Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/9XrN3SxTHEPvdD1E8W8FL9FON-Q.roa
File: 9XrN3SxTHEPvdD1E8W8FL9FON-Q.roa (raw, json)
Hash identifier: xaqa/hN/vFwySqEJgiD4AjQovwVDwM0Im3xGh0rnAao=
Subject key identifier: F5:7A:CD:DD:2C:53:1C:43:EF:74:3D:44:F1:6F:05:2F:D1:4E:37:E4
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 019D6721DF479AE9024EB9C8A7D77C36B8C7
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/9XrN3SxTHEPvdD1E8W8FL9FON-Q.roa
Signing time: Tue 07 Apr 2026 08:49:26 +0000
ROA not before: Tue 07 Apr 2026 08:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198690
IP address blocks: 46.243.200.0/24 maxlen: 24
178.170.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:21:df:47:9a:e9:02:4e:b9:c8:a7:d7:7c:36:b8:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Apr 7 08:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f57acddd2c531c43ef743d44f16f052fd14e37e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:71:18:43:31:d8:65:e3:ec:91:b6:d2:a2:46:
6e:93:a6:00:0e:f9:af:a1:29:91:48:74:bb:99:ca:
56:99:ae:a8:d9:58:9b:f8:de:af:3f:16:1f:8d:73:
14:0d:63:eb:0e:68:b6:4e:aa:0e:56:65:9c:f1:2b:
51:1f:eb:72:86:fe:f6:df:57:48:3b:6c:05:d8:27:
55:c4:a6:56:1d:8b:38:3f:2f:94:14:5f:a1:b2:a2:
ea:50:1e:ad:b7:59:24:d8:27:bf:8e:86:a6:f1:86:
de:18:de:82:37:27:51:ae:79:8a:39:8b:e2:8c:39:
a8:ac:fa:78:98:54:1d:49:b5:72:7b:48:f1:85:84:
a6:ef:06:0f:67:15:97:29:46:e7:2d:ed:9b:69:dc:
1a:a4:00:b0:cd:7c:e1:68:b9:08:3d:4b:66:0d:ce:
29:aa:dc:df:d2:dc:03:2f:26:fe:d9:d2:f6:51:bf:
21:27:0e:da:54:38:21:ff:16:38:00:6d:45:55:2d:
92:78:eb:91:77:f5:79:ef:95:0b:81:45:1d:d1:9e:
d5:c7:27:fc:be:9b:5e:d2:7f:2a:a1:22:48:6d:79:
fc:8c:94:f7:66:3a:3f:17:e4:8c:be:74:1c:a1:0a:
16:30:74:6f:7d:68:77:c1:04:ba:d9:64:96:22:44:
ca:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:7A:CD:DD:2C:53:1C:43:EF:74:3D:44:F1:6F:05:2F:D1:4E:37:E4
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/9XrN3SxTHEPvdD1E8W8FL9FON-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.200.0/24
178.170.143.0/24
Signature Algorithm: sha256WithRSAEncryption
88:9f:35:3b:51:6e:5c:ba:de:d4:cd:a7:4f:5c:ef:8e:85:cb:
f0:ee:46:c1:22:86:8f:80:14:89:da:d3:5c:f1:d2:2a:95:a2:
53:be:40:9f:82:10:ae:de:b0:e1:9a:e0:bd:d6:0b:38:32:e1:
72:4f:6d:14:0e:68:a2:2c:ec:cb:d7:3f:ad:b6:9d:17:ff:ef:
bc:ff:07:6b:9f:49:8f:24:7b:80:5c:6e:c9:e0:ca:77:d4:34:
e5:f9:a1:dc:60:e8:fe:dd:fa:95:2a:3f:a0:f9:e4:ce:8e:d6:
ad:2b:72:7f:a9:e0:ae:fc:4b:72:a2:59:61:02:00:b3:89:55:
3d:2c:b9:01:09:10:86:64:3c:b6:96:c3:c3:2c:f6:a7:77:2d:
51:18:d4:2d:3f:08:c3:54:d8:7b:40:44:21:20:36:a8:da:dd:
13:c6:19:c9:24:cf:d4:91:a6:33:97:82:1e:65:97:28:19:96:
40:1d:e2:13:38:e4:1d:94:b1:84:b9:50:87:de:a2:b9:8c:32:
14:37:92:ae:3f:8a:b5:37:10:ec:70:5d:7e:dd:77:cc:67:6c:
19:9c:b2:a2:d9:45:0f:aa:ed:a2:32:99:cb:a5:17:07:2a:16:
cf:e1:da:d2:e2:71:8d:08:0f:e7:48:13:e4:11:67:7f:25:45:
2c:69:85:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1nId9HmukCTrnIp9d8NrjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjYwNDA3MDg0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTdhY2RkZDJjNTMxYzQzZWY3NDNkNDRmMTZmMDUyZmQxNGUzN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXEYQzHYZePskbbSokZuk6YADvmv
oSmRSHS7mcpWma6o2Vib+N6vPxYfjXMUDWPrDmi2TqoOVmWc8StRH+tyhv7231dI
O2wF2CdVxKZWHYs4Py+UFF+hsqLqUB6tt1kk2Ce/joam8YbeGN6CNydRrnmKOYvi
jDmorPp4mFQdSbVye0jxhYSm7wYPZxWXKUbnLe2badwapACwzXzhaLkIPUtmDc4p
qtzf0twDLyb+2dL2Ub8hJw7aVDgh/xY4AG1FVS2SeOuRd/V575ULgUUd0Z7Vxyf8
vpte0n8qoSJIbXn8jJT3Zjo/F+SMvnQcoQoWMHRvfWh3wQS62WSWIkTKrwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPV6zd0sUxxD73Q9RPFvBS/RTjfkMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvOVhyTjNTeFRIRVB2ZEQxRThXOEZMOUZPTi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALvPIAwQA
sqqPMA0GCSqGSIb3DQEBCwUAA4IBAQCInzU7UW5cut7UzadPXO+Ohcvw7kbBIoaP
gBSJ2tNc8dIqlaJTvkCfghCu3rDhmuC91gs4MuFyT20UDmiiLOzL1z+ttp0X/++8
/wdrn0mPJHuAXG7J4Mp31DTl+aHcYOj+3fqVKj+g+eTOjtatK3J/qeCu/Etyollh
AgCziVU9LLkBCRCGZDy2lsPDLPandy1RGNQtPwjDVNh7QEQhIDao2t0TxhnJJM/U
kaYzl4IeZZcoGZZAHeITOOQdlLGEuVCH3qK5jDIUN5KuP4q1NxDscF1+3XfMZ2wZ
nLKi2UUPqu2iMpnLpRcHKhbP4drS4nGNCA/nSBPkEWd/JUUsaYUs
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:44:51 2026 by rpki-client