Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vhKkR4JHuDh1tUcaM8Bfo9rAeqE.roa
File: vhKkR4JHuDh1tUcaM8Bfo9rAeqE.roa (raw, json)
Hash identifier: iGUUye7TV1Hm1XleyQjdTcNUm+ihYHlyxp8gTIsIky8=
Subject key identifier: BE:12:A4:47:82:47:B8:38:75:B5:47:1A:33:C0:5F:A3:DA:C0:7A:A1
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019C9B3859574D780B778E289E86A5A58788
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vhKkR4JHuDh1tUcaM8Bfo9rAeqE.roa
Signing time: Thu 26 Feb 2026 18:31:27 +0000
ROA not before: Thu 26 Feb 2026 18:31:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202656
IP address blocks: 45.15.239.0/24 maxlen: 24
45.129.1.0/24 maxlen: 24
45.132.39.0/24 maxlen: 24
45.135.35.0/24 maxlen: 24
45.138.7.0/24 maxlen: 24
45.138.156.0/24 maxlen: 24
45.138.212.0/24 maxlen: 24
45.138.215.0/24 maxlen: 24
45.140.65.0/24 maxlen: 24
45.149.130.0/24 maxlen: 24
45.149.131.0/24 maxlen: 24
45.152.118.0/24 maxlen: 24
45.152.119.0/24 maxlen: 24
62.192.136.0/24 maxlen: 24
62.192.139.0/24 maxlen: 24
83.138.51.0/24 maxlen: 24
83.138.52.0/24 maxlen: 24
84.246.82.0/24 maxlen: 24
91.206.69.0/24 maxlen: 24
91.224.140.0/24 maxlen: 24
91.237.104.0/24 maxlen: 24
91.237.105.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.240.0/24 maxlen: 24
92.119.194.0/23 maxlen: 23
176.116.2.0/24 maxlen: 24
176.116.5.0/24 maxlen: 24
176.116.9.0/24 maxlen: 24
176.116.20.0/24 maxlen: 24
176.116.23.0/24 maxlen: 24
176.126.109.0/24 maxlen: 24
176.126.112.0/24 maxlen: 24
176.126.115.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
193.0.245.0/24 maxlen: 24
193.0.246.0/24 maxlen: 24
193.5.1.0/24 maxlen: 24
193.33.67.0/24 maxlen: 24
193.58.171.0/24 maxlen: 24
193.58.178.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.34.251.0/24 maxlen: 24
195.96.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9b:38:59:57:4d:78:0b:77:8e:28:9e:86:a5:a5:87:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 26 18:31:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be12a4478247b83875b5471a33c05fa3dac07aa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:94:39:0d:a2:21:7f:05:28:ca:21:2b:1e:84:
ee:8b:7e:e1:7d:01:68:77:92:49:b0:1f:a3:a6:23:
2f:4e:ac:be:7a:dd:98:a9:37:5d:6f:74:34:d1:50:
be:f9:3c:f2:ac:01:b4:a8:0c:b2:3d:d0:35:54:fd:
58:d2:55:03:a8:07:b0:78:99:42:7e:4e:e1:00:e7:
83:f5:26:f0:7f:e7:4f:07:ea:c2:2f:c5:f8:db:33:
f1:97:c6:4e:ec:fc:6e:db:f8:31:06:7a:a8:e8:88:
28:d8:f3:7d:20:88:c7:59:e2:69:68:e9:68:15:49:
74:c1:04:cd:1f:ad:5d:71:e9:6d:4d:dd:e4:42:88:
f0:97:64:ff:8d:2a:a8:9f:15:4e:f3:1f:ff:7e:1b:
ee:e1:01:6b:40:a3:41:e5:8a:9c:52:c4:01:0f:a4:
77:ae:71:03:0d:19:2b:d8:d1:bb:d9:d2:cc:f9:d2:
fc:78:2f:6e:35:82:7d:e8:19:4d:2a:b7:20:73:ea:
9e:64:91:b3:74:f9:3a:97:6c:ba:8b:e6:9e:b8:0a:
5c:c8:35:48:c5:57:7c:dc:b8:19:52:c4:b5:29:7d:
65:d8:b6:11:03:cd:92:a3:c8:23:b3:24:b4:c3:1f:
5e:ed:44:c7:0a:06:ef:b8:51:7b:72:dc:68:60:37:
58:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:12:A4:47:82:47:B8:38:75:B5:47:1A:33:C0:5F:A3:DA:C0:7A:A1
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/vhKkR4JHuDh1tUcaM8Bfo9rAeqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.239.0/24
