Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/Bym-x8E18AtLf0ybpilnkQ7yGpo.roa
File: Bym-x8E18AtLf0ybpilnkQ7yGpo.roa (raw, json)
Hash identifier: R+XsuHoebGNFenykqVHPvxpXZ/5AsWEx8oTWF+hIAFQ=
Subject key identifier: 07:29:BE:C7:C1:35:F0:0B:4B:7F:4C:9B:A6:29:67:91:0E:F2:1A:9A
Certificate issuer: /CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Certificate serial: 019B7C7FE293E4F139FD5476548652C9F1E1
Authority key identifier: BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/Bym-x8E18AtLf0ybpilnkQ7yGpo.roa
Signing time: Fri 02 Jan 2026 02:18:34 +0000
ROA not before: Fri 02 Jan 2026 02:18:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34691
IP address blocks: 45.136.110.0/24 maxlen: 24
91.233.252.0/23 maxlen: 23
91.233.254.0/23 maxlen: 23
194.69.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 17:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:e2:93:e4:f1:39:fd:54:76:54:86:52:c9:f1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbb865fd6dfaaba771249b7ebae8ebd5280a0c97
Validity
Not Before: Jan 2 02:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0729bec7c135f00b4b7f4c9ba62967910ef21a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:83:0a:94:5f:d4:f2:88:ed:71:2a:de:e7:
e4:ba:59:46:96:de:78:68:c4:83:99:69:57:ac:c6:
51:02:76:50:25:76:f5:1d:39:b4:57:a4:56:1b:23:
a5:8f:88:91:00:4c:4b:75:33:7f:88:51:3d:e5:a6:
81:ca:4a:cc:76:91:05:9c:33:3f:2f:e2:70:25:56:
13:6e:9c:39:98:ed:37:c3:6b:05:fe:b8:8c:7e:48:
71:88:d7:62:a2:c1:74:bd:95:1d:90:c7:71:8b:5e:
3d:f2:d2:ab:df:bc:9b:57:3b:8b:53:80:00:9b:62:
2d:db:e5:83:ec:e5:26:48:75:b0:10:6f:a8:46:b2:
66:d0:d4:f3:a2:1f:2f:b4:00:ee:4f:00:31:03:9e:
d0:48:ee:8f:df:65:cc:ee:6d:1f:ba:bf:83:cc:a5:
08:dd:c4:68:04:9c:fb:15:a0:b0:73:3e:e8:8d:39:
a4:f6:52:57:19:5e:95:a0:f5:c7:d8:f6:0b:cc:e4:
69:7e:f3:8f:90:99:ea:b1:c3:f5:c3:3f:bb:44:8d:
6a:e2:1a:74:40:6f:45:07:45:d8:0a:a0:23:45:84:
fe:02:29:53:a0:3b:af:b1:4d:c0:a5:df:32:b3:92:
34:53:ea:35:02:ca:9e:f7:8e:89:31:3e:6c:7b:74:
8d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:29:BE:C7:C1:35:F0:0B:4B:7F:4C:9B:A6:29:67:91:0E:F2:1A:9A
X509v3 Authority Key Identifier:
keyid:BB:B8:65:FD:6D:FA:AB:A7:71:24:9B:7E:BA:E8:EB:D5:28:0A:0C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u7hl_W36q6dxJJt-uujr1SgKDJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/Bym-x8E18AtLf0ybpilnkQ7yGpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/43bb94-94c6-4dad-a372-5fcfa421975c/1/u7hl_W36q6dxJJt-uujr1SgKDJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.110.0/24
