Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/12E7VeXq_D-3p_glQq89nV-GlW8.roa
File: 12E7VeXq_D-3p_glQq89nV-GlW8.roa (raw, json)
Hash identifier: fxJgtaFjRfPtrdzF/jo+1E8mtTiWZsqqrpEIh1IHM+8=
Subject key identifier: D7:61:3B:55:E5:EA:FC:3F:B7:A7:F8:25:42:AF:3D:9D:5F:86:95:6F
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 019C9E97AF207DE0EB03EACC0648E6D40DD5
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/12E7VeXq_D-3p_glQq89nV-GlW8.roa
Signing time: Fri 27 Feb 2026 10:14:26 +0000
ROA not before: Fri 27 Feb 2026 10:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200373
IP address blocks: 45.3.32.0/20 maxlen: 24
45.3.48.0/21 maxlen: 24
45.3.62.0/24 maxlen: 24
65.111.0.0/19 maxlen: 24
95.141.242.0/24 maxlen: 24
104.167.19.0/24 maxlen: 24
104.167.25.0/24 maxlen: 24
104.207.32.0/19 maxlen: 24
195.63.0.0/19 maxlen: 24
209.50.160.0/19 maxlen: 24
216.26.224.0/19 maxlen: 24
217.181.64.0/19 maxlen: 24
2a0a:da40::/29 maxlen: 29
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:97:af:20:7d:e0:eb:03:ea:cc:06:48:e6:d4:0d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Feb 27 10:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d7613b55e5eafc3fb7a7f82542af3d9d5f86956f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fb:dc:a5:73:4d:c7:20:ed:ef:5b:7c:ed:5e:
0b:b7:f1:26:fa:62:d5:0f:21:77:d2:e1:19:fe:ad:
c3:df:85:a1:4b:c2:00:3e:53:71:ca:cf:69:95:39:
1c:7d:56:c4:53:c5:2f:92:c0:f9:45:23:fc:6d:2d:
30:68:1b:70:c2:94:0d:76:ee:16:83:fc:59:43:30:
26:2f:dc:f5:2c:51:7a:b4:cd:11:0b:ac:05:8d:f0:
73:e1:cc:a6:83:17:d2:e6:21:08:8d:10:85:87:35:
c2:ac:47:08:e3:51:76:fa:04:ec:c3:48:85:2b:70:
1e:b0:8c:e0:96:fc:df:db:1b:d8:7a:0e:0a:bb:2c:
a7:1e:09:f6:ee:73:51:80:e9:c4:97:3d:04:6c:4e:
d4:d1:a6:0b:94:45:88:bc:8e:db:79:2c:31:dc:12:
61:10:4c:04:a0:8c:6e:a0:c3:a3:b3:e9:6b:b4:ce:
b0:2c:b3:34:f6:8f:95:c7:27:ba:d6:3d:ac:d7:7c:
b2:62:2c:cb:98:9f:f6:61:31:e7:f3:5a:da:f3:20:
15:6d:aa:ec:00:a2:dc:69:4c:1c:18:62:22:81:03:
cb:4b:ee:a9:2d:5a:23:2f:89:45:5b:1e:5b:ec:cc:
b0:1e:69:58:3f:52:ca:bf:27:ba:d6:21:fa:d2:47:
26:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:61:3B:55:E5:EA:FC:3F:B7:A7:F8:25:42:AF:3D:9D:5F:86:95:6F
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/12E7VeXq_D-3p_glQq89nV-GlW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0-45.3.55.255
45.3.62.0/24
65.111.0.0/19
95.141.242.0/24
104.167.19.0/24
104.167.25.0/24
104.207.32.0/19
