Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/ib_UrUcMg3D4Bnol3MhIEkyHz5U.roa
File: ib_UrUcMg3D4Bnol3MhIEkyHz5U.roa (raw, json)
Hash identifier: 0bEjFUTe+hD0N1bM0KLMmKI4VY0N6L6sI0oMSfBcqCo=
Subject key identifier: 89:BF:D4:AD:47:0C:83:70:F8:06:7A:25:DC:C8:48:12:4C:87:CF:95
Certificate issuer: /CN=fd9ae37617f3fbe48880b230fe7c7ce0f0dc41c7
Certificate serial: 019D54B890E8B54BAA474D53AADBD75E0D12
Authority key identifier: FD:9A:E3:76:17:F3:FB:E4:88:80:B2:30:FE:7C:7C:E0:F0:DC:41:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/ib_UrUcMg3D4Bnol3MhIEkyHz5U.roa
Signing time: Fri 03 Apr 2026 19:01:14 +0000
ROA not before: Fri 03 Apr 2026 19:01:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44527
IP address blocks: 46.255.128.0/21 maxlen: 21
46.255.128.0/24 maxlen: 24
46.255.129.0/24 maxlen: 24
46.255.130.0/24 maxlen: 24
46.255.131.0/24 maxlen: 24
46.255.132.0/24 maxlen: 24
46.255.133.0/24 maxlen: 24
46.255.134.0/24 maxlen: 24
46.255.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:54:b8:90:e8:b5:4b:aa:47:4d:53:aa:db:d7:5e:0d:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd9ae37617f3fbe48880b230fe7c7ce0f0dc41c7
Validity
Not Before: Apr 3 19:01:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=89bfd4ad470c8370f8067a25dcc848124c87cf95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:20:b1:9c:d4:a0:53:99:bd:3d:b9:2c:22:6d:
a5:58:0a:1b:6c:f9:06:d5:9c:59:8c:cd:cd:89:c7:
a3:b9:4a:de:43:f0:7a:7d:84:7b:70:44:a3:65:ff:
8d:fc:30:da:47:b0:e8:f3:23:5c:2c:12:b0:d2:13:
51:49:71:dc:ba:8a:1e:f6:b3:0f:a6:3e:5e:56:ae:
15:f8:cf:a0:37:76:4e:58:04:1b:20:f5:84:5a:5c:
4b:1d:58:4c:d7:73:57:46:b1:63:4e:8a:6d:c2:a9:
1e:31:e9:58:c4:21:3c:b6:b9:18:18:65:3f:10:52:
a3:f4:cc:18:c4:00:e9:3c:24:e3:05:66:a1:8f:34:
ff:c9:93:c1:b2:cb:c1:84:5b:a6:ed:4f:6c:20:cb:
be:ea:eb:9b:69:a4:63:5b:9a:ca:61:ad:59:7f:75:
cc:9b:e8:18:52:09:d4:c5:d0:b8:fe:21:1a:e6:2e:
07:6d:43:9f:f7:65:1d:d7:12:c8:33:c8:8f:48:17:
e9:8d:85:8a:06:56:63:9f:da:83:90:a0:e3:0c:87:
e1:39:c4:cf:da:82:77:86:87:3d:b6:f5:bd:4f:69:
47:34:9b:ca:36:3b:5e:5e:33:cd:35:76:f9:d8:2d:
18:16:0f:c7:eb:89:4a:d7:83:03:86:41:c8:e2:ba:
ce:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:BF:D4:AD:47:0C:83:70:F8:06:7A:25:DC:C8:48:12:4C:87:CF:95
X509v3 Authority Key Identifier:
keyid:FD:9A:E3:76:17:F3:FB:E4:88:80:B2:30:FE:7C:7C:E0:F0:DC:41:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Zrjdhfz--SIgLIw_nx84PDcQcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/ib_UrUcMg3D4Bnol3MhIEkyHz5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c8f41d-ea73-4a03-ba72-0f50773b0ede/1/_Zrjdhfz--SIgLIw_nx84PDcQcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.128.0/21