91.233.252.0/22
194.69.60.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:c5:5f:ee:d8:1e:35:b8:4c:e0:54:23:ce:f0:67:3d:a1:66:
b0:d5:ea:1d:e0:4e:55:a5:74:3c:65:24:96:c6:0a:c9:0d:2e:
c9:fd:05:79:27:10:c3:30:27:a3:07:97:53:8d:bf:81:19:c1:
4b:d8:a8:f8:9f:52:f0:7d:24:1d:86:40:77:35:f8:3e:62:c4:
83:32:31:67:51:99:da:29:63:e2:ee:46:31:3d:f8:9d:1f:fa:
23:60:14:03:34:e9:82:01:ea:6a:4b:da:c4:f7:17:82:52:7a:
73:17:3c:6b:86:f6:3d:97:40:d9:ec:91:b1:f5:89:d5:bb:f5:
01:5f:4e:67:68:dd:49:74:71:a5:32:f5:44:46:3a:12:e6:6c:
cf:ef:d1:15:f0:54:38:6c:1e:71:f4:15:0e:c2:bb:65:e0:f6:
fd:a8:ea:48:3e:e6:c0:89:06:30:f6:cd:78:d8:e5:a4:58:b6:
9a:83:d9:1d:ba:8e:c0:43:82:ef:d2:03:c2:a0:a8:e5:a2:b1:
1e:b3:cd:79:31:06:4a:3a:38:39:51:09:f2:b7:88:be:39:40:
ea:c5:d1:a0:87:ca:28:c1:fa:b6:8e:fe:38:e4:a6:18:65:94:
af:ed:3c:64:42:95:5a:d8:65:c8:18:97:27:74:9d:57:c7:3c:
ac:9e:74:28
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt8f+KT5PE5/VR2VIZSyfHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiYjg2NWZkNmRmYWFiYTc3MTI0OWI3ZWJhZThlYmQ1Mjgw
YTBjOTcwHhcNMjYwMTAyMDIxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzI5YmVjN2MxMzVmMDBiNGI3ZjRjOWJhNjI5Njc5MTBlZjIxYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeGDCpRf1PKI7XEq3ufkullGlt54
aMSDmWlXrMZRAnZQJXb1HTm0V6RWGyOlj4iRAExLdTN/iFE95aaBykrMdpEFnDM/
L+JwJVYTbpw5mO03w2sF/riMfkhxiNdiosF0vZUdkMdxi1498tKr37ybVzuLU4AA
m2It2+WD7OUmSHWwEG+oRrJm0NTzoh8vtADuTwAxA57QSO6P32XM7m0fur+DzKUI
3cRoBJz7FaCwcz7ojTmk9lJXGV6VoPXH2PYLzORpfvOPkJnqscP1wz+7RI1q4hp0
QG9FB0XYCqAjRYT+AilToDuvsU3Apd8ys5I0U+o1Asqe946JMT5se3SNnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAcpvsfBNfALS39Mm6YpZ5EO8hqaMB8GA1UdIwQY
MBaAFLu4Zf1t+quncSSbfrro69UoCgyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzIt
NWZjZmE0MjE5NzVjLzEvQnltLXg4RTE4QXRMZjB5YnBpbG5rUTd5R3BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80M2JiOTQtOTRjNi00ZGFkLWEzNzItNWZjZmE0MjE5NzVj
LzEvdTdobF9XMzZxNmR4Skp0LXV1anIxU2dLREpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYhuAwQC
W+n8AwQCwkU8MA0GCSqGSIb3DQEBCwUAA4IBAQCsxV/u2B41uEzgVCPO8Gc9oWaw
1eod4E5VpXQ8ZSSWxgrJDS7J/QV5JxDDMCejB5dTjb+BGcFL2Kj4n1LwfSQdhkB3
Nfg+YsSDMjFnUZnaKWPi7kYxPfidH/ojYBQDNOmCAepqS9rE9xeCUnpzFzxrhvY9
l0DZ7JGx9YnVu/UBX05naN1JdHGlMvVERjoS5mzP79EV8FQ4bB5x9BUOwrtl4Pb9
qOpIPubAiQYw9s142OWkWLaag9kduo7AQ4Lv0gPCoKjlorEes815MQZKOjg5UQny
t4i+OUDqxdGgh8oowfq2jv445KYYZZSv7TxkQpVa2GXIGJcndJ1XxzysnnQo
-----END CERTIFICATE-----
Generated at Tue Mar 3 03:41:26 2026 by rpki-client