Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/n7hqmZmp3MsF9TTpudjT5R_bMpM.roa
File: n7hqmZmp3MsF9TTpudjT5R_bMpM.roa (raw, json)
Hash identifier: rrlnGDlcghiBi/f+mdd7X3ru5a3PhuBM33q4yzpC4Ig=
Subject key identifier: 9F:B8:6A:99:99:A9:DC:CB:05:F5:34:E9:B9:D8:D3:E5:1F:DB:32:93
Certificate issuer: /CN=304e59a223f4bcb823492fb1096c3a82310c03da
Certificate serial: 019E5A52CEB025DEFF5C195BAF80E4AFEDB6
Authority key identifier: 30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/n7hqmZmp3MsF9TTpudjT5R_bMpM.roa
Signing time: Sun 24 May 2026 14:10:36 +0000
ROA not before: Sun 24 May 2026 14:10:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42032
IP address blocks: 45.14.60.0/22 maxlen: 22
185.119.105.0/24 maxlen: 24
185.119.106.0/24 maxlen: 24
2a06:8a02::/32 maxlen: 32
2a0e:b580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5a:52:ce:b0:25:de:ff:5c:19:5b:af:80:e4:af:ed:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=304e59a223f4bcb823492fb1096c3a82310c03da
Validity
Not Before: May 24 14:10:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fb86a9999a9dccb05f534e9b9d8d3e51fdb3293
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b9:0c:a2:40:da:48:48:c4:cb:e1:be:bb:0b:
36:eb:bb:cd:c9:16:6e:e0:94:7c:e0:0d:5e:c2:59:
87:12:f3:5c:fd:35:a9:82:64:81:4b:5c:e0:74:23:
a5:b7:d8:ba:ae:84:96:e5:60:b0:c7:d7:27:76:b9:
e4:49:56:43:19:66:bc:b5:bb:7b:3f:7d:e1:28:d4:
08:fc:0f:57:4c:b4:e6:ca:8e:d7:b2:f0:46:d3:bc:
ae:b8:e8:fd:f3:40:85:7e:4b:ef:6d:c0:fb:0b:9a:
f4:a1:b8:41:c2:e4:2f:bd:07:2d:ed:49:cc:ca:e7:
13:9f:55:e8:20:d1:3d:99:60:9d:67:65:2b:bc:ca:
14:4b:14:e4:6d:5c:d4:d7:96:32:7f:83:a2:32:a0:
90:7b:83:d6:fc:83:f6:a3:56:79:5b:a6:57:47:c9:
c5:db:13:4e:ff:6a:f6:11:b0:b9:53:c8:92:60:ce:
2f:57:88:e8:1b:20:04:d2:02:66:a5:df:fa:7f:b1:
25:94:a8:74:3b:a9:a6:81:06:20:dc:93:e4:f6:ca:
71:6a:18:4c:67:f4:47:05:6b:c4:77:1e:da:8b:5a:
76:5d:01:42:97:53:cb:47:16:18:50:5c:52:f4:b7:
80:26:7d:9f:3b:3b:32:63:a4:fb:ca:73:0f:49:4a:
5b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:B8:6A:99:99:A9:DC:CB:05:F5:34:E9:B9:D8:D3:E5:1F:DB:32:93
X509v3 Authority Key Identifier:
keyid:30:4E:59:A2:23:F4:BC:B8:23:49:2F:B1:09:6C:3A:82:31:0C:03:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/n7hqmZmp3MsF9TTpudjT5R_bMpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f536cd-943f-4554-9f17-344cc502f1bd/1/ME5ZoiP0vLgjSS-xCWw6gjEMA9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.60.0/22
185.119.105.0-185.119.106.255
IPv6:
2a06:8a02::/32
2a0e:b580::/29
