Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/dNyetmWu_99kmHhkiZvcLr-cuzU.roa
File: dNyetmWu_99kmHhkiZvcLr-cuzU.roa (raw, json)
Hash identifier: forzVhrHGmXFVsQJmgLEUSqJW9c/HnLATZaoS4TWk3M=
Subject key identifier: 74:DC:9E:B6:65:AE:FF:DF:64:98:78:64:89:9B:DC:2E:BF:9C:BB:35
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 019C69557032EC725AAB067AE58D20CB35EF
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/dNyetmWu_99kmHhkiZvcLr-cuzU.roa
Signing time: Tue 17 Feb 2026 02:02:12 +0000
ROA not before: Tue 17 Feb 2026 02:02:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 158.46.132.0/22 maxlen: 22
158.46.136.0/21 maxlen: 21
158.46.144.0/20 maxlen: 24
158.46.148.0/24 maxlen: 24
158.46.152.0/24 maxlen: 24
158.46.156.0/24 maxlen: 24
158.46.158.0/24 maxlen: 24
158.46.160.0/23 maxlen: 23
158.46.164.0/22 maxlen: 22
158.46.168.0/21 maxlen: 21
158.46.184.0/23 maxlen: 23
158.46.186.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
158.46.192.0/19 maxlen: 24
158.46.204.0/24 maxlen: 24
158.46.205.0/24 maxlen: 24
158.46.207.0/24 maxlen: 24
158.46.250.0/23 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.36.0/23 maxlen: 23
178.171.103.0/24 maxlen: 24
178.171.106.0/23 maxlen: 23
178.171.108.0/23 maxlen: 23
178.171.112.0/23 maxlen: 23
178.171.114.0/23 maxlen: 23
178.171.116.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:69:55:70:32:ec:72:5a:ab:06:7a:e5:8d:20:cb:35:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Feb 17 02:02:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=74dc9eb665aeffdf64987864899bdc2ebf9cbb35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3a:d7:75:a6:32:1d:3f:c3:11:82:80:45:ad:
36:3c:27:41:7f:04:12:1a:2b:8b:9c:cb:3f:23:3a:
3a:53:dc:bf:6b:32:f0:ba:be:36:f0:8d:00:1c:e0:
e8:5c:28:22:37:4b:c5:e6:27:fd:2a:47:41:68:b8:
2a:bf:5a:90:5e:37:cb:f0:e5:e8:63:97:5a:01:c4:
a4:08:ac:23:db:66:41:d4:75:0d:2a:57:f5:54:d8:
b1:6e:9c:64:01:88:5a:c2:3a:eb:29:0f:ef:fa:33:
6a:d6:8d:17:12:49:d3:62:41:6a:7a:e1:ad:a0:31:
f8:b6:2b:7b:7f:bb:fa:03:10:a5:3d:54:03:b9:f1:
13:2c:83:fc:29:22:09:2f:cd:d1:46:b9:5d:31:2d:
4b:61:ca:e1:43:ad:92:0a:14:bb:ab:ee:11:2a:bf:
38:9e:75:c0:89:68:b1:eb:7b:3f:eb:ab:1a:29:1d:
e4:82:6d:86:3f:9a:ab:6c:d7:c9:bc:6c:19:e9:b8:
33:62:ee:b7:bc:7c:9f:4c:a4:92:c0:a4:d2:4b:0b:
bc:dc:57:69:85:14:ff:62:3d:f7:72:85:4a:dc:cb:
66:38:fc:a8:78:d7:d4:9d:0d:7f:5c:35:ca:6b:bc:
f4:17:32:4a:87:7f:0f:5d:5f:ac:c5:c8:f5:86:77:
e1:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:DC:9E:B6:65:AE:FF:DF:64:98:78:64:89:9B:DC:2E:BF:9C:BB:35