195.63.0.0/19
209.50.160.0/19
216.26.224.0/19
217.181.64.0/19
IPv6:
2a0a:da40::/29
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
56:9b:cd:0e:fa:cc:22:ad:c9:33:a8:2e:9d:9c:8d:5c:a8:65:
43:ab:ec:1b:74:38:4a:ad:9a:08:d9:c3:90:ce:9c:09:0a:ce:
32:55:2b:f6:b0:76:69:3e:b4:6e:c6:64:5d:6e:8e:80:2d:43:
6e:ad:fc:89:84:27:fe:12:2f:58:b6:91:c1:ed:57:7f:f8:d8:
7c:ca:bc:a9:e2:3c:39:3d:3e:0c:e6:9a:27:c8:16:38:20:6c:
ca:1c:40:32:69:13:4f:3a:a6:26:70:95:11:2b:5b:50:3a:cb:
b0:bc:15:e7:70:a5:2b:a0:d4:f5:f1:5f:2d:f3:cd:ba:89:22:
28:94:83:11:3b:ee:c4:35:9d:99:c3:13:6b:ad:5f:b2:75:a0:
e1:93:bf:17:f0:07:74:61:21:61:f1:d3:3c:95:55:71:7a:21:
03:95:da:30:36:c7:d6:3b:0d:6e:1d:9e:24:d1:d8:4f:4d:f9:
51:67:22:a0:79:1c:ea:83:c1:f4:d0:32:0c:76:3d:9f:e1:d8:
6d:80:5a:d7:7a:85:62:9a:84:60:83:ac:5c:b1:8d:d7:1c:66:
b5:49:ea:32:04:83:35:bd:a3:87:a0:8e:12:5a:de:de:2d:7e:
70:d5:05:10:0e:4b:ab:84:ab:e4:47:06:f1:86:24:24:96:08:
18:7e:48:b7
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZyel68gfeDrA+rMBkjm1A3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjYwMjI3MTAxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzYxM2I1NWU1ZWFmYzNmYjdhN2Y4MjU0MmFmM2Q5ZDVmODY5NTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfvcpXNNxyDt71t87V4Lt/Em+mLV
DyF30uEZ/q3D34WhS8IAPlNxys9plTkcfVbEU8UvksD5RSP8bS0waBtwwpQNdu4W
g/xZQzAmL9z1LFF6tM0RC6wFjfBz4cymgxfS5iEIjRCFhzXCrEcI41F2+gTsw0iF
K3AesIzglvzf2xvYeg4KuyynHgn27nNRgOnElz0EbE7U0aYLlEWIvI7beSwx3BJh
EEwEoIxuoMOjs+lrtM6wLLM09o+Vxye61j2s13yyYizLmJ/2YTHn81ra8yAVbars
AKLcaUwcGGIigQPLS+6pLVojL4lFWx5b7MywHmlYP1LKvye61iH60kcmmwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFNdhO1Xl6vw/t6f4JUKvPZ1fhpVvMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvMTJFN1ZlWHFfRC0zcF9nbFFxODluVi1HbFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwUAQCAAEwSjAMAwQFLQMg
AwQDLQMwAwQALQM+AwQFQW8AAwQAX43yAwQAaKcTAwQAaKcZAwQFaM8gAwQFwz8A
AwQF0TKgAwQF2BrgAwQF2bVAMCQEAgACMB4DBQMqCtpAAwUAKhM/gDAOAwUAKhM/
gwMFAyoTP4AwDQYJKoZIhvcNAQELBQADggEBAFabzQ76zCKtyTOoLp2cjVyoZUOr
7Bt0OEqtmgjZw5DOnAkKzjJVK/awdmk+tG7GZF1ujoAtQ26t/ImEJ/4SL1i2kcHt
V3/42HzKvKniPDk9PgzmmifIFjggbMocQDJpE086piZwlRErW1A6y7C8FedwpSug
1PXxXy3zzbqJIiiUgxE77sQ1nZnDE2utX7J1oOGTvxfwB3RhIWHx0zyVVXF6IQOV
2jA2x9Y7DW4dniTR2E9N+VFnIqB5HOqDwfTQMgx2PZ/h2G2AWtd6hWKahGCDrFyx
jdccZrVJ6jIEgzW9o4egjhJa3t4tfnDVBRAOS6uEq+RHBvGGJCSWCBh+SLc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:07:14 2026 by rpki-client