Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/dLlLozq_LxYh46bnmgkvjvoWmpw.roa
File: dLlLozq_LxYh46bnmgkvjvoWmpw.roa (raw, json)
Hash identifier: h2aFWt98BJV3iCLAz94s4Esgtecs4nrZqTq2dKOirQQ=
Subject key identifier: 74:B9:4B:A3:3A:BF:2F:16:21:E3:A6:E7:9A:09:2F:8E:FA:16:9A:9C
Certificate issuer: /CN=4615f998f747269e37af7da110806124c997dc57
Certificate serial: 019E6900E5EC0B7123D8F39E9ED69227964F
Authority key identifier: 46:15:F9:98:F7:47:26:9E:37:AF:7D:A1:10:80:61:24:C9:97:DC:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RhX5mPdHJp43r32hEIBhJMmX3Fc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/dLlLozq_LxYh46bnmgkvjvoWmpw.roa
Signing time: Wed 27 May 2026 10:35:26 +0000
ROA not before: Wed 27 May 2026 10:35:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34989
IP address blocks: 46.251.249.0/24 maxlen: 24
80.173.230.0/23 maxlen: 23
83.143.80.0/21 maxlen: 21
85.136.80.0/23 maxlen: 23
85.137.228.0/22 maxlen: 22
91.189.176.0/21 maxlen: 21
104.233.8.0/23 maxlen: 23
185.101.32.0/22 maxlen: 22
185.225.8.0/24 maxlen: 24
194.242.10.0/23 maxlen: 23
217.170.192.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/RhX5mPdHJp43r32hEIBhJMmX3Fc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/RhX5mPdHJp43r32hEIBhJMmX3Fc.mft
rsync://rpki.ripe.net/repository/DEFAULT/RhX5mPdHJp43r32hEIBhJMmX3Fc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:69:00:e5:ec:0b:71:23:d8:f3:9e:9e:d6:92:27:96:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4615f998f747269e37af7da110806124c997dc57
Validity
Not Before: May 27 10:35:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=74b94ba33abf2f1621e3a6e79a092f8efa169a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:72:8a:fe:92:b5:c7:6f:83:e9:ac:2f:cf:7c:
37:96:11:93:e1:4b:a1:64:02:58:3d:41:8a:0b:3a:
7d:a0:1d:29:2d:44:37:b5:a8:e7:10:8c:d1:12:9b:
39:fa:72:44:f6:9c:6d:7d:02:2b:e0:05:21:bd:19:
d9:35:56:18:64:69:0a:3a:a6:d3:81:ab:ee:73:ed:
a2:e5:0a:de:a8:f0:51:8a:f5:fb:14:1b:2e:5d:f8:
4c:ba:3e:a2:64:34:4c:39:12:e7:86:7a:73:6d:aa:
34:cd:e9:32:45:cd:47:52:9b:c0:1f:7c:18:0c:ef:
e0:50:9e:21:aa:d8:ce:c4:aa:71:af:77:c2:c4:93:
0a:b6:5e:08:bc:3a:6a:97:9a:d1:16:21:5e:0f:56:
30:2f:e3:1a:70:8f:13:8e:cb:c8:fc:84:d3:ab:df:
76:67:d9:9e:a0:38:a0:e5:54:a0:c4:a3:1e:99:5e:
98:b1:50:36:3b:ea:02:25:df:51:71:f7:9d:8b:23:
d3:2e:bf:8a:df:ff:d9:66:6e:e9:69:3d:42:ab:31:
3c:68:db:37:ed:19:ad:bb:14:5e:e8:65:e7:6b:56:
fc:26:02:e0:91:f6:9b:38:3a:e5:9b:cd:ff:2b:b7:
13:21:34:74:15:a6:ac:84:b1:1f:23:f2:f3:fb:a9:
9b:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B9:4B:A3:3A:BF:2F:16:21:E3:A6:E7:9A:09:2F:8E:FA:16:9A:9C
X509v3 Authority Key Identifier:
keyid:46:15:F9:98:F7:47:26:9E:37:AF:7D:A1:10:80:61:24:C9:97:DC:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RhX5mPdHJp43r32hEIBhJMmX3Fc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/dLlLozq_LxYh46bnmgkvjvoWmpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/2a0d24-6262-4c3f-b2fe-6398efa3edc5/1/RhX5mPdHJp43r32hEIBhJMmX3Fc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.251.249.0/24
