Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/piDYFp-IZaw4zjB2Z6mt3p3G-2U.roa
File: piDYFp-IZaw4zjB2Z6mt3p3G-2U.roa (raw, json)
Hash identifier: 0ZVqMSH9mYCob03u54meCvW12kCgmZ/vJwF5LhiRqCo=
Subject key identifier: A6:20:D8:16:9F:88:65:AC:38:CE:30:76:67:A9:AD:DE:9D:C6:FB:65
Certificate issuer: /CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Certificate serial: 019EB199DE12B81C9953493A5D66980D0053
Authority key identifier: BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/piDYFp-IZaw4zjB2Z6mt3p3G-2U.roa
Signing time: Wed 10 Jun 2026 12:55:11 +0000
ROA not before: Wed 10 Jun 2026 12:55:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48539
IP address blocks: 45.85.120.0/24 maxlen: 24
45.85.122.0/24 maxlen: 24
45.85.123.0/24 maxlen: 24
109.205.189.0/24 maxlen: 24
146.19.131.0/24 maxlen: 24
178.17.247.0/24 maxlen: 24
178.212.137.0/24 maxlen: 24
193.246.161.0/24 maxlen: 24
194.63.144.0/24 maxlen: 24
194.147.218.0/24 maxlen: 24
194.238.77.0/24 maxlen: 24
213.239.152.0/24 maxlen: 24
213.239.153.0/24 maxlen: 24
217.180.23.0/24 maxlen: 24
2a11:6a00::/48 maxlen: 48
2a12:2780::/48 maxlen: 48
2a12:8200::/48 maxlen: 48
2a12:ab00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.mft
rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:99:de:12:b8:1c:99:53:49:3a:5d:66:98:0d:00:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcccc8f4b37d89228cd023d2521d29968de0b925
Validity
Not Before: Jun 10 12:55:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a620d8169f8865ac38ce307667a9adde9dc6fb65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:91:a7:92:fb:73:7d:bd:90:93:27:c1:af:6f:
8f:3e:4f:19:11:cf:c4:bd:1a:05:91:a8:af:b5:da:
e2:1f:53:cd:43:93:11:28:99:c9:15:0e:d1:70:f9:
5e:8b:84:17:c9:44:2e:02:22:a5:2e:19:79:42:6f:
40:4d:7c:cd:a7:f7:cd:17:40:6f:d0:ed:53:74:04:
cf:d5:2a:7c:cc:cf:56:8e:b7:e6:26:13:ef:df:89:
96:be:34:dc:a8:05:84:ce:fa:c6:27:0d:49:c2:e7:
cd:c3:83:61:25:72:90:e6:97:23:dc:70:bb:c4:72:
94:74:a5:48:16:26:ce:f3:39:29:44:aa:b4:c7:74:
38:47:38:7f:96:d1:46:71:5a:11:a8:91:03:42:c1:
55:2e:be:ab:f8:66:54:6e:e3:d9:3d:03:33:e6:03:
fe:8d:4b:82:ef:ac:f5:85:2f:74:9d:be:e6:de:80:
d6:c5:33:a3:e2:c3:dd:2b:bf:41:6c:ac:03:98:7c:
fe:12:af:3d:1d:a6:17:29:1a:cc:7f:67:ef:dd:ec:
8b:32:6e:c9:04:28:44:53:40:c7:e4:4d:18:5e:d1:
0c:f0:53:f8:70:d2:e5:d3:17:46:2f:f4:ad:77:bc:
5d:8b:05:43:ef:4e:b8:14:77:d9:5f:46:18:1d:cc:
ef:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:20:D8:16:9F:88:65:AC:38:CE:30:76:67:A9:AD:DE:9D:C6:FB:65
X509v3 Authority Key Identifier:
keyid:BC:CC:C8:F4:B3:7D:89:22:8C:D0:23:D2:52:1D:29:96:8D:E0:B9:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vMzI9LN9iSKM0CPSUh0plo3guSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/piDYFp-IZaw4zjB2Z6mt3p3G-2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/818f2c-ce7a-4b61-aa0f-0215c4eaa7c3/1/vMzI9LN9iSKM0CPSUh0plo3guSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.120.0/24
