Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/Afljxr8ZnlyJfn0MjgcAP3_UzNg.roa
File: Afljxr8ZnlyJfn0MjgcAP3_UzNg.roa (raw, json)
Hash identifier: kphgkoE3iStHTSUsNJCX6GQ8XFaW4TlqKZ0slrAU88M=
Subject key identifier: 01:F9:63:C6:BF:19:9E:5C:89:7E:7D:0C:8E:07:00:3F:7F:D4:CC:D8
Certificate issuer: /CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Certificate serial: 019C8F316C81DF61EB1AF9B01BA1CA66AD59
Authority key identifier: FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/Afljxr8ZnlyJfn0MjgcAP3_UzNg.roa
Signing time: Tue 24 Feb 2026 10:28:26 +0000
ROA not before: Tue 24 Feb 2026 10:28:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204272
IP address blocks: 45.155.144.0/22 maxlen: 22
185.108.208.0/22 maxlen: 22
2a05:4100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:8f:31:6c:81:df:61:eb:1a:f9:b0:1b:a1:ca:66:ad:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fac0f0da39a22a79f80c1f379b668b90f6d74708
Validity
Not Before: Feb 24 10:28:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01f963c6bf199e5c897e7d0c8e07003f7fd4ccd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:20:3e:eb:f3:12:47:b3:8e:82:d6:ee:33:ce:
eb:5c:a4:3d:2c:72:d4:ad:04:9d:4a:b6:78:16:1b:
47:79:fd:c2:19:22:95:ba:82:12:f2:17:70:07:4d:
a2:36:ea:2e:d7:bb:c6:71:0e:0c:48:9e:b7:37:ef:
70:c8:75:28:5c:e1:54:95:03:68:8c:27:2d:7e:43:
b5:64:98:bf:50:f5:e4:65:cf:40:6d:83:ac:e6:d2:
e6:17:26:54:94:13:fc:0f:cc:f5:31:4c:d2:ad:f9:
4a:ab:d1:c0:06:a6:e6:2e:d3:27:c1:75:64:71:47:
be:4b:80:fd:be:32:b2:83:2f:ac:ec:b9:b8:0c:cc:
fb:08:72:9f:b7:87:67:39:6f:57:dc:47:79:28:65:
58:7c:58:25:e8:a0:c8:c5:2c:15:33:f9:84:be:b3:
d8:4a:5d:59:46:15:b1:71:59:e0:36:28:b8:00:89:
da:a1:1b:75:5b:55:f2:3e:8f:8f:64:d3:b5:9c:0b:
2b:ac:a8:c4:f8:c6:b5:d1:73:4e:f6:53:30:75:04:
6c:72:f5:75:dc:c0:76:7a:02:62:9b:79:f4:d0:2b:
26:43:8f:14:e1:10:d8:52:a9:4f:29:db:d5:42:e6:
b6:a4:01:5f:65:2d:28:2e:b8:92:65:e2:2e:18:5d:
3a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:F9:63:C6:BF:19:9E:5C:89:7E:7D:0C:8E:07:00:3F:7F:D4:CC:D8
X509v3 Authority Key Identifier:
keyid:FA:C0:F0:DA:39:A2:2A:79:F8:0C:1F:37:9B:66:8B:90:F6:D7:47:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-sDw2jmiKnn4DB83m2aLkPbXRwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/Afljxr8ZnlyJfn0MjgcAP3_UzNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/86ed5b-bcc1-4d03-95da-b99d4d00f831/1/1-sDw2jmiKnn4DB83m2aLkPbXRwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.144.0/22
185.108.208.0/22
IPv6:
2a05:4100::/29
Signature Algorithm: sha256WithRSAEncryption
