Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/Bi5LXJXtXaqWu85feTd5MY6-MmU.roa
File: Bi5LXJXtXaqWu85feTd5MY6-MmU.roa (raw, json)
Hash identifier: j5lYG+Y4b77KtRu85Ljxo9pZvkjx9vw5hisZYWyAQ2I=
Subject key identifier: 06:2E:4B:5C:95:ED:5D:AA:96:BB:CE:5F:79:37:79:31:8E:BE:32:65
Certificate issuer: /CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Certificate serial: 019C03BC7D43EEFBDDA77DDC169E375BBDA2
Authority key identifier: 3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/Bi5LXJXtXaqWu85feTd5MY6-MmU.roa
Signing time: Wed 28 Jan 2026 08:33:30 +0000
ROA not before: Wed 28 Jan 2026 08:33:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50758
IP address blocks: 46.31.160.0/21 maxlen: 24
46.31.160.0/24 maxlen: 24
46.31.161.0/24 maxlen: 24
46.31.162.0/24 maxlen: 24
46.31.163.0/24 maxlen: 24
46.31.164.0/24 maxlen: 24
46.31.165.0/24 maxlen: 24
46.31.166.0/24 maxlen: 24
46.31.167.0/24 maxlen: 24
213.190.12.0/24 maxlen: 24
213.190.13.0/24 maxlen: 24
213.190.14.0/24 maxlen: 24
213.190.15.0/24 maxlen: 24
2a0a:2a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:03:bc:7d:43:ee:fb:dd:a7:7d:dc:16:9e:37:5b:bd:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bd9a177bb5dfb6eabe4cad79def8f8b005df656
Validity
Not Before: Jan 28 08:33:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=062e4b5c95ed5daa96bbce5f793779318ebe3265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:55:43:43:1e:e6:28:0b:db:99:98:f8:bb:93:
a4:49:25:1a:4f:d5:dc:c6:7c:8a:e0:e1:51:bc:60:
dd:fe:73:58:8c:7e:13:89:da:80:a3:2d:94:68:52:
23:f2:42:88:c3:4a:20:fd:7d:3e:05:18:b0:c1:76:
8f:c1:73:d3:b2:59:59:10:59:f6:97:a7:9f:71:82:
9b:20:31:cb:b0:66:69:bc:97:42:07:bd:1f:3b:48:
ab:e4:be:40:2f:b5:5d:94:36:08:36:55:73:73:de:
9d:af:87:60:ad:9e:19:9c:09:1b:60:5f:a4:c0:51:
82:b4:55:f5:53:d9:24:f5:c0:5d:86:ab:dc:a8:c3:
f9:e9:35:6a:aa:92:ec:4c:57:68:a6:76:9d:7a:aa:
9d:f4:2a:d7:98:b4:48:52:ed:67:4c:e4:4d:aa:11:
46:79:b6:88:2b:42:bd:6f:dd:f5:1d:5d:72:f1:f9:
96:78:6e:ba:e1:88:8e:5f:71:8e:0b:d2:6c:5c:cd:
91:26:4a:19:fd:b3:17:78:b9:cb:35:64:bb:43:f4:
75:3b:33:a9:40:8d:ac:de:13:71:23:64:86:46:d2:
86:b2:5e:b4:ab:ed:05:51:23:d9:8e:54:3e:48:90:
93:22:d1:21:fc:ec:93:e1:0e:76:10:c0:db:35:a3:
6b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2E:4B:5C:95:ED:5D:AA:96:BB:CE:5F:79:37:79:31:8E:BE:32:65
X509v3 Authority Key Identifier:
keyid:3B:D9:A1:77:BB:5D:FB:6E:AB:E4:CA:D7:9D:EF:8F:8B:00:5D:F6:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O9mhd7td-26r5MrXne-PiwBd9lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/Bi5LXJXtXaqWu85feTd5MY6-MmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/c0d467-f62a-419c-be85-e38030b69d5a/1/O9mhd7td-26r5MrXne-PiwBd9lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.31.160.0/21
