Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/DleBr3x4w8QOpK2E9R2_6TGFDF4.roa
File: DleBr3x4w8QOpK2E9R2_6TGFDF4.roa (raw, json)
Hash identifier: CgkABQesG1ffqEy7V77XeVeETQgc8A9opPqF4y9ztkc=
Subject key identifier: 0E:57:81:AF:7C:78:C3:C4:0E:A4:AD:84:F5:1D:BF:E9:31:85:0C:5E
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019C938D753CC702C7A20DEDE2B674B44107
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/DleBr3x4w8QOpK2E9R2_6TGFDF4.roa
Signing time: Wed 25 Feb 2026 06:47:27 +0000
ROA not before: Wed 25 Feb 2026 06:47:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43205
IP address blocks: 37.143.192.0/18 maxlen: 18
46.40.64.0/18 maxlen: 18
46.40.75.0/24 maxlen: 24
46.47.64.0/18 maxlen: 24
46.237.64.0/18 maxlen: 18
91.139.128.0/17 maxlen: 17
93.155.128.0/17 maxlen: 17
109.121.192.0/18 maxlen: 18
158.58.192.0/18 maxlen: 18
178.169.128.0/17 maxlen: 17
185.4.80.0/22 maxlen: 22
188.254.128.0/17 maxlen: 17
212.43.32.0/19 maxlen: 19
212.75.0.0/19 maxlen: 19
213.214.64.0/19 maxlen: 19
2a02:6800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:93:8d:75:3c:c7:02:c7:a2:0d:ed:e2:b6:74:b4:41:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Feb 25 06:47:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0e5781af7c78c3c40ea4ad84f51dbfe931850c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c9:91:fb:d3:d5:e9:14:f2:66:11:ef:86:8a:
b4:44:31:44:35:1f:a1:e6:d1:8c:f5:bb:1d:37:2e:
9a:00:6a:4c:7e:4c:23:8c:83:26:b2:6d:65:33:11:
bd:b9:f3:25:22:54:3f:f9:68:da:3f:b5:18:3f:bb:
23:11:cf:f1:34:e9:6c:2f:f4:66:63:8e:81:68:73:
28:20:df:9c:d8:a4:bd:2e:df:45:6e:19:d4:79:bd:
da:7b:83:77:0d:b2:6e:66:1b:0b:1f:2c:fa:f8:ca:
95:dd:0c:1f:d4:6f:53:61:fc:29:66:0e:86:b3:76:
b7:85:0b:f1:84:be:aa:c1:7e:b3:b9:59:31:e2:ea:
15:c6:9c:0d:f7:87:74:9a:48:9d:1e:b0:7b:c2:05:
f1:42:a6:d0:fd:e6:4e:f6:04:ef:59:b8:13:5b:7b:
5e:66:a8:ec:5e:12:ea:18:be:73:5a:bf:e7:7c:72:
37:9b:dc:54:c2:46:95:6b:0a:0c:0f:9b:62:35:e5:
2f:57:e0:09:6f:09:89:4c:e2:94:e0:0b:ff:e9:00:
00:cb:ef:7a:87:51:50:44:93:e9:78:1f:bf:b9:d4:
27:df:73:17:2a:b1:58:14:29:41:25:5e:65:3d:bb:
db:59:ff:b8:20:44:84:68:57:22:8d:05:4f:18:5b:
5a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:57:81:AF:7C:78:C3:C4:0E:A4:AD:84:F5:1D:BF:E9:31:85:0C:5E
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/DleBr3x4w8QOpK2E9R2_6TGFDF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.192.0/18
46.40.64.0/18
46.47.64.0/18
46.237.64.0/18
91.139.128.0/17
93.155.128.0/17
