Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/2bTJ_cU3SQ-gJfl0bH0gkLStvrY.roa
File: 2bTJ_cU3SQ-gJfl0bH0gkLStvrY.roa (raw, json)
Hash identifier: /WqWxkY//9oNjVYpzmeb2SjQVPFdK4RO0mizarAVGZE=
Subject key identifier: D9:B4:C9:FD:C5:37:49:0F:A0:25:F9:74:6C:7D:20:90:B4:AD:BE:B6
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 019D8AA14E54125294115B9F78DA12A0A9C0
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/2bTJ_cU3SQ-gJfl0bH0gkLStvrY.roa
Signing time: Tue 14 Apr 2026 06:15:20 +0000
ROA not before: Tue 14 Apr 2026 06:15:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48539
IP address blocks: 45.85.120.0/24 maxlen: 24
109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
194.147.218.0/24 maxlen: 24
213.239.152.0/24 maxlen: 24
213.239.153.0/24 maxlen: 24
217.180.23.0/24 maxlen: 24
2a11:6a00::/48 maxlen: 48
2a12:2780::/48 maxlen: 48
2a12:8200::/48 maxlen: 48
2a12:ab00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8a:a1:4e:54:12:52:94:11:5b:9f:78:da:12:a0:a9:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Apr 14 06:15:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9b4c9fdc537490fa025f9746c7d2090b4adbeb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f8:1b:79:40:c8:7e:a0:24:7d:56:25:24:f9:
b5:9b:49:d8:7c:ff:d9:8c:7e:24:66:76:bf:42:75:
a4:1b:05:7b:82:f2:8a:b1:af:30:6a:98:28:87:ac:
51:b8:79:f6:5e:70:bb:9a:61:d1:e1:a0:0b:41:eb:
a7:bd:88:8d:5f:f9:c1:e3:48:ad:ff:01:ba:7c:b1:
59:ba:f6:57:84:f6:4a:d9:59:32:81:ee:b6:11:d4:
36:a3:34:70:74:c9:22:af:e5:bc:28:1e:b0:63:e1:
e3:34:7c:e9:f7:61:3f:b6:f6:c5:8e:93:55:5f:8b:
73:26:5b:43:a3:2b:28:85:19:e8:c1:bc:2b:5c:7d:
2d:18:33:28:e5:43:e4:67:d0:0d:dc:a5:a9:5e:1d:
0c:62:c0:11:18:07:42:2b:c8:d2:7d:dc:ad:8a:8a:
8f:6c:4d:23:df:33:b3:e4:de:f5:b2:1e:6d:5b:13:
e3:78:36:7a:82:c0:46:3a:1d:ac:6b:df:b1:cb:d8:
69:02:45:61:7d:59:c0:f4:c0:84:2b:04:5d:53:91:
c6:c1:86:83:ea:23:4f:9b:25:26:83:af:ce:4a:7f:
35:10:11:eb:d5:27:5b:9e:ab:bf:6f:56:48:ff:6b:
f8:c7:59:b6:48:2e:73:c0:d7:2a:47:23:58:51:a3:
9c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:B4:C9:FD:C5:37:49:0F:A0:25:F9:74:6C:7D:20:90:B4:AD:BE:B6
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/2bTJ_cU3SQ-gJfl0bH0gkLStvrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.120.0/24
109.205.189.0/24
146.19.131.0/24
178.212.137.0/24
194.63.144.0/24
194.147.218.0/24
213.239.152.0/23
217.180.23.0/24