7e:93:4e:3d:42:9f:97:91:6b:28:a7:70:2e:bf:da:db:80:08:
ca:f4:5f:65:06:06:2f:df:ee:d9:f2:e3:45:39:7a:97:ec:bd:
b5:20:2b:0b:16:4d:8c:82:52:f7:a7:c7:fb:d6:02:47:c3:84:
73:3f:7d:1c:ff:7f:f8:8e:ff:cb:b6:db:1b:3d:18:e9:f6:b8:
70:24:60:26:2e:41:f2:f4:0f:41:3b:e6:18:08:e8:0e:27:2b:
e0:2f:ad:ec:c1:18:41:e7:2f:6e:9c:93:a1:2c:92:f0:98:c8:
da:67:5d:cf:e9:dd:b1:a4:16:91:de:47:a3:d1:9f:31:8e:b1:
34:de:00:b2:21:c7:b3:19:5b:5e:8f:88:2d:6c:cc:1e:1d:dd:
dc:93:c7:52:b3:80:8e:df:7f:e1:38:18:df:83:b3:86:80:b4:
d2:3b:75:e0:cd:3f:2e:a7:20:ca:14:bf:33:be:6f:24:ba:66:
c0:cc:5b:af:4b:e0:de:58:66:5b:8f:9c:48:29:30:35:aa:7f:
52:e0:76:51:f6:93:18:6a:9f:a1:30:06:b9:ea:05:5b:45:60:
35:7e:26:8a:50:97:8f:b1:a3:75:1f:0c:2c:64:c5:8d:eb:27:
74:45:46:4e:75:6e:8d:42:39:46:04:04:c4:10:11:09:bf:a5:
e4:6b:83:41
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZyPMWyB32HrGvmwG6HKZq1ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYzBmMGRhMzlhMjJhNzlmODBjMWYzNzliNjY4YjkwZjZk
NzQ3MDgwHhcNMjYwMjI0MTAyODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWY5NjNjNmJmMTk5ZTVjODk3ZTdkMGM4ZTA3MDAzZjdmZDRjY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSA+6/MSR7OOgtbuM87rXKQ9LHLU
rQSdSrZ4FhtHef3CGSKVuoIS8hdwB02iNuou17vGcQ4MSJ63N+9wyHUoXOFUlQNo
jCctfkO1ZJi/UPXkZc9AbYOs5tLmFyZUlBP8D8z1MUzSrflKq9HABqbmLtMnwXVk
cUe+S4D9vjKygy+s7Lm4DMz7CHKft4dnOW9X3Ed5KGVYfFgl6KDIxSwVM/mEvrPY
Sl1ZRhWxcVngNii4AInaoRt1W1XyPo+PZNO1nAsrrKjE+Ma10XNO9lMwdQRscvV1
3MB2egJim3n00CsmQ48U4RDYUqlPKdvVQua2pAFfZS0oLriSZeIuGF066wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAH5Y8a/GZ5ciX59DI4HAD9/1MzYMB8GA1UdIwQY
MBaAFPrA8No5oip5+AwfN5tmi5D210cIMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zRHcyam1pS25uNERCODNtMmFMa1BiWFJ3Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRh
LWI5OWQ0ZDAwZjgzMS8xL0FmbGp4cjhabmx5SmZuME1qZ2NBUDNfVXpOZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODgvODZlZDViLWJjYzEtNGQwMy05NWRhLWI5OWQ0ZDAwZjgz
MS8xLzEtc0R3MmptaUtubjREQjgzbTJhTGtQYlhSd2cuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAItm5AD
BAK5bNAwDQQCAAIwBwMFAyoFQQAwDQYJKoZIhvcNAQELBQADggEBAH6TTj1Cn5eR
ayincC6/2tuACMr0X2UGBi/f7tny40U5epfsvbUgKwsWTYyCUvenx/vWAkfDhHM/
fRz/f/iO/8u22xs9GOn2uHAkYCYuQfL0D0E75hgI6A4nK+AvrezBGEHnL26ck6Es
kvCYyNpnXc/p3bGkFpHeR6PRnzGOsTTeALIhx7MZW16PiC1szB4d3dyTx1KzgI7f
f+E4GN+Ds4aAtNI7deDNPy6nIMoUvzO+byS6ZsDMW69L4N5YZluPnEgpMDWqf1Lg
dlH2kxhqn6EwBrnqBVtFYDV+JopQl4+xo3UfDCxkxY3rJ3RFRk51bo1COUYEBMQQ
EQm/peRrg0E=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:35:19 2026 by rpki-client