Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/OpP1uH47jfFMVJTxrAfveiZZvWg.roa
File: OpP1uH47jfFMVJTxrAfveiZZvWg.roa (raw, json)
Hash identifier: nsxtiR9yfcDkKLLgQjFCuBp9Unbz22As30V4FKpfzZs=
Subject key identifier: 3A:93:F5:B8:7E:3B:8D:F1:4C:54:94:F1:AC:07:EF:7A:26:59:BD:68
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 019D43BCC3ECAE2AB6F5E6705066855755AE
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/OpP1uH47jfFMVJTxrAfveiZZvWg.roa
Signing time: Tue 31 Mar 2026 11:52:17 +0000
ROA not before: Tue 31 Mar 2026 11:52:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198949
IP address blocks: 145.219.6.0/24 maxlen: 24
145.219.8.0/24 maxlen: 24
145.219.9.0/24 maxlen: 24
145.219.10.0/24 maxlen: 24
145.219.11.0/24 maxlen: 24
145.219.12.0/24 maxlen: 24
145.219.13.0/24 maxlen: 24
145.219.14.0/24 maxlen: 24
145.219.15.0/24 maxlen: 24
145.219.16.0/24 maxlen: 24
145.219.17.0/24 maxlen: 24
2a04:b0c0::/45 maxlen: 45
2a04:b0c0:8::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:bc:c3:ec:ae:2a:b6:f5:e6:70:50:66:85:57:55:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Mar 31 11:52:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a93f5b87e3b8df14c5494f1ac07ef7a2659bd68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0f:92:fb:92:b1:7c:24:0c:30:95:c0:90:b5:
b8:73:20:ea:e4:4b:4e:8e:4e:a5:ca:03:00:ce:f3:
1d:82:63:4f:f6:c1:1b:af:34:e3:77:a8:b7:1e:cd:
5c:b7:f0:ea:6d:c8:fd:5d:06:c7:d2:2f:ee:c2:48:
16:5d:16:f2:e3:a9:ee:de:34:ad:41:5a:cc:64:e3:
d3:af:31:01:f9:32:c5:98:06:ae:25:3f:84:a7:0d:
81:f2:8d:48:52:a5:76:a7:d7:c3:6c:44:1f:0b:b6:
9c:e6:26:10:2d:ef:93:df:a5:02:04:ca:c0:d9:75:
e0:a4:4a:c0:7b:b9:ff:db:33:63:d9:ce:b4:e8:79:
22:8f:40:1b:da:6b:46:51:4c:4b:a1:a4:73:7c:d6:
89:17:ea:40:56:fd:50:68:7c:e8:70:e7:ce:36:c9:
92:55:e5:d0:f6:68:79:c2:35:be:89:c0:67:db:22:
b7:16:62:9d:66:31:6e:82:ef:85:95:1f:4a:e2:f7:
9b:1a:b9:a4:9d:b3:0a:41:9f:75:31:67:af:78:10:
ab:5e:5c:43:35:bc:57:fe:2e:6e:4f:a0:ee:df:78:
a1:f2:31:60:62:f5:82:ea:42:e1:9c:cf:b5:4b:69:
1c:f5:d4:40:ae:b1:55:f3:50:47:e1:29:61:f1:7e:
cc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:93:F5:B8:7E:3B:8D:F1:4C:54:94:F1:AC:07:EF:7A:26:59:BD:68
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/OpP1uH47jfFMVJTxrAfveiZZvWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.6.0/24
145.219.8.0-145.219.17.255
IPv6:
2a04:b0c0::/44
Signature Algorithm: sha256WithRSAEncryption
62:cc:93:75:64:2e:72:9b:07:b3:b7:5c:69:96:0d:19:08:bc:
fe:8f:dc:90:2e:83:d5:30:55:6d:dd:b4:9b:2f:41:2c:13:87:
0c:cc:1e:f1:7d:7c:aa:f0:66:24:03:15:a7:af:33:b4:e6:18:
51:9f:fe:17:fd:41:14:2d:76:65:27:d6:2b:1c:55:4c:33:3f:
58:be:1c:2d:46:12:82:04:21:b8:85:c0:2d:e8:7e:99:3f:44:
49:fe:42:b6:64:df:eb:7e:31:8a:2f:1a:2a:78:76:88:ab:91:
7b:f9:d7:67:29:63:bd:f8:39:bd:54:8d:df:eb:7e:f3:ea:64:
1c:17:44:45:b9:d5:0f:1a:0b:bb:3a:9c:2c:dc:13:22:fe:d7:
f5:31:ff:03:04:fa:9d:ee:28:4c:ad:5e:9e:29:d5:4e:cd:91:
3c:ff:38:02:c0:a3:82:ab:f4:80:b9:67:12:f2:12:3d:a4:81:
72:c5:c3:23:69:57:cd:ea:c2:82:7f:c5:b4:8a:1a:f5:d1:b1:
e6:04:b8:93:7a:c6:53:92:e2:bc:cb:b5:61:66:fd:65:57:f7:
f1:38:3f:67:55:74:4b:63:dc:73:3b:80:9f:97:e4:a4:af:e9:
49:45:d1:d3:9d:a6:28:64:e3:5e:44:86:df:91:72:81:ae:86:
2b:ac:95:7b
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ1DvMPsriq29eZwUGaFV1WuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjYwMzMxMTE1MjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkzZjViODdlM2I4ZGYxNGM1NDk0ZjFhYzA3ZWY3YTI2NTliZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQ+S+5KxfCQMMJXAkLW4cyDq5EtO
jk6lygMAzvMdgmNP9sEbrzTjd6i3Hs1ct/Dqbcj9XQbH0i/uwkgWXRby46nu3jSt
QVrMZOPTrzEB+TLFmAauJT+Epw2B8o1IUqV2p9fDbEQfC7ac5iYQLe+T36UCBMrA
2XXgpErAe7n/2zNj2c606Hkij0Ab2mtGUUxLoaRzfNaJF+pAVv1QaHzocOfONsmS
VeXQ9mh5wjW+icBn2yK3FmKdZjFugu+FlR9K4vebGrmknbMKQZ91MWeveBCrXlxD
NbxX/i5uT6Du33ih8jFgYvWC6kLhnM+1S2kc9dRArrFV81BH4Slh8X7MTwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDqT9bh+O43xTFSU8awH73omWb1oMB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvT3BQMXVINDdqZkZNVkpUeHJBZnZlaVpadldnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUAwQAkdsGMAwD
BAOR2wgDBAGR2xAwDwQCAAIwCQMHBCoEsMAAADANBgkqhkiG9w0BAQsFAAOCAQEA
YsyTdWQucpsHs7dcaZYNGQi8/o/ckC6D1TBVbd20my9BLBOHDMwe8X18qvBmJAMV
p68ztOYYUZ/+F/1BFC12ZSfWKxxVTDM/WL4cLUYSggQhuIXALeh+mT9ESf5CtmTf
634xii8aKnh2iKuRe/nXZyljvfg5vVSN3+t+8+pkHBdERbnVDxoLuzqcLNwTIv7X
9TH/AwT6ne4oTK1eninVTs2RPP84AsCjgqv0gLlnEvISPaSBcsXDI2lXzerCgn/F
tIoa9dGx5gS4k3rGU5LivMu1YWb9ZVf38Tg/Z1V0S2PcczuAn5fkpK/pSUXR052m
KGTjXkSG35Fyga6GK6yVew==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:11:21 2026 by rpki-client