Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/CACpNoNaghhV6-4wZwBz2EBPanY.roa
File: CACpNoNaghhV6-4wZwBz2EBPanY.roa (raw, json)
Hash identifier: MwIAAyngIo+iEvhjWrXe4WDnd298X6FFlNggROBItfw=
Subject key identifier: 08:00:A9:36:83:5A:82:18:55:EB:EE:30:67:00:73:D8:40:4F:6A:76
Certificate issuer: /CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Certificate serial: 019D8D5EDD9F8B19B17876F4AA3000D8512D
Authority key identifier: 0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/CACpNoNaghhV6-4wZwBz2EBPanY.roa
Signing time: Tue 14 Apr 2026 19:01:37 +0000
ROA not before: Tue 14 Apr 2026 19:01:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201958
IP address blocks: 150.175.40.0/24 maxlen: 24
150.175.42.0/24 maxlen: 24
185.42.188.0/23 maxlen: 23
185.42.188.0/24 maxlen: 24
185.42.189.0/24 maxlen: 24
185.42.190.0/23 maxlen: 23
185.42.190.0/24 maxlen: 24
185.42.191.0/24 maxlen: 24
2a04:9140:3003::/48 maxlen: 48
2a04:9140:3043::/48 maxlen: 48
2a04:9140:3044::/48 maxlen: 48
2a04:9140:3104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8d:5e:dd:9f:8b:19:b1:78:76:f4:aa:30:00:d8:51:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0beb38e34bbe17e15772706c7a961a85e5d18b5c
Validity
Not Before: Apr 14 19:01:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0800a936835a821855ebee30670073d8404f6a76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:80:09:57:b7:eb:2c:a5:06:03:9d:5e:cc:7d:
95:35:3f:92:15:18:99:e4:05:e3:21:b5:28:7e:44:
96:73:fc:c9:95:e6:6f:c5:16:b9:31:14:79:02:97:
19:a6:59:08:57:c5:2e:8a:35:c9:79:ca:a0:e9:ee:
e2:72:80:9d:13:68:f0:9d:07:cb:22:f2:b3:7a:d9:
c5:74:63:c1:8c:b6:6d:d2:74:c8:84:d1:0b:6e:ca:
f1:74:b0:2c:96:22:16:92:76:d4:2e:44:69:51:47:
4b:a6:c3:8c:3a:2e:0b:aa:bd:54:49:70:39:b1:05:
f6:1f:93:38:f9:68:f0:13:36:3a:59:c4:09:d8:cd:
4e:fd:6d:61:49:a3:d9:91:78:50:03:17:bc:3b:f1:
fc:f7:73:b3:53:8d:b8:b8:2e:f4:a4:63:de:38:67:
a5:6a:e8:23:6e:6e:c6:dd:92:7c:01:9a:cb:3f:f9:
1c:83:a7:83:d2:58:62:d4:3a:45:ed:68:28:5d:0f:
77:c0:4a:7f:57:21:83:75:71:8c:a8:6b:14:b9:40:
42:ce:50:3e:6d:08:70:85:45:24:b4:a0:10:4a:ab:
4f:76:45:0b:01:0e:f3:e8:3d:0d:a6:3c:4e:23:95:
2c:da:40:48:50:76:c2:70:88:ac:18:d7:f7:3b:9d:
de:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:00:A9:36:83:5A:82:18:55:EB:EE:30:67:00:73:D8:40:4F:6A:76
X509v3 Authority Key Identifier:
keyid:0B:EB:38:E3:4B:BE:17:E1:57:72:70:6C:7A:96:1A:85:E5:D1:8B:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C-s440u-F-FXcnBsepYaheXRi1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/CACpNoNaghhV6-4wZwBz2EBPanY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/373146-2c9d-45cc-85cc-9b7997481f72/1/C-s440u-F-FXcnBsepYaheXRi1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.175.40.0/24
