Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/0cFklTq5mcU3EaGFeQ9ahLNCFS0.roa
File: 0cFklTq5mcU3EaGFeQ9ahLNCFS0.roa (raw, json)
Hash identifier: IjEBs0Y3nrFmZdto8V+GvCaLtfCze3iFGsvEQJ0wMpA=
Subject key identifier: D1:C1:64:95:3A:B9:99:C5:37:11:A1:85:79:0F:5A:84:B3:42:15:2D
Certificate issuer: /CN=4c39055a6990b82408cf1abf29313780e249a4c9
Certificate serial: 019DD44FBDE3B61ECC2963DC2F48E8CBCDF6
Authority key identifier: 4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/0cFklTq5mcU3EaGFeQ9ahLNCFS0.roa
Signing time: Tue 28 Apr 2026 13:38:08 +0000
ROA not before: Tue 28 Apr 2026 13:38:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29611
IP address blocks: 45.89.56.0/22 maxlen: 22
45.89.56.0/24 maxlen: 24
45.89.57.0/24 maxlen: 24
45.89.58.0/24 maxlen: 24
45.89.59.0/24 maxlen: 24
2a0e:c1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:4f:bd:e3:b6:1e:cc:29:63:dc:2f:48:e8:cb:cd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c39055a6990b82408cf1abf29313780e249a4c9
Validity
Not Before: Apr 28 13:38:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d1c164953ab999c53711a185790f5a84b342152d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:31:34:31:bb:f6:db:bc:ba:8c:6b:8a:e7:9a:
4c:6f:81:cd:20:c7:1a:95:26:3b:5c:c1:50:43:aa:
cc:8e:34:87:f8:1d:6b:49:b7:96:6d:13:72:10:35:
19:26:b4:58:e1:60:1b:6e:0c:7c:e7:f4:7f:69:9d:
47:e4:4d:cc:e1:af:90:80:dc:8b:6c:d3:11:7e:18:
a0:8c:96:c8:9d:2e:e7:ef:07:de:9d:f4:c8:d4:da:
25:78:16:ab:b7:54:68:51:41:8f:1d:26:d9:00:9a:
0b:7c:8c:f6:52:27:c0:36:75:95:21:de:aa:5c:a9:
3e:71:fd:a2:df:7a:8d:2c:14:cd:5a:b2:36:9a:2e:
0e:b7:bf:59:ea:6e:5f:59:a6:06:0c:60:cc:0e:5c:
cc:c6:f7:de:ce:80:be:ca:55:32:47:29:1e:99:2d:
a0:16:7a:31:6c:33:b9:ed:18:15:98:f9:a0:77:74:
ea:a6:e8:cb:05:9d:b8:82:5f:e0:e9:22:81:2b:f3:
af:7f:b8:45:c0:f1:c3:cc:9c:3b:fb:6a:1d:ab:b0:
80:f0:bc:41:08:8a:99:f9:af:5c:57:9e:65:fc:c3:
7d:d1:59:c5:1a:33:e7:ab:f3:6e:fa:e6:9f:41:47:
a3:88:a2:00:6c:91:f3:2c:7a:9f:9d:3a:d9:26:9f:
8f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C1:64:95:3A:B9:99:C5:37:11:A1:85:79:0F:5A:84:B3:42:15:2D
X509v3 Authority Key Identifier:
keyid:4C:39:05:5A:69:90:B8:24:08:CF:1A:BF:29:31:37:80:E2:49:A4:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDkFWmmQuCQIzxq_KTE3gOJJpMk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/0cFklTq5mcU3EaGFeQ9ahLNCFS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df6e25-923c-4838-864f-d4b37e44ab7c/1/TDkFWmmQuCQIzxq_KTE3gOJJpMk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.56.0/22
