Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/7GwQxSlC6XgRoIpTEwZKgVnWS-4.roa
File: 7GwQxSlC6XgRoIpTEwZKgVnWS-4.roa (raw, json)
Hash identifier: xTOxR17JVwPWxSBMYNixvTz0OcXATfB8jZao2sdgwZ8=
Subject key identifier: EC:6C:10:C5:29:42:E9:78:11:A0:8A:53:13:06:4A:81:59:D6:4B:EE
Certificate issuer: /CN=b5189d9ea82d5fbb66d6c11f187633476034e0de
Certificate serial: 019C7AC044FA4BEE3F313C20F77CCB017D29
Authority key identifier: B5:18:9D:9E:A8:2D:5F:BB:66:D6:C1:1F:18:76:33:47:60:34:E0:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/7GwQxSlC6XgRoIpTEwZKgVnWS-4.roa
Signing time: Fri 20 Feb 2026 11:12:26 +0000
ROA not before: Fri 20 Feb 2026 11:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210574
IP address blocks: 46.36.201.0/24 maxlen: 24
2a11:5dc0:1::/48 maxlen: 48
2a11:5dc0:2::/48 maxlen: 48
2a11:5dc0:3::/48 maxlen: 48
2a11:5dc0:4::/48 maxlen: 48
2a11:5dc0:5::/48 maxlen: 48
2a11:5dc0:6::/48 maxlen: 48
2a11:5dc0:7::/48 maxlen: 48
2a11:5dc0:8::/48 maxlen: 48
2a11:5dc0:9::/48 maxlen: 48
2a11:5dc0:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:c0:44:fa:4b:ee:3f:31:3c:20:f7:7c:cb:01:7d:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5189d9ea82d5fbb66d6c11f187633476034e0de
Validity
Not Before: Feb 20 11:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ec6c10c52942e97811a08a5313064a8159d64bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:18:b3:f3:39:27:1e:68:72:67:2a:32:ae:96:
1b:7a:14:1a:d0:46:c2:cd:9d:9d:45:3b:c6:40:d4:
76:e4:bd:85:28:12:46:a5:37:68:fa:f8:be:78:fe:
b4:d8:61:6a:0c:86:0f:f6:6b:92:66:fd:79:2d:0e:
b8:01:fe:6e:43:5d:f4:93:26:1a:8f:09:5d:1f:05:
57:69:85:1b:ac:37:4d:b4:e2:7b:23:88:68:36:99:
5a:3e:15:d3:53:8a:b1:3d:f0:f5:88:50:a5:25:e2:
92:d0:ed:5b:4d:3d:8f:e5:ec:c7:c8:5b:c3:a6:f2:
18:05:14:89:9b:96:61:89:2b:1c:0e:1c:1d:15:64:
f5:8a:d5:a1:48:a4:0a:cd:06:81:43:c0:01:a4:38:
97:73:81:0f:7c:c6:e3:b5:20:ee:09:0c:92:6d:5a:
1b:8a:c0:ac:52:ee:7b:69:7c:d3:e7:28:7d:c5:84:
0d:e2:a1:71:99:33:db:cb:33:14:ad:09:78:1b:7f:
0d:da:81:78:1e:43:ec:e5:58:2f:e0:fb:94:14:cf:
7a:ac:e3:45:a0:08:88:05:93:f0:4d:17:53:3c:2e:
54:bb:d0:a6:a7:b9:95:a4:24:44:0f:56:d6:d6:db:
84:26:a7:f9:5b:83:0b:ba:8b:5a:88:9e:60:aa:1a:
b2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:6C:10:C5:29:42:E9:78:11:A0:8A:53:13:06:4A:81:59:D6:4B:EE
X509v3 Authority Key Identifier:
keyid:B5:18:9D:9E:A8:2D:5F:BB:66:D6:C1:1F:18:76:33:47:60:34:E0:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRidnqgtX7tm1sEfGHYzR2A04N4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/7GwQxSlC6XgRoIpTEwZKgVnWS-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/5e61d8-d1bf-4f2a-a32e-f5d6b752ae34/1/tRidnqgtX7tm1sEfGHYzR2A04N4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.36.201.0/24
