Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/i7lgm15yljxNJJIdxV0PN0NruUk.roa
File: i7lgm15yljxNJJIdxV0PN0NruUk.roa (raw, json)
Hash identifier: 2LRwTaHFptBADB4hm7Yrbr+djCqVu9Gi1I6wte0t5nk=
Subject key identifier: 8B:B9:60:9B:5E:72:96:3C:4D:24:92:1D:C5:5D:0F:37:43:6B:B9:49
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019C6AD9A0D6052E337268CFCB720D886D42
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/i7lgm15yljxNJJIdxV0PN0NruUk.roa
Signing time: Tue 17 Feb 2026 09:06:13 +0000
ROA not before: Tue 17 Feb 2026 09:06:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 45.6.44.0/22 maxlen: 22
45.120.220.0/22 maxlen: 22
62.106.67.0/24 maxlen: 24
80.174.128.0/17 maxlen: 17
83.143.168.0/21 maxlen: 21
93.95.16.0/21 maxlen: 21
128.0.40.0/24 maxlen: 24
202.58.108.0/22 maxlen: 22
212.86.98.0/24 maxlen: 24
212.118.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 03:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6a:d9:a0:d6:05:2e:33:72:68:cf:cb:72:0d:88:6d:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Feb 17 09:06:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8bb9609b5e72963c4d24921dc55d0f37436bb949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:91:ef:43:db:b7:17:1a:04:2a:0d:1d:1d:
de:ae:ad:da:a6:e7:26:e9:4b:72:1f:fa:ce:57:e5:
54:1c:cb:1d:d0:b0:c9:41:5f:ed:83:3a:b9:73:7a:
bc:87:b6:41:47:e8:15:7c:69:df:8c:8a:5a:6f:d0:
81:65:14:a3:4e:5a:87:b7:c5:b2:a8:8c:75:04:85:
ae:a9:58:8a:47:6f:a8:53:c8:da:29:a1:02:78:7a:
2e:67:57:7c:16:75:22:8e:58:6f:89:90:64:be:16:
6a:8c:9c:bf:b7:25:ea:31:a6:4a:86:8c:36:45:11:
6e:d0:de:83:b7:e7:99:e8:c5:7f:9e:13:3b:9f:5d:
48:07:87:37:b0:f5:53:c1:b2:8d:23:ef:06:1e:0f:
63:77:c1:f0:cc:b4:d6:27:2b:d7:2d:ed:79:a0:9a:
1d:e0:b7:2a:50:66:2c:c6:a5:f0:0d:63:f3:d9:5c:
78:bc:d5:f8:ae:58:b0:0b:cf:06:69:f8:d4:9b:4d:
d5:b5:42:27:16:a2:25:44:59:57:53:60:0f:cf:76:
0b:ed:b1:87:4e:4a:9a:c6:5b:ca:2f:93:4c:4c:bd:
e8:3d:e6:ec:70:0e:f2:80:65:ca:a3:91:67:74:56:
ac:a1:51:0b:ea:38:37:cd:f6:12:8a:d6:ef:29:58:
f0:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:B9:60:9B:5E:72:96:3C:4D:24:92:1D:C5:5D:0F:37:43:6B:B9:49
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/i7lgm15yljxNJJIdxV0PN0NruUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.44.0/22
45.120.220.0/22
62.106.67.0/24
80.174.128.0/17
83.143.168.0/21
93.95.16.0/21
128.0.40.0/24
202.58.108.0/22
212.86.98.0/24
212.118.61.0/24
Signature Algorithm: sha256WithRSAEncryption
77:ae:dc:d9:f6:6e:7e:c2:0f:f9:28:98:00:fb:8f:cc:86:de:
b7:3b:dc:9a:b5:5a:d8:9f:07:81:b7:1c:b6:b2:4c:8b:0d:ed:
a9:37:72:0a:02:16:c3:ef:04:30:c2:5a:39:bb:c7:d9:4e:dc:
b6:97:c1:bc:13:7f:65:09:bf:25:e9:53:f9:04:4e:69:26:25:
f0:8b:76:af:04:c1:21:45:ea:1c:9e:ba:43:f1:29:87:bf:41:
be:7f:70:f0:e2:3e:56:91:59:db:28:71:f4:21:42:61:a6:15:
79:b0:b5:1f:e6:fb:c3:92:aa:bf:89:e7:57:18:31:bc:b0:51:
4c:47:48:82:ec:b2:75:88:71:53:47:80:6c:d6:06:d3:1d:eb:
0f:d7:af:b4:3a:11:60:fb:09:45:c6:9c:42:e7:d4:4d:f7:cf:
b7:48:92:a4:a2:03:34:5f:b8:18:85:28:af:02:2e:7f:76:1d:
c9:fd:84:b1:4d:d4:a7:be:e4:83:e4:1c:4d:4d:a3:49:6b:95:
7c:53:a1:12:0a:2f:ad:52:91:77:f8:79:6d:ba:1e:f9:a6:50:
2e:7f:5f:93:83:c9:a1:9f:31:f7:fe:2a:5a:9c:72:34:fe:c6:
48:19:06:41:b7:08:7b:9e:57:94:36:5f:bc:3d:c3:7a:84:33:
53:bf:f8:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZxq2aDWBS4zcmjPy3INiG1CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwMjE3MDkwNjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmI5NjA5YjVlNzI5NjNjNGQyNDkyMWRjNTVkMGYzNzQzNmJiOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiguR70PbtxcaBCoNHR3erq3apucm
6UtyH/rOV+VUHMsd0LDJQV/tgzq5c3q8h7ZBR+gVfGnfjIpab9CBZRSjTlqHt8Wy
qIx1BIWuqViKR2+oU8jaKaECeHouZ1d8FnUijlhviZBkvhZqjJy/tyXqMaZKhow2
RRFu0N6Dt+eZ6MV/nhM7n11IB4c3sPVTwbKNI+8GHg9jd8HwzLTWJyvXLe15oJod
4LcqUGYsxqXwDWPz2Vx4vNX4rliwC88GafjUm03VtUInFqIlRFlXU2APz3YL7bGH
TkqaxlvKL5NMTL3oPebscA7ygGXKo5FndFasoVEL6jg3zfYSitbvKVjwYwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIu5YJtecpY8TSSSHcVdDzdDa7lJMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvaTdsZ20xNXlsanhOSkpJZHhWMFBOME5ydVVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCLQYsAwQC
LXjcAwQAPmpDAwQHUK6AAwQDU4+oAwQDXV8QAwQAgAAoAwQCyjpsAwQA1FZiAwQA
1HY9MA0GCSqGSIb3DQEBCwUAA4IBAQB3rtzZ9m5+wg/5KJgA+4/Mht63O9yatVrY
nweBtxy2skyLDe2pN3IKAhbD7wQwwlo5u8fZTty2l8G8E39lCb8l6VP5BE5pJiXw
i3avBMEhReocnrpD8SmHv0G+f3Dw4j5WkVnbKHH0IUJhphV5sLUf5vvDkqq/iedX
GDG8sFFMR0iC7LJ1iHFTR4Bs1gbTHesP16+0OhFg+wlFxpxC59RN98+3SJKkogM0
X7gYhSivAi5/dh3J/YSxTdSnvuSD5BxNTaNJa5V8U6ESCi+tUpF3+Hltuh75plAu
f1+Tg8mhnzH3/ipanHI0/sZIGQZBtwh7nleUNl+8PcN6hDNTv/jR
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:16:59 2026 by rpki-client