Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/IC3KBofEraY-o2Xt0fXEgJfzG3A.roa
File: IC3KBofEraY-o2Xt0fXEgJfzG3A.roa (raw, json)
Hash identifier: KnhXw815iFAaQmnUWwTQE6WQ0M3tQmAE0zW0o+PJiU8=
Subject key identifier: 20:2D:CA:06:87:C4:AD:A6:3E:A3:65:ED:D1:F5:C4:80:97:F3:1B:70
Certificate issuer: /CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Certificate serial: 019B7B3661AC530D60216334C5C29C26C2B9
Authority key identifier: 4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/IC3KBofEraY-o2Xt0fXEgJfzG3A.roa
Signing time: Thu 01 Jan 2026 20:18:39 +0000
ROA not before: Thu 01 Jan 2026 20:18:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 38972
IP address blocks: 46.254.24.0/22 maxlen: 22
46.254.24.0/24 maxlen: 24
46.254.25.0/24 maxlen: 24
46.254.26.0/24 maxlen: 24
46.254.27.0/24 maxlen: 24
80.251.144.0/21 maxlen: 21
80.251.147.0/24 maxlen: 24
80.251.150.0/24 maxlen: 24
80.251.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 02:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:36:61:ac:53:0d:60:21:63:34:c5:c2:9c:26:c2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Validity
Not Before: Jan 1 20:18:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=202dca0687c4ada63ea365edd1f5c48097f31b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4e:b5:3c:0a:71:44:55:3c:76:54:90:f7:c0:
c9:22:83:67:d3:47:9b:dc:b3:15:09:44:9a:95:c7:
de:be:e6:af:c4:9b:f6:d2:71:e6:4c:d2:45:52:64:
bd:75:9b:84:dd:d5:b3:91:51:bf:8b:e6:8c:73:7b:
b3:95:25:ce:aa:7f:b4:34:86:4e:ea:f1:04:35:df:
e4:d3:c5:64:f6:2b:b3:9b:56:c3:01:34:7c:df:39:
9c:62:b1:88:13:b6:86:8d:25:b0:e3:50:43:91:91:
15:1b:90:76:88:49:73:9a:f6:59:62:16:eb:6f:9a:
f3:d2:89:5f:fa:b5:89:f9:75:45:f6:4a:17:39:4a:
5b:c3:a1:9e:28:a3:a1:3c:c4:8f:02:99:7b:82:44:
39:cd:a1:0f:7c:80:44:1d:dd:65:c4:13:b4:80:4e:
59:32:dc:5a:5c:8b:cf:84:2e:75:aa:0b:fe:a8:c1:
40:b4:8c:f4:46:46:7a:82:a6:c9:d2:e5:9e:40:15:
c8:90:01:19:8a:56:c8:bb:7a:0a:e6:52:71:33:ea:
b6:5c:a6:1b:a0:e6:bb:6e:d7:56:e0:cd:33:65:5d:
e9:52:4b:c5:06:46:da:3f:b0:f9:66:7d:f6:03:7c:
83:d7:b0:7c:ca:ca:da:6c:33:0f:74:6a:3d:45:db:
4a:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2D:CA:06:87:C4:AD:A6:3E:A3:65:ED:D1:F5:C4:80:97:F3:1B:70
X509v3 Authority Key Identifier:
keyid:4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/IC3KBofEraY-o2Xt0fXEgJfzG3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.24.0/22
80.251.144.0/21
80.251.154.0/24
Signature Algorithm: sha256WithRSAEncryption
