Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wf61ZGbJVYIyll6btLAOVU7vO3Y.roa
File: wf61ZGbJVYIyll6btLAOVU7vO3Y.roa (raw, json)
Hash identifier: curdW0eqJXB3sSnLfPDoI+bE1W2Hf7/cUXUOenGEneU=
Subject key identifier: C1:FE:B5:64:66:C9:55:82:32:96:5E:9B:B4:B0:0E:55:4E:EF:3B:76
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019C9EA0D9C00E473C9E1B773125F7E3F692
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wf61ZGbJVYIyll6btLAOVU7vO3Y.roa
Signing time: Fri 27 Feb 2026 10:24:27 +0000
ROA not before: Fri 27 Feb 2026 10:24:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206092
IP address blocks: 45.67.96.0/24 maxlen: 24
45.130.80.0/24 maxlen: 24
45.130.81.0/24 maxlen: 24
45.130.83.0/24 maxlen: 24
45.135.186.0/24 maxlen: 24
45.140.135.0/24 maxlen: 24
89.38.70.0/24 maxlen: 24
89.47.15.0/24 maxlen: 24
91.217.249.0/24 maxlen: 24
185.150.0.0/24 maxlen: 24
185.192.16.0/24 maxlen: 24
185.192.71.0/24 maxlen: 24
188.212.135.0/24 maxlen: 24
193.19.109.0/24 maxlen: 24
203.26.81.0/24 maxlen: 24
203.159.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:a0:d9:c0:0e:47:3c:9e:1b:77:31:25:f7:e3:f6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 27 10:24:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c1feb56466c9558232965e9bb4b00e554eef3b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:41:bd:53:b1:3a:1a:cc:bd:2a:ca:24:70:ea:
f7:8d:c7:c5:69:67:64:f9:b4:bc:11:56:02:ec:e2:
44:22:3c:63:0e:30:47:2b:43:87:4e:cd:ca:bf:31:
63:49:8e:9d:72:21:7d:b6:ee:79:d3:18:05:32:a4:
56:95:f5:8a:c8:4a:21:5a:06:ef:69:72:87:d2:84:
64:b4:a4:d4:e1:f4:be:12:5b:ac:ad:a0:b0:9d:91:
3c:7b:22:31:b5:a1:4f:91:f2:0f:35:d2:45:0b:1b:
98:a8:b1:fe:35:f7:ac:4e:6f:9f:c1:bc:b8:4b:f9:
45:47:b7:ea:19:e6:fe:23:de:3c:0f:60:28:70:cf:
8d:b9:d7:02:88:1c:6e:57:4f:9b:44:88:7c:bc:1b:
da:d1:3e:63:24:a5:42:71:88:84:41:4f:cc:58:69:
10:f4:d8:6d:e4:cc:a7:96:af:1a:39:ca:60:ea:05:
1c:e9:e7:55:2e:51:18:7f:67:d9:18:7a:e9:e9:5f:
c7:4e:39:bf:23:bb:ad:18:01:9f:f9:2b:32:d5:36:
d5:ee:de:c8:aa:6a:f5:50:bd:e6:50:49:68:f5:6a:
d9:81:91:26:66:85:01:dd:a8:de:75:19:32:d2:5e:
7c:7a:3f:5c:20:1c:4f:9f:24:79:32:73:f7:f4:95:
a4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FE:B5:64:66:C9:55:82:32:96:5E:9B:B4:B0:0E:55:4E:EF:3B:76
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/wf61ZGbJVYIyll6btLAOVU7vO3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.96.0/24
45.130.80.0/23
45.130.83.0/24
45.135.186.0/24
45.140.135.0/24
