Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DABZuPz0G56Em3AN2GrI8YJAGxQ.roa
File: DABZuPz0G56Em3AN2GrI8YJAGxQ.roa (raw, json)
Hash identifier: VSG3W0ETU6pqQJRdeu8nIKqi8AUA1fbRK+kBVrivvBI=
Subject key identifier: 0C:00:59:B8:FC:F4:1B:9E:84:9B:70:0D:D8:6A:C8:F1:82:40:1B:14
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019C994390220E193136CB4F8AE57DF1D750
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DABZuPz0G56Em3AN2GrI8YJAGxQ.roa
Signing time: Thu 26 Feb 2026 09:24:27 +0000
ROA not before: Thu 26 Feb 2026 09:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200823
IP address blocks: 45.131.214.0/24 maxlen: 24
45.151.106.0/24 maxlen: 24
103.227.84.0/24 maxlen: 24
194.33.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:43:90:22:0e:19:31:36:cb:4f:8a:e5:7d:f1:d7:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 26 09:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0c0059b8fcf41b9e849b700dd86ac8f182401b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2e:82:09:76:ca:56:55:78:69:e5:98:05:d6:
0d:99:90:ef:72:90:09:7b:8a:ec:99:a6:70:e8:bd:
d9:ed:10:4d:62:6d:94:07:1b:7f:45:07:6b:12:c5:
aa:91:76:68:4e:98:30:cb:1f:cb:1f:10:8b:68:0c:
db:1f:62:1b:1c:4b:29:2b:09:57:d7:db:76:6e:24:
7b:53:dc:4a:91:91:2d:95:66:f6:b0:2d:14:6f:3e:
60:a6:fc:29:44:a7:52:d5:21:01:e8:8d:8e:be:2a:
84:83:b3:c6:a5:fd:4d:5e:ae:22:f3:96:15:0a:46:
06:81:1c:a5:48:5a:c2:3f:f9:3f:a9:4a:5a:d0:87:
eb:27:59:49:0b:3b:34:0b:01:7b:b0:5c:4c:5e:8d:
4e:8b:16:3e:3b:84:d8:74:a4:1d:91:65:88:23:e9:
e2:8c:c0:33:aa:d1:1e:b4:82:bb:9b:25:85:ac:b7:
d8:88:00:8f:2f:7e:ac:f9:14:0e:09:33:42:e3:c1:
4a:e1:65:12:2a:90:ef:fd:4d:95:fc:04:81:85:2c:
03:6a:18:13:75:63:53:5e:82:1c:89:56:81:bd:28:
07:8c:ec:2b:62:9c:b4:5d:49:8c:33:5f:c0:a1:2c:
dd:a9:16:fe:50:ba:48:a6:17:96:54:ac:51:d2:28:
01:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:00:59:B8:FC:F4:1B:9E:84:9B:70:0D:D8:6A:C8:F1:82:40:1B:14
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/DABZuPz0G56Em3AN2GrI8YJAGxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.131.214.0/24
45.151.106.0/24
103.227.84.0/24
194.33.61.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:6f:d6:8d:82:61:62:3a:59:9e:36:83:89:98:5f:25:35:e3:
08:12:fc:1a:65:8e:f1:87:a8:e7:9c:56:7a:7f:01:77:04:50:
38:6f:ef:b3:96:3b:b6:43:75:cb:10:cf:96:7e:54:15:8c:85:
c8:f1:fb:d6:65:2e:55:b9:82:06:0c:14:e5:35:4d:50:48:af:
33:69:8b:a9:61:a6:2e:77:87:2f:07:64:41:bf:8c:b8:02:a2:
f9:51:17:aa:31:b8:ce:d5:c6:6a:8e:73:ac:e3:7d:a6:0f:04:
99:87:70:92:12:05:fb:f9:53:ff:8c:25:eb:ff:7e:75:f3:a4:
9f:d9:d8:9a:df:e3:0d:1b:c3:af:38:73:1c:a1:2a:df:ae:16:
f9:39:d2:cf:71:ae:75:09:8d:59:4c:56:77:e9:f8:f3:0d:ed:
2b:ed:a6:9e:47:96:8d:fe:e0:85:97:80:7d:c0:41:85:5c:2d:
1a:83:a5:06:aa:ec:d8:60:3c:74:f7:3d:46:e5:6c:2a:f4:e5:
53:db:08:bc:ea:6f:2c:e3:bd:42:66:12:4a:c4:29:d7:a0:c5:
0b:eb:04:92:74:4f:d9:28:68:0e:bf:75:22:73:73:e6:b7:36:
c6:5a:83:25:28:05:dd:61:e0:38:6f:fd:f6:29:37:9e:50:8c:
2c:2c:75:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyZQ5AiDhkxNstPiuV98ddQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI2MDkyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzAwNTliOGZjZjQxYjllODQ5YjcwMGRkODZhYzhmMTgyNDAxYjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiy6CCXbKVlV4aeWYBdYNmZDvcpAJ
e4rsmaZw6L3Z7RBNYm2UBxt/RQdrEsWqkXZoTpgwyx/LHxCLaAzbH2IbHEspKwlX
19t2biR7U9xKkZEtlWb2sC0Ubz5gpvwpRKdS1SEB6I2OviqEg7PGpf1NXq4i85YV
CkYGgRylSFrCP/k/qUpa0IfrJ1lJCzs0CwF7sFxMXo1OixY+O4TYdKQdkWWII+ni
jMAzqtEetIK7myWFrLfYiACPL36s+RQOCTNC48FK4WUSKpDv/U2V/ASBhSwDahgT
dWNTXoIciVaBvSgHjOwrYpy0XUmMM1/AoSzdqRb+ULpIpheWVKxR0igBYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAwAWbj89BuehJtwDdhqyPGCQBsUMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvREFCWnVQejBHNTZFbTNBTjJHckk4WUpBR3hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYPWAwQA
LZdqAwQAZ+NUAwQAwiE9MA0GCSqGSIb3DQEBCwUAA4IBAQA6b9aNgmFiOlmeNoOJ
mF8lNeMIEvwaZY7xh6jnnFZ6fwF3BFA4b++zlju2Q3XLEM+WflQVjIXI8fvWZS5V
uYIGDBTlNU1QSK8zaYupYaYud4cvB2RBv4y4AqL5UReqMbjO1cZqjnOs432mDwSZ
h3CSEgX7+VP/jCXr/35186Sf2dia3+MNG8OvOHMcoSrfrhb5OdLPca51CY1ZTFZ3
6fjzDe0r7aaeR5aN/uCFl4B9wEGFXC0ag6UGquzYYDx09z1G5Wwq9OVT2wi86m8s
471CZhJKxCnXoMUL6wSSdE/ZKGgOv3Uic3PmtzbGWoMlKAXdYeA4b/32KTeeUIws
LHVu
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:15:04 2026 by rpki-client