Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RsvnNXL5u4JDnlU5SZA8_QuAUZc.roa
File: RsvnNXL5u4JDnlU5SZA8_QuAUZc.roa (raw, json)
Hash identifier: d1isT0uE1eaNY6toBAl4C0mwYL2W+cgSG0so4KFlCpk=
Subject key identifier: 46:CB:E7:35:72:F9:BB:82:43:9E:55:39:49:90:3C:FD:0B:80:51:97
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019CA0E54B17E676DF84C656490FE59D378A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RsvnNXL5u4JDnlU5SZA8_QuAUZc.roa
Signing time: Fri 27 Feb 2026 20:58:27 +0000
ROA not before: Fri 27 Feb 2026 20:58:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19318
IP address blocks: 2.56.101.0/24 maxlen: 24
45.12.61.0/24 maxlen: 24
45.85.160.0/24 maxlen: 24
45.86.12.0/24 maxlen: 24
93.190.245.0/24 maxlen: 24
103.114.42.0/24 maxlen: 24
185.136.204.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
195.66.120.0/24 maxlen: 24
213.139.217.0/24 maxlen: 24
213.139.218.0/24 maxlen: 24
2a05:b900::/29 maxlen: 29
2a0f:1207::/32 maxlen: 32
2a0f:1440::/29 maxlen: 29
2a0f:27c0::/29 maxlen: 29
2a0f:39c0::/29 maxlen: 29
2a0f:7f00::/29 maxlen: 29
2a0f:9600::/29 maxlen: 29
2a0f:e5c0::/29 maxlen: 29
2a10:34c0::/29 maxlen: 29
2a10:6d00::/29 maxlen: 29
2a11:7440::/29 maxlen: 29
2a13:2b40::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a0:e5:4b:17:e6:76:df:84:c6:56:49:0f:e5:9d:37:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Feb 27 20:58:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=46cbe73572f9bb82439e553949903cfd0b805197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:7d:3e:65:bf:df:6d:cd:86:03:46:f4:33:
0a:09:65:12:de:07:bf:82:42:92:da:d5:41:4f:2f:
38:df:83:25:1f:dc:fa:0c:75:61:8d:4f:c4:c9:ef:
56:fd:71:ed:fa:11:fa:fe:67:c8:e6:b9:e6:7a:74:
6e:5a:1c:43:c5:a9:73:04:9c:d3:3f:4c:e8:6d:46:
8c:b2:7f:23:b4:64:2e:a8:75:6b:73:06:5a:1a:bd:
35:83:70:fa:f6:96:30:9b:36:01:56:fb:f3:af:86:
d8:e3:63:92:cf:d8:85:15:36:a0:29:2b:6c:96:12:
9e:77:5d:51:dd:c9:cf:34:5b:c0:b4:10:ad:ab:83:
c4:bf:a5:b9:59:89:33:67:ce:29:bd:9c:8b:8a:6a:
26:c8:96:20:57:4b:1f:32:66:9c:ed:0c:aa:82:36:
cf:26:76:d9:e4:ff:bf:6d:75:01:c0:7f:f7:00:dd:
59:48:e8:5e:ee:07:b9:ad:e8:6c:80:ac:bd:19:bc:
36:f9:be:1d:96:f8:ae:59:4d:30:4b:65:8a:eb:e2:
95:33:2d:38:d4:15:02:da:01:5d:8c:5c:1c:b3:b1:
87:ed:80:ba:80:14:93:99:d1:85:cd:a9:0a:07:ea:
29:60:ff:fe:d5:32:c8:2c:cd:73:e6:5b:09:ae:6e:
f9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:CB:E7:35:72:F9:BB:82:43:9E:55:39:49:90:3C:FD:0B:80:51:97
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/RsvnNXL5u4JDnlU5SZA8_QuAUZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.101.0/24
45.12.61.0/24
45.85.160.0/24
45.86.12.0/24
93.190.245.0/24
103.114.42.0/24
185.136.204.0/24
185.242.244.0/24
