Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/nqCZMPWAbGIq_Ua9wCeT_kJ5dUw.roa
File: nqCZMPWAbGIq_Ua9wCeT_kJ5dUw.roa (raw, json)
Hash identifier: 7Trgcmt2aTegqit51jr77WY7DztMiTr3WDegHH6pSVQ=
Subject key identifier: 9E:A0:99:30:F5:80:6C:62:2A:FD:46:BD:C0:27:93:FE:42:79:75:4C
Certificate issuer: /CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Certificate serial: 019D30C78DE0037548D64E066C002F2A31A2
Authority key identifier: 48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/nqCZMPWAbGIq_Ua9wCeT_kJ5dUw.roa
Signing time: Fri 27 Mar 2026 19:31:17 +0000
ROA not before: Fri 27 Mar 2026 19:31:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43395
IP address blocks: 45.9.144.0/24 maxlen: 24
45.9.145.0/24 maxlen: 24
45.9.146.0/24 maxlen: 24
45.9.147.0/24 maxlen: 24
45.86.4.0/24 maxlen: 24
45.86.6.0/24 maxlen: 24
45.86.7.0/24 maxlen: 24
45.148.248.0/24 maxlen: 24
45.148.249.0/24 maxlen: 24
45.148.250.0/24 maxlen: 24
45.148.251.0/24 maxlen: 24
95.130.225.0/24 maxlen: 24
185.140.232.0/24 maxlen: 24
185.140.233.0/24 maxlen: 24
185.140.234.0/24 maxlen: 24
185.140.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.mft
rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 01:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:30:c7:8d:e0:03:75:48:d6:4e:06:6c:00:2f:2a:31:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48abf29fdef8570502f4b51be5ffc05c4d9b3465
Validity
Not Before: Mar 27 19:31:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9ea09930f5806c622afd46bdc02793fe4279754c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:62:c1:c8:f6:c3:14:80:77:46:03:b8:e6:
1f:2d:7b:c8:0d:f4:4b:7f:85:80:36:88:08:a7:87:
77:11:ee:25:1d:72:c9:27:99:cc:a7:67:99:bb:df:
b2:8e:f9:77:20:4f:83:3b:e3:a1:7b:1e:0d:8b:37:
1e:f0:ff:e7:fc:6b:db:b7:3c:1f:f9:53:1b:59:76:
30:b8:35:1d:8e:79:84:25:eb:69:84:3c:8b:aa:43:
43:20:6f:9e:f5:1a:10:bb:29:ff:da:ec:28:57:bd:
1e:19:19:46:d2:69:45:6e:fe:c7:90:50:ce:cc:2a:
86:c9:a0:8e:bf:63:87:e1:a5:e0:15:1c:87:a5:f0:
09:2f:81:cd:8a:9c:72:14:0a:4d:60:1d:c0:72:49:
ad:fe:42:94:d2:19:47:b0:0b:ae:86:c5:26:c0:a5:
3d:36:12:5d:f8:e3:f0:15:e8:f9:dd:29:9e:b7:84:
a7:5a:75:9a:f7:8b:06:95:83:cc:e8:ad:13:4d:08:
6e:60:7c:53:44:0d:db:94:ab:7e:dd:67:d6:22:2e:
b4:6d:74:a5:dc:e5:7f:81:64:50:97:fa:2a:b7:b5:
ac:11:13:e1:9c:87:59:8b:9b:d6:5b:52:13:1b:9a:
6c:3c:b6:fb:d0:98:09:fe:c9:a8:0f:06:a3:28:eb:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A0:99:30:F5:80:6C:62:2A:FD:46:BD:C0:27:93:FE:42:79:75:4C
X509v3 Authority Key Identifier:
keyid:48:AB:F2:9F:DE:F8:57:05:02:F4:B5:1B:E5:FF:C0:5C:4D:9B:34:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SKvyn974VwUC9LUb5f_AXE2bNGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/nqCZMPWAbGIq_Ua9wCeT_kJ5dUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/af41cb-ff91-459c-9a64-aba113f3e3ae/1/SKvyn974VwUC9LUb5f_AXE2bNGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.144.0/22
