Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/AbRiyCHHLVlOy73Va3XhnwR_DLo.roa
File: AbRiyCHHLVlOy73Va3XhnwR_DLo.roa (raw, json)
Hash identifier: 6HenLNVbET8UrcTGANmzLr3/H2ChFNxxswPM4qVTvAU=
Subject key identifier: 01:B4:62:C8:21:C7:2D:59:4E:CB:BD:D5:6B:75:E1:9F:04:7F:0C:BA
Certificate issuer: /CN=f0f27aebf02abc355212afbf1621e3e0d4a76057
Certificate serial: 019C7AE37325EAED918FC280378CCB453256
Authority key identifier: F0:F2:7A:EB:F0:2A:BC:35:52:12:AF:BF:16:21:E3:E0:D4:A7:60:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/AbRiyCHHLVlOy73Va3XhnwR_DLo.roa
Signing time: Fri 20 Feb 2026 11:50:52 +0000
ROA not before: Fri 20 Feb 2026 11:50:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44550
IP address blocks: 45.84.232.0/22 maxlen: 22
45.84.232.0/23 maxlen: 23
45.84.234.0/23 maxlen: 23
185.134.107.0/24 maxlen: 24
2a14:e80::/44 maxlen: 44
2a14:e80::/48 maxlen: 48
2a14:e80:1::/48 maxlen: 48
2a14:e80:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:e3:73:25:ea:ed:91:8f:c2:80:37:8c:cb:45:32:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f27aebf02abc355212afbf1621e3e0d4a76057
Validity
Not Before: Feb 20 11:50:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=01b462c821c72d594ecbbdd56b75e19f047f0cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:93:13:7b:e2:23:d1:d1:1a:fb:1b:5d:d4:7a:
78:d6:24:64:a9:aa:84:9b:01:71:3f:6e:39:b7:84:
15:b2:a7:fd:f1:57:db:59:f2:81:8d:54:b1:4b:ae:
a9:f3:5c:10:ac:c9:7e:c7:f9:32:78:9a:a0:4c:56:
55:99:68:4a:89:65:bf:e4:c9:39:29:ee:cc:3a:74:
6b:5d:85:55:d6:06:cb:cd:72:95:a8:8b:b5:f1:03:
15:e2:28:1c:55:b3:93:af:bb:bb:0b:3c:ff:ec:6a:
8b:2d:c6:9d:66:1b:9e:a0:ab:a6:6b:9e:61:aa:28:
e2:a4:6d:2b:c5:14:d9:66:0b:ca:5a:b4:38:96:40:
c7:a5:ee:8d:e9:bd:75:ea:48:5d:78:f4:de:c7:63:
6e:cb:41:82:f1:f5:b7:47:f1:f5:fb:6a:a3:b2:79:
e9:33:a5:14:2f:7b:d0:cd:7a:a8:1c:38:10:0b:d6:
ad:00:0d:31:e3:1c:fb:30:63:c8:96:59:e0:a0:5c:
b9:8a:8b:14:7e:da:f1:fe:78:ba:0a:65:4e:ae:b3:
71:6f:29:22:06:55:e0:a7:b8:88:31:bb:a2:95:d7:
00:10:99:76:de:81:d7:6b:56:63:17:07:29:e0:66:
94:1a:d9:ce:22:a6:0a:57:34:b2:ad:cc:4d:3e:60:
a0:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B4:62:C8:21:C7:2D:59:4E:CB:BD:D5:6B:75:E1:9F:04:7F:0C:BA
X509v3 Authority Key Identifier:
keyid:F0:F2:7A:EB:F0:2A:BC:35:52:12:AF:BF:16:21:E3:E0:D4:A7:60:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PJ66_AqvDVSEq-_FiHj4NSnYFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/AbRiyCHHLVlOy73Va3XhnwR_DLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7912c6-c9d4-43c2-9688-c45f8e251248/1/8PJ66_AqvDVSEq-_FiHj4NSnYFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.232.0/22
