Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RahpEOjDk8JGqVaMnjYNHjqMCDk.roa
File: RahpEOjDk8JGqVaMnjYNHjqMCDk.roa (raw, json)
Hash identifier: 3i16wtfdxMwVP4jwU43s2Etd+QzTAEC6HDDbzF8Ohw4=
Subject key identifier: 45:A8:69:10:E8:C3:93:C2:46:A9:56:8C:9E:36:0D:1E:3A:8C:08:39
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 019C0AAAC7C38B46DF7717AF510287F16659
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RahpEOjDk8JGqVaMnjYNHjqMCDk.roa
Signing time: Thu 29 Jan 2026 16:51:30 +0000
ROA not before: Thu 29 Jan 2026 16:51:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9123
IP address blocks: 37.220.80.0/24 maxlen: 24
37.220.87.0/24 maxlen: 24
45.8.96.0/24 maxlen: 24
45.8.97.0/24 maxlen: 24
45.8.98.0/24 maxlen: 24
45.8.99.0/24 maxlen: 24
45.82.14.0/24 maxlen: 24
45.89.190.0/24 maxlen: 24
45.91.67.0/24 maxlen: 24
45.95.234.0/24 maxlen: 24
46.19.64.0/24 maxlen: 24
46.19.65.0/24 maxlen: 24
46.19.66.0/24 maxlen: 24
46.19.67.0/24 maxlen: 24
81.200.144.0/24 maxlen: 24
81.200.145.0/24 maxlen: 24
81.200.146.0/24 maxlen: 24
81.200.147.0/24 maxlen: 24
81.200.148.0/24 maxlen: 24
81.200.149.0/24 maxlen: 24
81.200.150.0/24 maxlen: 24
81.200.151.0/24 maxlen: 24
81.200.152.0/24 maxlen: 24
81.200.153.0/24 maxlen: 24
81.200.158.0/24 maxlen: 24
85.92.110.0/24 maxlen: 24
85.92.111.0/24 maxlen: 24
91.200.148.0/24 maxlen: 24
91.200.150.0/24 maxlen: 24
91.200.151.0/24 maxlen: 24
92.118.113.0/24 maxlen: 24
92.118.114.0/24 maxlen: 24
92.118.115.0/24 maxlen: 24
94.198.216.0/24 maxlen: 24
94.198.217.0/24 maxlen: 24
94.198.218.0/24 maxlen: 24
94.198.219.0/24 maxlen: 24
94.198.220.0/24 maxlen: 24
94.198.221.0/24 maxlen: 24
94.198.223.0/24 maxlen: 24
185.247.185.0/24 maxlen: 24
194.187.122.0/24 maxlen: 24
195.80.50.0/24 maxlen: 24
195.80.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0a:aa:c7:c3:8b:46:df:77:17:af:51:02:87:f1:66:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 29 16:51:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45a86910e8c393c246a9568c9e360d1e3a8c0839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:bd:81:af:98:ad:29:59:c2:ef:9b:26:6f:
dd:77:cc:c0:8e:e6:42:ed:f0:06:27:7d:43:21:f5:
54:a5:6c:b9:a6:95:d2:9b:1d:53:53:a2:d8:b4:14:
e7:55:98:24:88:ae:e0:c3:1f:41:18:ff:8d:0c:11:
1a:6c:ee:64:b6:23:00:86:46:df:e5:c2:ea:4d:e9:
e5:e7:07:2a:00:38:83:f9:78:f6:99:67:b9:50:ca:
75:b4:16:f9:df:41:96:30:be:46:da:3f:4e:02:39:
b9:29:d2:a3:a7:ee:c4:e8:e6:0b:db:04:e4:e4:b4:
b8:b6:fe:ee:be:98:a6:9e:c2:88:13:ae:bf:99:72:
1b:9c:b0:07:84:54:37:aa:30:7b:83:ef:b7:4e:24:
e7:b1:2c:94:48:95:df:f9:58:fa:56:74:dd:2e:41:
8f:f2:d0:07:a6:0d:06:a6:3e:aa:1f:d3:e7:fc:92:
68:f4:ef:97:35:47:0d:1d:d0:0d:8d:e6:09:81:a9:
80:c9:83:6e:e4:a3:e5:a1:74:c4:3d:f6:7b:9a:fd:
82:6e:97:0b:11:b6:d2:25:13:58:3a:48:e2:79:52:
8f:74:77:e8:d8:90:b0:2f:8d:ac:17:c6:1c:dc:d8:
24:3d:a5:f0:ef:d5:27:31:67:8a:e0:0d:5c:0e:63:
92:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A8:69:10:E8:C3:93:C2:46:A9:56:8C:9E:36:0D:1E:3A:8C:08:39
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/RahpEOjDk8JGqVaMnjYNHjqMCDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.80.0/24
37.220.87.0/24
45.8.96.0/22
45.82.14.0/24
45.89.190.0/24
45.91.67.0/24
45.95.234.0/24
46.19.64.0/22
81.200.144.0-81.200.153.255
81.200.158.0/24
85.92.110.0/23
91.200.148.0/24
91.200.150.0/23
92.118.113.0-92.118.115.255
94.198.216.0-94.198.221.255
94.198.223.0/24
185.247.185.0/24
194.187.122.0/24
195.80.50.0/23
Signature Algorithm: sha256WithRSAEncryption
26:be:71:e2:21:58:69:d0:f2:b9:dc:85:e1:a4:fa:8f:a7:d5:
1b:c6:6c:4c:35:76:e6:8c:85:ab:4d:9d:ee:df:ea:99:e8:7d:
89:b2:cc:2c:56:39:ed:5f:b8:6b:cd:cb:4f:90:9f:9a:30:d6:
b5:f9:b4:6b:5a:7d:b0:eb:64:3a:19:53:21:46:fb:ee:f3:d8:
7b:51:41:37:2b:1a:d9:93:d0:17:fb:85:db:75:17:cb:42:bc:
14:f5:29:6b:3e:63:1b:23:16:ff:ff:75:c8:97:0b:a9:50:14:
8d:56:d5:98:99:d0:8e:0e:bd:3e:89:2d:90:2e:3a:c4:4c:5f:
8a:2c:87:50:19:bd:f4:d9:56:e2:3f:30:ee:27:84:c2:ea:71:
45:ea:e5:57:b5:26:99:21:29:ce:72:30:9e:12:3b:44:d6:32:
14:ed:a1:ff:83:11:3d:99:6e:57:46:e8:e9:bf:21:e4:f8:d7:
5c:4e:cb:04:48:47:29:79:46:a0:6f:99:44:98:26:a5:58:8e:
c2:c9:08:ef:24:2e:f2:6e:7e:ed:45:00:98:6d:89:ba:54:2d:
16:32:35:50:f8:00:71:ab:bc:18:6a:50:1b:aa:58:bc:7e:13:
68:15:40:a4:b9:1d:64:d3:7e:0a:db:a9:bf:8e:4f:76:87:62:
46:70:f9:e9
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZwKqsfDi0bfdxevUQKH8WZZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjYwMTI5MTY1MTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE4NjkxMGU4YzM5M2MyNDZhOTU2OGM5ZTM2MGQxZTNhOGMwODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAa9ga+YrSlZwu+bJm/dd8zAjuZC
7fAGJ31DIfVUpWy5ppXSmx1TU6LYtBTnVZgkiK7gwx9BGP+NDBEabO5ktiMAhkbf
5cLqTenl5wcqADiD+Xj2mWe5UMp1tBb530GWML5G2j9OAjm5KdKjp+7E6OYL2wTk
5LS4tv7uvpimnsKIE66/mXIbnLAHhFQ3qjB7g++3TiTnsSyUSJXf+Vj6VnTdLkGP
8tAHpg0Gpj6qH9Pn/JJo9O+XNUcNHdANjeYJgamAyYNu5KPloXTEPfZ7mv2CbpcL
EbbSJRNYOkjieVKPdHfo2JCwL42sF8Yc3NgkPaXw79UnMWeK4A1cDmOSOQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFEWoaRDow5PCRqlWjJ42DR46jAg5MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvUmFocEVPakRrOEpHcVZhTW5qWU5IanFNQ0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAl
3FADBAAl3FcDBAItCGADBAAtUg4DBAAtWb4DBAAtW0MDBAAtX+oDBAIuE0AwDAME
BFHIkAMEAVHImAMEAFHIngMEAVVcbgMEAFvIlAMEAVvIljAMAwQAXHZxAwQCXHZw
MAwDBANextgDBAFextwDBABext8DBAC597kDBADCu3oDBAHDUDIwDQYJKoZIhvcN
AQELBQADggEBACa+ceIhWGnQ8rncheGk+o+n1RvGbEw1duaMhatNne7f6pnofYmy
zCxWOe1fuGvNy0+Qn5ow1rX5tGtafbDrZDoZUyFG++7z2HtRQTcrGtmT0Bf7hdt1
F8tCvBT1KWs+YxsjFv//dciXC6lQFI1W1ZiZ0I4OvT6JLZAuOsRMX4osh1AZvfTZ
VuI/MO4nhMLqcUXq5Ve1JpkhKc5yMJ4SO0TWMhTtof+DET2ZbldG6Om/IeT411xO
ywRIRyl5RqBvmUSYJqVYjsLJCO8kLvJufu1FAJhtibpULRYyNVD4AHGrvBhqUBuq
WLx+E2gVQKS5HWTTfgrbqb+OT3aHYkZw+ek=
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:11:44 2026 by rpki-client