Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/O04MUFDmO5qq7bmpK_rQWFQxh8k.roa
File: O04MUFDmO5qq7bmpK_rQWFQxh8k.roa (raw, json)
Hash identifier: Uc2uBg9hGaGI5Aen/J3CqWLoDqDvImijmG4PCPG2uHc=
Subject key identifier: 3B:4E:0C:50:50:E6:3B:9A:AA:ED:B9:A9:2B:FA:D0:58:54:31:87:C9
Certificate issuer: /CN=46d94477c8b54d12ec8b3f7b6d9ae78e510b23d8
Certificate serial: 019D92546FE27C11F1E169C94F14E1DE38C1
Authority key identifier: 46:D9:44:77:C8:B5:4D:12:EC:8B:3F:7B:6D:9A:E7:8E:51:0B:23:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RtlEd8i1TRLsiz97bZrnjlELI9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/O04MUFDmO5qq7bmpK_rQWFQxh8k.roa
Signing time: Wed 15 Apr 2026 18:08:20 +0000
ROA not before: Wed 15 Apr 2026 18:08:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 185.205.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/RtlEd8i1TRLsiz97bZrnjlELI9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/RtlEd8i1TRLsiz97bZrnjlELI9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/RtlEd8i1TRLsiz97bZrnjlELI9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:92:54:6f:e2:7c:11:f1:e1:69:c9:4f:14:e1:de:38:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46d94477c8b54d12ec8b3f7b6d9ae78e510b23d8
Validity
Not Before: Apr 15 18:08:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3b4e0c5050e63b9aaaedb9a92bfad058543187c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f5:ee:01:c3:36:24:f1:f9:05:4a:b1:54:eb:
95:cb:c9:ba:fe:78:4b:ca:9e:af:5d:86:ea:21:0a:
19:51:06:c5:b6:2f:13:6e:1f:56:26:27:3f:8d:f1:
4c:84:bb:a9:d1:71:b5:4c:e2:e0:3a:4c:35:44:b1:
77:16:c2:45:82:09:71:60:ae:23:9a:fe:4d:e9:50:
49:61:ae:6f:be:0f:03:c3:a2:25:7b:dc:59:97:e5:
75:80:e3:36:cc:5b:4e:53:cc:cb:48:52:c0:ee:a2:
25:48:89:d2:aa:5a:0b:e5:e1:1f:ac:08:8b:33:b1:
9c:98:4f:53:40:b6:99:62:7d:9e:1b:bf:60:c0:13:
be:78:19:37:22:d5:8a:0e:d3:4a:08:a1:f3:c6:fa:
3e:11:25:55:c3:f8:fb:4a:1c:2c:a8:48:89:07:f8:
a6:9e:fc:4e:04:95:2f:ed:07:1c:5a:b0:c2:ad:af:
dd:84:db:7d:aa:d4:8b:f2:19:f8:0d:d3:6e:96:70:
a8:0f:e3:03:de:d5:10:2c:70:f1:97:a5:f8:a7:46:
ac:ec:ee:6f:ab:1d:29:ff:2b:ea:87:4b:24:a9:4c:
81:56:f1:98:fb:33:56:8b:37:8c:4b:59:ed:17:ea:
38:f1:ba:29:95:55:f4:d3:50:27:6c:96:09:a4:a5:
38:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:0C:50:50:E6:3B:9A:AA:ED:B9:A9:2B:FA:D0:58:54:31:87:C9
X509v3 Authority Key Identifier:
keyid:46:D9:44:77:C8:B5:4D:12:EC:8B:3F:7B:6D:9A:E7:8E:51:0B:23:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RtlEd8i1TRLsiz97bZrnjlELI9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/O04MUFDmO5qq7bmpK_rQWFQxh8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/54a457-3c48-4e01-90b0-5eb75c2318aa/1/RtlEd8i1TRLsiz97bZrnjlELI9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.32.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:60:ae:82:28:dc:a9:78:30:8b:99:df:3d:51:11:0a:b5:9a:
cf:a0:c8:13:64:68:16:8b:fd:ba:ce:63:86:bf:0b:11:89:70:
70:c3:54:f6:63:ea:15:fa:7b:f1:36:d9:28:7e:f3:10:0c:70:
53:b9:37:12:8d:19:17:6f:d8:99:10:39:a6:88:26:cd:8e:e0:
d8:35:ac:01:4a:5a:68:2b:fb:ff:6f:08:33:3f:95:9d:25:ed:
29:d4:f9:7b:07:a4:43:80:dd:59:19:37:66:6c:79:1e:b6:62:
e6:25:b1:9f:9d:8b:af:c8:8c:4b:d4:99:fe:25:38:81:02:6f:
05:30:e6:c7:9c:2a:44:3f:ed:0e:5c:80:6b:ce:5b:52:ca:4d:
a5:f2:45:6c:e0:ae:92:ed:47:5d:94:26:ab:4e:c3:c8:94:d1:
e9:1c:3d:f7:98:0f:e6:ee:97:a0:d6:83:ec:a2:82:ec:bf:c5:
04:9b:56:e7:4f:12:67:23:70:9d:53:72:9e:67:c7:03:d3:1a:
e3:50:bb:2e:fe:f8:14:df:11:8c:54:5e:17:f9:09:f4:f6:1c:
c2:de:5e:5c:9e:cd:dd:00:ad:c8:14:aa:0f:fb:99:0f:e1:90:
6e:d2:b2:25:d8:3e:8a:7a:d6:31:d4:ff:2e:ac:f0:14:e0:86:
36:f4:7b:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ2SVG/ifBHx4WnJTxTh3jjBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2ZDk0NDc3YzhiNTRkMTJlYzhiM2Y3YjZkOWFlNzhlNTEw
YjIzZDgwHhcNMjYwNDE1MTgwODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlMGM1MDUwZTYzYjlhYWFlZGI5YTkyYmZhZDA1ODU0MzE4N2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvXuAcM2JPH5BUqxVOuVy8m6/nhL
yp6vXYbqIQoZUQbFti8Tbh9WJic/jfFMhLup0XG1TOLgOkw1RLF3FsJFgglxYK4j
mv5N6VBJYa5vvg8Dw6Ile9xZl+V1gOM2zFtOU8zLSFLA7qIlSInSqloL5eEfrAiL
M7GcmE9TQLaZYn2eG79gwBO+eBk3ItWKDtNKCKHzxvo+ESVVw/j7ShwsqEiJB/im
nvxOBJUv7QccWrDCra/dhNt9qtSL8hn4DdNulnCoD+MD3tUQLHDxl6X4p0as7O5v
qx0p/yvqh0skqUyBVvGY+zNWizeMS1ntF+o48boplVX001AnbJYJpKU4IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDtODFBQ5juaqu25qSv60FhUMYfJMB8GA1UdIwQY
MBaAFEbZRHfItU0S7Is/e22a545RCyPYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnRsRWQ4aTFUUkxzaXo5N2Jacm5qbEVMSTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81NGE0NTctM2M0OC00ZTAxLTkwYjAt
NWViNzVjMjMxOGFhLzEvTzA0TVVGRG1PNXFxN2JtcEtfclFXRlF4aDhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81NGE0NTctM2M0OC00ZTAxLTkwYjAtNWViNzVjMjMxOGFh
LzEvUnRsRWQ4aTFUUkxzaXo5N2Jacm5qbEVMSTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuc0gMA0G
CSqGSIb3DQEBCwUAA4IBAQBPYK6CKNypeDCLmd89UREKtZrPoMgTZGgWi/26zmOG
vwsRiXBww1T2Y+oV+nvxNtkofvMQDHBTuTcSjRkXb9iZEDmmiCbNjuDYNawBSlpo
K/v/bwgzP5WdJe0p1Pl7B6RDgN1ZGTdmbHketmLmJbGfnYuvyIxL1Jn+JTiBAm8F
MObHnCpEP+0OXIBrzltSyk2l8kVs4K6S7UddlCarTsPIlNHpHD33mA/m7peg1oPs
ooLsv8UEm1bnTxJnI3CdU3KeZ8cD0xrjULsu/vgU3xGMVF4X+Qn09hzC3l5cns3d
AK3IFKoP+5kP4ZBu0rIl2D6KetYx1P8urPAU4IY29HvG
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:01:11 2026 by rpki-client