45.86.4.0/24
45.86.6.0/23
45.148.248.0/22
95.130.225.0/24
185.140.232.0/22
Signature Algorithm: sha256WithRSAEncryption
73:ee:8d:d3:d5:a7:3d:02:29:ab:26:f7:cc:f5:84:06:11:4d:
cf:3e:d1:29:b8:ed:53:c8:d6:d5:ac:dd:5d:5c:b7:03:e1:44:
bb:63:ff:a5:ad:d3:43:40:58:56:98:d7:0f:53:a9:8a:f8:ef:
58:fa:de:cb:3c:be:e6:53:40:69:24:d0:96:8a:9f:4a:3c:0b:
41:e8:b9:d8:08:6f:84:2f:37:9c:4d:bc:83:78:55:86:68:44:
2f:56:69:2b:86:e1:38:2b:3b:0b:49:4a:12:88:fb:27:12:18:
9a:82:3c:42:00:47:0a:33:66:c9:b3:fd:34:0b:74:e1:4a:c1:
44:6c:e8:60:64:47:94:a2:b2:f7:5b:65:e5:52:f6:ad:d8:c8:
e9:b5:6f:6d:14:97:24:89:6b:52:23:33:21:0a:80:9d:a6:e6:
93:72:21:9a:c1:d0:6f:1b:96:25:27:b4:79:78:69:18:4a:a7:
ed:42:89:65:d6:4e:8d:2c:be:50:3b:7c:c8:f5:92:aa:f5:a6:
52:21:5c:c6:dd:78:62:b1:28:f1:8e:1b:a2:55:46:67:7e:63:
a1:05:a2:b6:ac:79:f3:d8:34:57:e6:c7:03:dd:c0:bc:da:ed:
a7:cf:ba:5c:2d:27:42:b3:10:cf:fd:9c:71:1e:70:f3:96:ba:
f9:8f:fc:94
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0wx43gA3VI1k4GbAAvKjGiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4YWJmMjlmZGVmODU3MDUwMmY0YjUxYmU1ZmZjMDVjNGQ5
YjM0NjUwHhcNMjYwMzI3MTkzMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWEwOTkzMGY1ODA2YzYyMmFmZDQ2YmRjMDI3OTNmZTQyNzk3NTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDRiwcj2wxSAd0YDuOYfLXvIDfRL
f4WANogIp4d3Ee4lHXLJJ5nMp2eZu9+yjvl3IE+DO+Ohex4Nizce8P/n/Gvbtzwf
+VMbWXYwuDUdjnmEJetphDyLqkNDIG+e9RoQuyn/2uwoV70eGRlG0mlFbv7HkFDO
zCqGyaCOv2OH4aXgFRyHpfAJL4HNipxyFApNYB3Ackmt/kKU0hlHsAuuhsUmwKU9
NhJd+OPwFej53Smet4SnWnWa94sGlYPM6K0TTQhuYHxTRA3blKt+3WfWIi60bXSl
3OV/gWRQl/oqt7WsERPhnIdZi5vWW1ITG5psPLb70JgJ/smoDwajKOtcNwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ6gmTD1gGxiKv1GvcAnk/5CeXVMMB8GA1UdIwQY
MBaAFEir8p/e+FcFAvS1G+X/wFxNmzRlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQt
YWJhMTEzZjNlM2FlLzEvbnFDWk1QV0FiR0lxX1VhOXdDZVRfa0o1ZFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hZjQxY2ItZmY5MS00NTljLTlhNjQtYWJhMTEzZjNlM2Fl
LzEvU0t2eW45NzRWd1VDOUxVYjVmX0FYRTJiTkdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQmQAwQA
LVYEAwQBLVYGAwQCLZT4AwQAX4LhAwQCuYzoMA0GCSqGSIb3DQEBCwUAA4IBAQBz
7o3T1ac9AimrJvfM9YQGEU3PPtEpuO1TyNbVrN1dXLcD4US7Y/+lrdNDQFhWmNcP
U6mK+O9Y+t7LPL7mU0BpJNCWip9KPAtB6LnYCG+ELzecTbyDeFWGaEQvVmkrhuE4
KzsLSUoSiPsnEhiagjxCAEcKM2bJs/00C3ThSsFEbOhgZEeUorL3W2XlUvat2Mjp
tW9tFJckiWtSIzMhCoCdpuaTciGawdBvG5YlJ7R5eGkYSqftQoll1k6NLL5QO3zI
9ZKq9aZSIVzG3XhisSjxjhuiVUZnfmOhBaK2rHnz2DRX5scD3cC82u2nz7pcLSdC
sxDP/ZxxHnDzlrr5j/yU
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:40:25 2026 by rpki-client