Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rME84xq1_9VJDK7fZFsvpUuTUCk.roa
File: rME84xq1_9VJDK7fZFsvpUuTUCk.roa (raw, json)
Hash identifier: xj64zSgDuu9xiECKbozKsHSSmnunCJVYJyrHJ3wwizI=
Subject key identifier: AC:C1:3C:E3:1A:B5:FF:D5:49:0C:AE:DF:64:5B:2F:A5:4B:93:50:29
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019D6C4DA4991EA3BB24DCCC46CF86FC56D2
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rME84xq1_9VJDK7fZFsvpUuTUCk.roa
Signing time: Wed 08 Apr 2026 08:55:20 +0000
ROA not before: Wed 08 Apr 2026 08:55:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206092
IP address blocks: 45.8.68.0/24 maxlen: 24
45.67.96.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:4d:a4:99:1e:a3:bb:24:dc:cc:46:cf:86:fc:56:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 8 08:55:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=acc13ce31ab5ffd5490caedf645b2fa54b935029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e6:05:fe:4c:98:f7:44:a7:af:3d:38:ff:28:
83:a0:33:9a:41:59:c1:ac:5d:01:fb:7f:c3:ee:3d:
07:8a:a0:5b:db:8d:e8:ed:80:dc:c9:64:bd:a0:24:
d9:1d:a9:2b:02:6b:b9:ae:6f:62:e7:2a:0e:4a:bc:
36:8e:d1:ff:58:a7:89:21:be:f0:bb:d2:14:c9:62:
56:b2:a2:bd:dd:38:46:5b:3d:c2:4f:b9:00:4e:33:
be:37:7e:3f:b0:8e:10:6a:c4:75:35:b2:01:ed:ba:
a6:54:79:cf:44:e9:3b:81:64:35:64:b3:9c:17:28:
5a:f6:15:8b:df:77:d8:bc:a2:ab:03:77:63:c2:9b:
8f:18:0a:61:a5:39:a0:84:e7:19:2d:3f:49:3c:97:
be:1b:a2:f5:1c:da:92:79:7e:b7:20:41:0f:50:83:
48:29:c4:ea:7f:de:41:42:d2:ed:23:a8:17:59:95:
c7:98:96:05:57:59:c9:19:c0:4b:70:98:aa:2a:0e:
53:a6:6e:9a:d0:81:10:3e:07:92:37:a1:f0:ce:5a:
c6:b5:5c:80:1d:cb:28:bd:f6:2b:06:77:73:9d:8d:
ff:9b:a2:cb:b0:e1:b8:32:74:d8:99:78:6f:bb:36:
b9:cf:5a:e2:50:2b:95:df:02:65:a5:a0:08:2b:98:
69:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:C1:3C:E3:1A:B5:FF:D5:49:0C:AE:DF:64:5B:2F:A5:4B:93:50:29
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/rME84xq1_9VJDK7fZFsvpUuTUCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.68.0/24
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/24
45.140.135.0/24
89.38.70.0/24
89.47.15.0/24
91.217.249.0/24
185.192.16.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
62:fb:f7:24:d3:c3:44:10:cc:a2:19:55:ea:46:0f:04:82:40:
59:16:18:54:e4:35:f7:4e:3c:b9:27:76:b6:33:27:79:93:37:
4f:2d:55:06:92:64:20:6d:95:0f:a8:01:a8:4b:1c:ba:3f:3d:
aa:22:14:b1:70:c9:25:fc:2c:30:ff:d4:95:45:cc:d8:b6:a3:
c9:d2:e0:60:53:ae:d3:14:43:72:cf:5d:22:37:5b:fd:9e:ed:
b1:25:d1:72:3e:c6:d7:3e:33:25:bd:e7:25:da:64:0f:21:14:
3a:df:a1:57:61:fb:4b:0a:d3:e0:cc:d7:4b:8d:74:35:7a:c4:
53:8e:c4:08:d0:43:fa:3d:76:4d:d5:8e:7e:76:7f:c8:dd:2d:
fb:bb:40:ed:df:30:0b:d6:a5:cd:51:67:51:74:bc:d1:08:48:
c7:2c:92:3b:a8:9f:01:98:8b:2a:ea:fb:fa:e4:5b:bf:da:99:
82:58:80:ed:8b:87:3c:0b:2c:a3:48:38:04:98:f3:79:ac:43:
04:67:ff:0c:0e:69:b1:e8:fa:c0:5a:e8:5e:32:5f:6c:91:8b:
64:d7:07:62:ea:49:26:a4:37:85:e8:01:69:ce:07:c2:fa:d1:
42:35:f5:4d:f6:4e:98:4e:21:bb:84:fa:8d:42:14:0d:9c:c1:
d7:6a:c8:ec
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1sTaSZHqO7JNzMRs+G/FbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwNDA4MDg1NTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2MxM2NlMzFhYjVmZmQ1NDkwY2FlZGY2NDViMmZhNTRiOTM1MDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+YF/kyY90Snrz04/yiDoDOaQVnB
rF0B+3/D7j0HiqBb243o7YDcyWS9oCTZHakrAmu5rm9i5yoOSrw2jtH/WKeJIb7w
u9IUyWJWsqK93ThGWz3CT7kATjO+N34/sI4QasR1NbIB7bqmVHnPROk7gWQ1ZLOc
Fyha9hWL33fYvKKrA3djwpuPGAphpTmghOcZLT9JPJe+G6L1HNqSeX63IEEPUINI
KcTqf95BQtLtI6gXWZXHmJYFV1nJGcBLcJiqKg5Tpm6a0IEQPgeSN6HwzlrGtVyA
HcsovfYrBndznY3/m6LLsOG4MnTYmXhvuza5z1riUCuV3wJlpaAIK5hpzwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFKzBPOMatf/VSQyu32RbL6VLk1ApMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvck1FODR4cTFfOVZKREs3ZlpGc3ZwVXVUVUNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALQhEAwQA
LUNgAwQBLYJQAwQALYJTAwQALYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAW9n5AwQA
ucAQAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUA
A4IBAQBi+/ck08NEEMyiGVXqRg8EgkBZFhhU5DX3Tjy5J3a2Myd5kzdPLVUGkmQg
bZUPqAGoSxy6Pz2qIhSxcMkl/Cww/9SVRczYtqPJ0uBgU67TFENyz10iN1v9nu2x
JdFyPsbXPjMlvecl2mQPIRQ636FXYftLCtPgzNdLjXQ1esRTjsQI0EP6PXZN1Y5+
dn/I3S37u0Dt3zAL1qXNUWdRdLzRCEjHLJI7qJ8BmIsq6vv65Fu/2pmCWIDti4c8
CyyjSDgEmPN5rEMEZ/8MDmmx6PrAWuheMl9skYtk1wdi6kkmpDeF6AFpzgfC+tFC
NfVN9k6YTiG7hPqNQhQNnMHXasjs
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:18:55 2026 by rpki-client