IPv6:
2a11:6a00::/48
2a12:2780::/48
2a12:8200::/48
2a12:ab00::/48
Signature Algorithm: sha256WithRSAEncryption
19:ee:fb:75:ea:b8:12:62:3d:f6:ee:ea:7a:82:8b:20:21:3d:
91:1f:f9:4b:1b:e0:70:f6:be:1f:2c:cd:57:a0:7d:f6:6f:b7:
5a:74:2e:df:6a:9b:a7:63:86:f5:01:e8:ec:65:9e:61:d4:14:
fc:88:81:7f:f7:2b:05:91:eb:d5:de:38:13:f8:e9:6e:ee:c2:
96:62:b4:03:50:db:c5:85:cd:cb:a2:bf:b3:ed:fc:6e:7d:c9:
ca:82:1e:c4:48:27:6b:ed:da:e1:64:4b:65:a0:9a:e0:b8:25:
09:b3:74:6f:7a:8c:9f:cc:9a:f3:18:bb:f4:9d:7e:87:d5:9e:
bd:bc:98:b3:ae:ee:73:62:63:4a:ae:e0:b2:ec:02:91:fc:36:
0a:9c:bc:bf:b8:b6:27:f1:e5:69:e6:7c:34:6a:5c:52:65:85:
44:9d:05:97:49:ed:c2:a5:43:1d:22:eb:74:26:b7:e4:50:86:
bd:e8:a8:fe:11:f5:f2:ff:5a:93:55:85:8a:46:ba:54:25:26:
9b:27:82:50:92:07:e6:12:0a:21:c9:23:a6:63:df:23:5f:90:
f8:2c:02:78:65:d7:29:ba:48:fb:3f:91:31:11:d5:b0:dd:f7:
70:e2:98:33:1f:b2:b9:b1:6e:1f:19:16:02:ad:ac:ba:05:bf:
5e:4f:f2:56
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ2KoU5UElKUEVufeNoSoKnAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjYwNDE0MDYxNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWI0YzlmZGM1Mzc0OTBmYTAyNWY5NzQ2YzdkMjA5MGI0YWRiZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vgbeUDIfqAkfVYlJPm1m0nYfP/Z
jH4kZna/QnWkGwV7gvKKsa8wapgoh6xRuHn2XnC7mmHR4aALQeunvYiNX/nB40it
/wG6fLFZuvZXhPZK2Vkyge62EdQ2ozRwdMkir+W8KB6wY+HjNHzp92E/tvbFjpNV
X4tzJltDoysohRnowbwrXH0tGDMo5UPkZ9AN3KWpXh0MYsARGAdCK8jSfdytioqP
bE0j3zOz5N71sh5tWxPjeDZ6gsBGOh2sa9+xy9hpAkVhfVnA9MCEKwRdU5HGwYaD
6iNPmyUmg6/OSn81EBHr1Sdbnqu/b1ZI/2v4x1m2SC5zwNcqRyNYUaOc2wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNm0yf3FN0kPoCX5dGx9IJC0rb62MB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvMmJUSl9jVTNTUS1nSmZsMGJIMGdrTFN0dnJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDA2BAIAATAwAwQALVV4AwQA
bc29AwQAkhODAwQAstSJAwQAwj+QAwQAwpPaAwQB1e+YAwQA2bQXMCoEAgACMCQD
BwAqEWoAAAADBwAqEieAAAADBwAqEoIAAAADBwAqEqsAAAAwDQYJKoZIhvcNAQEL
BQADggEBABnu+3XquBJiPfbu6nqCiyAhPZEf+Usb4HD2vh8szVegffZvt1p0Lt9q
m6djhvUB6OxlnmHUFPyIgX/3KwWR69XeOBP46W7uwpZitANQ28WFzcuiv7Pt/G59
ycqCHsRIJ2vt2uFkS2WgmuC4JQmzdG96jJ/MmvMYu/SdfofVnr28mLOu7nNiY0qu
4LLsApH8NgqcvL+4tifx5WnmfDRqXFJlhUSdBZdJ7cKlQx0i63Qmt+RQhr3oqP4R
9fL/WpNVhYpGulQlJpsnglCSB+YSCiHJI6Zj3yNfkPgsAnhl1ym6SPs/kTER1bDd
93DimDMfsrmxbh8ZFgKtrLoFv15P8lY=
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:57:37 2026 by rpki-client