Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/45NAgDB6reu-erXNEESN-p09cvM.roa
File: 45NAgDB6reu-erXNEESN-p09cvM.roa (raw, json)
Hash identifier: tQMQESDB/lcPTItmMJXfJlwNUfLcCJXoZ+NN7/bh2WQ=
Subject key identifier: E3:93:40:80:30:7A:AD:EB:BE:7A:B5:CD:10:44:8D:FA:9D:3D:72:F3
Certificate issuer: /CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Certificate serial: 019EB1C7A529EFBDA64AE1C5A546F02C0B80
Authority key identifier: 3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/45NAgDB6reu-erXNEESN-p09cvM.roa
Signing time: Wed 10 Jun 2026 13:45:11 +0000
ROA not before: Wed 10 Jun 2026 13:45:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 185.161.148.0/24 maxlen: 24
185.161.150.0/24 maxlen: 24
185.180.192.0/24 maxlen: 24
185.180.193.0/24 maxlen: 24
185.180.194.0/24 maxlen: 24
185.238.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 19:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:c7:a5:29:ef:bd:a6:4a:e1:c5:a5:46:f0:2c:0b:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a5ec28e841f29f380a7ce2cb5cd5673700821fd
Validity
Not Before: Jun 10 13:45:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e3934080307aadebbe7ab5cd10448dfa9d3d72f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:74:b1:4b:57:61:3e:12:f7:f2:06:0c:1b:66:
d7:ad:e8:79:86:28:45:3c:d3:9d:dc:07:c4:e6:7d:
81:c6:be:57:d6:58:78:50:04:79:22:b0:1b:cb:c6:
16:fb:74:e7:eb:66:8b:fe:f6:15:6e:d5:e7:1e:c0:
99:09:59:3e:7d:93:8b:2f:ec:b8:d9:1a:9f:d1:22:
b2:c2:8b:d2:0f:e3:f5:e1:4c:96:5e:04:90:44:5f:
ea:dd:82:9e:c1:b0:52:d1:d8:96:f9:fa:57:16:0b:
8b:71:0c:0f:74:e1:4b:85:75:08:d4:ff:cf:1c:c7:
a4:29:49:04:f6:f7:a3:e8:d2:d6:2e:23:96:84:03:
e0:89:9e:3f:17:77:f1:70:dd:e2:8f:0b:06:87:56:
dd:48:34:e8:01:d4:49:1d:54:3b:c7:f8:10:01:22:
96:be:b6:78:34:01:0e:56:16:ef:c8:78:c1:08:f7:
f7:a0:34:46:1c:0f:8e:01:e4:79:d2:d7:f2:5e:3c:
7d:f4:80:2c:d8:92:08:b4:cf:d7:92:16:a7:2d:cf:
84:20:b3:54:cc:f8:fa:3d:92:72:42:37:09:9a:57:
99:24:a2:e3:94:a7:75:70:e2:f4:0d:2d:90:b2:c9:
15:e7:3c:65:3c:86:2a:cd:e2:93:29:e9:d0:b3:d2:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:93:40:80:30:7A:AD:EB:BE:7A:B5:CD:10:44:8D:FA:9D:3D:72:F3
X509v3 Authority Key Identifier:
keyid:3A:5E:C2:8E:84:1F:29:F3:80:A7:CE:2C:B5:CD:56:73:70:08:21:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ol7CjoQfKfOAp84stc1Wc3AIIf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/45NAgDB6reu-erXNEESN-p09cvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c12020-a1a1-400e-91f3-835599260ff6/1/Ol7CjoQfKfOAp84stc1Wc3AIIf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.148.0/24
