Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/ba1PPFUfJQPbN0qUaPYUh_lra00.roa
File: ba1PPFUfJQPbN0qUaPYUh_lra00.roa (raw, json)
Hash identifier: io880q/jxrQW2nbvQeP7+TanhHJv6EExV9pj2tnHEls=
Subject key identifier: 6D:AD:4F:3C:55:1F:25:03:DB:37:4A:94:68:F6:14:87:F9:6B:6B:4D
Certificate issuer: /CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Certificate serial: 019D61D250BC2617242FE3CDA986B663209B
Authority key identifier: C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/ba1PPFUfJQPbN0qUaPYUh_lra00.roa
Signing time: Mon 06 Apr 2026 08:04:26 +0000
ROA not before: Mon 06 Apr 2026 08:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51788
IP address blocks: 46.148.34.0/24 maxlen: 24
46.148.41.0/24 maxlen: 24
46.148.42.0/24 maxlen: 24
46.148.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:61:d2:50:bc:26:17:24:2f:e3:cd:a9:86:b6:63:20:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c89c2cc489ebe48f490584ac866fe362c4117e75
Validity
Not Before: Apr 6 08:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6dad4f3c551f2503db374a9468f61487f96b6b4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bf:77:52:d7:08:9c:48:7f:3e:19:fc:21:2e:
e3:e4:26:00:24:c8:ce:b1:c5:b1:76:5c:24:f2:c2:
64:c9:b2:9e:cc:1d:cc:f5:e9:fe:21:60:45:75:73:
86:b1:1c:0d:4b:56:4a:f2:1a:d2:46:57:cf:37:bd:
3b:72:4b:b7:93:ca:43:60:ab:4f:9f:7d:dd:d2:79:
4a:ad:13:e4:a5:1b:77:3c:62:09:89:28:17:24:ac:
ff:a7:34:ad:18:21:31:c0:1f:1f:1f:84:b2:0a:ab:
8d:14:54:53:01:50:88:a6:6f:fe:44:6a:d1:02:44:
27:e0:81:2a:b8:7f:39:22:cc:03:26:f9:a5:4e:32:
77:33:14:7e:26:82:40:10:c2:17:81:51:d7:e8:63:
90:73:d4:ac:57:33:af:db:c9:57:f6:bb:86:c5:85:
ef:99:04:c1:e1:f1:45:3e:5c:d8:bd:fc:44:6f:5a:
ec:4c:26:7d:a5:31:29:38:50:b5:ab:61:c8:2d:8e:
84:65:34:d4:99:b3:8c:77:a9:49:e0:a8:46:ee:5e:
b4:54:69:5b:77:f9:58:bf:1c:91:40:e2:6c:bb:fd:
2a:e1:73:9e:7c:d8:67:16:a0:9f:0f:76:a1:3f:74:
90:46:82:92:8f:fd:df:73:e1:90:c8:fa:0d:03:8b:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AD:4F:3C:55:1F:25:03:DB:37:4A:94:68:F6:14:87:F9:6B:6B:4D
X509v3 Authority Key Identifier:
keyid:C8:9C:2C:C4:89:EB:E4:8F:49:05:84:AC:86:6F:E3:62:C4:11:7E:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yJwsxInr5I9JBYSshm_jYsQRfnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/ba1PPFUfJQPbN0qUaPYUh_lra00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/a00be2-877d-40e7-8a8a-af2cfa622d18/1/yJwsxInr5I9JBYSshm_jYsQRfnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.148.34.0/24