74:30:95:e0:0b:ea:37:59:5a:70:ef:bb:c9:d5:48:cd:5c:00:
37:5d:49:bc:fc:e9:89:5e:08:ec:5f:d3:80:78:00:f2:cc:b8:
33:97:0c:3d:aa:9f:a8:70:e7:27:4a:20:76:01:a7:b7:a6:d8:
13:15:ab:67:ec:42:4e:f5:54:02:9f:95:b1:fc:3d:f3:03:f0:
52:35:2a:25:2b:9f:89:38:24:64:a8:49:81:22:68:fe:aa:95:
db:4a:44:88:43:5d:9d:7d:3b:d4:e7:82:05:39:12:7f:50:3e:
57:60:26:67:29:46:db:1f:69:91:b5:39:a1:70:1f:7e:7c:eb:
65:46:91:24:b6:f3:c9:d8:55:65:5f:50:c9:19:0d:4f:ea:c9:
9d:26:b7:4d:d6:c0:8a:24:ed:09:cd:a3:fb:e9:67:e8:de:7f:
11:d5:c9:97:8a:70:3d:d9:b3:e4:08:3b:02:b4:8a:c3:5c:4b:
3e:18:7e:58:26:cd:19:b1:13:b7:f6:4f:64:6e:be:4d:72:01:
22:88:0b:0d:14:d4:e5:34:65:c3:a3:05:e4:2a:65:cb:c5:9f:
93:21:ad:15:fe:8f:52:70:3d:25:f7:6a:5b:de:37:b1:b1:53:
c3:64:16:17:53:26:89:a6:1a:2b:fd:f9:32:2d:32:8e:cf:2a:
88:bf:9d:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt7NmGsUw1gIWM0xcKcJsK5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWViYjliMDUxYWQ1ZWM3YTM2OTg5ZmMzZmNjOTRjMWNh
YmNjNzQwHhcNMjYwMTAxMjAxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJkY2EwNjg3YzRhZGE2M2VhMzY1ZWRkMWY1YzQ4MDk3ZjMxYjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs061PApxRFU8dlSQ98DJIoNn00eb
3LMVCUSalcfevuavxJv20nHmTNJFUmS9dZuE3dWzkVG/i+aMc3uzlSXOqn+0NIZO
6vEENd/k08Vk9iuzm1bDATR83zmcYrGIE7aGjSWw41BDkZEVG5B2iElzmvZZYhbr
b5rz0olf+rWJ+XVF9koXOUpbw6GeKKOhPMSPApl7gkQ5zaEPfIBEHd1lxBO0gE5Z
MtxaXIvPhC51qgv+qMFAtIz0RkZ6gqbJ0uWeQBXIkAEZilbIu3oK5lJxM+q2XKYb
oOa7btdW4M0zZV3pUkvFBkbaP7D5Zn32A3yD17B8ysrabDMPdGo9RdtKzQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCAtygaHxK2mPqNl7dH1xICX8xtwMB8GA1UdIwQY
MBaAFE5eu5sFGtXsejaYn8P8yUwcq8x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGw2N213VWExZXg2TnBpZndfekpUQnlyekhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lYzE3MjEtNzVjNS00MGY1LTkzNDUt
YzJmZDBmOTU4ZDRiLzEvSUMzS0JvZkVyYVktbzJYdDBmWEVnSmZ6RzNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lYzE3MjEtNzVjNS00MGY1LTkzNDUtYzJmZDBmOTU4ZDRi
LzEvVGw2N213VWExZXg2TnBpZndfekpUQnlyekhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLv4YAwQD
UPuQAwQAUPuaMA0GCSqGSIb3DQEBCwUAA4IBAQB0MJXgC+o3WVpw77vJ1UjNXAA3
XUm8/OmJXgjsX9OAeADyzLgzlww9qp+ocOcnSiB2Aae3ptgTFatn7EJO9VQCn5Wx
/D3zA/BSNSolK5+JOCRkqEmBImj+qpXbSkSIQ12dfTvU54IFORJ/UD5XYCZnKUbb
H2mRtTmhcB9+fOtlRpEktvPJ2FVlX1DJGQ1P6smdJrdN1sCKJO0JzaP76Wfo3n8R
1cmXinA92bPkCDsCtIrDXEs+GH5YJs0ZsRO39k9kbr5NcgEiiAsNFNTlNGXDowXk
KmXLxZ+TIa0V/o9ScD0l92pb3jexsVPDZBYXUyaJphor/fkyLTKOzyqIv52/
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:29:39 2026 by rpki-client