Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/sdWMapYuUdr6p3SLmsRyhc96bjk.roa
File: sdWMapYuUdr6p3SLmsRyhc96bjk.roa (raw, json)
Hash identifier: Ej5qnbmLumHZ7hyS+j2EcBw0ec4/rqTjBeF1pn/Pv/4=
Subject key identifier: B1:D5:8C:6A:96:2E:51:DA:FA:A7:74:8B:9A:C4:72:85:CF:7A:6E:39
Certificate issuer: /CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Certificate serial: 019B7AC8941C3F8A166B5C7B1040ECD8F590
Authority key identifier: 6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/sdWMapYuUdr6p3SLmsRyhc96bjk.roa
Signing time: Thu 01 Jan 2026 18:18:44 +0000
ROA not before: Thu 01 Jan 2026 18:18:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200245
IP address blocks: 45.85.44.0/22 maxlen: 22
45.85.44.0/24 maxlen: 24
45.85.45.0/24 maxlen: 24
45.85.46.0/24 maxlen: 24
45.85.47.0/24 maxlen: 24
185.169.104.0/24 maxlen: 24
2a13:2240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:c8:94:1c:3f:8a:16:6b:5c:7b:10:40:ec:d8:f5:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c592536ce06fdaa5ac2ee48117cf57aa3b4c8d0
Validity
Not Before: Jan 1 18:18:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1d58c6a962e51dafaa7748b9ac47285cf7a6e39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:bf:15:ca:bb:08:f6:d7:97:d0:88:17:93:
b2:28:50:ab:19:56:2e:c3:09:95:2f:1e:3a:0f:9f:
c8:61:d7:9a:21:44:78:82:23:23:ee:65:d0:b1:de:
d8:e2:34:7f:c3:4f:de:da:c1:ce:54:39:da:93:bd:
61:8e:71:c2:b4:6f:a4:4a:3f:bd:58:2d:29:b9:e7:
34:84:44:33:2e:2c:e1:1a:57:42:3b:a4:30:72:2b:
1f:e1:8a:50:61:88:5c:d0:77:37:ae:56:e2:b5:3d:
05:7f:e5:6c:e8:44:69:7c:2b:8b:b2:79:51:2e:94:
eb:56:e1:8a:1c:e4:ae:a9:28:0b:84:5d:44:87:da:
53:ee:84:d3:77:70:69:16:fd:b5:50:e2:59:f3:91:
cc:e9:1b:97:11:18:89:42:f7:43:fe:6a:f9:61:b7:
7a:11:e7:b8:c0:91:a9:fb:eb:3c:71:81:b8:1c:bf:
56:0b:d5:ce:1e:a8:a9:04:ed:6a:3a:27:1e:59:d5:
b8:7e:92:5b:94:63:68:ea:1c:50:ec:30:58:07:c0:
67:b0:13:92:86:81:f4:24:5b:d8:1f:4b:44:59:90:
e3:4d:56:0b:3c:ff:a7:da:61:d3:a5:c3:d2:57:5a:
17:a8:42:8d:70:4f:0a:8d:49:19:11:62:3d:9a:14:
33:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D5:8C:6A:96:2E:51:DA:FA:A7:74:8B:9A:C4:72:85:CF:7A:6E:39
X509v3 Authority Key Identifier:
keyid:6C:59:25:36:CE:06:FD:AA:5A:C2:EE:48:11:7C:F5:7A:A3:B4:C8:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bFklNs4G_apawu5IEXz1eqO0yNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/sdWMapYuUdr6p3SLmsRyhc96bjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6a11f4-e57f-4117-93ab-0a2ec5a23b98/1/bFklNs4G_apawu5IEXz1eqO0yNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.44.0/22