46.148.41.0-46.148.42.255
46.148.47.0/24
Signature Algorithm: sha256WithRSAEncryption
81:2d:dd:f9:82:48:a8:b4:b1:ef:a6:b6:ef:aa:dc:38:51:ad:
8e:c8:ea:df:ca:a2:53:38:ee:36:0b:99:73:cc:61:ed:47:16:
c5:40:9e:98:ee:c4:e1:f7:bf:c6:1b:b8:73:0f:60:a6:58:2f:
35:f8:e7:2b:e3:d0:1a:b4:05:2e:76:0e:78:12:72:8f:40:a4:
16:65:01:41:4f:dc:e2:8e:53:01:d5:ca:ab:38:dd:0e:f2:c6:
65:20:aa:c8:cd:d5:bd:68:27:58:aa:6c:35:71:ce:98:8e:5d:
8c:bd:a2:ef:8d:fd:b2:e6:a7:6e:05:2f:09:25:f3:b4:1b:91:
33:33:12:26:18:01:81:88:79:1f:ce:d0:bb:98:f5:b9:e4:1e:
3c:6c:5c:5f:ef:3a:76:a7:6d:c4:fe:73:d7:b6:26:e5:77:72:
9d:64:96:e9:3d:20:5b:fd:76:ae:3a:56:c4:4e:20:f1:13:12:
f8:68:b1:1d:fa:39:66:f8:f1:17:78:f5:66:25:46:a1:32:17:
1e:7e:2c:d1:e9:8d:7d:37:20:57:96:23:a9:da:cc:d2:c3:d8:
72:29:98:5c:06:cc:09:0b:dc:9d:80:c6:98:91:6c:ef:87:ef:
e5:ec:4e:93:55:52:f7:a1:75:60:9b:c3:4b:bf:b5:94:75:25:
c2:34:1b:fc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ1h0lC8JhckL+PNqYa2YyCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OWMyY2M0ODllYmU0OGY0OTA1ODRhYzg2NmZlMzYyYzQx
MTdlNzUwHhcNMjYwNDA2MDgwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFkNGYzYzU1MWYyNTAzZGIzNzRhOTQ2OGY2MTQ4N2Y5NmI2YjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur93UtcInEh/Phn8IS7j5CYAJMjO
scWxdlwk8sJkybKezB3M9en+IWBFdXOGsRwNS1ZK8hrSRlfPN707cku3k8pDYKtP
n33d0nlKrRPkpRt3PGIJiSgXJKz/pzStGCExwB8fH4SyCquNFFRTAVCIpm/+RGrR
AkQn4IEquH85IswDJvmlTjJ3MxR+JoJAEMIXgVHX6GOQc9SsVzOv28lX9ruGxYXv
mQTB4fFFPlzYvfxEb1rsTCZ9pTEpOFC1q2HILY6EZTTUmbOMd6lJ4KhG7l60VGlb
d/lYvxyRQOJsu/0q4XOefNhnFqCfD3ahP3SQRoKSj/3fc+GQyPoNA4t7nwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG2tTzxVHyUD2zdKlGj2FIf5a2tNMB8GA1UdIwQY
MBaAFMicLMSJ6+SPSQWErIZv42LEEX51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEt
YWYyY2ZhNjIyZDE4LzEvYmExUFBGVWZKUVBiTjBxVWFQWVVoX2xyYTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9hMDBiZTItODc3ZC00MGU3LThhOGEtYWYyY2ZhNjIyZDE4
LzEveUp3c3hJbnI1STlKQllTc2htX2pZc1FSZm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALpQiMAwD
BAAulCkDBAAulCoDBAAulC8wDQYJKoZIhvcNAQELBQADggEBAIEt3fmCSKi0se+m
tu+q3DhRrY7I6t/KolM47jYLmXPMYe1HFsVAnpjuxOH3v8YbuHMPYKZYLzX45yvj
0Bq0BS52DngSco9ApBZlAUFP3OKOUwHVyqs43Q7yxmUgqsjN1b1oJ1iqbDVxzpiO
XYy9ou+N/bLmp24FLwkl87QbkTMzEiYYAYGIeR/O0LuY9bnkHjxsXF/vOnanbcT+
c9e2JuV3cp1kluk9IFv9dq46VsROIPETEvhosR36OWb48Rd49WYlRqEyFx5+LNHp
jX03IFeWI6nazNLD2HIpmFwGzAkL3J2AxpiRbO+H7+XsTpNVUvehdWCbw0u/tZR1
JcI0G/w=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:34:25 2026 by rpki-client