Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0BBvNo7wE73DLivf23KXVSLGJX4.roa
File: 0BBvNo7wE73DLivf23KXVSLGJX4.roa (raw, json)
Hash identifier: N8cUApQyxfV+mDOr+IHI/63UuAXNT+jYa4JZs/ATLwU=
Subject key identifier: D0:10:6F:36:8E:F0:13:BD:C3:2E:2B:DF:DB:72:97:55:22:C6:25:7E
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019EA8FC5F5E14FB957801286E34C3A3F44C
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0BBvNo7wE73DLivf23KXVSLGJX4.roa
Signing time: Mon 08 Jun 2026 20:46:12 +0000
ROA not before: Mon 08 Jun 2026 20:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51765
IP address blocks: 45.66.160.0/24 maxlen: 24
45.66.161.0/24 maxlen: 24
45.66.162.0/24 maxlen: 24
45.66.163.0/24 maxlen: 24
45.86.66.0/24 maxlen: 24
45.128.60.0/24 maxlen: 24
45.136.117.0/24 maxlen: 24
45.136.124.0/24 maxlen: 24
45.136.125.0/24 maxlen: 24
45.136.126.0/24 maxlen: 24
45.136.127.0/24 maxlen: 24
45.149.115.0/24 maxlen: 24
85.208.119.0/24 maxlen: 24
85.209.155.0/24 maxlen: 24
85.209.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 23:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:fc:5f:5e:14:fb:95:78:01:28:6e:34:c3:a3:f4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jun 8 20:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d0106f368ef013bdc32e2bdfdb72975522c6257e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1c:22:00:5b:30:60:d3:6b:69:3e:dd:c9:ab:
81:2e:05:17:6a:fb:bc:7c:77:11:40:8a:5d:75:70:
e8:8b:96:c5:a3:8e:01:64:8c:6a:38:de:09:46:41:
c8:c3:1b:4a:3a:73:f6:57:b4:2d:11:8f:8b:04:a8:
28:8e:3b:c3:fb:af:bd:64:fc:0f:22:2f:77:be:54:
0a:2d:14:1c:50:24:df:b5:82:f4:f1:ad:dc:31:b3:
3c:c2:65:0b:e2:81:e5:67:ba:96:14:2c:d5:d9:6c:
f5:68:eb:5a:90:21:a5:e3:b8:c0:4f:31:57:d7:c2:
76:2d:25:c2:16:7b:31:75:5c:25:32:00:9e:d2:c8:
4f:ac:e2:e2:47:f3:dc:86:c4:aa:e5:3b:9f:7d:c3:
76:14:71:08:93:33:47:a0:a1:cf:a9:48:07:0c:0d:
19:e4:98:cf:0b:55:47:fc:39:54:9d:20:7f:95:71:
c3:aa:ca:85:1a:f4:fd:b2:7a:24:64:dc:9d:e3:51:
27:f0:3d:0a:6f:eb:ba:a9:60:b4:84:d3:b2:fa:24:
16:e9:ec:e0:47:75:e5:f4:bb:5d:81:c3:7b:af:6a:
6e:5f:7f:62:a1:dd:69:2b:23:82:7b:e7:69:4a:6b:
83:fc:6e:b4:95:1d:0f:00:2e:93:2d:8f:c4:be:30:
19:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:10:6F:36:8E:F0:13:BD:C3:2E:2B:DF:DB:72:97:55:22:C6:25:7E
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/0BBvNo7wE73DLivf23KXVSLGJX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.160.0/22