80.173.230.0/23
83.143.80.0/21
85.136.80.0/23
85.137.228.0/22
91.189.176.0/21
104.233.8.0/23
185.101.32.0/22
185.225.8.0/24
194.242.10.0/23
217.170.192.0/20
Signature Algorithm: sha256WithRSAEncryption
a2:5c:6d:60:06:23:67:78:79:06:59:19:2b:30:97:93:a1:6b:
a5:12:9b:04:34:77:48:59:f6:84:43:55:01:e3:69:47:55:3e:
b7:38:3a:2d:b3:c4:5e:32:58:38:3e:2b:bd:6f:60:42:0a:30:
5b:c1:43:65:1a:1e:75:cd:7c:3f:4d:ab:8d:f2:5f:fc:ff:5b:
b6:77:2c:29:b1:65:b5:9b:31:9b:ba:b6:21:28:ce:50:11:f4:
c3:56:e0:4a:4b:df:83:2b:4f:29:c9:b7:e2:68:f6:ed:5f:c4:
9e:e4:2a:01:13:86:1b:b0:22:3b:ef:b2:40:3a:25:b8:41:47:
66:e0:db:0f:94:17:79:05:d6:3f:69:03:56:1f:f5:fa:58:81:
74:d8:88:3b:da:83:77:0e:41:ab:df:46:5f:0b:4d:dc:e5:21:
f4:e2:18:e2:f0:11:a5:57:fe:3f:0d:d4:31:f5:f8:9a:2d:f7:
98:02:95:1a:48:48:74:52:e7:0b:16:d5:58:c9:c6:97:70:18:
c2:61:3d:8c:47:8a:b3:fc:af:21:ae:43:8a:3a:95:bb:12:13:
d9:c6:0d:33:ec:0e:f7:7d:23:db:06:cc:bc:38:32:48:b4:05:
05:7e:4c:f4:bf:d0:30:67:50:1c:d5:36:9e:e6:73:f1:96:74:
8e:52:85:a8
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZ5pAOXsC3Ej2POentaSJ5ZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2MTVmOTk4Zjc0NzI2OWUzN2FmN2RhMTEwODA2MTI0Yzk5
N2RjNTcwHhcNMjYwNTI3MTAzNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI5NGJhMzNhYmYyZjE2MjFlM2E2ZTc5YTA5MmY4ZWZhMTY5YTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl3KK/pK1x2+D6awvz3w3lhGT4Uuh
ZAJYPUGKCzp9oB0pLUQ3tajnEIzREps5+nJE9pxtfQIr4AUhvRnZNVYYZGkKOqbT
gavuc+2i5QreqPBRivX7FBsuXfhMuj6iZDRMORLnhnpzbao0zekyRc1HUpvAH3wY
DO/gUJ4hqtjOxKpxr3fCxJMKtl4IvDpql5rRFiFeD1YwL+MacI8TjsvI/ITTq992
Z9meoDig5VSgxKMemV6YsVA2O+oCJd9RcfediyPTLr+K3//ZZm7paT1CqzE8aNs3
7RmtuxRe6GXna1b8JgLgkfabODrlm83/K7cTITR0FaashLEfI/Lz+6mbWwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHS5S6M6vy8WIeOm55oJL476FpqcMB8GA1UdIwQY
MBaAFEYV+Zj3RyaeN699oRCAYSTJl9xXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmhYNW1QZEhKcDQzcjMyaEVJQmhKTW1YM0ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC8yYTBkMjQtNjI2Mi00YzNmLWIyZmUt
NjM5OGVmYTNlZGM1LzEvZExsTG96cV9MeFloNDZibm1na3Zqdm9XbXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC8yYTBkMjQtNjI2Mi00YzNmLWIyZmUtNjM5OGVmYTNlZGM1
LzEvUmhYNW1QZEhKcDQzcjMyaEVJQmhKTW1YM0ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALvv5AwQB
UK3mAwQDU49QAwQBVYhQAwQCVYnkAwQDW72wAwQBaOkIAwQCuWUgAwQAueEIAwQB
wvIKAwQE2arAMA0GCSqGSIb3DQEBCwUAA4IBAQCiXG1gBiNneHkGWRkrMJeToWul
EpsENHdIWfaEQ1UB42lHVT63ODots8ReMlg4Piu9b2BCCjBbwUNlGh51zXw/TauN
8l/8/1u2dywpsWW1mzGburYhKM5QEfTDVuBKS9+DK08pybfiaPbtX8Se5CoBE4Yb
sCI777JAOiW4QUdm4NsPlBd5BdY/aQNWH/X6WIF02Ig72oN3DkGr30ZfC03c5SH0
4hji8BGlV/4/DdQx9fiaLfeYApUaSEh0UucLFtVYycaXcBjCYT2MR4qz/K8hrkOK
OpW7EhPZxg0z7A73fSPbBsy8ODJItAUFfkz0v9AwZ1Ac1Tae5nPxlnSOUoWo
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:21:30 2026 by rpki-client