Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/c0DX6GY3TX9xmWCZpKdJEnw99zA.roa
File: c0DX6GY3TX9xmWCZpKdJEnw99zA.roa (raw, json)
Hash identifier: +8IkCXO7va3zumQ/zB3m5nLEyKPvgB/ye9epdlLzV9o=
Subject key identifier: 73:40:D7:E8:66:37:4D:7F:71:99:60:99:A4:A7:49:12:7C:3D:F7:30
Certificate issuer: /CN=c44db8b0983acf97a3255152c2ea592adae7735b
Certificate serial: 019BFF8F41B532B20A4C8A9FB3BA86464AE2
Authority key identifier: C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/c0DX6GY3TX9xmWCZpKdJEnw99zA.roa
Signing time: Tue 27 Jan 2026 13:05:37 +0000
ROA not before: Tue 27 Jan 2026 13:05:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 45.78.90.0/23 maxlen: 24
45.78.92.0/22 maxlen: 24
62.3.6.0/24 maxlen: 24
81.85.176.0/20 maxlen: 24
85.136.104.0/21 maxlen: 24
85.136.136.0/21 maxlen: 24
85.136.152.0/21 maxlen: 24
85.136.168.0/21 maxlen: 24
85.136.184.0/21 maxlen: 24
85.136.200.0/21 maxlen: 24
91.216.138.0/24 maxlen: 24
91.229.228.0/24 maxlen: 24
93.180.208.0/22 maxlen: 24
94.139.40.0/21 maxlen: 32
119.13.224.0/20 maxlen: 20
134.199.64.0/19 maxlen: 32
136.227.160.0/19 maxlen: 32
146.19.100.0/24 maxlen: 24
193.37.136.0/24 maxlen: 24
193.105.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.mft
rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:ff:8f:41:b5:32:b2:0a:4c:8a:9f:b3:ba:86:46:4a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c44db8b0983acf97a3255152c2ea592adae7735b
Validity
Not Before: Jan 27 13:05:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7340d7e866374d7f71996099a4a749127c3df730
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:63:f8:8a:f4:78:b0:80:73:11:19:b8:40:
9c:10:63:1d:5c:62:61:6e:32:93:9b:70:71:24:5e:
b4:21:22:ff:e9:55:36:99:fa:2f:ba:c6:aa:9b:b8:
f5:49:67:04:2a:1c:8c:87:68:f0:a3:52:b0:99:6c:
e7:dd:2e:8f:ed:a9:27:86:9c:ac:64:80:4f:1b:4b:
ac:76:1f:77:60:b3:38:83:e1:c5:77:af:7a:cb:e7:
b7:1a:97:67:7a:53:b8:ae:8b:62:78:c1:b4:41:67:
4a:42:7a:2f:e2:c1:ac:8b:a0:a3:16:04:98:f3:c8:
94:2a:11:e3:c1:c6:38:c0:6a:31:47:fb:7d:b8:20:
4e:c2:39:58:b3:ce:ca:45:11:67:2f:e5:3e:11:bd:
43:bd:59:48:70:e5:f2:53:c3:e8:eb:4b:63:a4:28:
34:25:d2:77:c0:c6:62:ea:8c:aa:0b:22:2c:66:4b:
78:e8:11:f5:a9:b5:89:52:41:4c:04:d3:d9:97:4f:
86:ac:af:9f:9e:03:2e:89:cc:87:8b:11:90:be:37:
ca:e3:ac:4c:ae:29:19:df:08:1f:15:3e:27:01:ed:
2d:a8:bc:2c:ce:22:f5:91:5e:90:52:ee:b6:9e:26:
ca:39:94:e0:5f:43:38:2c:b3:f4:ee:5c:8b:81:8a:
42:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:40:D7:E8:66:37:4D:7F:71:99:60:99:A4:A7:49:12:7C:3D:F7:30
X509v3 Authority Key Identifier:
keyid:C4:4D:B8:B0:98:3A:CF:97:A3:25:51:52:C2:EA:59:2A:DA:E7:73:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xE24sJg6z5ejJVFSwupZKtrnc1s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/c0DX6GY3TX9xmWCZpKdJEnw99zA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/437897-af58-4959-8e76-eedd94ec128c/1/xE24sJg6z5ejJVFSwupZKtrnc1s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.78.90.0-45.78.95.255