185.134.107.0/24
IPv6:
2a14:e80::/44
Signature Algorithm: sha256WithRSAEncryption
30:15:f1:a1:e7:78:00:cd:48:e5:f7:46:c3:ec:fd:07:3b:9f:
6b:f0:0b:50:1b:89:27:44:ef:24:a3:53:6d:4f:7e:18:98:cc:
fe:c6:b1:74:96:a4:95:92:77:4d:a4:96:19:5a:31:f6:29:af:
cf:85:6b:b4:b2:d6:6e:da:0d:a8:7d:79:8e:93:0b:9d:ee:30:
a5:31:a5:d0:31:51:de:5e:51:30:3f:ef:44:ce:e6:ed:6e:d3:
1a:75:be:83:f4:bf:e3:b9:9f:36:bc:c0:f3:af:a2:62:c7:0c:
f3:4d:c6:64:4c:f7:aa:0c:9d:56:6a:1e:d5:5c:0f:e8:ea:82:
76:5e:b3:5f:55:bb:8e:4d:ac:e8:d1:14:81:2c:25:53:36:2b:
4c:8e:79:4a:62:f0:9c:9e:3f:97:99:64:e6:36:47:ce:39:d9:
78:c9:7a:31:36:1c:37:83:3b:15:d8:d1:b4:04:10:9f:07:7e:
46:17:bc:e5:37:a2:17:b2:19:f6:e7:e7:75:06:77:12:93:82:
80:c1:50:0e:c7:33:73:68:96:e4:64:21:56:61:6a:8a:09:40:
c1:1a:81:20:54:e3:e4:b3:7e:5e:8b:c8:bd:fd:8f:26:d1:56:
54:9f:1b:36:57:9a:24:03:f1:d4:fd:f9:df:89:a1:6c:da:61:
dd:d6:9e:e3
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZx643Ml6u2Rj8KAN4zLRTJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjI3YWViZjAyYWJjMzU1MjEyYWZiZjE2MjFlM2UwZDRh
NzYwNTcwHhcNMjYwMjIwMTE1MDUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWI0NjJjODIxYzcyZDU5NGVjYmJkZDU2Yjc1ZTE5ZjA0N2YwY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5MTe+Ij0dEa+xtd1Hp41iRkqaqE
mwFxP245t4QVsqf98VfbWfKBjVSxS66p81wQrMl+x/kyeJqgTFZVmWhKiWW/5Mk5
Ke7MOnRrXYVV1gbLzXKVqIu18QMV4igcVbOTr7u7Czz/7GqLLcadZhueoKuma55h
qijipG0rxRTZZgvKWrQ4lkDHpe6N6b116khdePTex2Nuy0GC8fW3R/H1+2qjsnnp
M6UUL3vQzXqoHDgQC9atAA0x4xz7MGPIllngoFy5iosUftrx/ni6CmVOrrNxbyki
BlXgp7iIMbuildcAEJl23oHXa1ZjFwcp4GaUGtnOIqYKVzSyrcxNPmCgDwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAG0Ysghxy1ZTsu91Wt14Z8Efwy6MB8GA1UdIwQY
MBaAFPDyeuvwKrw1UhKvvxYh4+DUp2BXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBKNjZfQXF2RFZTRXEtX0ZpSGo0TlNuWUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83OTEyYzYtYzlkNC00M2MyLTk2ODgt
YzQ1ZjhlMjUxMjQ4LzEvQWJSaXlDSEhMVmxPeTczVmEzWGhud1JfRExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83OTEyYzYtYzlkNC00M2MyLTk2ODgtYzQ1ZjhlMjUxMjQ4
LzEvOFBKNjZfQXF2RFZTRXEtX0ZpSGo0TlNuWUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCLVToAwQA
uYZrMA8EAgACMAkDBwQqFA6AAAAwDQYJKoZIhvcNAQELBQADggEBADAV8aHneADN
SOX3RsPs/Qc7n2vwC1AbiSdE7ySjU21PfhiYzP7GsXSWpJWSd02klhlaMfYpr8+F
a7Sy1m7aDah9eY6TC53uMKUxpdAxUd5eUTA/70TO5u1u0xp1voP0v+O5nza8wPOv
omLHDPNNxmRM96oMnVZqHtVcD+jqgnZes19Vu45NrOjRFIEsJVM2K0yOeUpi8Jye
P5eZZOY2R8452XjJejE2HDeDOxXY0bQEEJ8HfkYXvOU3oheyGfbn53UGdxKTgoDB
UA7HM3NoluRkIVZhaooJQMEagSBU4+Szfl6LyL39jybRVlSfGzZXmiQD8dT9+d+J
oWzaYd3WnuM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:06:07 2026 by rpki-client