45.129.1.0/24
45.132.39.0/24
45.135.35.0/24
45.138.7.0/24
45.138.156.0/24
45.138.212.0/24
45.138.215.0/24
45.140.65.0/24
45.149.130.0/23
45.152.118.0/23
62.192.136.0/24
62.192.139.0/24
83.138.51.0-83.138.52.255
84.246.82.0/24
91.206.69.0/24
91.224.140.0/24
91.237.104.0/23
91.242.225.0/24
91.242.240.0/24
92.119.194.0/23
176.116.2.0/24
176.116.5.0/24
176.116.9.0/24
176.116.20.0/24
176.116.23.0/24
176.126.109.0/24
176.126.112.0/24
176.126.115.0/24
178.211.140.0/24
193.0.245.0-193.0.246.255
193.5.1.0/24
193.33.67.0/24
193.58.171.0/24
193.58.178.0/24
194.26.216.0/24
194.34.251.0/24
195.96.155.0/24
Signature Algorithm: sha256WithRSAEncryption
36:fa:66:b1:9e:9a:ff:d1:2c:65:47:27:36:6e:f1:37:0d:b1:
82:2b:84:d3:cc:03:19:ca:40:a7:b6:e2:30:d4:90:5b:2b:14:
7f:ff:84:50:42:21:55:6e:c3:d3:64:b3:45:e7:87:00:8e:34:
57:c9:84:92:21:c2:ac:e8:06:8b:e6:f1:d6:b6:c8:1b:2e:cc:
bd:84:da:b8:f8:9d:c9:d6:14:f4:92:72:15:7c:ad:ed:a9:29:
60:0b:e2:7e:07:6b:85:83:7a:21:78:b1:8d:2f:b5:60:80:39:
0f:96:23:00:f0:c8:54:c2:85:45:09:74:a9:ca:24:7c:db:b9:
b6:76:5d:94:5f:8e:19:3b:4e:d0:fb:d4:76:25:c0:3a:1d:e0:
0e:40:43:03:f3:10:d3:8a:80:53:43:8c:10:52:cb:52:29:df:
64:af:10:bf:ca:10:fb:de:f8:c1:03:54:52:80:c2:a1:71:56:
ad:e6:0f:e0:d5:fa:2c:d2:27:87:83:fd:37:d0:2a:f8:ef:b0:
0e:55:51:91:9a:a9:9e:6a:87:47:b7:c8:a9:bd:78:ee:61:a5:
91:ea:2f:e0:3c:cb:c4:be:78:45:c2:33:f0:a2:b1:ef:a7:b0:
d2:46:a4:be:27:d2:2f:0b:dc:e8:44:84:ba:cb:60:2f:41:bd:
4b:99:68:70
-----BEGIN CERTIFICATE-----
MIIF8jCCBNqgAwIBAgISAZybOFlXTXgLd44onoalpYeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwMjI2MTgzMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTEyYTQ0NzgyNDdiODM4NzViNTQ3MWEzM2MwNWZhM2RhYzA3YWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJQ5DaIhfwUoyiErHoTui37hfQFo
d5JJsB+jpiMvTqy+et2YqTddb3Q00VC++TzyrAG0qAyyPdA1VP1Y0lUDqAeweJlC
fk7hAOeD9Sbwf+dPB+rCL8X42zPxl8ZO7Pxu2/gxBnqo6Igo2PN9IIjHWeJpaOlo
FUl0wQTNH61dceltTd3kQojwl2T/jSqonxVO8x//fhvu4QFrQKNB5YqcUsQBD6R3
rnEDDRkr2NG72dLM+dL8eC9uNYJ96BlNKrcgc+qeZJGzdPk6l2y6i+aeuApcyDVI
xVd83LgZUsS1KX1l2LYRA82So8gjsyS0wx9e7UTHCgbvuFF7ctxoYDdYvQIDAQAB
o4IC/jCCAvowHQYDVR0OBBYEFL4SpEeCR7g4dbVHGjPAX6PawHqhMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdmhLa1I0Skh1RGgxdFVjYU04QmZvOXJBZXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEgYIKwYBBQUHAQcBAf8EggEBMIH+MIH7BAIAATCB9AME
AC0P7wMEAC2BAQMEAC2EJwMEAC2HIwMEAC2KBwMEAC2KnAMEAC2K1AMEAC2K1wME
AC2MQQMEAS2VggMEAS2YdgMEAD7AiAMEAD7AizAMAwQAU4ozAwQAU4o0AwQAVPZS
AwQAW85FAwQAW+CMAwQBW+1oAwQAW/LhAwQAW/LwAwQBXHfCAwQAsHQCAwQAsHQF
AwQAsHQJAwQAsHQUAwQAsHQXAwQAsH5tAwQAsH5wAwQAsH5zAwQAstOMMAwDBADB
APUDBADBAPYDBADBBQEDBADBIUMDBADBOqsDBADBOrIDBADCGtgDBADCIvsDBADD
YJswDQYJKoZIhvcNAQELBQADggEBADb6ZrGemv/RLGVHJzZu8TcNsYIrhNPMAxnK
QKe24jDUkFsrFH//hFBCIVVuw9Nks0XnhwCONFfJhJIhwqzoBovm8da2yBsuzL2E
2rj4ncnWFPSSchV8re2pKWAL4n4Ha4WDeiF4sY0vtWCAOQ+WIwDwyFTChUUJdKnK
JHzbubZ2XZRfjhk7TtD71HYlwDod4A5AQwPzENOKgFNDjBBSy1Ip32SvEL/KEPve
+MEDVFKAwqFxVq3mD+DV+izSJ4eD/TfQKvjvsA5VUZGaqZ5qh0e3yKm9eO5hpZHq
L+A8y8S+eEXCM/Cise+nsNJGpL4n0i8L3OhEhLrLYC9BvUuZaHA=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:20:01 2026 by rpki-client