Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/au_k5KTkHwmYgyGwQL9kaGDMGdc.roa
File: au_k5KTkHwmYgyGwQL9kaGDMGdc.roa (raw, json)
Hash identifier: TQ4e7aFpXjYOcX/z8GmwxlZOtaffODMat2Hj3Al3L2Y=
Subject key identifier: 6A:EF:E4:E4:A4:E4:1F:09:98:83:21:B0:40:BF:64:68:60:CC:19:D7
Certificate issuer: /CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Certificate serial: 019D57B35D9200652E4D44CA32337409E6EC
Authority key identifier: 84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/au_k5KTkHwmYgyGwQL9kaGDMGdc.roa
Signing time: Sat 04 Apr 2026 08:54:25 +0000
ROA not before: Sat 04 Apr 2026 08:54:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62000
IP address blocks: 45.147.96.0/23 maxlen: 24
45.147.98.0/24 maxlen: 24
45.147.99.0/24 maxlen: 24
45.155.168.0/22 maxlen: 24
45.155.168.0/24 maxlen: 24
185.157.244.0/24 maxlen: 24
185.157.245.0/24 maxlen: 24
185.216.24.0/24 maxlen: 24
185.216.25.0/24 maxlen: 24
185.216.26.0/24 maxlen: 24
185.216.27.0/24 maxlen: 24
193.168.144.0/24 maxlen: 24
193.168.145.0/24 maxlen: 24
193.168.146.0/24 maxlen: 24
193.168.147.0/24 maxlen: 24
2a07:abc0::/29 maxlen: 64
2a09:6382::/32 maxlen: 64
2a09:6383::/32 maxlen: 64
2a09:6384::/32 maxlen: 64
2a09:6385::/32 maxlen: 64
2a09:6386::/32 maxlen: 32
2a09:6387:b00b::/48 maxlen: 48
2a0b:b140::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.mft
rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 Apr 2026 23:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:57:b3:5d:92:00:65:2e:4d:44:ca:32:33:74:09:e6:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84e1429a53e6463b3c74f5a3f17c5d4a51ebd0b8
Validity
Not Before: Apr 4 08:54:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6aefe4e4a4e41f09988321b040bf646860cc19d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5e:df:1e:e3:b6:4a:6c:6d:13:c4:7c:86:73:
ba:af:0d:83:28:e6:1d:26:9a:4d:bc:a6:d1:dd:95:
eb:94:70:2f:dd:75:ac:df:71:62:43:1b:98:3d:09:
6f:01:31:25:e0:d0:60:9d:8f:ce:f4:98:c1:38:1a:
25:06:5d:23:96:c1:ea:70:97:b9:16:89:66:6e:1b:
34:b3:1e:83:5c:4f:f1:2c:9f:61:81:08:e1:59:71:
88:24:bd:2e:f5:29:1f:eb:af:df:a5:d6:7d:86:35:
ed:ea:31:13:2a:a8:53:27:7b:dd:73:73:ae:da:6d:
09:45:7e:b6:6f:c5:a2:4e:95:4d:f3:51:2b:81:45:
d3:01:82:3a:9c:64:d0:75:27:be:02:91:79:9c:a7:
ae:35:c1:a0:9b:28:e0:6f:89:fd:7c:56:d0:ba:42:
1c:ea:0a:63:ce:ed:95:b2:ef:1d:c1:e8:ed:eb:03:
36:ae:3f:37:26:69:3a:16:10:9f:07:92:51:7a:be:
6e:13:8b:23:7b:0b:4b:d8:97:af:91:86:ec:b5:ab:
1a:38:65:9f:88:11:38:79:22:bc:31:20:f6:bf:d6:
bf:16:dc:b7:e6:a7:01:6f:9b:33:b3:24:92:db:55:
a7:7f:90:01:3f:a8:cf:65:6e:de:19:86:8e:46:ff:
3f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:EF:E4:E4:A4:E4:1F:09:98:83:21:B0:40:BF:64:68:60:CC:19:D7
X509v3 Authority Key Identifier:
