Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sfOTcCwWC1KsIilpX1DNsh1Y680.roa
File: sfOTcCwWC1KsIilpX1DNsh1Y680.roa (raw, json)
Hash identifier: pLb+gJaNX2LBpRmtuzi8ech4v1Lsqmc+4yqckwfHtNg=
Subject key identifier: B1:F3:93:70:2C:16:0B:52:AC:22:29:69:5F:50:CD:B2:1D:58:EB:CD
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019EB786E5ED83A21F3125902B23AD134C26
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sfOTcCwWC1KsIilpX1DNsh1Y680.roa
Signing time: Thu 11 Jun 2026 16:32:11 +0000
ROA not before: Thu 11 Jun 2026 16:32:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 45.6.44.0/22 maxlen: 22
45.120.220.0/22 maxlen: 22
62.106.67.0/24 maxlen: 24
80.174.2.0/23 maxlen: 23
80.174.4.0/22 maxlen: 22
80.174.128.0/17 maxlen: 17
80.174.144.0/22 maxlen: 22
80.174.148.0/22 maxlen: 22
80.174.152.0/21 maxlen: 21
80.174.160.0/22 maxlen: 22
80.174.168.0/21 maxlen: 21
80.174.176.0/20 maxlen: 20
80.174.200.0/21 maxlen: 21
80.174.246.0/24 maxlen: 24
83.143.168.0/21 maxlen: 21
83.143.171.0/24 maxlen: 24
128.0.40.0/24 maxlen: 24
181.201.0.0/16 maxlen: 16
202.58.108.0/22 maxlen: 22
212.86.98.0/24 maxlen: 24
212.118.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:86:e5:ed:83:a2:1f:31:25:90:2b:23:ad:13:4c:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Jun 11 16:32:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1f393702c160b52ac2229695f50cdb21d58ebcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:ce:07:ec:f7:0d:5d:00:b5:9c:58:a2:e5:
d0:e3:86:2a:ce:3f:65:ca:40:0f:cd:11:5d:41:8b:
56:ea:17:c0:c7:ce:76:7a:35:37:06:02:00:35:32:
a6:e4:bd:d5:31:90:82:39:45:40:df:f7:21:24:f3:
da:68:b0:27:61:81:99:dd:7f:2e:4d:cb:4f:24:7f:
11:da:2c:7c:0d:d6:13:20:2a:b2:a9:71:ae:bd:51:
e4:8e:f2:07:58:8f:b9:ab:f3:16:d0:b3:e0:77:33:
85:d9:e0:31:c8:92:4e:55:69:2f:d2:58:62:a0:5d:
fd:f2:b4:5e:cc:b9:b6:b8:26:29:aa:61:b1:bc:1d:
13:b2:72:f8:13:e8:08:2a:11:9d:6e:a0:0a:db:8c:
50:c7:5d:f0:24:1a:52:77:71:04:87:24:75:73:b5:
8a:9c:ab:c3:88:80:af:4a:fa:4a:eb:40:7f:43:cf:
65:d1:16:40:45:25:a1:67:b3:7b:1a:40:59:a9:4b:
44:05:83:a8:fb:0a:f8:e5:e0:99:17:3b:9e:8b:9a:
28:51:7e:cc:eb:8f:cf:44:74:2f:8d:19:bd:de:a5:
d7:a2:b8:92:89:b6:d8:6d:d7:9f:ed:85:32:25:70:
bf:5b:83:9e:c7:13:43:55:78:42:96:10:07:93:1f:
e4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:F3:93:70:2C:16:0B:52:AC:22:29:69:5F:50:CD:B2:1D:58:EB:CD
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/sfOTcCwWC1KsIilpX1DNsh1Y680.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.44.0/22