Signature Algorithm: sha256WithRSAEncryption
0c:7d:f2:f2:23:41:c8:6f:52:ee:e5:96:e7:f1:dd:39:6f:64:
e0:88:49:ca:c0:4c:2f:c6:cd:17:c0:0f:e2:0a:b7:2d:27:b1:
87:c2:f7:f5:9f:72:dc:0f:c2:17:f5:6d:22:47:4d:55:6b:88:
66:b2:d2:16:05:93:b4:52:cb:04:cd:6a:dd:98:b3:1b:ff:ad:
84:aa:21:e5:3b:3f:0a:a4:9e:21:64:29:ad:21:1a:91:f6:eb:
8d:9a:fe:98:f3:14:84:64:69:f2:14:a9:1d:a5:eb:48:47:79:
8a:0e:f9:b5:41:fa:c1:4f:2f:ba:51:0f:eb:88:14:47:ce:dc:
6a:20:30:e3:f4:fd:f4:0b:b8:47:81:df:77:4f:e6:bc:bd:61:
df:3e:21:68:b1:f6:dc:95:74:2e:b4:da:57:ff:54:e5:29:41:
98:71:4f:2c:f1:f4:45:3c:a8:41:90:32:e5:09:b5:aa:c4:a0:
26:63:34:57:f5:f8:aa:b2:d7:d3:43:0e:80:0d:a1:bb:f0:ad:
be:62:45:78:fb:d7:ff:c7:34:d2:d2:63:28:9f:30:52:af:ab:
bb:a1:c3:23:e0:11:7d:9f:6b:ad:52:61:1a:6e:b3:d6:0e:3d:
ac:e9:02:ab:e0:a2:c2:06:cd:52:07:c3:2c:1b:5a:ca:7c:60:
97:85:a1:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1UuJDotUuqR01TqtvXXg0SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkOWFlMzc2MTdmM2ZiZTQ4ODgwYjIzMGZlN2M3Y2UwZjBk
YzQxYzcwHhcNMjYwNDAzMTkwMTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWJmZDRhZDQ3MGM4MzcwZjgwNjdhMjVkY2M4NDgxMjRjODdjZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0iCxnNSgU5m9PbksIm2lWAobbPkG
1ZxZjM3NicejuUreQ/B6fYR7cESjZf+N/DDaR7Do8yNcLBKw0hNRSXHcuooe9rMP
pj5eVq4V+M+gN3ZOWAQbIPWEWlxLHVhM13NXRrFjToptwqkeMelYxCE8trkYGGU/
EFKj9MwYxADpPCTjBWahjzT/yZPBssvBhFum7U9sIMu+6uubaaRjW5rKYa1Zf3XM
m+gYUgnUxdC4/iEa5i4HbUOf92Ud1xLIM8iPSBfpjYWKBlZjn9qDkKDjDIfhOcTP
2oJ3hoc9tvW9T2lHNJvKNjteXjPNNXb52C0YFg/H64lK14MDhkHI4rrOZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIm/1K1HDINw+AZ6JdzISBJMh8+VMB8GA1UdIwQY
MBaAFP2a43YX8/vkiICyMP58fODw3EHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1pyamRoZnotLVNJZ0xJd19ueDg0UERjUWNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jOGY0MWQtZWE3My00YTAzLWJhNzIt
MGY1MDc3M2IwZWRlLzEvaWJfVXJVY01nM0Q0Qm5vbDNNaElFa3lIejVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jOGY0MWQtZWE3My00YTAzLWJhNzItMGY1MDc3M2IwZWRl
LzEvX1pyamRoZnotLVNJZ0xJd19ueDg0UERjUWNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLv+AMA0G
CSqGSIb3DQEBCwUAA4IBAQAMffLyI0HIb1Lu5Zbn8d05b2TgiEnKwEwvxs0XwA/i
CrctJ7GHwvf1n3LcD8IX9W0iR01Va4hmstIWBZO0UssEzWrdmLMb/62EqiHlOz8K
pJ4hZCmtIRqR9uuNmv6Y8xSEZGnyFKkdpetIR3mKDvm1QfrBTy+6UQ/riBRHztxq
IDDj9P30C7hHgd93T+a8vWHfPiFosfbclXQutNpX/1TlKUGYcU8s8fRFPKhBkDLl
CbWqxKAmYzRX9fiqstfTQw6ADaG78K2+YkV4+9f/xzTS0mMonzBSr6u7ocMj4BF9
n2utUmEabrPWDj2s6QKr4KLCBs1SB8MsG1rKfGCXhaH+
-----END CERTIFICATE-----
Generated at Sat Apr 18 00:57:41 2026 by rpki-client