Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tlEnrCtu3Ni5dgIJyJojmIP6Le0.roa
File: tlEnrCtu3Ni5dgIJyJojmIP6Le0.roa (raw, json)
Hash identifier: +PoLoNLPqvjDoQccw3UQCx4jNT1OykzgBIOEzUUbPf4=
Subject key identifier: B6:51:27:AC:2B:6E:DC:D8:B9:76:02:09:C8:9A:23:98:83:FA:2D:ED
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019D7231820D969656EC8070BDD592ECED15
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tlEnrCtu3Ni5dgIJyJojmIP6Le0.roa
Signing time: Thu 09 Apr 2026 12:22:20 +0000
ROA not before: Thu 09 Apr 2026 12:22:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 45.91.236.0/24 maxlen: 24
45.91.237.0/24 maxlen: 24
91.240.254.0/24 maxlen: 24
185.201.28.0/24 maxlen: 24
186.246.24.0/24 maxlen: 24
186.246.25.0/24 maxlen: 24
186.246.26.0/24 maxlen: 24
186.246.27.0/24 maxlen: 24
186.246.28.0/24 maxlen: 24
186.246.29.0/24 maxlen: 24
186.246.30.0/24 maxlen: 24
186.246.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:31:82:0d:96:96:56:ec:80:70:bd:d5:92:ec:ed:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 12:22:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b65127ac2b6edcd8b9760209c89a239883fa2ded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:1a:7c:8c:93:d7:c5:85:cc:9f:e7:24:ea:
57:da:6c:05:1c:c1:0c:17:8d:fa:81:64:09:ff:ef:
f6:d2:4d:79:32:06:a8:87:56:09:bc:8c:b6:44:31:
77:b1:87:c5:55:cc:1a:5d:d8:9f:f7:8d:be:07:a0:
d0:d6:17:1f:44:85:e6:6c:5e:2c:85:50:14:7d:f2:
3d:45:40:50:26:60:ee:9a:8a:3a:0f:ef:ed:39:da:
ac:74:71:54:4d:30:be:5e:95:2b:de:5d:e5:c0:44:
a4:97:9d:01:e2:e6:8a:67:a6:da:d3:50:c7:57:a0:
02:ed:d4:e0:2f:17:0f:e1:9b:2d:17:2e:cc:4c:20:
99:67:87:2f:c9:a0:09:ba:65:52:af:88:65:45:e9:
08:4e:14:9c:a6:9b:85:17:d9:88:b6:c5:27:28:6e:
8c:15:2f:a3:05:e5:de:fc:6b:a6:d9:39:bc:17:75:
66:6c:b0:6a:5b:39:98:6f:74:4b:48:30:8c:f5:52:
aa:83:d9:ae:c7:20:7c:23:7c:f9:f3:21:44:9d:f2:
34:bd:14:47:04:d1:75:00:d9:e1:f0:1c:59:bb:b6:
c5:e6:e3:3b:67:74:21:8e:12:86:83:09:5b:43:5b:
0c:23:00:e8:4b:e8:ad:b6:f4:09:2c:2a:53:81:0c:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:51:27:AC:2B:6E:DC:D8:B9:76:02:09:C8:9A:23:98:83:FA:2D:ED
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tlEnrCtu3Ni5dgIJyJojmIP6Le0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.236.0/23
91.240.254.0/24
185.201.28.0/24
186.246.24.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:3e:23:69:81:31:99:ba:5e:07:86:98:5f:47:33:8f:15:95:
07:d5:1a:79:2c:61:ec:d6:f0:7e:ba:09:a6:fd:40:76:f6:55:
18:aa:43:cb:b3:a6:8e:32:35:aa:82:da:a4:52:e0:00:fa:7f:
b4:40:7f:3f:5d:ff:6b:13:48:2e:c4:c8:fa:a8:fd:f2:f9:f6:
ba:5d:46:c2:5b:f0:c4:fa:41:da:93:2a:8b:1c:61:d4:cd:80:
9c:7b:9f:1b:21:cb:0c:c3:33:b4:4f:65:6c:c8:43:3e:b2:cf:
05:08:de:92:a7:99:ae:49:86:85:87:63:63:95:90:fe:4e:fd:
3a:d1:34:a3:2c:8a:23:7c:f4:d3:d2:17:8d:e0:6a:af:7b:bf:
9b:70:cb:ec:33:46:09:8c:e3:9a:6f:7a:28:64:1b:6c:c2:b6:
cc:5f:31:e5:93:c9:0e:1a:bb:66:e7:dc:c3:da:a6:ab:eb:32:
e5:7f:b8:5a:0b:94:f6:ca:e6:26:26:f3:fb:51:e9:90:86:bc:
4c:aa:44:21:29:e0:12:7b:c2:7e:64:84:86:80:7f:7f:8d:a8:
cc:c4:30:55:ae:87:2e:02:61:74:ca:b4:78:f0:83:56:cd:c4:
df:6d:82:d6:07:a2:89:49:f9:64:5f:ec:6b:f4:c7:f7:b3:b9:
ef:d1:3c:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1yMYINlpZW7IBwvdWS7O0VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDA5MTIyMjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjUxMjdhYzJiNmVkY2Q4Yjk3NjAyMDljODlhMjM5ODgzZmEyZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4oafIyT18WFzJ/nJOpX2mwFHMEM
F436gWQJ/+/20k15Mgaoh1YJvIy2RDF3sYfFVcwaXdif942+B6DQ1hcfRIXmbF4s
hVAUffI9RUBQJmDumoo6D+/tOdqsdHFUTTC+XpUr3l3lwESkl50B4uaKZ6ba01DH
V6AC7dTgLxcP4ZstFy7MTCCZZ4cvyaAJumVSr4hlRekIThScppuFF9mItsUnKG6M
FS+jBeXe/Gum2Tm8F3VmbLBqWzmYb3RLSDCM9VKqg9muxyB8I3z58yFEnfI0vRRH
BNF1ANnh8BxZu7bF5uM7Z3QhjhKGgwlbQ1sMIwDoS+ittvQJLCpTgQwb2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLZRJ6wrbtzYuXYCCciaI5iD+i3tMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdGxFbnJDdHUzTmk1ZGdJSnlKb2ptSVA2TGUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVvsAwQA
W/D+AwQAuckcAwQDuvYYMA0GCSqGSIb3DQEBCwUAA4IBAQAuPiNpgTGZul4Hhphf
RzOPFZUH1Rp5LGHs1vB+ugmm/UB29lUYqkPLs6aOMjWqgtqkUuAA+n+0QH8/Xf9r
E0guxMj6qP3y+fa6XUbCW/DE+kHakyqLHGHUzYCce58bIcsMwzO0T2VsyEM+ss8F
CN6Sp5muSYaFh2NjlZD+Tv060TSjLIojfPTT0heN4Gqve7+bcMvsM0YJjOOab3oo
ZBtswrbMXzHlk8kOGrtm59zD2qar6zLlf7haC5T2yuYmJvP7UemQhrxMqkQhKeAS
e8J+ZISGgH9/jajMxDBVrocuAmF0yrR48INWzcTfbYLWB6KJSflkX+xr9Mf3s7nv
0TzL
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:50:11 2026 by rpki-client