45.86.66.0/24
45.128.60.0/24
45.136.117.0/24
45.136.124.0/22
45.149.115.0/24
85.208.119.0/24
85.209.155.0-85.209.156.255
Signature Algorithm: sha256WithRSAEncryption
10:e5:d9:cf:70:1f:80:26:7f:de:08:79:76:a6:74:a4:c4:be:
ef:49:bc:9d:c1:55:dd:e3:a6:8e:1a:e9:2e:80:21:13:15:d6:
0c:1f:d9:d5:79:c1:51:f2:37:78:3c:af:59:eb:0b:ef:f4:c5:
0d:16:d3:2f:fc:05:73:78:53:79:2b:8c:eb:a5:4f:57:f7:f4:
fd:14:33:f0:65:dc:11:93:cc:5d:8d:08:4f:5f:71:45:fb:ff:
5f:12:eb:7c:83:1b:2a:68:73:d0:1b:8f:5a:7f:72:80:04:7f:
20:c6:90:db:e3:58:2e:53:b1:f1:d8:32:4e:72:fe:e1:e9:0b:
ca:5f:af:ff:6c:27:f9:2b:99:94:28:be:13:c9:b7:bd:9b:4c:
54:ba:e1:f6:30:37:c5:95:00:cb:ce:cb:5b:4d:f3:78:f1:10:
8b:68:6a:15:cd:15:c8:26:ee:f4:ff:48:06:e4:23:ef:27:f0:
6a:20:fb:9a:ca:8d:94:32:16:fc:61:a1:0b:58:fc:67:be:25:
75:71:00:b4:b1:29:4a:ca:a7:ca:fe:1c:87:54:30:2c:d7:4e:
06:eb:31:e1:c7:6a:b9:4d:6a:c1:6a:b7:93:3d:6e:bf:07:3e:
3b:1b:4d:3c:1d:f4:58:f3:41:14:4e:ab:fd:65:f3:26:69:72:
1f:68:8a:61
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6o/F9eFPuVeAEobjTDo/RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjYwNjA4MjA0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDEwNmYzNjhlZjAxM2JkYzMyZTJiZGZkYjcyOTc1NTIyYzYyNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhwiAFswYNNraT7dyauBLgUXavu8
fHcRQIpddXDoi5bFo44BZIxqON4JRkHIwxtKOnP2V7QtEY+LBKgojjvD+6+9ZPwP
Ii93vlQKLRQcUCTftYL08a3cMbM8wmUL4oHlZ7qWFCzV2Wz1aOtakCGl47jATzFX
18J2LSXCFnsxdVwlMgCe0shPrOLiR/PchsSq5TuffcN2FHEIkzNHoKHPqUgHDA0Z
5JjPC1VH/DlUnSB/lXHDqsqFGvT9snokZNyd41En8D0Kb+u6qWC0hNOy+iQW6ezg
R3Xl9LtdgcN7r2puX39iod1pKyOCe+dpSmuD/G60lR0PAC6TLY/EvjAZDwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNAQbzaO8BO9wy4r39tyl1UixiV+MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvMEJCdk5vN3dFNzNETGl2ZjIzS1hWU0xHSlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCLUKgAwQA
LVZCAwQALYA8AwQALYh1AwQCLYh8AwQALZVzAwQAVdB3MAwDBABV0ZsDBABV0Zww
DQYJKoZIhvcNAQELBQADggEBABDl2c9wH4Amf94IeXamdKTEvu9JvJ3BVd3jpo4a
6S6AIRMV1gwf2dV5wVHyN3g8r1nrC+/0xQ0W0y/8BXN4U3krjOulT1f39P0UM/Bl
3BGTzF2NCE9fcUX7/18S63yDGypoc9Abj1p/coAEfyDGkNvjWC5TsfHYMk5y/uHp
C8pfr/9sJ/krmZQovhPJt72bTFS64fYwN8WVAMvOy1tN83jxEItoahXNFcgm7vT/
SAbkI+8n8Gog+5rKjZQyFvxhoQtY/Ge+JXVxALSxKUrKp8r+HIdUMCzXTgbrMeHH
arlNasFqt5M9br8HPjsbTTwd9FjzQRROq/1l8yZpch9oimE=
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:13 2026 by rpki-client