV
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:04:54 2026 by rpki-client