192.153.171.0/24
195.66.120.0/24
213.139.217.0-213.139.218.255
IPv6:
2a05:b900::/29
2a0f:1207::/32
2a0f:1440::/29
2a0f:27c0::/29
2a0f:39c0::/29
2a0f:7f00::/29
2a0f:9600::/29
2a0f:e5c0::/29
2a10:34c0::/29
2a10:6d00::/29
2a11:7440::/29
2a13:2b40::/29
2a13:9080::/29
Signature Algorithm: sha256WithRSAEncryption
a9:4d:4e:30:fa:60:20:0b:9a:c1:11:e7:77:18:c8:d7:9c:94:
d3:5c:c3:27:9c:f9:fe:3e:c6:bf:a7:56:8c:73:5d:8d:fe:66:
cb:12:10:20:71:b5:57:13:3b:72:96:f5:bc:21:e6:a4:48:cb:
dc:e4:99:d7:65:ec:7b:f5:be:d2:2b:76:51:13:be:38:1e:d2:
46:bf:93:eb:11:19:00:2a:42:89:3d:a4:d0:25:74:9e:b0:b3:
f3:a5:f8:af:5f:db:87:49:63:bd:25:81:db:37:6f:43:f4:a4:
ed:9d:03:72:ad:fb:3c:4e:57:c1:bd:a1:db:0d:58:96:c1:cd:
10:97:f9:5f:36:93:17:f2:e4:90:c2:c4:7b:9f:4b:1f:1f:78:
8a:12:be:d0:92:89:a2:18:3d:d1:8e:c9:20:ae:bb:0b:d7:ac:
5d:30:40:5a:dd:2b:ad:e6:f5:0a:0c:fd:5c:73:ec:23:e8:87:
6a:31:06:16:28:07:99:b5:88:2e:17:06:e8:be:38:e2:8f:f3:
0b:86:4a:27:a2:cc:db:31:77:11:95:95:a8:c3:dc:54:fe:02:
fb:2c:e0:90:2e:06:68:65:d5:00:4b:9a:e6:90:58:2b:e2:c7:
5a:ca:b3:43:91:a0:5b:44:b6:ce:e5:4a:fb:c6:82:df:47:58:
a5:e6:dc:3e
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgISAZyg5UsX5nbfhMZWSQ/lnTeKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMjI3MjA1ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmNiZTczNTcyZjliYjgyNDM5ZTU1Mzk0OTkwM2NmZDBiODA1MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYh9PmW/323NhgNG9DMKCWUS3ge/
gkKS2tVBTy8434MlH9z6DHVhjU/Eye9W/XHt+hH6/mfI5rnmenRuWhxDxalzBJzT
P0zobUaMsn8jtGQuqHVrcwZaGr01g3D69pYwmzYBVvvzr4bY42OSz9iFFTagKSts
lhKed11R3cnPNFvAtBCtq4PEv6W5WYkzZ84pvZyLimomyJYgV0sfMmac7QyqgjbP
JnbZ5P+/bXUBwH/3AN1ZSOhe7ge5rehsgKy9Gbw2+b4dlviuWU0wS2WK6+KVMy04
1BUC2gFdjFwcs7GH7YC6gBSTmdGFzakKB+opYP/+1TLILM1z5lsJrm756wIDAQAB
o4ICszCCAq8wHQYDVR0OBBYEFEbL5zVy+buCQ55VOUmQPP0LgFGXMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUnN2bk5YTDV1NEpEbmxVNVNaQThfUXVBVVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHIBggrBgEFBQcBBwEB/wSBuDCBtTBQBAIAATBKAwQAAjhl
AwQALQw9AwQALVWgAwQALVYMAwQAXb71AwQAZ3IqAwQAuYjMAwQAufL0AwQAwJmr
AwQAw0J4MAwDBADVi9kDBADVi9owYQQCAAIwWwMFAyoFuQADBQAqDxIHAwUDKg8U
QAMFAyoPJ8ADBQMqDznAAwUDKg9/AAMFAyoPlgADBQMqD+XAAwUDKhA0wAMFAyoQ
bQADBQMqEXRAAwUDKhMrQAMFAyoTkIAwDQYJKoZIhvcNAQELBQADggEBAKlNTjD6
YCALmsER53cYyNeclNNcwyec+f4+xr+nVoxzXY3+ZssSECBxtVcTO3KW9bwh5qRI
y9zkmddl7Hv1vtIrdlETvjge0ka/k+sRGQAqQok9pNAldJ6ws/Ol+K9f24dJY70l
gds3b0P0pO2dA3Kt+zxOV8G9odsNWJbBzRCX+V82kxfy5JDCxHufSx8feIoSvtCS
iaIYPdGOySCuuwvXrF0wQFrdK63m9QoM/Vxz7CPoh2oxBhYoB5m1iC4XBui+OOKP
8wuGSieizNsxdxGVlajD3FT+Avss4JAuBmhl1QBLmuaQWCvix1rKs0ORoFtEts7l
SvvGgt9HWKXm3D4=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:06:10 2026 by rpki-client