45.85.122.0/23
109.205.189.0/24
146.19.131.0/24
178.17.247.0/24
178.212.137.0/24
193.246.161.0/24
194.63.144.0/24
194.147.218.0/24
194.238.77.0/24
213.239.152.0/23
217.180.23.0/24
IPv6:
2a11:6a00::/48
2a12:2780::/48
2a12:8200::/48
2a12:ab00::/48
Signature Algorithm: sha256WithRSAEncryption
a7:3b:dc:9b:69:66:67:e8:71:15:cd:7b:9c:a7:5c:aa:e8:6e:
18:01:54:5a:65:76:21:5d:91:d4:25:ae:5b:df:89:03:5e:9f:
65:92:2d:64:cf:05:f8:e6:12:93:8f:fd:64:01:e9:f7:d9:36:
ff:69:a1:91:f0:6a:7d:fe:74:1d:57:cd:15:1a:d4:b4:e1:c8:
2e:a5:73:9d:93:71:f6:3d:cd:96:0b:13:3b:ac:23:c1:f2:78:
b4:fd:51:fd:3a:a2:ff:a1:6e:54:e3:b5:13:15:06:b7:a2:27:
ce:b0:92:17:a0:8f:67:3d:75:2d:e2:c4:5a:51:55:46:89:52:
2e:36:3a:ea:ea:ba:9a:27:7c:0b:17:26:48:63:5f:0f:2d:d4:
f2:e1:e1:05:cc:1d:48:5f:ba:c8:0f:f1:5c:60:77:21:9d:3d:
d8:d7:58:6a:ce:dd:5c:65:a7:3f:5d:74:c8:e2:a3:d7:b4:59:
84:7d:a3:d0:69:61:ea:a1:7f:8d:99:53:28:56:5c:74:e4:9f:
08:df:da:17:fb:ce:fc:f5:8f:3e:10:43:35:3d:35:0a:f4:ac:
32:2a:42:9c:83:c2:14:3a:da:0e:5f:0f:e5:f2:a7:3d:f3:ee:
13:fd:de:ab:6e:2c:5e:1b:f9:62:0c:ff:bc:35:a4:9d:40:42:
24:dc:10:86
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ6xmd4SuByZU0k6XWaYDQBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2NjOGY0YjM3ZDg5MjI4Y2QwMjNkMjUyMWQyOTk2OGRl
MGI5MjUwHhcNMjYwNjEwMTI1NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjIwZDgxNjlmODg2NWFjMzhjZTMwNzY2N2E5YWRkZTlkYzZmYjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZGnkvtzfb2QkyfBr2+PPk8ZEc/E
vRoFkaivtdriH1PNQ5MRKJnJFQ7RcPlei4QXyUQuAiKlLhl5Qm9ATXzNp/fNF0Bv
0O1TdATP1Sp8zM9WjrfmJhPv34mWvjTcqAWEzvrGJw1JwufNw4NhJXKQ5pcj3HC7
xHKUdKVIFibO8zkpRKq0x3Q4Rzh/ltFGcVoRqJEDQsFVLr6r+GZUbuPZPQMz5gP+
jUuC76z1hS90nb7m3oDWxTOj4sPdK79BbKwDmHz+Eq89HaYXKRrMf2fv3eyLMm7J
BChEU0DH5E0YXtEM8FP4cNLl0xdGL/Std7xdiwVD7064FHfZX0YYHczvMwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFKYg2BafiGWsOM4wdmeprd6dxvtlMB8GA1UdIwQY
MBaAFLzMyPSzfYkijNAj0lIdKZaN4LklMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYt
MDIxNWM0ZWFhN2MzLzEvcGlEWUZwLUlaYXc0empCMlo2bXQzcDNHLTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi84MThmMmMtY2U3YS00YjYxLWFhMGYtMDIxNWM0ZWFhN2Mz
LzEvdk16STlMTjlpU0tNMENQU1VoMHBsbzNndVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwTgQCAAEwSAMEAC1VeAME
AS1VegMEAG3NvQMEAJITgwMEALIR9wMEALLUiQMEAMH2oQMEAMI/kAMEAMKT2gME
AMLuTQMEAdXvmAMEANm0FzAqBAIAAjAkAwcAKhFqAAAAAwcAKhIngAAAAwcAKhKC
AAAAAwcAKhKrAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCnO9ybaWZn6HEVzXucp1yq
6G4YAVRaZXYhXZHUJa5b34kDXp9lki1kzwX45hKTj/1kAen32Tb/aaGR8Gp9/nQd
V80VGtS04cgupXOdk3H2Pc2WCxM7rCPB8ni0/VH9OqL/oW5U47UTFQa3oifOsJIX
oI9nPXUt4sRaUVVGiVIuNjrq6rqaJ3wLFyZIY18PLdTy4eEFzB1IX7rID/FcYHch
nT3Y11hqzt1cZac/XXTI4qPXtFmEfaPQaWHqoX+NmVMoVlx05J8I39oX+8789Y8+
EEM1PTUK9KwyKkKcg8IUOtoOXw/l8qc98+4T/d6rbixeG/liDP+8NaSdQEIk3BCG
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:27:23 2026 by rpki-client