213.190.12.0/22
IPv6:
2a0a:2a40::/29
Signature Algorithm: sha256WithRSAEncryption
6a:4a:17:dd:b9:d5:a5:ad:46:9c:80:65:49:22:af:8a:3b:0d:
0d:aa:69:ab:0d:8a:a5:1a:23:f0:75:5f:a7:1b:35:ed:94:64:
78:ef:85:dc:af:a6:76:5d:9b:3f:63:3a:05:4a:3d:e4:29:93:
e7:e8:bd:1d:22:8c:2e:b7:c1:f3:7b:ac:9b:bf:9a:fb:84:dd:
d3:bb:8b:1d:cb:ba:6b:12:34:6b:84:4d:29:5d:9d:99:c5:4c:
30:82:10:0e:4b:73:ff:1e:6d:a7:f3:a8:ff:f1:bf:c4:28:fc:
44:77:27:11:c1:96:13:c2:91:15:c5:46:e7:c8:28:04:d6:e4:
c2:75:63:5f:0c:0b:b1:be:ce:95:38:79:33:95:24:a4:6b:00:
42:49:78:85:bd:3e:19:48:19:c0:1e:44:68:d0:63:58:ba:71:
64:61:f4:e2:07:07:1d:92:c7:03:45:d2:0d:95:e4:52:c7:96:
40:55:d3:59:86:60:a0:54:e2:17:dd:82:fb:99:02:90:58:03:
a1:84:d1:83:d7:e5:33:3c:28:3c:41:b5:b5:d2:57:9a:bc:7a:
bf:ee:5d:06:0e:ae:3c:4e:34:93:dc:46:27:c2:ce:a5:ba:3a:
e0:41:ce:b1:0c:41:e6:8c:03:61:d8:5a:c5:ca:de:64:4d:91:
7e:cd:12:8f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZwDvH1D7vvdp33cFp43W72iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZDlhMTc3YmI1ZGZiNmVhYmU0Y2FkNzlkZWY4ZjhiMDA1
ZGY2NTYwHhcNMjYwMTI4MDgzMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJlNGI1Yzk1ZWQ1ZGFhOTZiYmNlNWY3OTM3NzkzMThlYmUzMjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1VDQx7mKAvbmZj4u5OkSSUaT9Xc
xnyK4OFRvGDd/nNYjH4TidqAoy2UaFIj8kKIw0og/X0+BRiwwXaPwXPTsllZEFn2
l6efcYKbIDHLsGZpvJdCB70fO0ir5L5AL7VdlDYINlVzc96dr4dgrZ4ZnAkbYF+k
wFGCtFX1U9kk9cBdhqvcqMP56TVqqpLsTFdopnadeqqd9CrXmLRIUu1nTORNqhFG
ebaIK0K9b931HV1y8fmWeG664YiOX3GOC9JsXM2RJkoZ/bMXeLnLNWS7Q/R1OzOp
QI2s3hNxI2SGRtKGsl60q+0FUSPZjlQ+SJCTItEh/OyT4Q52EMDbNaNrTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAYuS1yV7V2qlrvOX3k3eTGOvjJlMB8GA1UdIwQY
MBaAFDvZoXe7Xftuq+TK153vj4sAXfZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUt
ZTM4MDMwYjY5ZDVhLzEvQmk1TFhKWHRYYXFXdTg1ZmVUZDVNWTYtTW1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9jMGQ0NjctZjYyYS00MTljLWJlODUtZTM4MDMwYjY5ZDVh
LzEvTzltaGQ3dGQtMjZyNU1yWG5lLVBpd0JkOWxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh+gAwQC
1b4MMA0EAgACMAcDBQMqCipAMA0GCSqGSIb3DQEBCwUAA4IBAQBqShfdudWlrUac
gGVJIq+KOw0NqmmrDYqlGiPwdV+nGzXtlGR474Xcr6Z2XZs/YzoFSj3kKZPn6L0d
Iowut8Hze6ybv5r7hN3Tu4sdy7prEjRrhE0pXZ2ZxUwwghAOS3P/Hm2n86j/8b/E
KPxEdycRwZYTwpEVxUbnyCgE1uTCdWNfDAuxvs6VOHkzlSSkawBCSXiFvT4ZSBnA
HkRo0GNYunFkYfTiBwcdkscDRdINleRSx5ZAVdNZhmCgVOIX3YL7mQKQWAOhhNGD
1+UzPCg8QbW10leavHq/7l0GDq48TjST3EYnws6lujrgQc6xDEHmjANh2FrFyt5k
TZF+zRKP
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:01:49 2026 by rpki-client