Signature Algorithm: sha256WithRSAEncryption
51:db:01:7a:73:2b:81:15:93:40:8b:1f:96:df:d0:9e:11:0d:
92:52:23:51:79:29:e6:e5:97:46:17:1c:c7:18:4c:26:19:13:
26:50:d0:c0:7a:74:a3:96:47:f7:6c:d6:75:f2:36:c4:36:f1:
03:c4:80:66:f3:4a:77:57:b1:51:7e:6b:a4:1c:c3:05:e2:d4:
09:f1:6d:9e:db:14:3a:f2:6b:51:38:3e:1f:0d:69:f3:61:00:
f3:da:7f:26:53:a0:7a:16:56:6f:17:f6:6d:03:9d:b7:42:11:
67:c8:d5:a7:ed:d8:de:30:39:4a:f0:6a:e1:a3:94:40:19:fe:
91:78:95:d6:fe:49:7c:56:c6:4b:9f:77:54:ba:c3:c8:42:41:
f1:b1:4a:64:60:9f:e9:a6:d9:b8:d8:82:dc:48:eb:41:9c:d4:
d3:0a:9c:98:30:f1:42:62:84:0d:09:d4:01:7f:8c:bd:ca:b7:
98:1e:2e:63:fd:27:29:99:f7:0c:dd:1f:d2:69:1d:25:a9:dc:
1f:c4:ca:cf:b9:4e:31:2c:8e:c7:0a:f5:06:6b:eb:f4:ad:bd:
59:10:d3:d0:99:17:f4:1a:69:33:ae:cd:a6:cc:6a:2f:4b:73:
54:6c:8c:3f:7d:97:e7:35:ab:c1:1f:82:60:be:b2:a7:ea:2c:
84:14:46:4b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5aUs6wJd7/XBlbr4Dkr+22MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNGU1OWEyMjNmNGJjYjgyMzQ5MmZiMTA5NmMzYTgyMzEw
YzAzZGEwHhcNMjYwNTI0MTQxMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmI4NmE5OTk5YTlkY2NiMDVmNTM0ZTliOWQ4ZDNlNTFmZGIzMjkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLkMokDaSEjEy+G+uws267vNyRZu
4JR84A1ewlmHEvNc/TWpgmSBS1zgdCOlt9i6roSW5WCwx9cndrnkSVZDGWa8tbt7
P33hKNQI/A9XTLTmyo7XsvBG07yuuOj980CFfkvvbcD7C5r0obhBwuQvvQct7UnM
yucTn1XoINE9mWCdZ2UrvMoUSxTkbVzU15Yyf4OiMqCQe4PW/IP2o1Z5W6ZXR8nF
2xNO/2r2EbC5U8iSYM4vV4joGyAE0gJmpd/6f7EllKh0O6mmgQYg3JPk9spxahhM
Z/RHBWvEdx7ai1p2XQFCl1PLRxYYUFxS9LeAJn2fOzsyY6T7ynMPSUpbAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJ+4apmZqdzLBfU06bnY0+Uf2zKTMB8GA1UdIwQY
MBaAFDBOWaIj9Ly4I0kvsQlsOoIxDAPaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTct
MzQ0Y2M1MDJmMWJkLzEvbjdocW1abXAzTXNGOVRUcHVkalQ1Ul9iTXBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9mNTM2Y2QtOTQzZi00NTU0LTlmMTctMzQ0Y2M1MDJmMWJk
LzEvTUU1Wm9pUDB2TGdqU1MteENXdzZnakVNQTlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUAwQCLQ48MAwD
BAC5d2kDBAC5d2owFAQCAAIwDgMFACoGigIDBQMqDrWAMA0GCSqGSIb3DQEBCwUA
A4IBAQBR2wF6cyuBFZNAix+W39CeEQ2SUiNReSnm5ZdGFxzHGEwmGRMmUNDAenSj
lkf3bNZ18jbENvEDxIBm80p3V7FRfmukHMMF4tQJ8W2e2xQ68mtROD4fDWnzYQDz
2n8mU6B6FlZvF/ZtA523QhFnyNWn7djeMDlK8Grho5RAGf6ReJXW/kl8VsZLn3dU
usPIQkHxsUpkYJ/pptm42ILcSOtBnNTTCpyYMPFCYoQNCdQBf4y9yreYHi5j/Scp
mfcM3R/SaR0lqdwfxMrPuU4xLI7HCvUGa+v0rb1ZENPQmRf0Gmkzrs2mzGovS3NU
bIw/fZfnNavBH4JgvrKn6iyEFEZL
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:07:19 2026 by rpki-client