IPv6:
2a0e:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
76:e8:47:46:4b:88:67:ef:76:79:fd:47:ea:a4:fb:69:76:e7:
66:fd:25:3d:52:5d:85:59:1e:86:7e:54:8d:fa:de:d7:c0:36:
75:3e:9f:78:8e:11:e0:0f:33:f7:d3:27:77:d1:64:d8:dd:fa:
5b:03:84:2c:2b:aa:d3:fd:2e:c5:41:7f:05:f8:df:60:dc:67:
b8:ed:56:3d:15:21:d4:ac:ac:c0:56:67:f1:73:25:71:a1:47:
55:4c:bd:0b:34:1d:13:03:8b:b2:f2:14:fb:ae:12:4c:9b:5d:
ad:fa:d3:f2:b8:99:5b:d6:c8:13:fa:e6:bf:45:4e:96:95:e8:
3c:1f:61:cc:ae:ae:86:4b:ad:98:2a:a3:28:0b:29:e8:b8:1d:
1e:50:0e:66:b8:b9:e0:21:11:10:3f:9b:13:fc:06:92:a2:77:
e7:65:90:ad:d1:67:75:6b:a4:10:ff:56:c1:85:7b:d7:96:6a:
43:b3:74:4f:01:00:eb:ea:f1:ff:b5:5c:ff:e3:a1:5e:88:12:
7c:7d:47:b7:ec:a3:b9:19:2b:8b:37:bb:f7:67:37:56:63:e7:
50:2d:24:41:a0:0c:55:f7:b5:20:66:b8:03:64:a8:58:25:f9:
c3:45:60:fc:7b:cb:9d:f5:d1:53:a2:05:09:84:d1:dc:5a:81:
3a:cb:1d:32
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ3UT73jth7MKWPcL0joy832MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzkwNTVhNjk5MGI4MjQwOGNmMWFiZjI5MzEzNzgwZTI0
OWE0YzkwHhcNMjYwNDI4MTMzODA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWMxNjQ5NTNhYjk5OWM1MzcxMWExODU3OTBmNWE4NGIzNDIxNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DE0Mbv227y6jGuK55pMb4HNIMca
lSY7XMFQQ6rMjjSH+B1rSbeWbRNyEDUZJrRY4WAbbgx85/R/aZ1H5E3M4a+QgNyL
bNMRfhigjJbInS7n7wfenfTI1NoleBart1RoUUGPHSbZAJoLfIz2UifANnWVId6q
XKk+cf2i33qNLBTNWrI2mi4Ot79Z6m5fWaYGDGDMDlzMxvfezoC+ylUyRykemS2g
FnoxbDO57RgVmPmgd3TqpujLBZ24gl/g6SKBK/Ovf7hFwPHDzJw7+2odq7CA8LxB
CIqZ+a9cV55l/MN90VnFGjPnq/Nu+uafQUejiKIAbJHzLHqfnTrZJp+PNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHBZJU6uZnFNxGhhXkPWoSzQhUtMB8GA1UdIwQY
MBaAFEw5BVppkLgkCM8avykxN4DiSaTJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYt
ZDRiMzdlNDRhYjdjLzEvMGNGa2xUcTVtY1UzRWFHRmVROWFoTE5DRlMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9kZjZlMjUtOTIzYy00ODM4LTg2NGYtZDRiMzdlNDRhYjdj
LzEvVERrRldtbVF1Q1FJenhxX0tURTNnT0pKcE1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLVk4MA0E
AgACMAcDBQMqDsHAMA0GCSqGSIb3DQEBCwUAA4IBAQB26EdGS4hn73Z5/UfqpPtp
dudm/SU9Ul2FWR6GflSN+t7XwDZ1Pp94jhHgDzP30yd30WTY3fpbA4QsK6rT/S7F
QX8F+N9g3Ge47VY9FSHUrKzAVmfxcyVxoUdVTL0LNB0TA4uy8hT7rhJMm12t+tPy
uJlb1sgT+ua/RU6Wleg8H2HMrq6GS62YKqMoCynouB0eUA5muLngIREQP5sT/AaS
onfnZZCt0Wd1a6QQ/1bBhXvXlmpDs3RPAQDr6vH/tVz/46FeiBJ8fUe37KO5GSuL
N7v3ZzdWY+dQLSRBoAxV97UgZrgDZKhYJfnDRWD8e8ud9dFTogUJhNHcWoE6yx0y
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:05:27 2026 by rpki-client