Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xEfOXpOv47N5G2CnghBabc7jFw.roa
File: 2xEfOXpOv47N5G2CnghBabc7jFw.roa (raw, json)
Hash identifier: x99gRh2dGdbbrmmkQn68OFIgoDNLWLSegY+do1fLKpk=
Subject key identifier: DB:11:1F:39:7A:4E:BF:8E:CD:E4:6D:82:9E:08:41:69:B7:3B:8C:5C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D63A8E521BA1CB9DED6FB6134D409FCC4
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xEfOXpOv47N5G2CnghBabc7jFw.roa
Signing time: Mon 06 Apr 2026 16:38:26 +0000
ROA not before: Mon 06 Apr 2026 16:38:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 45.145.59.0/24 maxlen: 24
45.146.89.0/24 maxlen: 24
45.146.90.0/24 maxlen: 24
45.152.202.0/24 maxlen: 24
193.39.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:63:a8:e5:21:ba:1c:b9:de:d6:fb:61:34:d4:09:fc:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 6 16:38:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db111f397a4ebf8ecde46d829e084169b73b8c5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bd:0f:3e:12:c5:e0:83:a5:be:13:6b:23:52:
28:84:02:2d:79:33:e5:02:a9:57:e3:1f:08:8f:9e:
85:12:3b:e3:54:ff:7d:3c:38:f4:97:58:6c:e2:22:
b1:89:a2:6c:20:46:3b:47:e8:f6:6c:c5:b4:4d:51:
07:4c:e7:90:a4:91:90:4e:62:2f:95:f6:e9:18:1d:
73:4f:26:2e:4d:95:01:a0:cc:bb:c4:12:13:d2:50:
31:d3:e7:65:de:e1:ef:d1:34:5f:53:66:45:73:2c:
ca:8e:b6:eb:6f:a5:3d:14:53:b5:21:f9:40:cb:23:
d6:5f:88:44:0f:4f:93:fa:84:c5:e5:71:be:81:46:
e1:4a:6f:13:b2:cd:c9:ef:40:25:0e:4e:b8:90:64:
55:a0:2b:3d:02:d2:70:3d:4f:68:06:4b:40:26:c4:
6a:b6:20:fe:c7:00:f7:98:49:b3:b5:5e:a6:69:6f:
b1:f8:8f:60:11:17:46:41:a3:81:ef:41:dc:b4:39:
40:a0:01:ce:40:b3:ec:54:38:2f:5b:ee:10:86:70:
a7:1d:5f:bd:32:8f:ab:28:fb:a3:8c:ea:a6:9a:80:
56:5d:3c:7e:77:b3:20:a0:e3:51:17:c1:d8:2e:c2:
ed:6c:03:32:b9:6f:27:c7:5e:ba:28:c8:f7:21:2a:
4d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:11:1F:39:7A:4E:BF:8E:CD:E4:6D:82:9E:08:41:69:B7:3B:8C:5C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/2xEfOXpOv47N5G2CnghBabc7jFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.59.0/24
45.146.89.0-45.146.90.255
45.152.202.0/24
193.39.143.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:17:6b:34:7e:e4:e8:32:40:55:48:27:31:69:fe:22:e2:99:
5d:66:0c:c9:a6:ae:42:96:1b:7d:10:fb:57:a3:1a:d0:34:d6:
65:ec:7b:b3:13:44:a4:5c:55:a2:50:b5:32:66:ac:00:1e:30:
77:f8:f2:34:fa:36:80:b7:f3:83:45:50:fd:ef:e2:5b:09:2e:
b6:49:81:92:c9:8c:44:22:10:57:7a:4e:ce:ff:bc:bc:9b:fb:
97:62:bd:00:66:76:3c:3a:50:aa:ba:c3:38:3d:3e:72:5e:2e:
e6:8a:b0:4b:71:fa:80:58:ea:c5:39:54:49:fb:1d:1f:2f:ec:
26:ff:11:16:68:3f:14:b8:60:c2:ec:7b:11:df:91:69:c6:f7:
af:72:5f:cb:e6:09:e5:2a:de:0b:16:6d:c4:ac:31:a0:94:b8:
8b:5e:c1:14:3b:39:9d:54:a3:74:f7:c6:1c:a0:83:26:e2:c7:
fd:b8:af:fa:27:64:d1:f7:4d:cf:88:23:46:d1:84:d8:f8:6d:
96:d5:d9:58:13:82:7f:6e:f1:cd:1e:25:2c:ec:6e:f3:c3:cd:
ec:a3:85:44:00:2b:f4:08:6e:ca:63:84:e7:ac:85:b4:62:91:
02:00:8a:af:46:62:71:ec:1d:b5:0f:5a:87:07:c0:56:19:c6:
3e:54:38:3b
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ1jqOUhuhy53tb7YTTUCfzEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDA2MTYzODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjExMWYzOTdhNGViZjhlY2RlNDZkODI5ZTA4NDE2OWI3M2I4YzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmb0PPhLF4IOlvhNrI1IohAIteTPl
AqlX4x8Ij56FEjvjVP99PDj0l1hs4iKxiaJsIEY7R+j2bMW0TVEHTOeQpJGQTmIv
lfbpGB1zTyYuTZUBoMy7xBIT0lAx0+dl3uHv0TRfU2ZFcyzKjrbrb6U9FFO1IflA
yyPWX4hED0+T+oTF5XG+gUbhSm8Tss3J70AlDk64kGRVoCs9AtJwPU9oBktAJsRq
tiD+xwD3mEmztV6maW+x+I9gERdGQaOB70HctDlAoAHOQLPsVDgvW+4QhnCnHV+9
Mo+rKPujjOqmmoBWXTx+d7MgoONRF8HYLsLtbAMyuW8nx166KMj3ISpN1wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNsRHzl6Tr+OzeRtgp4IQWm3O4xcMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMnhFZk9YcE92NDdONUcyQ25naEJhYmM3akZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALZE7MAwD
BAAtklkDBAAtkloDBAAtmMoDBADBJ48wDQYJKoZIhvcNAQELBQADggEBAH0XazR+
5OgyQFVIJzFp/iLimV1mDMmmrkKWG30Q+1ejGtA01mXse7MTRKRcVaJQtTJmrAAe
MHf48jT6NoC384NFUP3v4lsJLrZJgZLJjEQiEFd6Ts7/vLyb+5divQBmdjw6UKq6
wzg9PnJeLuaKsEtx+oBY6sU5VEn7HR8v7Cb/ERZoPxS4YMLsexHfkWnG969yX8vm
CeUq3gsWbcSsMaCUuItewRQ7OZ1Uo3T3xhyggybix/24r/onZNH3Tc+II0bRhNj4
bZbV2VgTgn9u8c0eJSzsbvPDzeyjhUQAK/QIbspjhOeshbRikQIAiq9GYnHsHbUP
WocHwFYZxj5UODs=
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:02:18 2026 by rpki-client