185.161.150.0/24
185.180.192.0-185.180.194.255
185.238.176.0/24
Signature Algorithm: sha256WithRSAEncryption
52:83:41:6b:5c:7b:83:bd:0e:7f:ae:75:ca:ce:16:1e:3e:3f:
e6:9b:46:6b:06:ba:44:27:83:28:3d:83:90:48:14:68:e3:aa:
80:12:f4:34:7f:05:bb:f6:6c:2b:b2:29:99:9e:ce:fb:3f:98:
13:8c:cd:80:8d:43:c8:54:1e:26:a9:84:ca:f3:1d:e3:2b:f2:
18:9b:fb:b0:b8:9d:fb:cb:76:b0:08:59:e4:cd:1e:6f:21:ae:
fe:5f:d7:51:ea:45:80:bb:5a:60:7f:6b:fb:98:ca:aa:f3:8d:
f7:2c:aa:ff:b6:d3:9d:36:6a:0c:45:66:d8:a9:3b:e7:33:ab:
d0:a4:62:bd:6a:bf:38:50:d2:c0:7b:34:32:3e:c9:e1:8a:38:
48:15:f9:e9:69:99:b6:b8:5c:0b:d2:a6:7b:fd:5f:4c:09:ac:
1c:06:56:45:76:96:f7:0a:10:b1:34:3f:2a:c4:a6:07:d4:0d:
10:57:09:34:3d:a7:b1:76:1a:d5:21:3c:f4:29:c4:77:38:16:
b0:b0:27:55:98:e4:58:44:68:57:1f:8b:6d:57:63:da:75:5c:
d0:6e:41:b4:6c:10:03:2d:23:9f:d9:30:f3:a8:5b:25:e9:d3:
6d:41:da:54:4a:d4:e7:a2:c2:18:54:76:6c:e4:62:da:22:ce:
c4:01:86:41
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ6xx6Up772mSuHFpUbwLAuAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNWVjMjhlODQxZjI5ZjM4MGE3Y2UyY2I1Y2Q1NjczNzAw
ODIxZmQwHhcNMjYwNjEwMTM0NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzkzNDA4MDMwN2FhZGViYmU3YWI1Y2QxMDQ0OGRmYTlkM2Q3MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHSxS1dhPhL38gYMG2bXreh5hihF
PNOd3AfE5n2Bxr5X1lh4UAR5IrAby8YW+3Tn62aL/vYVbtXnHsCZCVk+fZOLL+y4
2Rqf0SKywovSD+P14UyWXgSQRF/q3YKewbBS0diW+fpXFguLcQwPdOFLhXUI1P/P
HMekKUkE9vej6NLWLiOWhAPgiZ4/F3fxcN3ijwsGh1bdSDToAdRJHVQ7x/gQASKW
vrZ4NAEOVhbvyHjBCPf3oDRGHA+OAeR50tfyXjx99IAs2JIItM/XkhanLc+EILNU
zPj6PZJyQjcJmleZJKLjlKd1cOL0DS2QsskV5zxlPIYqzeKTKenQs9KHywIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOOTQIAweq3rvnq1zRBEjfqdPXLzMB8GA1UdIwQY
MBaAFDpewo6EHynzgKfOLLXNVnNwCCH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMt
ODM1NTk5MjYwZmY2LzEvNDVOQWdEQjZyZXUtZXJYTkVFU04tcDA5Y3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMTIwMjAtYTFhMS00MDBlLTkxZjMtODM1NTk5MjYwZmY2
LzEvT2w3Q2pvUWZLZk9BcDg0c3RjMVdjM0FJSWYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAuaGUAwQA
uaGWMAwDBAa5tMADBAC5tMIDBAC57rAwDQYJKoZIhvcNAQELBQADggEBAFKDQWtc
e4O9Dn+udcrOFh4+P+abRmsGukQngyg9g5BIFGjjqoAS9DR/Bbv2bCuyKZmezvs/
mBOMzYCNQ8hUHiaphMrzHeMr8hib+7C4nfvLdrAIWeTNHm8hrv5f11HqRYC7WmB/
a/uYyqrzjfcsqv+20502agxFZtipO+czq9CkYr1qvzhQ0sB7NDI+yeGKOEgV+elp
mba4XAvSpnv9X0wJrBwGVkV2lvcKELE0PyrEpgfUDRBXCTQ9p7F2GtUhPPQpxHc4
FrCwJ1WY5FhEaFcfi21XY9p1XNBuQbRsEAMtI5/ZMPOoWyXp021B2lRK1OeiwhhU
dmzkYtoizsQBhkE=
-----END CERTIFICATE-----
Generated at Sat Jun 13 05:53:23 2026 by rpki-client