Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-45-sbN0Ip0O2WSVDQMoPaCvZqw.roa
File: 1-45-sbN0Ip0O2WSVDQMoPaCvZqw.roa (raw, json)
Hash identifier: 5NzsWwlnOG7y5NGEktgnO5jA41ITHlVgwwuuC2iVb24=
Subject key identifier: FB:8E:7E:B1:B3:74:22:9D:0E:D9:64:95:0D:03:28:3D:A0:AF:66:AC
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019D85DDD3B7AB00FD52A74005E4A59AAB6D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-45-sbN0Ip0O2WSVDQMoPaCvZqw.roa
Signing time: Mon 13 Apr 2026 08:03:20 +0000
ROA not before: Mon 13 Apr 2026 08:03:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206150
IP address blocks: 45.130.82.0/24 maxlen: 24
185.192.68.0/24 maxlen: 24
185.241.209.0/24 maxlen: 24
203.0.8.0/24 maxlen: 24
2a0b:64c6::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:85:dd:d3:b7:ab:00:fd:52:a7:40:05:e4:a5:9a:ab:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 13 08:03:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fb8e7eb1b374229d0ed964950d03283da0af66ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:08:cd:d6:22:61:a0:97:1b:0d:b9:80:11:37:
82:45:f2:3b:09:eb:d8:82:9f:5f:e5:5a:80:7e:bd:
48:03:5a:3a:d4:f8:13:6d:e7:72:d5:86:d7:ca:29:
58:62:79:d5:5c:f0:e7:6f:1a:76:3d:19:7e:18:51:
6e:5b:81:a0:27:a2:cf:ea:9f:82:eb:ef:db:a3:1e:
95:de:f5:3f:97:54:f6:22:f0:f7:2f:66:63:f1:3d:
82:50:21:0a:8e:dc:3f:6d:74:7c:2e:e7:35:d6:30:
3a:fb:c9:0a:b6:ff:52:ac:2d:3f:85:7a:d3:a8:41:
07:3d:39:45:a8:59:3a:85:34:6b:ad:74:a3:db:16:
85:8d:55:f9:28:5d:73:d4:03:6c:9f:b8:7b:4f:94:
a4:fd:35:f8:9e:1b:87:51:24:42:70:01:8a:55:a3:
6a:34:a7:bd:18:d2:ff:f9:93:e7:c4:13:37:51:ec:
ee:08:ee:96:16:8c:ec:31:44:a8:2e:55:00:49:e4:
bc:c6:cf:30:a8:c5:ee:82:9d:b5:4c:be:3d:f0:b4:
aa:07:9f:b7:0a:6c:56:a0:78:4b:7e:ca:94:30:56:
0a:7e:2c:81:60:99:77:b9:ac:d3:23:f7:39:c7:a7:
9f:38:62:6d:d3:a5:8e:cf:93:de:45:2f:c3:c9:7a:
96:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:8E:7E:B1:B3:74:22:9D:0E:D9:64:95:0D:03:28:3D:A0:AF:66:AC
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1-45-sbN0Ip0O2WSVDQMoPaCvZqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.82.0/24
185.192.68.0/24
185.241.209.0/24
203.0.8.0/24
IPv6:
2a0b:64c6::/32
Signature Algorithm: sha256WithRSAEncryption
3c:af:ee:88:d3:33:3f:d7:c1:48:c0:73:f4:29:40:ad:60:1a:
7b:9e:e3:5b:fd:e7:9f:b3:1a:62:de:74:8d:e2:ad:30:39:af:
ea:30:ba:db:7d:35:7a:76:7d:25:65:aa:f2:3b:5b:50:3c:d3:
40:5a:aa:02:21:ba:6e:41:47:5f:b5:1b:0e:02:3f:fd:2c:d5:
74:8b:e0:3c:29:45:e7:e0:77:85:06:ed:ce:6c:8f:36:05:5d:
22:8c:e2:c6:1b:eb:f8:50:23:49:66:ab:3c:5a:f2:68:c5:e0:
d8:10:c2:59:98:cb:50:b3:ac:f4:7d:99:58:24:f9:6b:27:97:
83:46:bc:3a:7b:54:0c:5b:54:e3:45:05:41:f9:46:bf:a1:96:
da:96:de:57:b5:b6:f1:d8:f1:f9:5b:c4:60:9f:e2:00:8c:e7:
23:c3:9f:d4:2b:31:b4:b9:2e:97:fe:4c:62:fa:4f:67:f3:92:
db:ec:f6:fa:ba:81:46:13:10:85:ca:87:f1:a3:37:15:41:67:
5b:fb:ae:2d:2e:45:6f:31:ec:70:75:5c:ed:39:c4:bd:6a:e1:
50:d0:82:df:2d:ec:84:7b:68:d6:53:a6:d7:d0:a1:d9:66:d9:
f6:a4:d9:c1:2e:5e:d0:47:5e:4e:ee:32:f1:be:54:10:e9:c4:
47:c8:be:db
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ2F3dO3qwD9UqdABeSlmqttMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwNDEzMDgwMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjhlN2ViMWIzNzQyMjlkMGVkOTY0OTUwZDAzMjgzZGEwYWY2NmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwjN1iJhoJcbDbmAETeCRfI7CevY
gp9f5VqAfr1IA1o61PgTbedy1YbXyilYYnnVXPDnbxp2PRl+GFFuW4GgJ6LP6p+C
6+/box6V3vU/l1T2IvD3L2Zj8T2CUCEKjtw/bXR8Luc11jA6+8kKtv9SrC0/hXrT
qEEHPTlFqFk6hTRrrXSj2xaFjVX5KF1z1ANsn7h7T5Sk/TX4nhuHUSRCcAGKVaNq
NKe9GNL/+ZPnxBM3UezuCO6WFozsMUSoLlUASeS8xs8wqMXugp21TL498LSqB5+3
CmxWoHhLfsqUMFYKfiyBYJl3uazTI/c5x6efOGJt06WOz5PeRS/DyXqWdQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPuOfrGzdCKdDtlklQ0DKD2gr2asMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvMS00NS1zYk4wSXAwTzJXU1ZEUU1vUGFDdlpxdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1
OC8xL05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAC2CUgME
ALnARAMEALnx0QMEAMsACDANBAIAAjAHAwUAKgtkxjANBgkqhkiG9w0BAQsFAAOC
AQEAPK/uiNMzP9fBSMBz9ClArWAae57jW/3nn7MaYt50jeKtMDmv6jC62301enZ9
JWWq8jtbUDzTQFqqAiG6bkFHX7UbDgI//SzVdIvgPClF5+B3hQbtzmyPNgVdIozi
xhvr+FAjSWarPFryaMXg2BDCWZjLULOs9H2ZWCT5ayeXg0a8OntUDFtU40UFQflG
v6GW2pbeV7W28djx+VvEYJ/iAIznI8Of1CsxtLkul/5MYvpPZ/OS2+z2+rqBRhMQ
hcqH8aM3FUFnW/uuLS5FbzHscHVc7TnEvWrhUNCC3y3shHto1lOm19Ch2WbZ9qTZ
wS5e0EdeTu4y8b5UEOnER8i+2w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:02:08 2026 by rpki-client