keyid:84:E1:42:9A:53:E6:46:3B:3C:74:F5:A3:F1:7C:5D:4A:51:EB:D0:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/au_k5KTkHwmYgyGwQL9kaGDMGdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/72dbdf-c71d-4e59-8076-c41dcca8b775/1/hOFCmlPmRjs8dPWj8XxdSlHr0Lg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.96.0/22
45.155.168.0/22
185.157.244.0/23
185.216.24.0/22
193.168.144.0/22
IPv6:
2a07:abc0::/29
2a09:6382::-2a09:6386:ffff:ffff:ffff:ffff:ffff:ffff
2a09:6387:b00b::/48
2a0b:b140::/29
Signature Algorithm: sha256WithRSAEncryption
6e:b8:51:af:9b:78:e3:13:33:cf:60:65:b9:b2:5b:62:f7:75:
07:35:c0:ac:57:62:40:3f:c3:97:84:2d:e2:fd:36:f3:ca:31:
0f:3a:4e:23:53:9a:92:0f:6b:48:92:2e:5a:4e:be:9c:fe:52:
32:5f:8d:d0:17:a4:8a:09:52:1e:8d:ab:6a:9e:6d:94:7e:48:
a6:3c:72:94:70:69:34:e7:00:7d:88:35:08:e0:fa:08:89:83:
2b:b8:68:e9:8d:56:3d:65:59:c9:3b:77:73:bd:54:fc:83:13:
88:e9:ed:a5:77:f2:c1:52:3b:65:3c:d3:89:1d:9a:fc:45:0e:
7d:4d:f0:bd:a1:b9:37:77:94:52:5f:49:c6:9c:52:40:dd:28:
e4:0f:c4:51:59:dd:84:d7:e5:c6:e2:7a:2e:e9:72:12:2b:4b:
4f:b2:64:7a:1c:c6:bb:67:fd:f7:aa:8d:08:cf:96:db:d4:f2:
e4:b9:32:01:f3:c2:f0:e6:e1:a5:10:79:f9:5f:25:fc:eb:93:
46:38:77:99:15:17:8b:06:73:96:b8:1d:24:da:82:d7:2a:72:
c4:3c:5f:d1:ee:5a:01:7c:6f:35:4a:5d:cd:b9:9a:26:bb:43:
cc:42:fe:58:f1:5e:f7:81:e6:71:7a:48:4a:40:2a:71:e8:d6:
09:7f:a0:88
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZ1Xs12SAGUuTUTKMjN0CebsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZTE0MjlhNTNlNjQ2M2IzYzc0ZjVhM2YxN2M1ZDRhNTFl
YmQwYjgwHhcNMjYwNDA0MDg1NDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWVmZTRlNGE0ZTQxZjA5OTg4MzIxYjA0MGJmNjQ2ODYwY2MxOWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtF7fHuO2SmxtE8R8hnO6rw2DKOYd
JppNvKbR3ZXrlHAv3XWs33FiQxuYPQlvATEl4NBgnY/O9JjBOBolBl0jlsHqcJe5
Folmbhs0sx6DXE/xLJ9hgQjhWXGIJL0u9Skf66/fpdZ9hjXt6jETKqhTJ3vdc3Ou
2m0JRX62b8WiTpVN81ErgUXTAYI6nGTQdSe+ApF5nKeuNcGgmyjgb4n9fFbQukIc
6gpjzu2Vsu8dwejt6wM2rj83Jmk6FhCfB5JRer5uE4sjewtL2JevkYbstasaOGWf
iBE4eSK8MSD2v9a/Fty35qcBb5szsySS21Wnf5ABP6jPZW7eGYaORv8/7QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFGrv5OSk5B8JmIMhsEC/ZGhgzBnXMB8GA1UdIwQY
MBaAFIThQppT5kY7PHT1o/F8XUpR69C4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYt
YzQxZGNjYThiNzc1LzEvYXVfazVLVGtId21ZZ3lHd1FMOWthR0RNR2RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83MmRiZGYtYzcxZC00ZTU5LTgwNzYtYzQxZGNjYThiNzc1
LzEvaE9GQ21sUG1SanM4ZFBXajhYeGRTbEhyMExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQCLZNgAwQC
LZuoAwQBuZ30AwQCudgYAwQCwaiQMC0EAgACMCcDBQMqB6vAMA4DBQEqCWOCAwUA
KgljhgMHACoJY4ewCwMFAyoLsUAwDQYJKoZIhvcNAQELBQADggEBAG64Ua+beOMT
M89gZbmyW2L3dQc1wKxXYkA/w5eELeL9NvPKMQ86TiNTmpIPa0iSLlpOvpz+UjJf
jdAXpIoJUh6Nq2qebZR+SKY8cpRwaTTnAH2INQjg+giJgyu4aOmNVj1lWck7d3O9
VPyDE4jp7aV38sFSO2U804kdmvxFDn1N8L2huTd3lFJfScacUkDdKOQPxFFZ3YTX
5cbiei7pchIrS0+yZHocxrtn/feqjQjPltvU8uS5MgHzwvDm4aUQeflfJfzrk0Y4
d5kVF4sGc5a4HSTagtcqcsQ8X9HuWgF8bzVKXc25mia7Q8xC/ljxXveB5nF6SEpA
KnHo1gl/oIg=
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:14:44 2026 by rpki-client