Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iT5mIcD1q9H_oHBOtmE0Sacif9Q.roa
File: iT5mIcD1q9H_oHBOtmE0Sacif9Q.roa (raw, json)
Hash identifier: kkTNvbo+teG/ZkHD9U6J89vR8+JofWTZTnOlWtJOdQs=
Subject key identifier: 89:3E:66:21:C0:F5:AB:D1:FF:A0:70:4E:B6:61:34:49:A7:22:7F:D4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019EA67C66DBE55F4F43F5B50BC75712B6F6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iT5mIcD1q9H_oHBOtmE0Sacif9Q.roa
Signing time: Mon 08 Jun 2026 09:07:11 +0000
ROA not before: Mon 08 Jun 2026 09:07:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214927
IP address blocks: 45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a6:7c:66:db:e5:5f:4f:43:f5:b5:0b:c7:57:12:b6:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 8 09:07:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=893e6621c0f5abd1ffa0704eb6613449a7227fd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:38:4c:bf:b7:03:07:f1:30:bb:85:b2:dd:a7:
78:70:20:31:17:d5:d4:5d:73:84:89:ac:dd:de:b6:
c5:3e:cf:47:c3:98:f2:86:1a:74:c9:f9:e9:e2:1b:
bd:a3:3d:c7:ee:88:72:f5:cb:fc:e6:43:e9:3b:df:
a1:04:58:62:d8:60:6f:74:9c:c8:1a:83:70:f9:1b:
9d:e9:dc:da:da:91:2f:d3:6d:a4:52:5c:53:3d:59:
11:d3:09:84:f3:ff:d7:fc:a7:da:80:aa:64:c7:51:
6a:31:31:86:20:88:a4:e6:e5:76:a6:f2:32:ca:d5:
34:06:0f:0a:e1:74:39:c7:c4:e0:95:20:47:6d:88:
c2:09:f0:2a:bd:2d:bc:ed:19:d4:28:6a:62:b4:34:
4e:bd:83:ea:59:89:f8:e4:2c:c7:e3:b7:24:1e:6d:
44:b0:4d:1b:fb:d2:84:9b:90:d6:00:41:0e:38:b8:
70:16:d1:53:b4:f0:91:b5:ff:30:4f:ac:ee:1a:22:
08:89:82:9b:6e:eb:2d:e4:4b:f5:14:cd:6b:f7:86:
f2:f4:10:2f:c4:31:f8:1c:a4:8d:bb:68:be:65:b9:
a1:40:25:f2:ad:94:27:64:9e:65:53:63:d2:c9:c3:
a8:0c:66:8e:1e:d7:c4:7e:a0:86:26:bc:97:23:01:
41:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3E:66:21:C0:F5:AB:D1:FF:A0:70:4E:B6:61:34:49:A7:22:7F:D4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/iT5mIcD1q9H_oHBOtmE0Sacif9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.118.248.0/24
45.130.60.0/24
45.131.212.0/24
45.155.69.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.242.245.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
17:c1:f1:a9:0d:33:e8:fb:d0:0b:49:96:ef:0e:b5:93:9b:59:
d7:05:dd:37:d0:ae:3d:92:54:3c:4b:f5:9b:a8:fe:b8:ae:ef:
cf:1a:02:50:da:fd:77:3c:57:99:cf:d1:11:0a:a5:3c:01:c1:
fa:5c:c7:ef:ce:e4:8b:97:f9:e8:d0:a8:d6:b0:62:44:2a:4d:
49:32:fb:89:d3:04:60:7d:df:15:0b:7f:a0:72:fe:ef:da:ad:
ac:96:b4:a3:40:3f:b1:4c:6f:9b:30:88:a1:d5:a3:33:0b:36:
49:a0:a6:99:09:90:b6:63:58:9b:59:cc:04:64:bc:e9:a6:56:
e5:91:32:73:9a:b1:93:8b:b3:73:5b:c2:10:0d:21:f0:31:76:
8c:11:67:c3:0d:89:5f:01:18:e4:90:c0:27:54:c3:e2:e9:d0:
fe:7e:5d:2c:dc:fe:3d:b5:1f:93:1a:2f:c0:eb:73:4e:45:a7:
70:f2:5d:1b:23:b5:7b:e2:df:9d:ff:50:db:85:84:8d:78:e7:
25:0a:3a:68:28:d5:69:df:6a:16:12:69:3c:46:68:d1:d6:6d:
0f:e6:18:bd:76:6e:2f:96:cf:03:b9:24:6b:e6:d2:48:8b:25:
9e:5c:df:f0:13:3d:db:f3:51:0f:cb:fd:2f:6e:02:4e:98:d7:
93:74:df:c3
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ6mfGbb5V9PQ/W1C8dXErb2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNjA4MDkwNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNlNjYyMWMwZjVhYmQxZmZhMDcwNGViNjYxMzQ0OWE3MjI3ZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjhMv7cDB/Ewu4Wy3ad4cCAxF9XU
XXOEiazd3rbFPs9Hw5jyhhp0yfnp4hu9oz3H7ohy9cv85kPpO9+hBFhi2GBvdJzI
GoNw+Rud6dza2pEv022kUlxTPVkR0wmE8//X/KfagKpkx1FqMTGGIIik5uV2pvIy
ytU0Bg8K4XQ5x8TglSBHbYjCCfAqvS287RnUKGpitDROvYPqWYn45CzH47ckHm1E
sE0b+9KEm5DWAEEOOLhwFtFTtPCRtf8wT6zuGiIIiYKbbust5Ev1FM1r94by9BAv
xDH4HKSNu2i+ZbmhQCXyrZQnZJ5lU2PSycOoDGaOHtfEfqCGJryXIwFBFQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIk+ZiHA9avR/6BwTrZhNEmnIn/UMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaVQ1bUljRDFxOUhfb0hCT3RtRTBTYWNpZjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDA8BAIAATA2AwQALXb4AwQA
LYI8AwQALYPUAwQALZtFAwQAVdGAAwQAZ3IrAwQAcR6aAwQAuXqrAwQAufL1MBgE
AgACMBIDBwAqDHiGAQUDBwAqD+fGEAAwDQYJKoZIhvcNAQELBQADggEBABfB8akN
M+j70AtJlu8OtZObWdcF3TfQrj2SVDxL9Zuo/riu788aAlDa/Xc8V5nP0REKpTwB
wfpcx+/O5IuX+ejQqNawYkQqTUky+4nTBGB93xULf6By/u/arayWtKNAP7FMb5sw
iKHVozMLNkmgppkJkLZjWJtZzARkvOmmVuWRMnOasZOLs3NbwhANIfAxdowRZ8MN
iV8BGOSQwCdUw+Lp0P5+XSzc/j21H5MaL8Drc05Fp3DyXRsjtXvi353/UNuFhI14
5yUKOmgo1WnfahYSaTxGaNHWbQ/mGL12bi+WzwO5JGvm0kiLJZ5c3/ATPdvzUQ/L
/S9uAk6Y15N038M=
-----END CERTIFICATE-----
Generated at Sat Jun 13 08:53:51 2026 by rpki-client