150.175.42.0/24
185.42.188.0/22
IPv6:
2a04:9140:3003::/48
2a04:9140:3043::-2a04:9140:3044:ffff:ffff:ffff:ffff:ffff
2a04:9140:3104::/48
Signature Algorithm: sha256WithRSAEncryption
7b:88:51:1a:02:4a:bb:e5:92:ee:1d:4a:38:ca:15:68:0e:e2:
c2:f0:93:02:b0:07:58:f2:93:f7:51:34:d2:93:eb:45:79:98:
ed:80:91:a9:3a:bf:1a:e7:e1:a2:d8:a5:66:20:13:74:43:f9:
1c:c7:56:6a:ee:fd:0a:06:cd:23:57:18:06:fd:d9:a8:e5:ef:
3a:d4:ad:88:75:13:f7:38:00:b0:0d:71:46:bc:65:fd:cb:c6:
4a:75:b0:83:73:3f:1f:72:8c:62:03:f7:9b:bf:16:de:ea:7a:
23:c8:65:f5:17:15:91:0e:15:ba:a8:9d:d8:03:bc:6b:46:47:
f4:8b:b9:b1:be:e8:84:f4:c7:79:d9:35:d4:14:91:1c:b2:f5:
93:c5:bb:86:59:91:88:40:15:02:9e:06:e3:c7:f6:fe:2a:93:
0c:3e:df:8e:46:4e:ac:aa:8c:8e:22:44:3c:dc:b8:16:06:99:
6e:d5:20:83:e8:f5:76:d5:14:f5:01:8b:7d:93:dd:39:1e:64:
0d:22:d7:78:7b:97:3a:0c:ba:a5:f6:53:1c:1d:50:bb:eb:9d:
95:9e:6c:e6:35:d3:4e:03:73:95:53:b1:10:08:25:2d:bc:ce:
4a:e1:97:fc:24:f0:6d:d7:18:c0:49:72:70:9d:f1:a4:81:74:
b8:02:e5:bb
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ2NXt2fixmxeHb0qjAA2FEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiZWIzOGUzNGJiZTE3ZTE1NzcyNzA2YzdhOTYxYTg1ZTVk
MThiNWMwHhcNMjYwNDE0MTkwMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAwYTkzNjgzNWE4MjE4NTVlYmVlMzA2NzAwNzNkODQwNGY2YTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoAJV7frLKUGA51ezH2VNT+SFRiZ
5AXjIbUofkSWc/zJleZvxRa5MRR5ApcZplkIV8UuijXJecqg6e7icoCdE2jwnQfL
IvKzetnFdGPBjLZt0nTIhNELbsrxdLAsliIWknbULkRpUUdLpsOMOi4Lqr1USXA5
sQX2H5M4+WjwEzY6WcQJ2M1O/W1hSaPZkXhQAxe8O/H893OzU424uC70pGPeOGel
augjbm7G3ZJ8AZrLP/kcg6eD0lhi1DpF7WgoXQ93wEp/VyGDdXGMqGsUuUBCzlA+
bQhwhUUktKAQSqtPdkULAQ7z6D0NpjxOI5Us2kBIUHbCcIisGNf3O53eGwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFAgAqTaDWoIYVevuMGcAc9hAT2p2MB8GA1UdIwQY
MBaAFAvrOONLvhfhV3JwbHqWGoXl0YtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2Mt
OWI3OTk3NDgxZjcyLzEvQ0FDcE5vTmFnaGhWNi00d1p3QnoyRUJQYW5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zNzMxNDYtMmM5ZC00NWNjLTg1Y2MtOWI3OTk3NDgxZjcy
LzEvQy1zNDQwdS1GLUZYY25Cc2VwWWFoZVhSaTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAYBAIAATASAwQAlq8oAwQA
lq8qAwQCuSq8MCwEAgACMCYDBwAqBJFAMAMwEgMHACoEkUAwQwMHACoEkUAwRAMH
ACoEkUAxBDANBgkqhkiG9w0BAQsFAAOCAQEAe4hRGgJKu+WS7h1KOMoVaA7iwvCT
ArAHWPKT91E00pPrRXmY7YCRqTq/GufhotilZiATdEP5HMdWau79CgbNI1cYBv3Z
qOXvOtStiHUT9zgAsA1xRrxl/cvGSnWwg3M/H3KMYgP3m78W3up6I8hl9RcVkQ4V
uqid2AO8a0ZH9Iu5sb7ohPTHedk11BSRHLL1k8W7hlmRiEAVAp4G48f2/iqTDD7f
jkZOrKqMjiJEPNy4FgaZbtUgg+j1dtUU9QGLfZPdOR5kDSLXeHuXOgy6pfZTHB1Q
u+udlZ5s5jXTTgNzlVOxEAglLbzOSuGX/CTwbdcYwElycJ3xpIF0uALluw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:59:17 2026 by rpki-client