IPv6:
2a11:5dc0:1::-2a11:5dc0:9:ffff:ffff:ffff:ffff:ffff
2a11:5dc0:10::/48
Signature Algorithm: sha256WithRSAEncryption
35:8a:ae:58:c5:c9:88:b9:63:ee:fc:64:a6:bc:8e:55:f5:96:
36:45:2b:89:b3:ab:22:5c:9a:dc:e9:2a:d6:df:e2:1f:73:61:
ad:be:fd:f9:b3:1a:f7:3e:3a:aa:46:b2:6c:00:c3:db:37:75:
16:e5:5e:88:e2:95:40:94:0e:71:5a:f6:dc:12:29:25:a8:e5:
5e:7d:0f:3e:83:55:34:42:95:c8:80:3a:d9:1e:07:79:a1:82:
d0:23:ee:f1:b0:d2:90:0c:a2:1c:10:99:a5:39:80:e5:fb:8c:
3c:83:d6:4d:bc:67:a9:d3:c1:3f:b5:b0:e7:79:dc:2c:13:f5:
2f:44:e7:05:17:a3:4e:da:b7:42:9d:7d:1c:4e:7c:86:04:a8:
93:10:87:35:eb:84:68:21:f1:fe:1f:50:3f:4b:20:51:e0:37:
ea:0d:b0:1f:ba:fe:dd:f8:f8:9d:e5:06:72:84:33:52:89:9c:
15:d9:ce:f4:02:12:79:47:16:7d:66:15:64:22:ad:23:ca:1a:
c8:91:94:fe:ac:6c:b4:01:01:97:cc:a0:6d:09:77:e3:31:21:
40:37:e3:41:77:47:90:84:a5:30:f8:03:92:17:c4:b2:07:7d:
9d:a5:69:16:c1:c8:36:6c:68:32:67:44:c7:45:8a:5a:8e:ca:
1e:2b:8a:38
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZx6wET6S+4/MTwg93zLAX0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MTg5ZDllYTgyZDVmYmI2NmQ2YzExZjE4NzYzMzQ3NjAz
NGUwZGUwHhcNMjYwMjIwMTExMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzZjMTBjNTI5NDJlOTc4MTFhMDhhNTMxMzA2NGE4MTU5ZDY0YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBiz8zknHmhyZyoyrpYbehQa0EbC
zZ2dRTvGQNR25L2FKBJGpTdo+vi+eP602GFqDIYP9muSZv15LQ64Af5uQ130kyYa
jwldHwVXaYUbrDdNtOJ7I4hoNplaPhXTU4qxPfD1iFClJeKS0O1bTT2P5ezHyFvD
pvIYBRSJm5ZhiSscDhwdFWT1itWhSKQKzQaBQ8ABpDiXc4EPfMbjtSDuCQySbVob
isCsUu57aXzT5yh9xYQN4qFxmTPbyzMUrQl4G38N2oF4HkPs5Vgv4PuUFM96rONF
oAiIBZPwTRdTPC5Uu9Cmp7mVpCRED1bW1tuEJqf5W4MLuotaiJ5gqhqyLwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOxsEMUpQul4EaCKUxMGSoFZ1kvuMB8GA1UdIwQY
MBaAFLUYnZ6oLV+7ZtbBHxh2M0dgNODeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFJpZG5xZ3RYN3RtMXNFZkdIWXpSMkEwNE40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi81ZTYxZDgtZDFiZi00ZjJhLWEzMmUt
ZjVkNmI3NTJhZTM0LzEvN0d3UXhTbEM2WGdSb0lwVEV3WktnVm5XUy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi81ZTYxZDgtZDFiZi00ZjJhLWEzMmUtZjVkNmI3NTJhZTM0
LzEvdFJpZG5xZ3RYN3RtMXNFZkdIWXpSMkEwNE40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQALiTJMCME
AgACMB0wEgMHACoRXcAAAQMHASoRXcAACAMHACoRXcAAEDANBgkqhkiG9w0BAQsF
AAOCAQEANYquWMXJiLlj7vxkpryOVfWWNkUribOrIlya3Okq1t/iH3Nhrb79+bMa
9z46qkaybADD2zd1FuVeiOKVQJQOcVr23BIpJajlXn0PPoNVNEKVyIA62R4HeaGC
0CPu8bDSkAyiHBCZpTmA5fuMPIPWTbxnqdPBP7Ww53ncLBP1L0TnBRejTtq3Qp19
HE58hgSokxCHNeuEaCHx/h9QP0sgUeA36g2wH7r+3fj4neUGcoQzUomcFdnO9AIS
eUcWfWYVZCKtI8oayJGU/qxstAEBl8ygbQl34zEhQDfjQXdHkISlMPgDkhfEsgd9
naVpFsHINmxoMmdEx0WKWo7KHiuKOA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:45:03 2026 by rpki-client