Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/nwbVynNqjo8MsezNPiCW7UL8jSs.roa
File: nwbVynNqjo8MsezNPiCW7UL8jSs.roa (raw, json)
Hash identifier: 2dBu4C4Y3rnZx1/VOM5U+lem7rOxftHDAHTNSDEB+sw=
Subject key identifier: 9F:06:D5:CA:73:6A:8E:8F:0C:B1:EC:CD:3E:20:96:ED:42:FC:8D:2B
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019C89FB823ADE6DFE1326693FE595DB3F43
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/nwbVynNqjo8MsezNPiCW7UL8jSs.roa
Signing time: Mon 23 Feb 2026 10:11:27 +0000
ROA not before: Mon 23 Feb 2026 10:11:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 52468
IP address blocks: 31.15.0.0/24 maxlen: 24
45.10.107.0/24 maxlen: 24
45.130.160.0/24 maxlen: 24
45.130.161.0/24 maxlen: 24
45.150.85.0/24 maxlen: 24
45.150.86.0/24 maxlen: 24
45.150.87.0/24 maxlen: 24
46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
194.32.112.0/24 maxlen: 24
201.77.48.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:89:fb:82:3a:de:6d:fe:13:26:69:3f:e5:95:db:3f:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 23 10:11:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f06d5ca736a8e8f0cb1eccd3e2096ed42fc8d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b5:43:e7:d3:2d:cf:3b:0d:6d:a8:d9:60:a9:
1d:ad:0e:67:e3:34:9a:ad:db:86:ce:c4:b4:34:95:
fd:4f:71:7a:93:9d:2c:dd:2a:fc:8c:fd:ba:84:87:
33:34:26:46:98:84:96:71:55:7a:2e:cb:0e:b8:b2:
d8:dd:b9:1e:70:d5:25:10:9b:4f:16:ac:e1:e3:f7:
76:be:f4:b9:34:30:6f:1d:e7:9b:72:1f:90:a9:09:
8a:ea:c4:85:52:3b:01:53:44:b5:43:7f:3a:83:0a:
b2:13:46:e0:ab:49:ed:2e:64:80:7c:47:9b:44:44:
87:6f:13:3c:bc:d5:1b:80:50:be:b0:23:80:91:de:
43:16:69:2c:1e:c5:3d:d0:76:47:f8:1c:d7:21:62:
82:db:eb:4a:2a:c5:63:b0:81:ff:ea:6f:19:e5:92:
b3:71:db:97:da:99:87:b3:4e:72:19:3c:f4:69:20:
20:ce:93:70:08:bb:20:4c:5d:95:dd:ff:c4:43:c2:
b3:ff:44:b2:94:80:47:38:e9:23:02:b5:e6:62:82:
73:e1:0c:63:70:a3:c2:f9:9f:91:55:0f:4b:7b:27:
41:f8:7e:2a:d8:bb:59:ed:7a:f2:11:a8:d1:69:59:
d0:63:ba:c0:73:d3:01:d6:2d:b0:f3:9a:62:d2:b7:
84:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:06:D5:CA:73:6A:8E:8F:0C:B1:EC:CD:3E:20:96:ED:42:FC:8D:2B
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/nwbVynNqjo8MsezNPiCW7UL8jSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.0.0/24
45.10.107.0/24
45.130.160.0/23
45.150.85.0-45.150.87.255
46.29.28.0/24
94.125.137.0/24
194.32.112.0/24
201.77.48.0/24
201.77.53.0/24
201.77.55.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
13:5f:b3:63:44:4d:57:36:c4:21:3c:65:b5:6c:01:87:7a:1d:
5b:e7:60:c1:ab:aa:16:23:b9:be:5d:c5:66:a4:2c:f9:f6:22:
56:b8:5c:41:fa:e2:48:a0:4f:01:9a:fe:1c:ff:6a:4e:36:49:
ce:01:55:a0:e9:a9:be:39:f4:4c:a2:10:db:f1:88:96:8e:ab:
4b:ab:c5:5a:04:f6:79:4b:d9:9c:56:9c:be:0a:7c:b9:4f:81:
59:81:eb:22:65:3b:f9:9d:9c:9f:e9:30:ae:0e:a2:2a:5c:c8:
35:5f:e1:a0:b4:85:32:b7:64:b3:30:2e:ca:0f:7f:2c:0c:07:
0b:a9:cc:68:b1:c5:44:66:9b:43:0f:b7:ab:6f:6d:62:af:ae:
7d:45:d3:30:2d:b6:f5:b2:fb:7a:61:34:36:96:ab:a5:b5:2c:
b1:24:ab:b2:cf:35:dc:57:f3:53:b4:82:73:69:b2:17:62:ff:
c3:04:c3:0e:57:3a:33:18:59:c7:5f:bf:0c:71:cd:9a:99:e2:
0c:5b:d1:8b:2e:c1:4d:d5:f9:84:99:46:8a:5d:e9:66:c9:1e:
f7:ae:26:19:28:47:11:23:f9:84:9c:75:fd:6c:cb:76:03:01:
be:df:82:01:08:22:16:1e:48:b7:d5:c9:25:fb:e3:86:1e:11:
40:b6:62:f7
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZyJ+4I63m3+EyZpP+WV2z9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMjIzMTAxMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA2ZDVjYTczNmE4ZThmMGNiMWVjY2QzZTIwOTZlZDQyZmM4ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7VD59MtzzsNbajZYKkdrQ5n4zSa
rduGzsS0NJX9T3F6k50s3Sr8jP26hIczNCZGmISWcVV6LssOuLLY3bkecNUlEJtP
Fqzh4/d2vvS5NDBvHeebch+QqQmK6sSFUjsBU0S1Q386gwqyE0bgq0ntLmSAfEeb
RESHbxM8vNUbgFC+sCOAkd5DFmksHsU90HZH+BzXIWKC2+tKKsVjsIH/6m8Z5ZKz
cduX2pmHs05yGTz0aSAgzpNwCLsgTF2V3f/EQ8Kz/0SylIBHOOkjArXmYoJz4Qxj
cKPC+Z+RVQ9LeydB+H4q2LtZ7XryEajRaVnQY7rAc9MB1i2w85pi0reEUwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJ8G1cpzao6PDLHszT4glu1C/I0rMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbndiVnluTnFqbzhNc2V6TlBpQ1c3VUw4alNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAHw8AAwQA
LQprAwQBLYKgMAwDBAAtllUDBAMtllADBAAuHRwDBABefYkDBADCIHADBADJTTAD
BADJTTUDBADJTTcDBADZTPAwDQYJKoZIhvcNAQELBQADggEBABNfs2NETVc2xCE8
ZbVsAYd6HVvnYMGrqhYjub5dxWakLPn2Ila4XEH64kigTwGa/hz/ak42Sc4BVaDp
qb459EyiENvxiJaOq0urxVoE9nlL2ZxWnL4KfLlPgVmB6yJlO/mdnJ/pMK4Ooipc
yDVf4aC0hTK3ZLMwLsoPfywMBwupzGixxURmm0MPt6tvbWKvrn1F0zAttvWy+3ph
NDaWq6W1LLEkq7LPNdxX81O0gnNpshdi/8MEww5XOjMYWcdfvwxxzZqZ4gxb0Ysu
wU3V+YSZRopd6WbJHveuJhkoRxEj+YScdf1sy3YDAb7fggEIIhYeSLfVySX744Ye
EUC2Yvc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:57:47 2026 by rpki-client