Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/65RofEI-RICkND1G0AE3ZBwPADo.roa
File: 65RofEI-RICkND1G0AE3ZBwPADo.roa (raw, json)
Hash identifier: Jhf4Bu2wHxMsipym9EJimWEH8mritzViIbzd+Ka0HcY=
Subject key identifier: EB:94:68:7C:42:3E:44:80:A4:34:3D:46:D0:01:37:64:1C:0F:00:3A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D588A855058033EDA7C8E53D0D685CF75
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/65RofEI-RICkND1G0AE3ZBwPADo.roa
Signing time: Sat 04 Apr 2026 12:49:26 +0000
ROA not before: Sat 04 Apr 2026 12:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215540
IP address blocks: 45.130.127.0/24 maxlen: 24
45.130.254.0/24 maxlen: 24
45.142.31.0/24 maxlen: 24
45.148.101.0/24 maxlen: 24
45.148.102.0/24 maxlen: 24
45.148.103.0/24 maxlen: 24
45.149.144.0/24 maxlen: 24
45.155.68.0/24 maxlen: 24
80.253.251.0/24 maxlen: 24
113.30.152.0/24 maxlen: 24
185.99.96.0/24 maxlen: 24
185.214.74.0/24 maxlen: 24
185.242.247.0/24 maxlen: 24
193.39.208.0/24 maxlen: 24
195.66.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:58:8a:85:50:58:03:3e:da:7c:8e:53:d0:d6:85:cf:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 4 12:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb94687c423e4480a4343d46d00137641c0f003a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ba:5e:f9:1d:92:cd:e9:fe:7a:32:7f:b2:2b:
c5:2e:44:7f:c8:2a:fc:ff:55:64:68:fa:27:1d:5f:
1b:c2:05:05:4b:1c:44:ce:5c:2b:c2:c3:2c:91:ee:
34:98:56:df:2f:f0:eb:d0:60:53:5b:e9:be:c6:24:
24:14:cc:6b:01:a0:14:13:34:66:76:4e:ec:d9:d9:
bc:91:cd:01:cd:89:b6:64:90:b4:37:52:a1:e3:49:
e4:b1:7f:c2:77:8e:02:f1:a0:79:e3:0b:98:f0:e8:
fb:60:91:59:cc:ba:d8:19:ea:47:e6:10:28:0b:a4:
3c:10:86:6a:16:54:3e:83:80:2a:d8:0e:18:61:f5:
10:09:4f:84:1b:c0:5f:97:35:3d:e8:de:9d:00:16:
19:92:6e:55:c8:a9:14:89:e1:56:18:91:ef:c0:a5:
e0:dc:46:ec:1c:fe:11:41:27:99:f1:85:79:c5:fa:
72:2e:ef:9d:21:5c:a7:7b:b2:26:8d:92:a9:42:6e:
7e:fb:c5:90:1e:1f:08:f4:03:ae:0c:f3:bd:e8:c2:
40:5a:78:39:c4:36:bd:14:c7:4e:b3:17:0b:e1:5a:
45:f3:74:b3:49:b1:dc:c8:28:03:a4:9e:1f:c9:a8:
6d:f7:6c:07:24:f2:aa:d8:2b:11:7e:f8:ec:ac:f4:
97:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:94:68:7C:42:3E:44:80:A4:34:3D:46:D0:01:37:64:1C:0F:00:3A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/65RofEI-RICkND1G0AE3ZBwPADo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.127.0/24
45.130.254.0/24
45.142.31.0/24
45.148.101.0-45.148.103.255