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/dNyetmWu_99kmHhkiZvcLr-cuzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.132.0-158.46.161.255
158.46.164.0-158.46.175.255
158.46.184.0-158.46.223.255
158.46.250.0/23
178.171.20.0/22
178.171.36.0/23
178.171.103.0/24
178.171.106.0-178.171.109.255
178.171.112.0-178.171.117.255
Signature Algorithm: sha256WithRSAEncryption
b7:67:cc:8c:b6:66:f9:57:65:ce:d8:ba:ee:a8:e7:e1:01:25:
54:cc:c3:3c:af:7b:2a:a8:20:15:23:e1:78:ae:fd:68:5e:03:
46:82:22:f2:9f:21:68:1c:96:42:65:fb:59:15:43:da:4b:62:
aa:84:cc:45:20:68:81:f7:56:0b:54:ed:9d:5e:75:b6:6c:34:
ae:dc:ff:fd:97:19:e9:9c:2e:9e:5a:d3:1c:36:c2:f6:14:8e:
af:3f:0d:1f:ed:f3:a7:74:73:29:cd:97:2a:f3:41:9f:98:c0:
f5:b7:5f:c7:21:de:43:0e:91:4e:5f:3a:40:74:0d:37:17:53:
83:aa:80:88:d4:3f:df:ba:a5:a7:58:80:2e:61:c0:1d:9a:10:
17:85:15:1f:62:5c:1c:64:07:33:dc:e6:c5:16:d8:2c:a6:91:
9b:79:69:02:2d:9f:b8:be:e6:be:3c:e3:f9:69:fb:c8:72:e9:
00:9a:26:1f:a1:dd:53:d6:94:9b:b3:b4:d8:c5:c3:81:3c:af:
ed:94:81:74:95:6f:6e:56:96:eb:64:32:2c:3b:12:d9:07:34:
a6:50:c6:70:bf:d7:24:86:87:0c:86:3e:b0:5f:2a:fd:13:ec:
51:84:59:ad:f1:1a:78:08:9f:44:4d:dc:10:fa:67:57:0c:ca:
ff:a1:61:10
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZxpVXAy7HJaqwZ65Y0gyzXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjYwMjE3MDIwMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGRjOWViNjY1YWVmZmRmNjQ5ODc4NjQ4OTliZGMyZWJmOWNiYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDrXdaYyHT/DEYKARa02PCdBfwQS
GiuLnMs/Izo6U9y/azLwur428I0AHODoXCgiN0vF5if9KkdBaLgqv1qQXjfL8OXo
Y5daAcSkCKwj22ZB1HUNKlf1VNixbpxkAYhawjrrKQ/v+jNq1o0XEknTYkFqeuGt
oDH4tit7f7v6AxClPVQDufETLIP8KSIJL83RRrldMS1LYcrhQ62SChS7q+4RKr84
nnXAiWix63s/66saKR3kgm2GP5qrbNfJvGwZ6bgzYu63vHyfTKSSwKTSSwu83Fdp
hRT/Yj33coVK3MtmOPyoeNfUnQ1/XDXKa7z0FzJKh38PXV+sxcj1hnfh/QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFHTcnrZlrv/fZJh4ZImb3C6/nLs1MB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvZE55ZXRtV3VfOTlrbUhoa2ladmNMci1jdXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeMAwDBAKeLoQD
BAGeLqAwDAMEAp4upAMEBJ4uoDAMAwQDni64AwQFni7AAwQBni76AwQCsqsUAwQB
sqskAwQAsqtnMAwDBAGyq2oDBAGyq2wwDAMEBLKrcAMEAbKrdDANBgkqhkiG9w0B
AQsFAAOCAQEAt2fMjLZm+Vdlzti67qjn4QElVMzDPK97KqggFSPheK79aF4DRoIi
8p8haByWQmX7WRVD2ktiqoTMRSBogfdWC1TtnV51tmw0rtz//ZcZ6ZwunlrTHDbC
9hSOrz8NH+3zp3RzKc2XKvNBn5jA9bdfxyHeQw6RTl86QHQNNxdTg6qAiNQ/37ql
p1iALmHAHZoQF4UVH2JcHGQHM9zmxRbYLKaRm3lpAi2fuL7mvjzj+Wn7yHLpAJom
H6HdU9aUm7O02MXDgTyv7ZSBdJVvblaW62QyLDsS2Qc0plDGcL/XJIaHDIY+sF8q
/RPsUYRZrfEaeAifRE3cEPpnVwzK/6FhEA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:17:20 2026 by rpki-client