185.169.104.0/24
IPv6:
2a13:2240::/29
Signature Algorithm: sha256WithRSAEncryption
9d:7e:05:62:83:d6:dc:b8:2e:3c:9a:c7:6b:36:a2:65:a6:b6:
51:ee:c8:2b:4a:00:12:22:b9:eb:83:69:06:8b:ee:8d:f7:7f:
c9:13:b5:eb:44:bd:72:14:51:63:b9:8a:03:c3:68:1f:ad:cd:
22:ec:08:4d:05:b1:f2:19:77:c1:68:2d:93:78:ef:9f:f8:54:
4d:c1:1a:7c:7b:c5:59:9b:d0:ab:8e:05:26:f5:bd:c4:91:f2:
ad:5f:8e:49:1d:55:e4:de:28:6e:1e:b9:fa:f4:71:ff:06:4c:
be:ed:6b:39:6a:6c:3a:72:51:40:8d:35:3d:3e:82:7d:7f:ea:
17:b8:4f:a0:b3:e3:7c:e3:a9:a5:cb:1f:0c:8f:76:5b:35:f6:
62:c3:a1:e8:74:8a:f4:38:8d:34:24:3f:24:fd:d7:23:d3:e3:
0c:21:d1:19:44:44:c5:3c:b1:ad:e9:ed:35:49:d8:b7:82:a4:
69:20:a5:03:2e:d1:81:1b:ea:ba:c4:ab:62:e8:cd:80:89:2f:
94:71:21:74:b0:7d:95:89:f8:b9:d9:25:d6:7b:bf:ed:14:df:
fd:56:0c:6a:f6:cb:ae:0c:fb:de:39:70:a8:d6:96:ce:38:70:
79:e0:25:53:63:77:4e:99:70:c6:90:5f:b1:56:de:b6:62:6e:
08:8d:90:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt6yJQcP4oWa1x7EEDs2PWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjNTkyNTM2Y2UwNmZkYWE1YWMyZWU0ODExN2NmNTdhYTNi
NGM4ZDAwHhcNMjYwMTAxMTgxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQ1OGM2YTk2MmU1MWRhZmFhNzc0OGI5YWM0NzI4NWNmN2E2ZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaG/Fcq7CPbXl9CIF5OyKFCrGVYu
wwmVLx46D5/IYdeaIUR4giMj7mXQsd7Y4jR/w0/e2sHOVDnak71hjnHCtG+kSj+9
WC0puec0hEQzLizhGldCO6Qwcisf4YpQYYhc0Hc3rlbitT0Ff+Vs6ERpfCuLsnlR
LpTrVuGKHOSuqSgLhF1Eh9pT7oTTd3BpFv21UOJZ85HM6RuXERiJQvdD/mr5Ybd6
Eee4wJGp++s8cYG4HL9WC9XOHqipBO1qOiceWdW4fpJblGNo6hxQ7DBYB8BnsBOS
hoH0JFvYH0tEWZDjTVYLPP+n2mHTpcPSV1oXqEKNcE8KjUkZEWI9mhQzCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLHVjGqWLlHa+qd0i5rEcoXPem45MB8GA1UdIwQY
MBaAFGxZJTbOBv2qWsLuSBF89XqjtMjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWIt
MGEyZWM1YTIzYjk4LzEvc2RXTWFwWXVVZHI2cDNTTG1zUnloYzk2YmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy82YTExZjQtZTU3Zi00MTE3LTkzYWItMGEyZWM1YTIzYjk4
LzEvYkZrbE5zNEdfYXBhd3U1SUVYejFlcU8weU5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVUsAwQA
ualoMA0EAgACMAcDBQMqEyJAMA0GCSqGSIb3DQEBCwUAA4IBAQCdfgVig9bcuC48
msdrNqJlprZR7sgrSgASIrnrg2kGi+6N93/JE7XrRL1yFFFjuYoDw2gfrc0i7AhN
BbHyGXfBaC2TeO+f+FRNwRp8e8VZm9CrjgUm9b3EkfKtX45JHVXk3ihuHrn69HH/
Bky+7Ws5amw6clFAjTU9PoJ9f+oXuE+gs+N846mlyx8Mj3ZbNfZiw6HodIr0OI00
JD8k/dcj0+MMIdEZRETFPLGt6e01Sdi3gqRpIKUDLtGBG+q6xKti6M2AiS+UcSF0
sH2Vifi52SXWe7/tFN/9Vgxq9suuDPveOXCo1pbOOHB54CVTY3dOmXDGkF+xVt62
Ym4IjZAc
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:29:41 2026 by rpki-client