Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/e9nHqWVyUbme4A3nXWXS4IolpJo.roa
File: e9nHqWVyUbme4A3nXWXS4IolpJo.roa (raw, json)
Hash identifier: TgavrUMfl8Vj5Apn+RX8JBxoVnrkia1a7hngxLQEX8E=
Subject key identifier: 7B:D9:C7:A9:65:72:51:B9:9E:E0:0D:E7:5D:65:D2:E0:8A:25:A4:9A
Certificate issuer: /CN=06cbc7614b49878bf37fde0c18d7c851c2d07e6f
Certificate serial: 019C9954F2C35DE265FAE3D6D18F6394FCCD
Authority key identifier: 06:CB:C7:61:4B:49:87:8B:F3:7F:DE:0C:18:D7:C8:51:C2:D0:7E:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/e9nHqWVyUbme4A3nXWXS4IolpJo.roa
Signing time: Thu 26 Feb 2026 09:43:27 +0000
ROA not before: Thu 26 Feb 2026 09:43:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8412
IP address blocks: 46.124.0.0/15 maxlen: 16
46.124.128.0/20 maxlen: 22
46.124.144.0/20 maxlen: 22
46.124.160.0/20 maxlen: 22
46.124.192.0/18 maxlen: 22
46.125.128.0/19 maxlen: 22
62.140.32.0/19 maxlen: 20
78.132.0.0/17 maxlen: 18
185.99.72.0/22 maxlen: 23
212.67.224.0/19 maxlen: 19
212.95.0.0/19 maxlen: 24
213.142.96.0/19 maxlen: 23
213.162.64.0/19 maxlen: 23
2001:4bc8::/29 maxlen: 32
2001:4bc9:a000::/36 maxlen: 36
2001:4bc9:b000::/36 maxlen: 36
2001:4bc9:c000::/36 maxlen: 36
2001:4bc9:d000::/36 maxlen: 36
2001:4bc9:e000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:54:f2:c3:5d:e2:65:fa:e3:d6:d1:8f:63:94:fc:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06cbc7614b49878bf37fde0c18d7c851c2d07e6f
Validity
Not Before: Feb 26 09:43:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bd9c7a9657251b99ee00de75d65d2e08a25a49a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:11:9b:a3:5e:c1:31:5c:cb:30:5f:0f:b9:f1:
29:5e:36:c3:cc:85:7c:ee:11:ca:cb:bf:e9:c9:3e:
77:2c:ed:1f:67:c4:ce:f7:f7:be:e0:7a:8d:fa:09:
ba:5c:91:9a:d2:b7:3a:b9:c8:b3:dd:14:32:f3:49:
54:07:c9:a1:d0:c7:ef:73:93:e4:41:f6:6c:0d:3e:
44:7c:ff:d0:cd:c8:c1:5d:ef:1c:06:be:8c:38:21:
13:a3:07:c5:3d:d4:2b:5d:fa:b4:69:ce:1d:99:b7:
cf:16:ff:f1:b4:d6:76:ba:f3:26:dc:9b:16:be:b5:
ea:31:25:f5:0b:34:c6:bb:e3:4b:ff:c1:ee:b6:1e:
18:67:b7:a4:8f:26:cc:7f:57:2c:fb:b1:ec:f9:08:
14:c8:84:3d:f6:e5:0d:19:2a:16:c8:79:a5:07:d9:
8f:c9:ba:5b:44:ae:dd:a4:5d:79:9c:dd:d9:b3:71:
3f:db:73:87:de:f9:98:d7:77:a9:86:76:9e:3a:47:
6a:05:fa:a0:84:52:da:8c:15:9c:e4:28:d5:d6:d1:
5e:4a:9e:28:5e:56:ce:b9:eb:86:b0:2f:23:ec:90:
bf:0e:b5:5a:85:a9:02:35:e8:38:88:06:c1:f1:c8:
cc:6b:14:1d:0f:eb:92:75:5b:5f:6a:b2:ee:f7:bb:
fa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D9:C7:A9:65:72:51:B9:9E:E0:0D:E7:5D:65:D2:E0:8A:25:A4:9A
X509v3 Authority Key Identifier:
keyid:06:CB:C7:61:4B:49:87:8B:F3:7F:DE:0C:18:D7:C8:51:C2:D0:7E:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BsvHYUtJh4vzf94MGNfIUcLQfm8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/e9nHqWVyUbme4A3nXWXS4IolpJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/877f99-7acc-4d30-83c8-575a60de66a4/1/BsvHYUtJh4vzf94MGNfIUcLQfm8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.124.0.0/15