45.149.144.0/24
45.155.68.0/24
80.253.251.0/24
113.30.152.0/24
185.99.96.0/24
185.214.74.0/24
185.242.247.0/24
193.39.208.0/24
195.66.25.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:28:7a:23:ef:ec:18:94:e0:49:ce:c9:bd:89:e8:2c:63:8c:
34:c7:29:96:5a:2a:86:6e:3f:75:6e:9c:f5:08:e2:83:a0:07:
99:d8:30:7c:2b:31:77:b2:eb:c1:12:b8:42:1c:3c:89:24:4b:
fd:cc:b9:c3:6e:e9:7a:58:eb:f0:d4:89:5c:d4:1f:a1:ad:c9:
23:49:9e:be:67:78:74:f3:2d:fe:b3:7c:11:75:d2:62:81:bb:
cb:f7:f2:d8:24:d3:47:a4:95:16:66:a1:e3:f5:a8:62:1a:77:
8b:2f:8d:80:7e:f9:37:2b:27:54:ad:90:44:93:64:9f:3a:14:
2b:4c:87:2e:f9:3c:a8:c2:05:6a:62:54:84:a7:b5:40:7a:35:
f1:8f:e4:eb:f0:ac:6a:45:93:ca:83:93:80:e2:57:f6:62:92:
17:f6:8d:28:16:f4:2d:ac:65:d7:28:29:6c:ca:95:23:83:97:
f6:12:14:3a:67:98:6e:82:fc:04:97:8a:db:db:ca:c7:25:00:
be:3e:c0:a7:95:89:9f:dc:7b:47:1c:2e:46:0c:cf:71:69:ad:
75:76:a0:9a:d0:ea:54:03:f8:2f:7f:05:fd:81:d0:61:76:cd:
1f:cb:9d:6e:7b:a3:be:66:c7:9e:77:99:f9:f2:87:35:66:12:
8d:41:a7:b0
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ1YioVQWAM+2nyOU9DWhc91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDA0MTI0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk0Njg3YzQyM2U0NDgwYTQzNDNkNDZkMDAxMzc2NDFjMGYwMDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbpe+R2Szen+ejJ/sivFLkR/yCr8
/1VkaPonHV8bwgUFSxxEzlwrwsMske40mFbfL/Dr0GBTW+m+xiQkFMxrAaAUEzRm
dk7s2dm8kc0BzYm2ZJC0N1Kh40nksX/Cd44C8aB54wuY8Oj7YJFZzLrYGepH5hAo
C6Q8EIZqFlQ+g4Aq2A4YYfUQCU+EG8BflzU96N6dABYZkm5VyKkUieFWGJHvwKXg
3EbsHP4RQSeZ8YV5xfpyLu+dIVyne7ImjZKpQm5++8WQHh8I9AOuDPO96MJAWng5
xDa9FMdOsxcL4VpF83SzSbHcyCgDpJ4fyaht92wHJPKq2CsRfvjsrPSXlwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFOuUaHxCPkSApDQ9RtABN2QcDwA6MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvNjVSb2ZFSS1SSUNrTkQxRzBBRTNaQndQQURvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALYJ/AwQA
LYL+AwQALY4fMAwDBAAtlGUDBAMtlGADBAAtlZADBAAtm0QDBABQ/fsDBABxHpgD
BAC5Y2ADBAC51koDBAC58vcDBADBJ9ADBADDQhkwDQYJKoZIhvcNAQELBQADggEB
AA0oeiPv7BiU4EnOyb2J6CxjjDTHKZZaKoZuP3VunPUI4oOgB5nYMHwrMXey68ES
uEIcPIkkS/3MucNu6XpY6/DUiVzUH6GtySNJnr5neHTzLf6zfBF10mKBu8v38tgk
00eklRZmoeP1qGIad4svjYB++TcrJ1StkESTZJ86FCtMhy75PKjCBWpiVISntUB6
NfGP5OvwrGpFk8qDk4DiV/Zikhf2jSgW9C2sZdcoKWzKlSODl/YSFDpnmG6C/ASX
itvbysclAL4+wKeViZ/ce0ccLkYMz3FprXV2oJrQ6lQD+C9/Bf2B0GF2zR/LnW57
o75mx553mfnyhzVmEo1Bp7A=
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:55:26 2026 by rpki-client