109.121.192.0/18
158.58.192.0/18
178.169.128.0/17
185.4.80.0/22
188.254.128.0/17
212.43.32.0/19
212.75.0.0/19
213.214.64.0/19
IPv6:
2a02:6800::/32
Signature Algorithm: sha256WithRSAEncryption
ae:d9:a8:bc:39:b8:e5:f2:16:7c:c2:72:c5:67:96:52:f2:64:
4c:52:df:76:dd:89:3b:cd:5e:11:da:c9:bc:3c:b5:fa:78:16:
f1:f3:da:74:ba:cf:40:86:44:91:2b:ad:0e:a6:09:8f:7f:8d:
b3:f1:c9:89:78:dc:f3:72:e1:71:4d:1a:63:76:da:02:c6:ed:
5a:c2:14:b5:ad:2a:21:b8:80:9d:32:38:70:08:ef:b1:c3:41:
ab:91:d4:d1:4d:38:8c:c2:f8:43:92:11:e5:ef:c5:45:51:db:
7a:22:25:f1:60:03:1d:ce:bb:2f:b1:31:21:c6:70:46:a9:09:
fa:79:1b:53:76:c4:6d:4f:77:9f:24:15:7d:10:9c:05:ba:26:
95:22:2c:4f:08:39:39:9a:0c:67:cc:e8:98:7d:4a:17:28:d9:
68:60:87:3b:0e:81:5a:00:12:dd:e2:83:f8:d2:59:bd:e7:88:
6b:28:09:71:c1:8b:fb:23:95:11:68:be:62:0a:a4:5b:9f:6a:
28:2e:70:48:a7:27:4e:db:94:86:2d:ed:a6:dd:82:ba:44:8b:
c1:e3:40:9b:c3:4a:44:e3:97:c9:40:91:c6:d7:fe:bd:d9:ec:
9b:c0:da:c4:01:da:ba:a3:6c:14:90:27:5b:f7:23:b2:aa:ea:
6b:6d:2c:10
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZyTjXU8xwLHog3t4rZ0tEEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjYwMjI1MDY0NzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTU3ODFhZjdjNzhjM2M0MGVhNGFkODRmNTFkYmZlOTMxODUwYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8mR+9PV6RTyZhHvhoq0RDFENR+h
5tGM9bsdNy6aAGpMfkwjjIMmsm1lMxG9ufMlIlQ/+WjaP7UYP7sjEc/xNOlsL/Rm
Y46BaHMoIN+c2KS9Lt9FbhnUeb3ae4N3DbJuZhsLHyz6+MqV3Qwf1G9TYfwpZg6G
s3a3hQvxhL6qwX6zuVkx4uoVxpwN94d0mkidHrB7wgXxQqbQ/eZO9gTvWbgTW3te
ZqjsXhLqGL5zWr/nfHI3m9xUwkaVawoMD5tiNeUvV+AJbwmJTOKU4Av/6QAAy+96
h1FQRJPpeB+/udQn33MXKrFYFClBJV5lPbvbWf+4IESEaFcijQVPGFtaBQIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFA5Xga98eMPEDqSthPUdv+kxhQxeMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvRGxlQnIzeDR3OFFPcEsyRTlSMl82VEdGREY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQGJY/AAwQG
LihAAwQGLi9AAwQGLu1AAwQHW4uAAwQHXZuAAwQGbXnAAwQGnjrAAwQHsqmAAwQC
uQRQAwQHvP6AAwQF1CsgAwQF1EsAAwQF1dZAMA0EAgACMAcDBQAqAmgAMA0GCSqG
SIb3DQEBCwUAA4IBAQCu2ai8Objl8hZ8wnLFZ5ZS8mRMUt923Yk7zV4R2sm8PLX6
eBbx89p0us9AhkSRK60OpgmPf42z8cmJeNzzcuFxTRpjdtoCxu1awhS1rSohuICd
MjhwCO+xw0GrkdTRTTiMwvhDkhHl78VFUdt6IiXxYAMdzrsvsTEhxnBGqQn6eRtT
dsRtT3efJBV9EJwFuiaVIixPCDk5mgxnzOiYfUoXKNloYIc7DoFaABLd4oP40lm9
54hrKAlxwYv7I5URaL5iCqRbn2ooLnBIpydO25SGLe2m3YK6RIvB40Cbw0pE45fJ
QJHG1/692eybwNrEAdq6o2wUkCdb9yOyquprbSwQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:24:06 2026 by rpki-client