Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/CrcpLmJ84yQmAm5rRisNfFSLOxo.roa
File: CrcpLmJ84yQmAm5rRisNfFSLOxo.roa (raw, json)
Hash identifier: 9YMbM0zSHIdNV6iTUAZlLpno7hi9RZRYkPuNQ/IQ8Rg=
Subject key identifier: 0A:B7:29:2E:62:7C:E3:24:26:02:6E:6B:46:2B:0D:7C:54:8B:3B:1A
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 019C9A8311792E2FDC5874BF8BFE55803E5D
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/CrcpLmJ84yQmAm5rRisNfFSLOxo.roa
Signing time: Thu 26 Feb 2026 15:13:26 +0000
ROA not before: Thu 26 Feb 2026 15:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212706
IP address blocks: 46.29.236.0/24 maxlen: 24
46.29.237.0/24 maxlen: 24
46.29.239.0/24 maxlen: 24
85.159.226.0/24 maxlen: 24
85.159.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.mft
rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9a:83:11:79:2e:2f:dc:58:74:bf:8b:fe:55:80:3e:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Feb 26 15:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0ab7292e627ce32426026e6b462b0d7c548b3b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:83:1a:8f:fa:9d:8d:6b:56:9b:0b:3c:cd:aa:
53:ac:90:f0:fb:ef:61:1a:f9:f5:c4:10:4a:7a:f8:
fc:f5:89:26:ee:76:b8:1d:2d:cd:00:a3:29:8f:71:
c8:40:06:b9:22:4c:bd:cb:42:06:a4:86:34:aa:97:
8a:90:52:a7:c9:83:d9:75:24:00:e1:37:90:3f:0e:
91:d0:79:35:8f:d0:e1:9d:e5:2f:9c:dd:93:da:48:
2f:bf:ea:31:64:82:1f:0c:42:ef:fd:a9:b1:ff:29:
30:4b:72:64:a1:47:5f:db:2c:3f:a3:f6:cc:92:8f:
79:b5:e1:72:c0:57:0c:a1:af:fc:56:de:f5:01:fd:
3c:d6:85:3e:c2:05:15:13:e7:ab:2e:62:33:6f:f6:
ad:b9:7f:5c:ff:40:6b:11:ad:cf:81:8c:94:4b:af:
c7:15:0a:40:48:96:88:26:b1:79:2f:ca:37:89:fd:
42:05:8f:62:25:3a:80:d0:53:cc:b2:50:f1:b9:0e:
26:9b:a4:a3:d2:f4:b4:df:5f:c7:23:72:42:95:e8:
66:8f:63:6c:be:36:4d:f5:df:63:0c:f1:73:55:27:
65:7d:94:a8:b2:e8:33:28:b7:b2:13:c3:bd:ec:3f:
5f:c6:23:c5:68:05:d9:e3:a5:c1:9a:f1:fa:17:1f:
03:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B7:29:2E:62:7C:E3:24:26:02:6E:6B:46:2B:0D:7C:54:8B:3B:1A
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/CrcpLmJ84yQmAm5rRisNfFSLOxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.236.0/23
46.29.239.0/24
85.159.226.0/24
85.159.230.0/24
Signature Algorithm: sha256WithRSAEncryption
77:74:e7:6c:f4:a9:f1:5e:42:c1:a2:28:d6:c8:4f:e2:0f:39:
a7:eb:63:ae:e9:b5:14:ae:1d:61:38:2d:f9:fd:13:2e:85:7e:
61:52:4f:f0:71:82:ff:4d:10:e9:09:59:c6:7a:24:18:3b:90:
c5:58:70:f7:2a:e6:d7:5f:ae:ab:34:5e:42:9e:cf:46:01:1d:
3b:d2:81:e9:39:f4:1f:fd:2e:19:3c:e8:dc:56:73:3a:fd:5f:
95:07:27:0c:b0:6f:ad:ab:29:9a:28:42:4d:1d:57:aa:75:1d:
c1:12:a0:31:f1:2f:bd:75:1c:30:61:ce:c8:4b:94:e4:d0:4d:
81:2a:ab:dd:62:1d:25:86:e8:32:4c:03:39:ad:ab:37:c7:7e:
04:16:a1:b6:64:bc:15:88:d8:15:f9:76:e8:0d:0e:2f:95:47:
0c:40:6f:7e:48:71:1d:be:1a:ad:70:20:17:fd:90:8a:2b:de:
a1:11:47:5e:fd:e2:2d:27:af:95:50:85:26:1c:69:27:11:f9:
36:c9:42:4e:59:5c:9b:15:42:18:ed:3d:2a:ff:91:04:45:93:
47:0b:1a:23:0c:01:26:e3:36:81:a8:98:dc:b7:51:fa:61:35:
eb:b7:c1:7f:71:59:e4:3d:e8:05:be:1b:8e:a7:d2:c3:43:87:
bc:84:da:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyagxF5Li/cWHS/i/5VgD5dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjYwMjI2MTUxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWI3MjkyZTYyN2NlMzI0MjYwMjZlNmI0NjJiMGQ3YzU0OGIzYjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4Maj/qdjWtWmws8zapTrJDw++9h
Gvn1xBBKevj89Ykm7na4HS3NAKMpj3HIQAa5Iky9y0IGpIY0qpeKkFKnyYPZdSQA
4TeQPw6R0Hk1j9DhneUvnN2T2kgvv+oxZIIfDELv/amx/ykwS3JkoUdf2yw/o/bM
ko95teFywFcMoa/8Vt71Af081oU+wgUVE+erLmIzb/atuX9c/0BrEa3PgYyUS6/H
FQpASJaIJrF5L8o3if1CBY9iJTqA0FPMslDxuQ4mm6Sj0vS031/HI3JClehmj2Ns
vjZN9d9jDPFzVSdlfZSosugzKLeyE8O97D9fxiPFaAXZ46XBmvH6Fx8D9QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAq3KS5ifOMkJgJua0YrDXxUizsaMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvQ3JjcExtSjg0eVFtQW01clJpc05mRlNMT3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLh3sAwQA
Lh3vAwQAVZ/iAwQAVZ/mMA0GCSqGSIb3DQEBCwUAA4IBAQB3dOds9KnxXkLBoijW
yE/iDzmn62Ou6bUUrh1hOC35/RMuhX5hUk/wcYL/TRDpCVnGeiQYO5DFWHD3KubX
X66rNF5Cns9GAR070oHpOfQf/S4ZPOjcVnM6/V+VBycMsG+tqymaKEJNHVeqdR3B
EqAx8S+9dRwwYc7IS5Tk0E2BKqvdYh0lhugyTAM5ras3x34EFqG2ZLwViNgV+Xbo
DQ4vlUcMQG9+SHEdvhqtcCAX/ZCKK96hEUde/eItJ6+VUIUmHGknEfk2yUJOWVyb
FUIY7T0q/5EERZNHCxojDAEm4zaBqJjct1H6YTXrt8F/cVnkPegFvhuOp9LDQ4e8
hNqe
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:52:41 2026 by rpki-client