45.120.220.0/22
62.106.67.0/24
80.174.2.0-80.174.7.255
80.174.128.0/17
83.143.168.0/21
128.0.40.0/24
181.201.0.0/16
202.58.108.0/22
212.86.98.0/24
212.118.61.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:1c:0f:9e:55:36:94:fa:0e:0e:77:83:10:80:2c:c9:4e:27:
00:54:00:3e:81:67:dc:57:02:af:a6:e8:96:8a:69:07:4a:b3:
32:4b:d8:0d:f7:cb:5d:55:7a:fc:94:01:43:8c:c8:06:5a:1f:
10:90:b1:9b:7c:7d:64:f6:ce:c4:5e:c1:c6:d7:47:ec:22:12:
89:6d:90:8e:36:74:cd:a7:3d:00:5e:43:fb:35:c7:b9:54:45:
51:29:f5:04:1f:4b:1f:fb:62:9d:a2:a6:87:00:2c:1d:05:c9:
fb:1c:1a:93:22:e9:d7:12:cd:fa:98:e7:bf:60:f3:02:c9:09:
dd:53:9f:8f:7b:2d:9d:de:69:2d:ae:87:85:02:63:55:21:a4:
87:a1:0e:39:03:f6:e5:fc:e4:cb:11:79:b8:91:ee:55:62:5e:
0a:5f:d5:57:6b:4d:20:af:14:7d:eb:14:a5:f2:10:4c:db:d1:
76:21:b1:f3:a6:cc:9a:de:33:e5:ca:45:30:6a:2f:19:a9:92:
46:a0:c2:91:6d:69:7d:60:ba:cc:05:96:69:83:ff:d9:84:90:
48:0d:95:c5:88:3a:c2:da:ee:23:f7:6d:bc:c8:1c:33:9b:75:
a2:ee:59:ee:34:c6:4e:7f:e3:45:bf:e8:58:dc:88:cd:55:ef:
09:7b:cf:52
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZ63huXtg6IfMSWQKyOtE0wmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNjExMTYzMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWYzOTM3MDJjMTYwYjUyYWMyMjI5Njk1ZjUwY2RiMjFkNThlYmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg7OB+z3DV0AtZxYouXQ44Yqzj9l
ykAPzRFdQYtW6hfAx852ejU3BgIANTKm5L3VMZCCOUVA3/chJPPaaLAnYYGZ3X8u
TctPJH8R2ix8DdYTICqyqXGuvVHkjvIHWI+5q/MW0LPgdzOF2eAxyJJOVWkv0lhi
oF398rRezLm2uCYpqmGxvB0TsnL4E+gIKhGdbqAK24xQx13wJBpSd3EEhyR1c7WK
nKvDiICvSvpK60B/Q89l0RZARSWhZ7N7GkBZqUtEBYOo+wr45eCZFzuei5ooUX7M
64/PRHQvjRm93qXXoriSibbYbdef7YUyJXC/W4OexxNDVXhClhAHkx/kFQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFLHzk3AsFgtSrCIpaV9QzbIdWOvNMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvc2ZPVGNDd1dDMUtzSWlscFgxRE5zaDFZNjgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBPBAIAATBJAwQCLQYsAwQC
LXjcAwQAPmpDMAwDBAFQrgIDBANQrgADBAdQroADBANTj6gDBACAACgDAwC1yQME
Aso6bAMEANRWYgMEANR2PTANBgkqhkiG9w0BAQsFAAOCAQEAjxwPnlU2lPoODneD
EIAsyU4nAFQAPoFn3FcCr6boloppB0qzMkvYDffLXVV6/JQBQ4zIBlofEJCxm3x9
ZPbOxF7BxtdH7CISiW2QjjZ0zac9AF5D+zXHuVRFUSn1BB9LH/tinaKmhwAsHQXJ
+xwakyLp1xLN+pjnv2DzAskJ3VOfj3stnd5pLa6HhQJjVSGkh6EOOQP25fzkyxF5
uJHuVWJeCl/VV2tNIK8UfesUpfIQTNvRdiGx86bMmt4z5cpFMGovGamSRqDCkW1p
fWC6zAWWaYP/2YSQSA2VxYg6wtruI/dtvMgcM5t1ou5Z7jTGTn/jRb/oWNyIzVXv
CXvPUg==
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:24:15 2026 by rpki-client