62.140.32.0/19
78.132.0.0/17
185.99.72.0/22
212.67.224.0/19
212.95.0.0/19
213.142.96.0/19
213.162.64.0/19
IPv6:
2001:4bc8::/29
Signature Algorithm: sha256WithRSAEncryption
34:a3:52:17:c4:c0:d2:84:8a:de:7b:9e:e6:92:33:eb:c2:f8:
58:cf:93:01:57:56:56:f0:ea:d1:8b:cf:12:10:8d:a8:f0:22:
22:56:97:29:0f:45:53:4d:dd:c9:06:e3:29:60:9e:37:c1:2b:
03:e5:e9:9b:b7:42:9e:6e:ff:f4:79:37:a1:11:e4:70:8e:b6:
b3:db:7b:89:db:18:0b:f9:7c:24:09:f3:a9:b7:a1:f5:9a:80:
7e:cf:fe:77:e3:e4:fe:38:9b:11:fe:fd:c6:23:d2:55:f6:22:
e7:b3:6c:22:54:69:35:80:19:30:14:26:d7:a2:ba:8c:8d:a8:
e2:c7:cf:2e:e7:9c:6d:bb:a1:b0:33:79:3a:75:68:25:22:83:
1b:9a:28:46:a7:5c:1a:7a:c5:6c:78:86:ba:22:5d:cc:bd:f9:
93:11:5e:de:9f:d7:aa:d2:70:78:44:a8:06:f6:76:1d:cb:7d:
9d:65:e8:2e:08:2e:31:3e:5d:73:8b:70:04:9b:4c:b3:1c:f5:
33:70:52:32:94:38:fc:1a:2f:59:37:0d:fa:bb:01:38:32:59:
91:46:e5:5d:c1:ae:e9:8e:d6:28:0b:f4:b9:75:25:72:a3:38:
14:db:e1:75:8b:41:73:b0:1f:26:92:cf:c1:4a:31:e4:f4:3c:
8b:fa:3b:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZyZVPLDXeJl+uPW0Y9jlPzNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2Y2JjNzYxNGI0OTg3OGJmMzdmZGUwYzE4ZDdjODUxYzJk
MDdlNmYwHhcNMjYwMjI2MDk0MzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ5YzdhOTY1NzI1MWI5OWVlMDBkZTc1ZDY1ZDJlMDhhMjVhNDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBGbo17BMVzLMF8PufEpXjbDzIV8
7hHKy7/pyT53LO0fZ8TO9/e+4HqN+gm6XJGa0rc6uciz3RQy80lUB8mh0Mfvc5Pk
QfZsDT5EfP/QzcjBXe8cBr6MOCETowfFPdQrXfq0ac4dmbfPFv/xtNZ2uvMm3JsW
vrXqMSX1CzTGu+NL/8Huth4YZ7ekjybMf1cs+7Hs+QgUyIQ99uUNGSoWyHmlB9mP
ybpbRK7dpF15nN3Zs3E/23OH3vmY13ephnaeOkdqBfqghFLajBWc5CjV1tFeSp4o
XlbOueuGsC8j7JC/DrVahakCNeg4iAbB8cjMaxQdD+uSdVtfarLu97v6aQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFHvZx6llclG5nuAN511l0uCKJaSaMB8GA1UdIwQY
MBaAFAbLx2FLSYeL83/eDBjXyFHC0H5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnN2SFlVdEpoNHZ6Zjk0TUdOZklVY0xRZm04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84NzdmOTktN2FjYy00ZDMwLTgzYzgt
NTc1YTYwZGU2NmE0LzEvZTluSHFXVnlVYm1lNEEzblhXWFM0SW9scEpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84NzdmOTktN2FjYy00ZDMwLTgzYzgtNTc1YTYwZGU2NmE0
LzEvQnN2SFlVdEpoNHZ6Zjk0TUdOZklVY0xRZm04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwMBLnwDBAU+
jCADBAdOhAADBAK5Y0gDBAXUQ+ADBAXUXwADBAXVjmADBAXVokAwDQQCAAIwBwMF
AyABS8gwDQYJKoZIhvcNAQELBQADggEBADSjUhfEwNKEit57nuaSM+vC+FjPkwFX
Vlbw6tGLzxIQjajwIiJWlykPRVNN3ckG4ylgnjfBKwPl6Zu3Qp5u//R5N6ER5HCO
trPbe4nbGAv5fCQJ86m3ofWagH7P/nfj5P44mxH+/cYj0lX2IuezbCJUaTWAGTAU
JteiuoyNqOLHzy7nnG27obAzeTp1aCUigxuaKEanXBp6xWx4hroiXcy9+ZMRXt6f
16rScHhEqAb2dh3LfZ1l6C4ILjE+XXOLcASbTLMc9TNwUjKUOPwaL1k3Dfq7ATgy
WZFG5V3BrumO1igL9Ll1JXKjOBTb4XWLQXOwHyaSz8FKMeT0PIv6O9A=
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:06:33 2026 by rpki-client