62.3.6.0/24
81.85.176.0/20
85.136.104.0/21
85.136.136.0/21
85.136.152.0/21
85.136.168.0/21
85.136.184.0/21
85.136.200.0/21
91.216.138.0/24
91.229.228.0/24
93.180.208.0/22
94.139.40.0/21
119.13.224.0/20
134.199.64.0/19
136.227.160.0/19
146.19.100.0/24
193.37.136.0/24
193.105.176.0/24
Signature Algorithm: sha256WithRSAEncryption
35:ab:7d:31:ca:0b:9b:66:d0:04:24:f6:14:54:9c:ff:9e:cb:
87:77:fc:d1:ac:59:6d:82:36:cf:17:7d:fe:26:dc:3c:6f:52:
98:12:28:a2:4e:ee:5c:17:e7:8d:0a:c0:63:c9:a5:05:8d:16:
e6:9f:53:38:59:36:47:79:13:74:6a:c0:d5:88:00:ab:8c:7d:
03:0d:c7:5c:52:ab:29:c4:50:c6:d0:52:b4:39:c8:e4:33:30:
5a:a7:08:b5:ea:1a:c7:82:8f:88:0a:2f:cb:f3:46:69:36:a4:
72:d7:3b:01:a1:72:29:92:06:d3:35:b5:ee:14:e5:a6:6c:97:
9a:8f:ae:2f:a4:d5:28:ef:3b:7d:48:d3:4e:7f:1d:8d:2b:2e:
e1:df:a0:30:95:2d:db:ba:9e:f2:80:b5:d7:fc:d5:d7:84:2b:
66:5d:7e:1b:49:d1:9c:8d:f7:22:c4:a2:36:3f:9f:4e:49:f4:
0a:20:6e:07:f3:08:19:d1:20:67:d0:27:4e:15:70:83:7b:3c:
cd:53:a4:16:ff:e5:fa:38:22:e0:51:32:f1:4a:91:88:65:da:
f7:c9:87:6a:fd:7c:40:f8:b3:d0:43:6e:c4:a6:9b:a3:d3:3c:
cb:4c:30:a5:bd:fd:b9:d4:0b:c4:86:8c:48:15:c3:97:59:93:
03:28:be:9f
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZv/j0G1MrIKTIqfs7qGRkriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NGRiOGIwOTgzYWNmOTdhMzI1NTE1MmMyZWE1OTJhZGFl
NzczNWIwHhcNMjYwMTI3MTMwNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzQwZDdlODY2Mzc0ZDdmNzE5OTYwOTlhNGE3NDkxMjdjM2RmNzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXVj+Ir0eLCAcxEZuECcEGMdXGJh
bjKTm3BxJF60ISL/6VU2mfovusaqm7j1SWcEKhyMh2jwo1KwmWzn3S6P7aknhpys
ZIBPG0usdh93YLM4g+HFd696y+e3GpdnelO4rotieMG0QWdKQnov4sGsi6CjFgSY
88iUKhHjwcY4wGoxR/t9uCBOwjlYs87KRRFnL+U+Eb1DvVlIcOXyU8Po60tjpCg0
JdJ3wMZi6oyqCyIsZkt46BH1qbWJUkFMBNPZl0+GrK+fngMuicyHixGQvjfK46xM
rikZ3wgfFT4nAe0tqLwsziL1kV6QUu62nibKOZTgX0M4LLP07lyLgYpC2QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFHNA1+hmN01/cZlgmaSnSRJ8PfcwMB8GA1UdIwQY
MBaAFMRNuLCYOs+XoyVRUsLqWSra53NbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYt
ZWVkZDk0ZWMxMjhjLzEvYzBEWDZHWTNUWDl4bVdDWnBLZEpFbnc5OXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC80Mzc4OTctYWY1OC00OTU5LThlNzYtZWVkZDk0ZWMxMjhj
LzEveEUyNHNKZzZ6NWVqSlZGU3d1cFpLdHJuYzFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwejAMAwQB
LU5aAwQFLU5AAwQAPgMGAwQEUVWwAwQDVYhoAwQDVYiIAwQDVYiYAwQDVYioAwQD
VYi4AwQDVYjIAwQAW9iKAwQAW+XkAwQCXbTQAwQDXosoAwQEdw3gAwQFhsdAAwQF
iOOgAwQAkhNkAwQAwSWIAwQAwWmwMA0GCSqGSIb3DQEBCwUAA4IBAQA1q30xygub
ZtAEJPYUVJz/nsuHd/zRrFltgjbPF33+Jtw8b1KYEiiiTu5cF+eNCsBjyaUFjRbm
n1M4WTZHeRN0asDViACrjH0DDcdcUqspxFDG0FK0OcjkMzBapwi16hrHgo+ICi/L
80ZpNqRy1zsBoXIpkgbTNbXuFOWmbJeaj64vpNUo7zt9SNNOfx2NKy7h36AwlS3b
up7ygLXX/NXXhCtmXX4bSdGcjfcixKI2P59OSfQKIG4H8wgZ0SBn0CdOFXCDezzN
U6QW/+X6OCLgUTLxSpGIZdr3yYdq/XxA+LPQQ27Eppuj0zzLTDClvf251AvEhoxI
FcOXWZMDKL6f
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:51:16 2026 by rpki-client