89.38.70.0/24
89.47.15.0/24
91.217.249.0/24
185.150.0.0/24
185.192.16.0/24
185.192.71.0/24
188.212.135.0/24
193.19.109.0/24
203.26.81.0/24
203.159.81.0/24
Signature Algorithm: sha256WithRSAEncryption
22:a3:70:d1:77:20:5b:1a:9c:72:78:6c:ea:2e:ec:3e:af:95:
32:62:af:0a:81:c5:62:b4:48:74:42:e7:16:d5:52:af:63:4c:
3b:24:0b:a6:2a:9b:5e:52:05:c6:43:65:11:ec:94:0a:a2:fd:
64:5c:cb:25:44:60:5a:ef:8f:0d:a9:d2:d7:5a:8d:a8:9c:31:
25:49:73:1a:b5:59:25:50:64:d7:97:ee:81:5b:61:da:85:04:
96:30:7d:59:1b:87:f3:ae:76:82:2c:9a:62:3b:a5:b4:10:32:
c3:17:67:0c:84:bd:43:a1:27:b6:0b:fb:f1:d0:26:77:0d:b8:
08:04:e7:58:07:37:0f:5a:68:2f:bb:9b:3e:e5:ec:b7:65:26:
27:c3:ec:5c:e6:0a:33:26:34:2b:f3:dc:78:37:39:8c:f3:b7:
13:85:2b:c8:82:75:05:39:be:40:ae:a0:5b:3c:81:af:03:4e:
2c:19:0a:bc:4d:44:46:e7:e2:76:13:3d:9d:46:01:2a:fc:ca:
7b:6a:ed:c1:48:8e:9d:a7:de:29:2c:8c:89:24:f4:f5:e8:a5:
b5:af:e2:2e:ff:ec:32:c8:5c:a9:a0:e1:2d:b9:5e:98:f3:72:
88:9e:c8:f9:99:55:21:36:98:78:5d:e0:f8:58:35:db:68:69:
16:c4:b9:f8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZyeoNnADkc8nht3MSX34/aSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwMjI3MTAyNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWZlYjU2NDY2Yzk1NTgyMzI5NjVlOWJiNGIwMGU1NTRlZWYzYjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UG9U7E6Gsy9KsokcOr3jcfFaWdk
+bS8EVYC7OJEIjxjDjBHK0OHTs3KvzFjSY6dciF9tu550xgFMqRWlfWKyEohWgbv
aXKH0oRktKTU4fS+ElusraCwnZE8eyIxtaFPkfIPNdJFCxuYqLH+NfesTm+fwby4
S/lFR7fqGeb+I948D2AocM+NudcCiBxuV0+bRIh8vBva0T5jJKVCcYiEQU/MWGkQ
9Nht5Mynlq8aOcpg6gUc6edVLlEYf2fZGHrp6V/HTjm/I7utGAGf+Ssy1TbV7t7I
qmr1UL3mUElo9WrZgZEmZoUB3ajedRky0l58ej9cIBxPnyR5MnP39JWkHQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFMH+tWRmyVWCMpZem7SwDlVO7zt2MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvd2Y2MVpHYkpWWUl5bGw2YnRMQU9WVTd2TzNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALUNgAwQB
LYJQAwQALYJTAwQALYe6AwQALYyHAwQAWSZGAwQAWS8PAwQAW9n5AwQAuZYAAwQA
ucAQAwQAucBHAwQAvNSHAwQAwRNtAwQAyxpRAwQAy59RMA0GCSqGSIb3DQEBCwUA
A4IBAQAio3DRdyBbGpxyeGzqLuw+r5UyYq8KgcVitEh0QucW1VKvY0w7JAumKpte
UgXGQ2UR7JQKov1kXMslRGBa748NqdLXWo2onDElSXMatVklUGTXl+6BW2HahQSW
MH1ZG4fzrnaCLJpiO6W0EDLDF2cMhL1DoSe2C/vx0CZ3DbgIBOdYBzcPWmgvu5s+
5ey3ZSYnw+xc5gozJjQr89x4NzmM87cThSvIgnUFOb5ArqBbPIGvA04sGQq8TURG
5+J2Ez2dRgEq/Mp7au3BSI6dp94pLIyJJPT16KW1r+Iu/+wyyFypoOEtuV6Y83KI
nsj5mVUhNph4XeD4WDXbaGkWxLn4
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:52:29 2026 by rpki-client